Define your success criteria - How will you know when your application is good enough to publish?
The application should fulfill the requirements which we have outlined. <span style="background-color: #FFFACD;">All the features must be implemented. The UI should be similar to the images I have uploaded.</span>

The application should be secure. The data is the most important, it should be consistent, we don't want to lose the data.

Our application should fulfill the features we have outlined, based on salesforce crm.

Privacy preservation Data stored is sensitive. Only the application's users should be able to see and use the data.

# Guidelines

For the various parts, find guidelines. E.g. guidelines for Functional requirements.
Use them to generate the func req for your own project.

Same for the other parts.

# Entities in salesforce

Ask agentforce questions similar to the opp and contact question, to get the relationship between entities, and ask for the fields, tables and how and why they are related.

    Accounts: Represents a company or organization you do business with.
    Contacts: Individuals associated with an account.
    Opportunities: Potential sales or deals in progress.
    Leads: Potential customers or prospects.
    Cases: Customer support issues.
    Campaigns: Marketing projects you want to plan, manage, and track.
    Knowledge Articles: Pieces of content that provide information or instructions on specific topics.
    Tasks: Activities that need to be completed.
    Events: Scheduled meetings or appointments.
    Products: Items or services you sell.
    Quotes: Proposals for products or services.
    Orders: Confirmed requests for products or services.
    Assets: Items that a customer has purchased and owns.
    Contracts: Agreements between you and your customers.
    Solutions: Resolved issues or answers to common questions.


# Phase 1: Planning & Design**
1.Define Clear Requirements & Scope
1.1Understand the "Why": Clearly articulate the problem the application solves and the business goals.:

The Problem:

## 1.2 Final, Refined Problem Statement (Version 3)

https://www.atlassian.com/team-playbook/plays/problem-framing#instructions
**For:** The web agency's project, sales, and support teams.

**Who are trying to:** Seamlessly manage the entire client lifecycle—from initial lead generation and project execution to recurring payments and ongoing support.

**But are struggling because:** They rely on a patchwork of disconnected systems and manual processes. Critical information is fragmented across spreadsheets, email threads, generic project management tools, and personal notes, with no single, reliable source of truth.

**This fundamental lack of a central system leads to severe negative impacts across the business:**

*   **Operational Inefficiency:** Team members waste significant time <span style="background-color: #FFFACD;">searching multiple locations</span> for client information, leading to duplicated effort and reduced productivity.
*   **Lost Revenue Opportunities:** Without a clear, unified view of the sales pipeline, <span style="background-color: #FFFACD;">promising leads are not followed up on in a timely manner,</span> resulting in lost deals.
*   **Data Integrity Issues:** <span style="background-color: #FFFACD;">Information quickly becomes outdated or contradictory across different systems</span>, leading to embarrassing errors and poor decision-making.
*   **Poor Strategic Visibility:** It is nearly impossible to get an accurate, real-time overview of the sales pipeline, project status, or client support load, making forecasting and resource planning difficult.
*   **Revenue Leakage & Poor Cash Flow:** Tracking recurring retainer payments is difficult and prone to error, leading to missed or delayed invoices and unpredictable cash flow.
*   **Inconsistent Client Service:** With no standard process for logging and handling requests, the client experience can be inconsistent, potentially damaging the agency's reputation and client satisfaction.

**Ultimately, this operational chaos places a hard cap on the agency's ability to grow. As the number of clients increases, these problems compound, making it impossible to scale the business effectively.**

---

*   **Business Goals the CRM Solves:**
    *   **Increase Efficiency:** Reduce time spent searching for information and managing administrative tasks by centralizing all client, project, support, and payment data.
    *   **Improve Client Management:** Gain a 360-degree view of each client (contact info, project history, support tickets, payment status) to provide more informed and consistent service.
    *   **Streamline Sales Process:** Effectively track leads from initial contact through to becoming a client (Account/Contact) and starting a project (Opportunity). Ensure timely follow-ups.
    *   **Enhance Project/Task Tracking:** Manage the sales pipeline (Opportunities) and track non-project client work like support requests and maintenance tasks (Cases) systematically.
    *   **Stabilize Revenue Tracking:** Easily log and monitor monthly retainer payments, quickly identifying overdue accounts.
    *   **Provide Foundational Scalability:** Implement a system that can support the agency's current needs and grow with it, ensuring consistent processes even with more clients or team members.
    *   **Enable Basic Reporting:** Gain insights into the sales pipeline, common support issues, and client payment statuses to make better business decisions.

**<span style="background-color: #FFFACD;">In essence, the "Why" is to move from scattered, inefficient, and potentially error-prone manual processes to a centralized, streamlined, and reliable system that improves efficiency, client service, and revenue management for the web agency.</span>**

## 1.3Functional Requirements: Detail what the system must do (e.g., user registration, data display, calculations).

We will refine them after we decide what fields we need/will use for each core concept.

1. Source/Method: User Story Expansion
This is your primary tool. Take each high-level user story you wrote and break it down into the specific functions needed to make it happen.

    Resource: Your own list of user stories.

    How to use it: For a story like, "As a salesperson, I want to convert a Lead...", ask yourself:

        What button do I click?

        What information must I fill out?

        What happens in the background? (An Account is created, a Contact is created, etc.)

        What feedback do I get when it's done?

2. Source/Method: CRUD Analysis
This is a systematic, developer-focused way to ensure you cover the basics for every single data entity in your system (Lead, Account, Contact, etc.). CRUD stands for Create, Read, Update, Delete.

    Resource: Your Entity-Relationship Diagram (ERD).

    How to use it: Go through each entity on your ERD and list the requirements for each CRUD operation.
    
   

3. Source/Method: UI/UX Deconstruction (Reverse-Engineering)
* Resource: The Salesforce screenshots you uploaded.

Feature: Lead Management


CREATE


READ


UPDATE


DELETE


BUSINESS LOGIC


Core User Stories for Account Management

### Example

**Story 1: Creating a New Client Record**
> **As a** salesperson, **I want to** create a new Account record with key company details..., **so that** I can establish a single source of truth...

**Expansion Breakdown:**

*   **What button do I click?**
    *   On the main "Accounts" list page, there must be a primary button labeled "**New Account**".
    *   Potentially, a global "Add New" button in the main navigation could also have an "Account" option.

*   **What information must I fill out?**
    *   Clicking "New Account" should open a **modal dialog** or a dedicated "New Account" page containing a form.
    *   The form must contain fields for: `Account Name`, `Website`, `Phone`, `Billing Address`, etc.
    *   The `Account Name` field must be **required**. The form cannot be submitted without it. The other fields can be optional.

*   **What happens in the background?**
    *   The frontend application packages the form data into a JSON object.
    *   It sends a `POST` request to the backend API endpoint, e.g., `/api/accounts`.
    *   The backend API receives the request and **validates** the data (e.g., confirms `Account Name` is present).
    *   If valid, the backend creates a new record in the `accounts` database table.
    *   It sets the `owner_id` to the ID of the currently logged-in user.
    *   It sets the `is_active` field to `true` by default (our soft-delete rule).
    *   The backend returns a `201 Created` success response, including the newly created account's data (with its new ID).

*   **What feedback do I get?**
    *   Upon successful creation, the user is automatically **redirected** to the detail page for the newly created account (e.g., `/accounts/123`).
    *   A temporary success message (a "toast" notification) should appear at the top of the screen, saying "Account 'New Client Inc.' was created successfully."
    *   If the form submission fails due to invalid data, the modal/page should remain, displaying clear error messages next to the problematic fields (e.g., "Account Name cannot be empty.").



    

### Account Management

1. User Stories (The "Why")

*   **Story 1: Creating a New Client Record**
*   **Story 2: Finding a Specific Client Quickly**
*   **Story 3: Getting a Complete Client Overview, including confirmed orders**
*   **Story 4: Keeping Client Information Accurate**
*   **Story 5: Archiving Past Clients**

2. Technical Specification (The "How")

This section details the implementation required to satisfy all the user stories above.

**CREATE**
*   **User Action:** User clicks the primary "**New Account**" button on the main "Accounts" list page.
*   **UI Flow:**
    *   A **modal dialog** opens, presenting a form.
    *   The form must contain fields for `Account Name`, `Website`, `Phone`, `Billing Address`.
    *   The `Account Name` field is **required**.
*   **Backend Interaction:**
    *   **Endpoint:** `POST /api/accounts`
    *   **Request Body:** A JSON object containing the form data.
    *   **Logic:**
        1.  Validate that `Account Name` is present.
        2.  Create a new record in the `accounts` table.
        3.  Set `owner_id` to the ID of the currently logged-in user.
        4.  Set `is_active` to `true` by default.
*   **User Feedback:**
    *   **On Success:** The user is automatically redirected to the detail page for the newly created account (e.g., `/accounts/123`). A success toast appears: "Account '[New Client Name]' was created."
    *   **On Failure:** The modal remains open, displaying inline validation errors next to the problematic fields.

**READ**
*   **List View:**
    *   **User Action:** User navigates to the "/accounts" URL.
    *   **UI Flow:** A page displays a table of all accounts where `is_active = true`.
    *   **Backend Interaction:**
        *   **Endpoint:** `GET /api/accounts`
        *   **Logic:** The endpoint must support query parameters for filtering (`?filter=...`), sorting (`?sort=...`), and pagination.
    *   **Functionality:**
        *   The table must have sortable columns for `Account Name`, `Phone Number`, and `Account Owner`.
        *   A search bar must be present to filter the list by `Account Name` in real-time.
        *   The `Account Name` in each row is a hyperlink to its detail page.
*   **Detail View (360° View):**
    *   **User Action:** User clicks on an account's name in the list view.
    *   **UI Flow:** The application navigates to `/accounts/{id}` and displays the full detail page. The page is visually divided into a main panel for account fields and related lists for associated records (Contacts, Opportunities, etc.).
    *   **Backend Interaction:**
        *   **Endpoint:** `GET /api/accounts/{id}`
        *   **Logic:** The API must fetch the Account's primary data *and* execute efficient queries to fetch all its related records.
    *   **User Feedback:** If the Account ID is invalid, a "404 Not Found" page is displayed.

**UPDATE**
*   **User Action:** User clicks an "Edit" button on the detail page.
*   **UI Flow:** The detail fields become editable form inputs. A "Save" and "Cancel" button appear.
*   **Backend Interaction:**
    *   **Endpoint:** `PUT /api/accounts/{id}`
    *   **Request Body:** A JSON object with only the fields that were changed.
    *   **Logic:** The backend validates the incoming data and updates the record in the database.
*   **User Feedback:** On success, the fields become read-only again, and a "Save successful" toast is displayed.

**BUSINESS LOGIC: Deactivation (Soft Delete)**
*   **User Action:** User clicks a "Deactivate" button on the Account detail page.
*   **UI Flow:** A confirmation modal appears: "Are you sure you want to deactivate this account? All historical data will be preserved."
*   **Backend Interaction:**
    *   **Endpoint:** `PUT /api/accounts/{id}`
    *   **Request Body:** `{ "is_active": false }`
    *   **Logic:** The `is_active` flag for the specified account is updated to `false`.
*   **User Feedback:** After confirmation, the user is redirected to the main Account list, and the deactivated account is no longer visible.

---

Conclusion

**This is the definitive format.**

It successfully combines:
1.  **The "Why"**: The user stories at the top provide context.
2.  **The "How"**: The detailed, step-by-step breakdown of every user action, UI change, backend interaction, and feedback loop.
3.  **The Organization**: The CRUD + Business Logic headings provide a clean, logical structure that is incredibly efficient for a developer to follow.


*   **User Registration:** 
     Only an Administrator can create new user accounts. There will be no public-facing registration page. This is a key security and control measure.

### 1.3.2  User Authentication & Management

1. User Stories (The "Why")

For the System Administrator:

*   **Story 1: Onboarding New Employees**
    > **As an** administrator,
    > **I want to** create new user accounts with their name, email, and role (Admin/User),
    > **so that** I can securely grant new employees access to the CRM.
For the Standard User (Salesperson, Account Manager, etc.):

*   **Story 2: Accessing the System**
    > **As a** user,
    > **I want to** log in with my email and password,
    > **so that** I can securely access the CRM to perform my daily tasks.

*   **Story 3: Maintaining a Session**
    > **As a** user,
    > **I want to** remain logged in as I navigate the application and even if I close the browser tab,
    > **so that** I don't have to waste time re-entering my credentials repeatedly during my workday.

*   **Story 4: Securely Exiting the System**
    > **As a** user,
    > **I want to** explicitly log out of the application,
    > **so that** I can ensure my session is securely terminated, especially when using a shared computer.

2. Technical Specification (The "How")

This section details the implementation required to satisfy all the user stories above.

**Data Model: `users` Table**
*   **Fields:**
    *   `id` (Primary Key)
    *   `name` (String)
    *   `email` (String, must be unique)
    *   `password_hash` (String) - **CRITICAL:** Never store plain-text passwords. Use a strong, one-way hashing algorithm like **bcrypt**.
    *   `role` (Enum: 'user', 'admin')
    *   `is_active` (Boolean, default true)

**User Creation (Admin-Only)**
*   **User Action:** An authenticated Admin navigates to a "User Management" section in the application settings.
*   **UI Flow:**
    *   Admin clicks a "New User" button.
    *   A form appears to enter the new user's `Name`, `Email`, and select their `Role`.
*   **Backend Interaction:**
    *   **Endpoint:** `POST /api/admin/users` (This route must be protected and only accessible by users with the 'admin' role).
    *   **Logic:**
        1.  Validate the request data (e.g., is the email format valid? Is the email already in use?).
        2.  Generate a secure, temporary password.
        3.  **Hash the temporary password** using bcrypt.
        4.  Save the new user record to the `users` table.
        5.  **Best Practice:** Trigger an email to the new user's address containing their login details and a link to a page where they must set their own permanent password.
*   **User Feedback:** A success message is shown to the Admin: "User '[New User Name]' created and welcome email sent."

**Login Process**
*   **User Action:** A non-authenticated user accesses the application and is presented with the login page. They enter their email and password and click "Login".
*   **UI Flow:** A simple form with "Email" and "Password" fields and a "Login" button.
*   **Backend Interaction:**
    *   **Endpoint:** `POST /api/auth/login`
    *   **Logic:**
        1.  Find the user in the database by their email address.
        2.  If no user is found, return a generic error. **Do not** reveal that the email address doesn't exist.
        3.  If a user is found, use the bcrypt library to compare the submitted password with the `password_hash` stored in the database.
        4.  If the passwords match, generate a session token (**JWT - JSON Web Token** is the recommended standard).
        5.  Return the JWT to the client.
*   **User Feedback:**
    *   **On Success:** The user is redirected to the application's Home Page (`/home`). The JWT is stored securely on the client (e.g., in an `httpOnly` cookie).
    *   **On Failure:** The login page displays a single, generic error message: "Invalid email or password."

**Session Management (Authenticated Requests)**
*   **Frontend Logic:** For every subsequent API request to a protected endpoint (e.g., `GET /api/accounts`), the browser must automatically send the stored JWT (in the cookie) with the request.
*   **Backend Logic:** A **middleware** layer must be applied to all protected API routes. This middleware will:
    1.  Inspect the request for the JWT.
    2.  Validate the JWT's signature and expiration date.
    3.  If the token is valid, allow the request to proceed to the intended controller.
    4.  If the token is invalid, expired, or missing, reject the request with a `401 Unauthorized` status code.

**Logout Process**
*   **User Action:** An authenticated user clicks the "Logout" button, typically in a user profile dropdown menu.
*   **UI Flow:** The application immediately invalidates the user's session on the client side.
*   **Backend Interaction:**
    *   **Endpoint:** `POST /api/auth/logout`
    *   **Logic:** The client-side application should simply delete the stored JWT. The backend can optionally implement a token "blacklist" for higher security, but for an internal tool, client-side deletion is often sufficient.
*   **User Feedback:** The user is immediately redirected to the login page.


Contacts are the individuals associated with Accounts. The key business rule is that a Contact cannot exist without being linked to an Account. This relationship will be central to our design.

---

### 1.3.3 Feature Specification: Contact Management

1. User Stories (The "Why")

For the Account Manager / Salesperson:

*   **Story 1: Building a Client Roster**
    > **As an** account manager,
    > **I want to** add a new Contact record directly to an existing Account,
    > **so that** I can build a complete roster of all the key people associated with a client.

*   **Story 2: Finding a Person's Details**
    > **As a** salesperson,
    > **I want to** view a list of all contacts in the system and be able to search for them by name or company, including     including their contacts, sales opportunities, and confirmed orders,
    > **so that** I can quickly find a person's phone number or email, even if I forget which company they work for.

*   **Story 3: Keeping Contact Information Current**
    > **As an** account manager,
    > **I want to** easily update a Contact's information, such as their title or phone number,
    > **so that** our client records remain accurate when people change roles.

*   **Story 4: Archiving Former Contacts**
    > **As an** administrator,
    > **I want to** deactivate a Contact record when an individual leaves a client company,
    > **so that** they no longer appear in active lists, but their historical involvement in past deals and support cases is preserved.

2. Technical Specification (The "How")

This section details the implementation required to satisfy all the user stories above.

**Data Model: `contacts` Table**
*   **Fields:**
    *   `id` (Primary Key)
    *   `first_name` (String, required)
    *   `last_name` (String, required)
    *   `email` (String, unique, optional)
    *   `phone` (String, optional)
    *   `title` (String, optional)
    *   `account_id` (Foreign Key to `accounts.id`, **required**). A Contact must always belong to an Account.
    *   `owner_id` (Foreign Key to `users.id`, required)
    *   `is_active` (Boolean, default true)

**CREATE**
*   **User Action:** User clicks the "**New Contact**" button within the "Contacts" related list on an **Account Detail Page**.
*   **UI Flow:**
    *   A **modal dialog** opens with a form.
    *   The `Account Name` is pre-filled and read-only, confirming the association.
    *   The form must contain fields for `First Name`, `Last Name`, `Email`, `Phone`, and `Title`.
    *   `First Name` and `Last Name` are **required**.
*   **Backend Interaction:**
    *   **Endpoint:** `POST /api/contacts`
    *   **Request Body:** A JSON object containing the form data, including the `account_id`.
    *   **Logic:**
        1.  Validate that `first_name`, `last_name`, and a valid `account_id` are present.
        2.  Create a new record in the `contacts` table.
        3.  Set `owner_id` to the ID of the currently logged-in user.
*   **User Feedback:**
    *   **On Success:** The modal closes, and the new contact immediately appears in the "Contacts" related list on the Account page. A success toast appears: "Contact '[First Name] [Last Name]' was created."
    *   **On Failure:** The modal remains open, displaying inline validation errors.

**READ**
*   **List View:**
    *   **User Action:** User navigates to the "/contacts" URL.
    *   **UI Flow:** A page displays a table of all active contacts.
    *   **Backend Interaction:**
        *   **Endpoint:** `GET /api/contacts`
        *   **Logic:** The API query must **join** with the `accounts` table to include the `Account Name` in the response.
    *   **Functionality:**
        *   The table must have sortable columns for `Contact Name`, `Account Name`, `Email`, and `Phone`.
        *   A search bar must filter the list by `Contact Name` or `Account Name`.
        *   The `Contact Name` is a hyperlink to its detail page.
*   **Detail View:**
    *   **User Action:** User clicks on a contact's name from any list.
    *   **UI Flow:** The application navigates to `/contacts/{id}` and displays the full detail page for the contact, including their association with their Account.
    *   **Backend Interaction:** `GET /api/contacts/{id}`
    *   **User Feedback:** If the Contact ID is invalid, a "404 Not Found" page is displayed.

**UPDATE**
*   **User Action:** User clicks an "Edit" button on the Contact detail page.
*   **UI Flow:** The detail fields become editable form inputs. A "Save" and "Cancel" button appear.
*   **Backend Interaction:**
    *   **Endpoint:** `PUT /api/contacts/{id}`
    *   **Logic:** The backend validates and updates the record.
*   **User Feedback:** On success, the fields become read-only again, and a "Save successful" toast is displayed.

**BUSINESS LOGIC: Deactivation (Soft Delete)**
*   **User Action:** User clicks a "Deactivate" button on the Contact detail page.
*   **UI Flow:** A confirmation modal appears: "Are you sure you want to deactivate this contact?"
*   **Backend Interaction:**
    *   **Endpoint:** `PUT /api/contacts/{id}`
    *   **Request Body:** `{ "is_active": false }`
*   **User Feedback:** After confirmation, the user is returned to the previous page (e.g., the Account detail page or the main Contact list), and the contact is no longer visible in active lists.

### 1.3.4 Lead Management

This feature is the primary entry point for new business into the CRM. Its most critical component is the conversion process.

 1. User Stories (The "Why")

*   **Story 1: Capturing New Interest**
    > **As a** salesperson,
    > **I want to** quickly create a new Lead record whenever I get a new inquiry,
    > **so that** no potential business falls through the cracks.

*   **Story 2: Managing My Prospect List**
    > **As a** salesperson,
    > **I want to** see a list of all my open Leads,
    > **so that** I can prioritize my outreach and follow-up activities for the day.

*   **Story 3: Seamlessly Converting a Prospect to a Client**
    > **As a** salesperson,
    > **I want to** convert a qualified Lead which automatically creates an Account, Contact, and Opportunity with a single action,
    > **so that** I can avoid manual data re-entry and seamlessly transition from prospecting to managing a real sales deal.

*   **Story 4: Lead Source**
    > **As an** agency owner,
    > **I want to** know where my new business is coming from,
    > **so that** I can invest in the most effective marketing channels.

2. Technical Specification (The "How")

**Data Model: `leads` Table**
*   **Fields:** `id`, `first_name`, `last_name`, `company` (required), `email`,`lead_source`, `phone`, `status` (Enum: 'New', 'Contacted', 'Qualified', 'Converted'), `owner_id` (FK to `users.id`).

**CREATE**
*   **User Action:** Clicks "New Lead" button.
*   **UI Flow:** A modal form appears for Lead details. `Last Name`, `Company`, and `Status` are required.
*   **Backend Interaction:** `POST /api/leads`. Validates data, creates the record, assigns the current user as `owner_id`.
*   **User Feedback:** On success, redirects to the new Lead's detail page with a success toast.

**READ**
*   **List View:**
    *   **User Action:** Navigates to "/leads".
    *   **UI Flow:** Displays a table of all Leads where `status != 'Converted'`.
    *   **Backend Interaction:** `GET /api/leads`. Supports filtering by `status` and `owner_id`.
*   **Detail View:**
    *   **User Action:** Clicks a Lead's name.
    *   **UI Flow:** Navigates to `/leads/{id}`. Displays all Lead fields and a related list for Activities.
    *   **Backend Interaction:** `GET /api/leads/{id}`.

**UPDATE**
*   **User Action:** Clicks "Edit" on the detail page. The most common update is changing the `Status` field.
*   **UI Flow:** Fields become editable.
*   **Backend Interaction:** `PUT /api/leads/{id}`.
*   **User Feedback:** "Save successful" toast.

**BUSINESS LOGIC: Lead Conversion**
*   **User Action:** Clicks the "**Convert**" button on a qualified Lead's detail page.
*   **UI Flow:** A dedicated conversion modal appears. It shows the data that will be used to create the new records and requires the user to enter a name for the new **Opportunity**.
*   **Backend Interaction:**
    *   **Endpoint:** `POST /api/leads/{id}/convert`
    *   **Logic:** This is a critical transaction.
        1.  **Start a database transaction.**
        2.  Create a new `Account` record using `company` name from the Lead.
        3.  Create a new `Contact` record using name/email/phone from the Lead, linking it to the new Account's ID.
        4.  Create a new `Opportunity` record with the user-provided name, linking it to the new Account's ID.
        5.  Update the original `Lead`'s status to 'Converted'.
        6.  **Commit the transaction.** If any step fails, the entire operation must be rolled back.
*   **User Feedback:** A success screen appears, confirming the conversion and providing direct links to the newly created Account, Contact, and Opportunity records.

---


### 1.3.5 Opportunity Management

This feature tracks active sales deals. It is the core of the sales pipeline, where potential revenue is managed from initial proposal to a final, confirmed deal.

1. User Stories (The "Why")

*   **Story 1: Building a Deal with Products**
    > **As a** salesperson, I want to build a deal by adding specific `Products` from our catalog to an `Opportunity`, so that I can create a detailed list of what we are proposing to sell.

*   **Story 2: Setting Custom Prices**
    > **As a** salesperson, I want to set a custom `sale_price` and `quantity` for each product I add to an Opportunity, so that I can handle variable pricing and discounts specific to that deal.

*   **Story 3: Automatic Deal Value Calculation**
    > **As a** salesperson, I want the total `Opportunity` amount to be **automatically calculated** based on the sum of all line items, so that the deal value is always accurate and requires no manual calculation.

*   **Story 4: Visualizing the Sales Pipeline**
    > **As a** sales manager, I want to see all open Opportunities in a pipeline view grouped by stage, so that I can forecast revenue and understand the health of our sales process.

*   **Story 5: Identifying Key Stakeholders**
    > **As a** salesperson, I want to assign specific `Contacts` to an `Opportunity` with defined roles (e.g., 'Decision Maker'), so that I know exactly who to talk to at each stage of the deal.

2. Technical Specification (The "How")

**Data Model: `opportunities`, `opportunity_line_items`, & `opportunity_contact_roles` Tables**
*   **`opportunities` Fields:** `id`, `name` (required), `stage` (Enum), `close_date`, `lead_source`, `probability`, `account_id` (FK), `owner_id` (FK).
    *   *Note: The `amount` field is no longer stored in this table; it is a calculated value.*
*   **`opportunity_line_items` Fields:** `id`, `opportunity_id` (FK), `product_id` (FK), `quantity`, `sale_price`.

**CREATE**
*   **User Action:** Clicks "New Opportunity" from an Account's related list or as part of Lead Conversion.
*   **UI Flow:** A modal form appears. `Name` and `Stage` are required. The `Account` is pre-filled.
*   **Backend Interaction:** `POST /api/opportunities`.
*   **User Feedback:** The new, empty Opportunity is created and the user is redirected to its detail page to begin adding products.

**READ**
*   **List View (Pipeline):**
    *   **UI Flow:** A page displaying Opportunities in a Kanban-style view with columns for each `Stage`. Each Opportunity card should display the `name`, `Account Name`, and the **calculated total amount**.
    *   **Backend Interaction:** `GET /api/opportunities`. The API must calculate the total amount for each opportunity by summing its line items before returning the response.
*   **Detail View:**
    *   **UI Flow:** Displays all Opportunity fields. The main `Amount` field is a prominent, read-only, calculated sum of all line items. Contains related lists for **Line Items**, **Contact Roles**, and **Activities**.
    *   **Backend Interaction:** `GET /api/opportunities/{id}`. The API response must include all related line items and contact roles.

**UPDATE**
*   **User Action:** Drags an Opportunity card to a new stage in the Kanban view, or edits fields on the detail page.
*   **Backend Interaction:** `PUT /api/opportunities/{id}`.

**BUSINESS LOGIC**
*   **Managing Line Items:**
    *   **User Action:** Clicks "Add Product" within the "Line Items" related list on the Opportunity detail page.
    *   **UI Flow:** A modal appears that allows the user to search the `products` catalog. After selecting a product, the user enters a `quantity` and a `sale_price`. The `sale_price` field defaults to the selected product's `standard_list_price` but can be overridden.
    *   **Backend Interaction:**
        *   `POST /api/opportunities/{id}/line_items` to add a new line item.
        *   `PUT /api/opportunities/{id}/line_items/{line_item_id}` to edit an existing one.
        *   `DELETE /api/opportunities/{id}/line_items/{line_item_id}` to remove one.
    *   **User Feedback:** The Line Items list on the page updates instantly. The main calculated `Opportunity Amount` updates instantly.
*   **Managing Contact Roles:**
    *   **User Action:** Clicks "Add Contact Role" on the Opportunity detail page.
    *   **UI Flow:** A modal appears allowing the user to search for existing `Contacts` from the parent Account and assign them a `role` from a dropdown.
    *   **Backend Interaction:** `POST /api/opportunities/{id}/contact_roles`.
*   **Automatic Probability Update:**
    *   **Backend Logic:** Whenever an Opportunity's `stage` is updated, the system should automatically update the `probability` field based on predefined business rules (e.g., 'Qualifying' = 10%, 'Proposal' = 50%, 'Negotiation' = 75%).
*   **Generating an Order:**
    *   **User Action:** Clicks a "Generate Order" button, which is only visible when the Opportunity `stage` is "Closed Won".
    *   **Backend Interaction:** `POST /api/opportunities/{id}/generate-order`. This creates a new `Order` and corresponding `OrderLineItems` based on the final state of the Opportunity's line items.

---





### 1.3.6 Case Management

This feature handles client support issues, separating the support workflow from the sales workflow.

1. User Stories (The "Why")

*   **Story 1: Logging a Client Issue**
    > **As an** account manager,
    > **I want to** create a new Case when a client reports an issue, linking it to their Account and Contact record,
    > **so that** we have a formal record of the problem.

*   **Story 2: Managing the Support Queue**
    > **As a** support agent,
    > **I want to** see a list of all open Cases, prioritized by their status and priority,
    > **so that** I know which client issue to work on next.

2. Technical Specification (The "How")

**Data Model: `cases` Table**
*   **Fields:** `id`, `subject` (required), `status` (Enum: 'New', 'In Progress', 'Closed'), `priority`, `account_id` (FK), `contact_id` (FK), `owner_id` (FK).

**CREATE**
*   **User Action:** Clicks "New Case" from an Account's or Contact's related list.
*   **UI Flow:** A modal form appears. `Subject` and `Status` are required. The Account/Contact are pre-filled.
*   **Backend Interaction:** `POST /api/cases`.

**READ**
*   **List View:** A table of all Cases, filterable by `Status` and `Priority`.
*   **Detail View:** Displays all Case fields and a related list for Activities.

**UPDATE**
*   **User Action:** Edits the Case, most commonly updating the `Status` from 'New' to 'In Progress' to 'Closed'.
*   **Backend Interaction:** `PUT /api/cases/{id}`.



Analysis of the UI Screenshots

**"New Task" Modal:**
*   **Assigned To:** This is our `assigned_to_id` (FK to `users`). It's a required lookup to a User.
*   **Related To:** This is our polymorphic `what_id`/`what_type`. It's a lookup that can search across Accounts, Opportunities, etc. (non-people).
*   **Subject:** This is our `subject` field. Required.
*   **Name:** This is our polymorphic `who_id`/`who_type`. It's a lookup that searches Contacts and Leads (people).
*   **Due Date:** This is our `due_date` field.
*   **Comments:** This is our `description` field.
*   **Status:** This is our `status` field. Required.
*   **Priority:** This is our `priority` field. Required.

**"New Event" Modal:**
*   **Subject:** Our `subject` field. Required.
*   **Description:** Our `description` field.
*   **Start / End:** These map to our `start_time` and `end_time` fields. Required.
*   **Attendees:** This is interesting. In our model, this would be handled by `assigned_to_id` and potentially linking other users in the future (a V2 feature). For the MVP, assigning it to one user is sufficient.
*   **Name (Related Records):** This is the `who_id`/`who_type` field.
*   **Related To (Related Records):** This is the `what_id`/`what_type` field.
*   **Assigned To (Related Records):** This is the `assigned_to_id` field.
*   **Location:** We should add this field to our `activities` table. It will be `NULL` for tasks.
*   **All-Day Event:** This is a boolean flag. We should add `is_all_day_event` to our `activities` table.

### 1.3.7 Activity Management (Tasks & Events)

1. User Stories (The "Why")

*   **Story 1: Creating a Contextual To-Do Item**
    > **As a** salesperson,
    > **I want to** create a Task like "Follow up on proposal" and relate it *both* to the 'Awesome Project' Opportunity *and* the 'Jane Doe' Contact,
    > **so that** the task appears in the timeline for the deal and also in my activity history with that specific person.

*   **Story 2: Scheduling a Client Meeting**
    > **As an** account manager,
    > **I want to** schedule an Event (a meeting) and link it to the client's Account record,
    > **so that** anyone viewing the Account can see that a meeting is scheduled.

*   **Story 3: Viewing My Daily Agenda**
    > **As a** user,
    > **I want to** see a single, unified list of all my open Tasks and upcoming Events, sorted chronologically,
    > **so that** I have a clear picture of my workload and schedule for the day.

2. Technical Specification (The "How")

**Data Model: `activities` Table**
*   **Fields:**
    *   `id` (PK)
    *   `type` (Enum: 'Task', 'Event', required)
    *   `subject` (String, required)
    *   `description` (Text, optional)
    *   `status` (Enum: 'Not Started', 'In Progress', 'Completed', 'Waiting on someone else', 'Deferred')
    *   `priority` (Enum: 'High', 'Normal', 'Low', for Tasks)
    *   `due_date` (Date, for Tasks)
    *   `start_time` (DateTime, for Events)
    *   `end_time` (DateTime, for Events)
    *   `is_all_day_event` (Boolean, default false, for Events)
    *   `location` (String, optional, for Events)
    *   `assigned_to_id` (FK to `users.id`, required)
    *   `what_id` (Integer, nullable) - ID of the non-person object.
    *   `what_type` (String, nullable) - Model name: 'Account', 'Opportunity', 'Case'.
    *   `who_id` (Integer, nullable) - ID of the person object.
    *   `who_type` (String, nullable) - Model name: 'Contact', 'Lead'.

**CREATE**
*   **User Action:** Clicks "New Task" or "New Event" from a global button or a related list.
*   **UI Flow:**
    *   A modal form appears, titled either "New Task" or "New Event".
    *   The form dynamically displays the correct fields based on the type:
        *   **If 'Task':** Shows `Due Date`, `Status`, `Priority`.
        *   **If 'Event':** Shows `Start/End Time`, `Location`, `All-Day Event` checkbox.
    *   Both forms include `Subject`, `Assigned To`, `Related To` (What), and `Name` (Who).
*   **Backend Interaction:**
    *   **Endpoint:** `POST /api/activities`
    *   **Request Body:** A JSON object containing all relevant details. The `type` field is mandatory.
*   **User Feedback:** The new activity appears in relevant lists/views. A success toast is shown.

**READ**
*   **Task View ("To-Do List"):**
    *   **UI Flow:** A dedicated page showing a list of all activities where `type = 'Task'` and `status != 'Completed'`, assigned to the current user.
    *   **Backend Interaction:** `GET /api/activities?type=Task&assigned_to=me&status_ne=Completed`
*   **Event View ("Calendar"):**
    *   **UI Flow:** A dedicated page showing a calendar view (e.g., using a library like FullCalendar).
    *   **Backend Interaction:** `GET /api/activities?type=Event&assigned_to=me`. The API should accept date range parameters (e.g., `start_date`, `end_date`) to fetch events for the visible month/week.
*   **Contextual View (Activity Timeline):**
    *   **UI Flow:** Appears on detail pages for Accounts, Opportunities, etc.
    *   **Backend Interaction:** The API for the parent record (e.g., `GET /api/opportunities/{id}`) should return a sorted list of all related activities.



### 1.3.8 Product Management

This feature allows administrators to manage the catalog of products and services that the company sells. This catalog serves as the foundation for building deals in Opportunities.

1. User Stories (The "Why")

*   **Story 1: Creating a Catalog Item**
    > **As an** administrator, I want to create a new product or service in our catalog, defining its name and a standard price, so that it's available for the sales team to add to their deals.

*   **Story 2: Maintaining the Catalog**
    > **As an** administrator, I want to view and edit all the products in our catalog, so that I can keep our service offerings and standard pricing up-to-date.

*   **Story 3: Retiring a Product**
    > **As an** administrator, I want to deactivate a product we no longer offer, so that it doesn't appear in searches for new deals but is preserved for historical accuracy on old opportunities.

2. Technical Specification (The "How")

**Data Model: `products` Table**
*   **Fields:** `id` (PK), `name` (String, required), `description` (Text, optional), `standard_list_price` (Decimal, required, can default to 0.00), `is_active` (Boolean, default true).

**CREATE**
*   **User Action:** An authenticated Administrator navigates to the "Product Catalog" settings page and clicks a "New Product" button.
*   **UI Flow:**
    *   A modal dialog or dedicated page opens with a form.
    *   The form must contain fields for `Name`, `Description`, and `Standard List Price`.
    *   The `Name` field is required.
*   **Backend Interaction:**
    *   **Endpoint:** `POST /api/products` (This endpoint must be protected and accessible only by users with the 'Admin' role).
    *   **Request Body:** A JSON object containing the new product's data.
    *   **Logic:** The backend validates the data and creates a new record in the `products` table.
*   **User Feedback:**
    *   On Success: A success toast appears ("Product '[Product Name]' was created."), and the new product is immediately visible in the main product list.
    *   On Failure: The form remains open, displaying any relevant validation errors.

**READ**
*   **List View:**
    *   **User Action:** An administrator navigates to the "Product Catalog" settings page (e.g., `/admin/products`).
    *   **UI Flow:** A page displays a table of all products. The view should visually distinguish between active and inactive products (e.g., inactive ones are grayed out).
    *   **Backend Interaction:**
        *   **Endpoint:** `GET /api/products`
        *   **Logic:** The endpoint should return all products, including inactive ones, for the administrator's view.
    *   **Functionality:** The table should have sortable columns for `Name`, `Standard List Price`, and `Status`.

**UPDATE**
*   **User Action:** An administrator clicks an "Edit" button next to a product in the list.
*   **UI Flow:** The same form used for creation opens, but pre-filled with the selected product's data.
*   **Backend Interaction:**
    *   **Endpoint:** `PUT /api/products/{id}` (Admin-only).
    *   **Request Body:** A JSON object with the fields to be updated.
*   **User Feedback:** On success, a "Save successful" toast is displayed, and the list updates with the new information.

**BUSINESS LOGIC: Deactivation (Soft Delete)**
*   **User Action:** An administrator clicks a "Deactivate" button on an active product.
*   **UI Flow:** A confirmation modal appears: "Are you sure you want to deactivate this product? It will no longer be available to add to new opportunities."
*   **Backend Interaction:**
    *   **Endpoint:** `PUT /api/products/{id}` (Admin-only).
    *   **Request Body:** `{ "is_active": false }`
    *   **Logic:** The `is_active` flag for the specified product is updated to `false`. The record is not deleted.
*   **User Feedback:** After confirmation, the product's status visually changes to "Inactive" in the list.



### 1.3.9 Orders Management

This feature formalizes a confirmed sale. An Order is an immutable record of what a client has committed to purchase, created after an Opportunity is won. It serves as the primary object for tracking fulfillment and billing.

1. User Stories (The "Why")

*   **Story 1: Formalizing a Won Deal**
    > **As a** salesperson or account manager, I want to generate a formal `Order` from a "Closed Won" Opportunity with a single click, so that I can create an immutable record of the confirmed sale.

*   **Story 2: Creating a Source of Truth for Billing**
    > **As an** administrator, I want to view an `Order` and see the exact line items, prices, and quantities that the client agreed to, so that I have a clear source of truth for billing and fulfillment.

*   **Story 3: Tracking Order Fulfillment**
    > **As an** account manager, I want to track the status of an `Order` (e.g., 'Awaiting Payment', 'Paid in Full', 'Fulfilled'), so I know the current state of the client's commitment and our delivery process.

2. Technical Specification (The "How")

**Data Model: `orders` & `order_line_items` Tables**
*   **`orders` Fields:** `id` (PK), `order_date` (Date), `status` (Enum: 'Awaiting Payment', 'Partially Paid', 'Paid in Full', 'Fulfilled', 'Cancelled'), `account_id` (FK), `opportunity_id` (FK).
    *   *Note: The total amount is a calculated value, not a stored field.*
*   **`order_line_items` Fields:** `id` (PK), `order_id` (FK), `product_id` (FK), `quantity`, `price_at_purchase` (Decimal).

**CREATE**
*   **User Action:** This is not a direct user action on an "Order" object. Orders are created exclusively via the "Generate Order" business logic on a won Opportunity. See the Business Logic section for details.

**READ**
*   **List View:**
    *   **User Action:** User navigates to the top-level `/orders` page.
    *   **UI Flow:** A page displays a searchable and sortable table of all orders.
    *   **Functionality:** Key columns include a unique `Order Number` (which can be generated from the `id`), `Account Name`, `Order Date`, `Status`, and the **calculated Total Amount**. The Order Number links to the detail view.
    *   **Backend Interaction:** `GET /api/orders`. The API must join with other tables to fetch account names and calculate the total for each order before returning the response.
*   **Detail View:**
    *   **User Action:** User clicks on an Order Number from the list view or a related list.
    *   **UI Flow:** The application navigates to `/orders/{id}`. The page displays all Order details, with the `Total Amount` shown prominently as a calculated sum. It contains related lists for **Line Items** and **Payments**.
    *   **Backend Interaction:** `GET /api/orders/{id}`. The API response must include all related `order_line_items` and `payments`.

**UPDATE**
*   **User Action:** An administrator or account manager clicks "Edit" on the Order detail page.
*   **UI Flow:** The only editable field should be the `Status`. Other details are immutable as they represent a historical record.
*   **Backend Interaction:**
    *   **Endpoint:** `PUT /api/orders/{id}`
    *   **Request Body:** A JSON object with the updated `status`.
*   **User Feedback:** On success, a "Save successful" toast is displayed, and the status is updated on the page.

**BUSINESS LOGIC**
*   **Generating an Order from an Opportunity:**
    *   **User Action:** Clicks a "Generate Order" button on an Opportunity detail page (button is only visible if `stage` is "Closed Won").
    *   **UI Flow:** A confirmation modal appears: "This will create a formal order for this opportunity. Are you sure?"
    *   **Backend Interaction:**
        *   **Endpoint:** `POST /api/opportunities/{id}/generate-order`
        *   **Logic:** This must be a database transaction.
            1.  Create a new `Order` record, linking it to the `opportunity_id` and `account_id`. Set its initial `status` to 'Awaiting Payment'.
            2.  Iterate through all `opportunity_line_items` related to the source opportunity.
            3.  For each one, create a new `order_line_items` record, copying the `product_id`, `quantity`, and `sale_price` (which becomes `price_at_purchase`).
            4.  Commit the transaction.
    *   **User Feedback:** On success, the user is redirected to the newly created Order's detail page (`/orders/{new_id}`).
*   **Cancelling an Order:**
    *   **User Action:** Clicks a "Cancel Order" button on an Order that is not yet 'Fulfilled'.
    *   **UI Flow:** A confirmation modal appears.
    *   **Backend Interaction:** `PUT /api/orders/{id}` with a request body of `{ "status": "Cancelled" }`. This is preferable to a soft delete for financial records.

### 1.3.10 Payments Management

This feature allows for logging and tracking financial transactions against confirmed `Orders`. It provides a clear and auditable history of payments, which is essential for accurate accounting and managing client balances. For the MVP, this is a manual logging system.

1. User Stories (The "Why")

*   **Story 1: Recording a Client Payment**
    > **As an** administrator, I want to log a `Payment` against a specific `Order`, recording the amount, date, and method, so that we can track the financial status of each confirmed sale.

*   **Story 2: Viewing a Project's Payment History**
    > **As an** account manager, I want to view an `Order` and see a complete history of all payments made against it, along with the remaining balance due, so that I can easily answer client questions about billing.

*   **Story 3: Tracking Retainer Payments**
    > **As an** administrator, when logging a retainer payment, I want to specify the `service_period` it covers, so that we can accurately track monthly recurring revenue.

2. Technical Specification (The "How")

**Data Model: `payments` Table**
*   **Fields:** `id` (PK), `amount` (Decimal, required), `payment_date` (Date, required), `payment_method` (Enum: 'Stripe', 'PayPal', 'Cash', 'Bank Transfer', required), `status` (Enum: 'Completed', 'Pending', 'Failed'), `transaction_id` (String, nullable), `notes` (Text, nullable), `order_id` (FK to `orders.id`, required), `service_period_start` (Date, nullable), `service_period_end` (Date, nullable).

**CREATE**
*   **User Action:** An administrator clicks the "**Log Payment**" button within the "Payments" related list on an **Order Detail Page**.
*   **UI Flow:**
    *   A modal dialog opens with a form for payment details.
    *   The `Order Number` is displayed for context.
    *   The `Amount`, `Payment Date`, and `Payment Method` fields are **required**.
    *   An optional checkbox, "Is this for a retainer service period?", reveals the `service_period_start` and `service_period_end` date fields.
*   **Backend Interaction:**
    *   **Endpoint:** `POST /api/payments`
    *   **Request Body:** A JSON object containing the payment details, including the parent `order_id`.
    *   **Logic:**
        1.  The backend validates the data and creates a new record in the `payments` table.
        2.  After saving the payment, the backend should re-calculate the total paid amount for the parent `Order` and update the `Order.status` accordingly (e.g., to 'Partially Paid' or 'Paid in Full'). This logic should be encapsulated in a service or model method.
*   **User Feedback:**
    *   The modal closes, and the new payment immediately appears in the "Payments" related list on the Order page.
    *   The parent Order's status and balance due are updated on the page without a full reload.
    *   A success toast appears: "Payment of [Amount] was logged successfully."

**READ**
*   **List View:**
    *   **User Action:** User navigates to the top-level `/payments` page.
    *   **UI Flow:** A page displays a searchable and sortable table of all payment records.
    *   **Functionality:** Columns include `Payment Date`, `Amount`, `Payment Method`, and the parent **`Order Number`** and **`Account Name`** (as hyperlinks).
    *   **Backend Interaction:** `GET /api/payments`. The API must join with the `orders` and `accounts` tables to include their details in the response.
*   **Contextual View:**
    *   **UI Flow:** Payments are primarily viewed within the "Payments" related list on the `Order` detail page.

**UPDATE**
*   **User Action:** Clicks an "Edit" button on a specific payment record.
*   **UI Flow:** The "Log Payment" modal opens, pre-filled with the existing data.
*   **Backend Interaction:**
    *   **Endpoint:** `PUT /api/payments/{id}`
    *   **Logic:** After updating the payment, the backend must trigger the same recalculation of the parent `Order`'s status as in the CREATE step.
*   **User Feedback:** "Payment record updated successfully." The parent Order's status is updated if necessary.

**DELETE (Voiding)**
*   **Rationale:** Financial records should never be permanently deleted from the database to maintain a clear audit trail. We will use a "void" status instead of a soft delete for clarity.
*   **User Action:** Clicks a "Void Payment" button on a payment record.
*   **UI Flow:** A confirmation modal appears: "Are you sure you want to void this payment? This will adjust the balance due on the parent order."
*   **Backend Interaction:**
    *   **Endpoint:** `PUT /api/payments/{id}`
    *   **Request Body:** `{ "status": "Void" }`
    *   **Logic:** The `status` of the payment is updated. The backend then triggers a recalculation of the parent `Order`'s status.
*   **User Feedback:** The payment is visually marked as "Void" in the list (e.g., grayed out with a strikethrough). The Order's balance due is updated.


## 1.3.11 Explanations

This is a masterclass in critical thinking. You've asked the exact set of questions that a senior engineering team would debate when finalizing a system's architecture. These questions touch on data integrity, scalability, and workflow logic.

Let's address each of your points in detail.

---

1. Junction Tables: `opportunity_line_items` vs. `order_line_items`

> "junction between opportunity and product, and junction between order and product stores the same records? shouldn't we do this?"

**Answer:** You are correct, we should **not** have them store the same records. They look similar, but they serve two critically different purposes. Creating a separate `order_line_items` table is a deliberate and essential design choice.

*   **`opportunity_line_items` represents a *negotiation* or a *quote*.** It is a "draft". While you are working on a deal, you might add a product, remove it, change the price ten times, and adjust the quantity. This table is flexible and meant to be modified.
*   **`order_line_items` represents a *contract* or a *receipt*.** It is an **immutable historical record** of what the client agreed to at the moment the deal was won.

**Why is this separation crucial?**
Imagine you win a deal to sell a "Website" for $5,000. You generate an `Order`. A month later, you change the standard price of your "Website" product in your catalog to $6,000. If your `Order` just pointed to the `Opportunity`'s line items, it would now look like the client agreed to pay $6,000, which is incorrect.

By **copying** the details from `opportunity_line_items` into new `order_line_items` records, you create a permanent, unchangeable snapshot of the sale. This is essential for accurate accounting and avoiding disputes.

---

2. Recurring Payments: The Right Way to Handle Them

> "recurring payments - how to deal with them? think first"

**Your thinking is correct. This is a complex problem.** The `service_period` on the `Payment` is a good MVP solution for *reporting*, but it doesn't represent the *agreement*.

For a truly robust system (our "Full Version"), we would introduce a `contracts` entity.

*   **The Workflow:**
    1.  An `Opportunity` for a "Monthly Retainer" is "Closed Won".
    2.  This generates a single `Contract` record. This `Contract` has a `start_date`, an `end_date`, a `billing_cycle` ('Monthly'), and a `status` ('Active'). It would also have `contract_line_items` specifying the service and price per cycle.
    3.  Each month, a new `Payment` record is created and linked to this single `Contract` record.
*   **For the MVP:** We will stick to our simpler model of logging payments against a long-running "Retainer" `Order` and using the `service_period` fields. It's a pragmatic first step.

---

3. Automatic Payments on Order Creation

> "when we create an order add payment automatically or not?"

**Answer:** No, absolutely not. Creating an `Order` confirms the *agreement* to pay. It does not confirm that payment has been received.

The workflow must be:
1.  `Order` is created. Its initial `status` is **'Awaiting Payment'**.
2.  An invoice is sent to the client (this happens outside the CRM for now).
3.  The client pays.
4.  A user then **manually logs a `Payment` record** against that `Order`.
5.  Only then does the `Order` status change to 'Partially Paid' or 'Paid in Full'.

This separates the operational agreement from the financial transaction, which is critical.

---

4. The 12-Month Retainer Report View

> "if we want a view off the 12 months for each account, how to do this? we have the 12 months of the view and we can query the payment table getting the payments made for each month using the service start and end periods?"

**Answer:** Your proposed logic is **exactly correct**. That is precisely how this report would be built.

*   **The Backend API** (`GET /api/reports/retainer-view?year=2025`) would be responsible for this complex query.
*   For each of the 12 months, it would query the `payments` table, summing the `amount` for each client where the `service_period_start` falls within that month.
*   It would then assemble this data into a grid-like JSON structure that the frontend can easily render into a table.

---

5. Scalability of the `payments` Table

> "Is this how we store recurring payments, in the payment table? If we have hundreds of clients making recurring payments is this ok? Or we can store millions of records, no point to worry?"

**Answer:** Yes, this is the correct way, and **you should not worry about the number of records.**

*   **This is what databases are for.** A modern relational database like PostgreSQL is designed to handle tables with hundreds of millions, or even billions, of rows with incredible efficiency, **provided you use proper indexing.**
*   **The Math:** Even with 1,000 clients paying monthly, that's only 12,000 payment records per year. Over 10 years, that's 120,000 records. This is a tiny amount of data for a modern database.
*   **The Key:** The `payments` table must have a **database index** on the `order_id` foreign key and the `service_period_start` date column. This ensures that queries to find all payments for a specific order or for a specific month are nearly instantaneous, regardless of whether there are 10,000 or 10 million records in the table.

---

6. Where is the Order Total Stored?

> "where is the total amount to be paid stored? In the order's table? or from the order and products junction table?"

**Answer:** This is a critical architectural point. The total amount to be paid is **NOT stored** in the `orders` table.

*   **The Single Source of Truth** for the order's value is the `order_line_items` table.
*   The total amount is **calculated on the fly** by your application whenever it's needed.
*   **The Logic:** `Order Total = SUM(quantity * price_at_purchase)` for all line items where `order_id` matches.

**Why? Data Integrity.** If you were to store the total in the `orders` table, you would create a situation where the data could become inconsistent. What if a line item was deleted but the `total_amount` field wasn't updated correctly? The record would be corrupt. By always calculating it from the source line items, you guarantee the total is always 100% accurate.  

7. **A single `Account` can, and often will, have multiple `Contract` records associated with it over time.** This is not just possible; it is essential for running the business properly.

The Business Justification: Real-World Scenarios

Think about the lifecycle of a long-term client. It's rarely a single, endless agreement.

1.  **Different Services:** A client might have an active contract for "Standard Website Maintenance" that runs all year. In June, they decide to also engage you for a six-month "SEO & Content Marketing" campaign. This is a completely separate agreement with different terms, deliverables, and costs. It **must** be its own `Contract` record, also linked to the same `Account`.

2.  **Renewals and Historical Accuracy:** A client signs a 12-month retainer contract for 2024. When December 2024 arrives, you negotiate a new contract for 2025. The price might increase.
    *   **The Wrong Way:** You should never just edit the end date and price of the 2024 contract. Doing so destroys your historical data. You would no longer know what the terms were for the previous year.
    *   **The Right Way:** You mark the 2024 contract's `status` as 'Expired'. You then create a **brand new** `Contract` record for the 2025 term, linked to the same `Account`, with the new price and dates. This gives you a perfect history of your relationship and allows you to track revenue growth from that client year-over-year.

3.  **Upgrades/Downgrades:** A client on a "Basic" $500/month retainer decides to upgrade to the "Premium" $1500/month package. The cleanest way to handle this is to set the `end_date` of the old contract to the current date, change its `status` to 'Terminated', and create a new `Contract` for the premium service starting from that day.

How Our ERD Supports This

Our design handles this flawlessly because of the **one-to-many relationship** we established:

```mermaid
erDiagram
    accounts ||--o{ contracts : "holds"
```

*   This line in the ERD diagram explicitly states that **one** `Account` can be related to **many** `Contract` records.
*   In the database, the `contracts` table has a foreign key column called `account_id`. There is no "unique" constraint on this column, so you can have many rows in the `contracts` table that all share the same `account_id`.

    **`contracts` Table Example:**

| id | account\_id | start\_date | end\_date | status | billing\_cycle |
| :--- | :--- | :--- | :--- | :--- | :--- |
| 101 | 12 (Innovate Corp) | 2024-01-01 | 2024-12-31 | Expired | Monthly |
| 102 | 12 (Innovate Corp) | 2025-01-01 | 2025-12-31 | **Active** | Monthly |
| 103 | 12 (Innovate Corp) | 2025-06-01 | 2025-11-30 | **Active** | Monthly |

How This Would Look in the User Interface

On the detail page for the "Innovate Corp" `Account`, there would be a "Contracts" related list. This list would show all three contracts, allowing the user to see the complete history and all current active agreements at a glance.

**Conclusion:** The ability for one account to have multiple contracts is a sign of a robust, professional system design. Our ERD fully supports this, ensuring the CRM can handle the complexities of real-world client relationships over time.



#### 1.3.11.1 What is Optimistic Locking?

This is a professional software design pattern used to solve a classic problem: **the "lost update" problem.**

**The Problem Scenario:**

Imagine your CRM is live. Two salespeople, Alice and Bob, are working on the same important Opportunity.

1.  **10:00:00 AM:** Alice opens the Opportunity detail page. The `amount` field reads "$5,000".
2.  **10:00:05 AM:** Bob opens the exact same Opportunity detail page. His screen also shows the `amount` is "$5,000".
3.  **10:01:00 AM:** Alice gets off a call with the client, who agreed to add another service. She edits the Opportunity, changes the `amount` to **$7,000**, and clicks "Save". The database is now updated. The amount is $7,000.
4.  **10:01:30 AM:** Bob, unaware of Alice's change, adds a note to the `description` field and clicks "Save". His browser sends the *entire Opportunity record* as he saw it (with the amount at $5,000) to the server for an update.
5.  **The "Lost Update":** The database overwrites the record with Bob's data. The description is updated, but the `amount` is overwritten back to **$5,000**. **Alice's update has been silently lost.**

This is a subtle but critical data corruption bug. Optimistic locking is designed to prevent this.

**The Solution: The `version` Column**

To implement optimistic locking, you add an integer `version` column to your key database tables (`accounts`, `contacts`, `opportunities`, etc.).

Here's how the scenario plays out with optimistic locking:

1.  **10:00:00 AM:** Alice opens the Opportunity. The data loads with `amount = $5,000` and `version = 1`.
2.  **10:00:05 AM:** Bob opens the same Opportunity. His data also loads with `amount = $5,000` and `version = 1`.
3.  **10:01:00 AM:** Alice saves her change. The backend executes an `UPDATE` statement like this:
    ```sql
    UPDATE opportunities
    SET amount = 7000, version = version + 1 -- (version becomes 2)
    WHERE id = 123 AND version = 1; -- The crucial check
    ```
    This works because the `version` in the database is `1`. The update succeeds, and the `version` in the database is now `2`.

4.  **10:01:30 AM:** Bob saves his change. His browser still thinks the version is `1`. The backend executes his `UPDATE` statement:
    ```sql
    UPDATE opportunities
    SET description = 'New note', version = version + 1
    WHERE id = 123 AND version = 1; -- The crucial check
    ```
5.  **The Conflict is Detected:** The database tries to run this command, but it fails. The `WHERE` clause doesn't match any rows because there is no record with `id = 123` and `version = 1` anymore (it's now version 2). The update affects **zero rows**.

6.  **The Application's Response:** The backend code detects that the update affected zero rows. It knows this means there was a version conflict. It returns an error to Bob's browser.

7.  **The User Experience:** Bob's screen shows a friendly error message: **"This record has been modified by another user since you opened it. Please refresh the page to see the latest changes and try again."**

**Result:** Alice's update is protected. Data integrity is maintained.

Should We Use Optimistic Locking in Our MVP?

This is a trade-off between robustness and development speed.

*   **Argument For:** It's a professional best practice that prevents a nasty category of bugs and ensures data integrity, which is one of our key NFRs.
*   **Argument Against:** For an initial user base of 1-3 people, the probability of two users editing the exact same record at the exact same second is extremely low. Implementing the backend logic to check for the version conflict adds a small amount of complexity to every `UPDATE` operation.

**Recommendation:**

This is a **perfect "stretch goal" for the MVP or a high-priority feature for V1.1.**

For the absolute initial launch, we can probably omit it to get the product out faster. However, it's a relatively low-cost, high-value feature to add. My advice would be to **add the `version` column to your key tables in the ERD now**, even if you don't implement the backend checking logic for the very first release. This makes it trivial to add the feature later without needing another database migration.

https://www.hellointerview.com/learn/system-design/in-a-hurry/core-concepts  


Optimistic concurrency control makes the assumption that most of the time we won't have contention (or multiple people trying to lock at the same time) in a system, which is a good assumption for many systems! That said, not all systems can use optimistic concurrency control. For example, if you're updating a user's bank account balance, you can't just assume that you can do the update without locking.  

![image.png](attachment:c6e46220-b0d6-489f-878c-8346dd51db2f.png)

## 1.4 Non-Functional Requirements (NFRs)

These requirements define the quality attributes and operational standards of the CRM system. They are critical for ensuring the application is reliable, secure, and fit for its purpose as a core business tool for the web agency.

### 1. Reliability & Durability

*   **Statement:** The system must ensure high data durability and reliability. Core business data (Accounts, Contacts, Leads, etc.) must be persistently stored and protected against loss.
*   **Context & Quantification:**
    *   Losing client or project data would be significantly detrimental to the agency's operations and reputation.
    *   The system **shall** utilize a database with transactional integrity (ACID-compliant), such as PostgreSQL.
    *   Regular, automated backups (daily) **shall** be implemented with a **Recovery Point Objective (RPO) of less than 24 hours** (meaning no more than one day's worth of data could be lost in a worst-case scenario).
    *   The system **shall** have a **Recovery Time Objective (RTO) of less than 4 hours** during business hours, meaning the system can be restored from a backup within that timeframe.

### 2. Security

*   **Statement:** The system must provide robust security to protect sensitive client and agency data from unauthorized access or modification.
*   **Context & Quantification:**
    *   All user access **shall** be protected by secure authentication, including individual user accounts and strongly hashed passwords (e.g., using bcrypt).
    *   Data transmission between the client (browser) and server **shall** be encrypted using HTTPS (SSL/TLS).
    *   The system **shall** implement Role-Based Access Control (RBAC), at a minimum distinguishing between 'Admin' and 'User' roles to control access to sensitive functions like user creation.
    *   The application **shall** be built following secure coding practices to mitigate common web vulnerabilities (OWASP Top 10). This includes using framework features for protection against SQL Injection and XSS, and validating all incoming data.
    *   A process **shall** be in place for regularly scanning and updating third-party libraries and dependencies to patch known vulnerabilities.

### 3. Performance & Responsiveness

*   **Statement:** The system must provide a responsive and fluid user experience for all common operations under the expected load of a small team.
*   **Context & Quantification:**
    *   For a small number of concurrent users (1-5), the following performance targets **should** be met:
        *   Loading core list views (Accounts, Contacts, etc.) with up to a few thousand records: **< 3 seconds**.
        *   Loading individual record detail views: **< 2 seconds**.
        *   Saving or updating a record (from click to user feedback): **< 1.5 seconds**.
    *   These performance targets **should** be met through efficient database queries (e.g., proper indexing of foreign keys and frequently filtered columns) rather than complex caching mechanisms for the MVP. Performance profiling will be a post-launch activity if targets are consistently missed.

### 4. Maintainability

*   **Statement:** The system must be designed and built in a way that facilitates ongoing maintenance, bug fixing, and future feature development by a solo developer or small team.
*   **Context & Quantification:**
    *   The codebase **shall** adhere to consistent style guides (e.g., PEP 8 for Python, Prettier for JavaScript) and include clear documentation for complex business logic.
    *   The architecture **shall** have a clean separation of concerns (frontend React application, backend Django API, PostgreSQL database).
    *   The system **shall** be structured to facilitate automated testing (e.g., unit tests for business logic, integration tests for API endpoints).
    *   All code and configuration **shall** be managed under version control (Git) with a consistent branching strategy.

### 5. Operability

*   **Statement:** The system must be operable, providing sufficient visibility into its health and behavior to allow for effective troubleshooting and production management.
*   **Context & Quantification:**
    *   To enable effective debugging, the backend application **shall** produce structured logs (e.g., JSON format) for key events, especially for errors and handled exceptions.
    *   The backend **shall** expose a simple `/api/health` endpoint that can be used to confirm the service is running and can connect to the database.
    *   All environment-specific configuration (database credentials, secret keys, etc.) **shall** be managed via environment variables and **must not** be hardcoded in the source code.

## 1.5 Core entities

### Key Views & Layouts (Inspired by Screenshots):

### Specific Fields per Entity (Based on Screenshots & Agency Needs):

## ERD for MVP

```mermaid

erDiagram
    users {
        int id PK
        string username
        string password_hash
        string role
        bool is_active
        int version "For optimistic locking"
    }

    accounts {
        int id PK
        string name
        string phone
        string website
        text billing_address
        int owner_id FK
        bool is_active
        int version "For optimistic locking"
    }

    contacts {
        int id PK
        string first_name
        string last_name
        string email
        int account_id FK
        int owner_id FK
        bool is_active
        int version "For optimistic locking"
    }

    leads {
        int id PK
        string first_name
        string last_name
        string company
        string status
        int owner_id FK
        int version "For optimistic locking"
    }

    opportunities {
        int id PK
        string name
        string stage
        date close_date
        int account_id FK
        int owner_id FK
        int version "For optimistic locking"
    }

    products {
        int id PK
        string name
        decimal standard_list_price
        bool is_active
        int version "For optimistic locking"
    }

    orders {
        int id PK
        date order_date
        string status
        int account_id FK
        int opportunity_id FK
        int version "For optimistic locking"
    }

    payments {
        int id PK
        decimal amount
        date payment_date
        string payment_method
        int order_id FK
        int version "For optimistic locking"
    }

    activities {
        int id PK
        string subject
        string type "Enum: 'Task', 'Event'"
        string status
        datetime due_date "For Tasks"
        datetime start_time "For Events"
        datetime end_time "For Events"
        int assigned_to_id FK
        int what_id "Polymorphic"
        string what_type "Polymorphic"
        int who_id "Polymorphic"
        string who_type "Polymorphic"
        int version "For optimistic locking"
    }

    opportunity_line_items {
        int id PK
        int opportunity_id FK
        int product_id FK
        int quantity
        decimal sale_price
    }

    order_line_items {
        int id PK
        int order_id FK
        int product_id FK
        int quantity
        decimal price_at_purchase
    }

    opportunity_contact_roles {
        int id PK
        int opportunity_id FK
        int contact_id FK
        string role
    }

    %% --- Relationships ---
    users ||--o{ accounts : "owns"
    users ||--o{ contacts : "owns"
    users ||--o{ leads : "owns"
    users ||--o{ opportunities : "owns"
    users ||--o{ activities : "is_assigned"

    accounts ||--o{ contacts : "has"
    accounts ||--o{ opportunities : "has"
    accounts ||--o{ orders : "has"

    opportunities ||--o{ opportunity_line_items : "contains"
    opportunities ||--o{ opportunity_contact_roles : "involves"
    opportunities |o--o{ orders : "generates"

    products ||--o{ opportunity_line_items : "is_in"
    products ||--o{ order_line_items : "is_in"

    contacts ||--o{ opportunity_contact_roles : "participates_in"

    orders ||--o{ order_line_items : "contains"
    orders ||--o{ payments : "is_paid_by"



```

Default Value: When creating the database table, this column should have a DEFAULT value of 1 and be NOT NULL.

Why not on junction tables? While you could add it to tables like opportunity_line_items, it's often considered overkill for the MVP. These records are typically added or deleted as a whole rather than being edited concurrently by two different users. The locking on the parent Opportunity or Order usually provides sufficient protection for these child records.


### 1.6.1 ERD all fields

```mermaid
erDiagram
    users {
        int id PK
        string first_name "Required"
        string last_name "Required"
        string email "Required, Unique"
        string password_hash
        string role "Enum"
        bool is_active
        int version "For optimistic locking"
    }

    accounts {
        int id PK
        string name "Required"
        string phone
        string website
        string type "Enum"
        text description
        text billing_address
        text shipping_address
        int parent_account_id FK "Self-referencing"
        int owner_id FK "Required"
        bool is_active
        int version "For optimistic locking"
    }

    contacts {
        int id PK
        string first_name
        string last_name "Required"
        string title
        string email
        string phone
        text description
        int reports_to_id FK "Self-referencing"
        int account_id FK "Required"
        int owner_id FK "Required"
        bool is_active
        int version "For optimistic locking"
    }

    leads {
        int id PK
        string first_name
        string last_name "Required"
        string company "Required"
        string title
        string email
        string phone
        string website
        text address
        string status "Enum, Required"
        string lead_source "Enum"
        string industry "Enum"
        int owner_id FK "Required"
        int version "For optimistic locking"
    }

    opportunities {
        int id PK
        string name "Required"
        string stage "Enum, Required"
        date close_date
        int probability "Calculated"
        text next_step
        text description
        int account_id FK "Required"
        int owner_id FK "Required"
        int version "For optimistic locking"
    }

    products {
        int id PK
        string name "Required"
        text description
        decimal standard_list_price
        bool is_retainer_product "%% --- REFINEMENT ---"
        bool is_active
        int version "For optimistic locking"
    }

    orders {
        int id PK
        date order_date
        string status "Enum"
        int account_id FK
        int opportunity_id FK
        int version "For optimistic locking"
    }

    payments {
        int id PK
        decimal amount "Required"
        date payment_date "Required"
        string payment_method "Enum, Required"
        string status "Enum"
        string transaction_id
        text notes
        date service_period_start "For retainers"
        date service_period_end "For retainers"
        int order_id FK "Required"
        int version "For optimistic locking"
    }

    activities {
        int id PK
        string subject "Required"
        string description
        string type "Enum: 'Task', 'Event'"
        string status "Enum"
        string priority "Enum"
        datetime due_date "For Tasks"
        datetime start_time "For Events"
        datetime end_time "For Events"
        bool is_all_day_event
        string location
        int assigned_to_id FK "Required"
        int what_id "Polymorphic"
        string what_type "Polymorphic"
        int who_id "Polymorphic"
        string who_type "Polymorphic"
        int version "For optimistic locking"
    }

    opportunity_line_items {
        int id PK
        int opportunity_id FK
        int product_id FK
        int quantity
        decimal sale_price
    }

    order_line_items {
        int id PK
        int order_id FK
        int product_id FK
        int quantity
        decimal price_at_purchase
    }

    opportunity_contact_roles {
        int id PK
        int opportunity_id FK
        int contact_id FK
        string role
    }

    %% --- Relationships ---
    users ||--o{ accounts : "owns"
    users ||--o{ contacts : "owns"
    users ||--o{ leads : "owns"
    users ||--o{ opportunities : "owns"
    users ||--o{ activities : "is_assigned"

    accounts ||--o{ contacts : "has"
    accounts ||--o{ opportunities : "has"
    accounts ||--o{ orders : "has"
    accounts }o--|| accounts : "can have parent"

    contacts }o--|| contacts : "reports to"

    opportunities ||--o{ opportunity_line_items : "contains"
    opportunities ||--o{ opportunity_contact_roles : "involves"
    opportunities |o--o{ orders : "generates"

    products ||--o{ opportunity_line_items : "is_in"
    products ||--o{ order_line_items : "is_in"

    contacts ||--o{ opportunity_contact_roles : "participates_in"

    orders ||--o{ order_line_items : "contains"
    orders ||--o{ payments : "is_paid_by"
```

### FULL ERD

```mermaid

erDiagram
    users {
        int id PK
        string username
        string password_hash
        string role
    }

    accounts {
        int id PK
        string name
        string phone
        int owner_id FK
    }

    contacts {
        int id PK
        string first_name
        string last_name
        int account_id FK
        int owner_id FK
    }

    leads {
        int id PK
        string first_name
        string last_name
        string company
        string status
        int owner_id FK
    }

    opportunities {
        int id PK
        string name
        string stage
        int account_id FK
        int owner_id FK
    }

    products {
        int id PK
        string name
        decimal standard_list_price
    }

    %% --- New V2 Entities ---
    contracts {
        int id PK
        string status "'Active', 'Expired', 'Cancelled'"
        date start_date
        date end_date
        string billing_cycle "'Monthly', 'Annually'"
        int account_id FK
        int opportunity_id FK
    }

    contract_line_items {
        int id PK
        int contract_id FK
        int product_id FK
        int quantity
        decimal price_per_cycle
    }
    %% --------------------

    orders {
        int id PK
        date order_date
        string status
        int account_id FK
        int opportunity_id FK
    }

    payments {
        int id PK
        decimal amount
        date payment_date
        string payment_method
        int order_id FK "Nullable"
        int contract_id FK "Nullable"
    }

    opportunity_line_items {
        int id PK
        int opportunity_id FK
        int product_id FK
        int quantity
        decimal sale_price
    }

    order_line_items {
        int id PK
        int order_id FK
        int product_id FK
        int quantity
        decimal price_at_purchase
    }

    opportunity_contact_roles {
        int id PK
        int opportunity_id FK
        int contact_id FK
        string role
    }

    %% --- Relationships ---
    users ||--o{ accounts : owns
    users ||--o{ contacts : owns
    users ||--o{ leads : owns
    users ||--o{ opportunities : owns

    accounts ||--o{ contacts : has
    accounts ||--o{ opportunities : has
    accounts ||--o{ orders : "places"
    accounts ||--o{ contracts : "holds"

    opportunities ||--o{ opportunity_line_items : contains
    opportunities ||--o{ opportunity_contact_roles : involves
    opportunities |o--o{ orders : "generates for one-time sales"
    opportunities |o--o{ contracts : "generates for retainers"

    products ||--o{ opportunity_line_items : is_in
    products ||--o{ order_line_items : is_in
    products ||--o{ contract_line_items : is_in

    contacts ||--o{ opportunity_contact_roles : participates_in

    orders ||--o{ order_line_items : contains
    orders ||--o{ payments : "is paid by"

    contracts ||--o{ contract_line_items : "details"
    contracts ||--o{ payments : "is paid by"

```

Explanation of the New Entities and Workflow

The introduction of `contracts` and `contract_line_items` creates a powerful new workflow for handling recurring revenue, separating it cleanly from one-time sales.

**New Entities Explained**

1.  **`contracts`**
    *   **Purpose:** This table represents a formal, long-term agreement with a client, typically for a retainer service. It is the parent object for all recurring payments.
    *   **Key Fields:** It tracks the `start_date` and `end_date` of the agreement, the `billing_cycle`, and its overall `status`. It is linked firmly to the `account` that holds the contract.

2.  **`contract_line_items`**
    *   **Purpose:** A junction table that specifies which `product` (e.g., "Monthly SEO Package") is part of the contract and defines the `price_per_cycle` (e.g., $500 per month).
    *   **Why it's needed:** Just like an order, a single contract could include multiple recurring services, each with its own price.

**Key Changes to Existing Entities**

*   **`payments` Table:** This is the most important change. The `payments` table now has two nullable foreign keys: `order_id` and `contract_id`.
    *   A payment for a **one-time project** will have its `order_id` filled and `contract_id` will be `NULL`.
    *   A payment for a **recurring retainer** will have its `contract_id` filled and `order_id` will be `NULL`.
    *   A database constraint should ensure that only one of these two keys can be filled for any given payment, maintaining data integrity.

**The New, Complete Business Workflow**

This ERD now supports two distinct, parallel workflows after a deal is won:

**Workflow A: One-Time Project Sale (The MVP Flow)**

1.  An `Opportunity` for a "New Website Build" is set to "Closed Won".
2.  The user clicks **"Generate Order"**.
3.  This creates an `Order` and its `OrderLineItems`.
4.  All subsequent one-time `Payments` are logged against that **`Order`**.

**Workflow B: Recurring Retainer Sale (The V2 Flow)**

1.  An `Opportunity` for a "12-Month SEO Retainer" is set to "Closed Won".
2.  The user clicks a new button: **"Generate Contract"**.
3.  This creates a new `Contract` record with the agreed-upon terms (`start_date`, `end_date`, `billing_cycle`). It also creates the `ContractLineItems` that define the monthly service and price.
4.  Each month, when the client pays their retainer fee, a new `Payment` record is created and logged against that single, long-running **`Contract`**.

This "full version" ERD gives you a clear and professional architecture. It shows how the MVP is a perfect subset of the larger system and provides a robust, scalable path for future development without needing to fundamentally change the core design later on.

## 1.6 Main workflows

Of course. This is a perfect summary to create before moving into the implementation phase. It translates our technical ERD and feature specifications into a clear, narrative description of how a user will actually work with the system.

This document outlines the primary user journeys and business processes that our CRM is designed to support.

---

Core Features & Workflows of the CRM

These workflows describe the end-to-end processes for managing the entire client lifecycle within the application, from initial contact to a fully paid project.

**Workflow 1: The Core Sales Process (From Lead to Confirmed Order)**

This is the primary revenue-generating funnel of the CRM.

1.  **Lead Capture:** When a new, unqualified inquiry comes in, a salesperson creates a **`Lead`** record. This is the starting point for all potential business.

2.  **Qualification:** The salesperson works the **`Lead`**, using **`Activities`** (Tasks and Events) to log calls, emails, and meetings.

3.  **Conversion:** Once the lead is qualified, the salesperson clicks "Convert". This is a key automated step where the system:
    *   Creates a new **`Account`** (the company) and a new **`Contact`** (the person).
    *   Creates a new, empty **`Opportunity`** record, linked to the Account.
    *   Marks the original **`Lead`** as 'Converted', effectively archiving it.

4.  **Deal Development:** The focus now shifts to the **`Opportunity`**.
    *   The salesperson adds one or more **`Products`** (services) to the opportunity. For each product, a new **`OpportunityLineItem`** record is created.
    *   On each line item, the salesperson sets the `quantity` and the `sale_price`, which can be different from the product's standard price, allowing for custom quotes.
    *   The total `Opportunity` amount is **automatically calculated** in real-time as the sum of all its line items.

5.  **Closing the Deal:** The `Opportunity` `stage` is updated until it is marked as **"Closed Won"**.

6.  **Formalizing the Sale:** On the "Closed Won" Opportunity, the user clicks **"Generate Order"**. The system then:
    *   Creates a new **`Order`** record, which serves as the immutable, official record of the sale.
    *   Copies the details from the `opportunity_line_items` into new **`order_line_items`** records, creating a permanent snapshot of what was sold and for what price.

    Negotiation: An OpportunityLineItem has a sale_price of

            
    5,000∗∗.Thesalespersoneditsitandchangesitto∗∗5,000∗∗.Thesalespersoneditsitandchangesitto∗∗

          

    4,500 to give the client a discount.

    Deal Won: The Opportunity is marked "Closed Won". The final sale_price on the line item is $4,500.

    Generate Order: The user clicks the "Generate Order" button.

    The Copy Occurs: The application code does the following:

        * It reads the opportunity_line_item record.

        * It creates a new order_line_item record.

        * It takes the final value from sale_price ($4,500) and writes it into the price_at_purchase column of the new record.

**Workflow 2: Financial Tracking (From Order to Paid)**

This workflow handles the billing and payment cycle for one-time projects.

1.  **Order Awaiting Payment:** A newly generated **`Order`** starts with a status of 'Awaiting Payment'. Its total value is calculated from its line items.

2.  **Logging Payments:** When the client makes a payment, an administrator navigates to the `Order` and clicks "Log Payment".
    *   A new **`Payment`** record is created and linked to that specific `Order`. The record includes the `amount`, `payment_date`, and `payment_method`.

3.  **Automatic Status Updates:** After a payment is logged, the system automatically recalculates the total amount paid against the `Order`.
    *   If the total paid is less than the order total, the `Order` status is updated to 'Partially Paid'.
    *   If the total paid is equal to or greater than the order total, the `Order` status is updated to 'Paid in Full'.

**Workflow 3: Recurring Revenue & Retainer Management**

This workflow uses the same entities but in a specific way to track ongoing retainers.

1.  **Setup:** A long-running `Opportunity` is created (e.g., "2025 Maintenance Retainer"). A "Monthly Retainer" `Product` is added to it. When won, a corresponding `Order` is generated.

2.  **Monthly Payment Logging:** Each month, when a retainer payment is received, the user navigates to that single, long-running **`Order`** and logs a new **`Payment`**.

3.  **Tracking the Service Period:** When logging the payment, the user fills in the crucial **`service_period_start`** and **`service_period_end`** fields. This links the payment to the specific month of service it covers (e.g., July 2025).

The application then immediately re-calculates the Order's status:

    order_total = calculate_sum_of_order_line_items(order_id)

    total_paid = calculate_sum_of_payments(order_id)

    If total_paid >= order_total, the Order.status is set to 'Paid in Full'.

    If total_paid > 0, the Order.status is set to 'Partially Paid'.

4.  **Reporting:** A dedicated report will query the `payments` table, using the `service_period` fields to generate a 12-month grid showing which clients have paid their retainer for which month.

**Workflow 4: Daily Activity & Relationship Management**

This is the "glue" that connects all other records and provides a 360-degree view of the client relationship.

1.  **Contextual Creation:** A user can create an **`Activity`** (Task or Event) from any major record page (Account, Contact, Opportunity, Order).
2.  **Polymorphic Linking:** The `Activity` is linked to the relevant records using the `what_id` (for business objects like an `Opportunity` or `Order`) and `who_id` (for people like a `Contact`).
3.  **Unified View:** This single `Activity` record then appears in multiple relevant places:
    *   On the user's personal "To-Do List" or "Calendar".
    *   In the "Activity Timeline" of the related `Opportunity`.
    *   In the "Activity Timeline" of the related `Contact`.

These workflows demonstrate how the different entities in our ERD work together as a cohesive system to solve the core business needs of the agency.

## Questions

#### 1. Should We Have a Separate `address` Entity?

This is a classic database normalization question. The answer involves a trade-off between data purity and MVP simplicity.

**Short Answer:** No, not for the MVP. For the "Full Version," yes, absolutely.

**MVP Approach (The Pragmatic Choice):**

For the MVP, we will keep addresses as simple text fields directly on the `accounts` table.

*   **Model:**
    ```
    accounts
      - ...
      - billing_address (Text)
      - shipping_address (Text)
    ```
*   **Why this is sufficient for the MVP:**
    *   **Simplicity:** It's extremely fast to implement. It's just two text boxes on the Account form.
    *   **Meets Core Need:** For a small agency, most clients have one primary address. This solves 95% of the use cases immediately without adding complexity.
    *   **The Problem:** It's not structured. You can't easily query for all clients in a specific city or state. It also doesn't handle cases where a single company has multiple office addresses or a contact has a different address.

**Full Version Approach (The "Correct" Architectural Solution):**

In a full version, you would create a dedicated, **polymorphic `addresses` table**. This is the professional, scalable way to handle address data.

*   **The New `addresses` Table:**
    ```
    addresses
      - id (PK)
      - street (String)
      - city (String)
      - state (String)
      - postal_code (String)
      - country (String)
      - label (String, e.g., 'Billing', 'Shipping', 'Headquarters')
      - addressable_id (Integer)  // The ID of the record it's linked to
      - addressable_type (String) // The model name: 'Account' or 'Contact'
    ```
*   **How it Works:**
    *   An `Account` can now have many addresses. A `Contact` can have many addresses.
    *   To get the billing address for Account #123, your query would be: `SELECT * FROM addresses WHERE addressable_id = 123 AND addressable_type = 'Account' AND label = 'Billing'`.
*   **Why it's better:**
    *   **Normalized:** No data duplication.
    *   **Structured:** Allows for powerful filtering and reporting (e.g., "Show me all clients in California").
    *   **Flexible:** Easily supports multiple addresses for any entity in the system.
*   **Why it's not in the MVP:** It adds significant UI and backend complexity. You need to build an interface to manage a list of addresses instead of just a simple text field.

---

#### 2. How to Handle File Uploads for Various Entities?

This is a critical feature for any real-world CRM. Users need to attach contracts, mockups, proposals, etc., to records.

**The Solution:** This is another perfect use case for a **polymorphic relationship**. We will create a single `attachments` table that can link a file to any other record in our system.

This feature is complex enough that it should be considered for **Version 2**, but we can design the data model now.

#### **Part A: The Data Model**

We'll create a new `attachments` table to store the *metadata* about the files.

*   **The `attachments` Table:**
    ```
    attachments
      - id (PK)
      - filename_original (String) // The name the user uploaded, e.g., "Client_Contract.pdf"
      - filename_stored (String)   // A unique name we give it, e.g., a UUID, to prevent conflicts
      - file_path (String)         // The path or key where the file is stored
      - mime_type (String)         // e.g., 'application/pdf', 'image/png'
      - size_in_bytes (Integer)
      - uploaded_by_id (FK to users.id)
      - attachable_id (Integer)    // The ID of the record it's linked to
      - attachable_type (String)   // The model name: 'Account', 'Opportunity', 'Order', etc.
    ```

#### **Part B: The Storage Architecture (This is Crucial)**

You **never** want to store the files themselves directly in the database (as a `BLOB`). This bloats the database, makes backups slow, and is highly inefficient.

The professional standard is to use **Cloud Object Storage**.

*   **Recommended Solution:** **Amazon S3** (or Google Cloud Storage, Azure Blob Storage).
*   **The Workflow:**
    1.  A user selects a file to upload from the UI (e.g., on an `Opportunity` detail page).
    2.  The file is sent to our backend API.
    3.  Our backend **does not save the file to its own disk.** Instead, it authenticates with the cloud storage service (e.g., S3).
    4.  It streams the file directly up to an S3 bucket. S3 returns a unique path or key for that file.
    5.  Our backend then creates a new record in our `attachments` table, storing the file's metadata and the `file_path` returned by S3.
*   **Why this is the best approach:**
    *   **Infinitely Scalable & Highly Durable:** S3 is designed for this.
    *   **Decoupled:** Your application servers remain lean and stateless.
    *   **Performant:** You can serve files directly to users from S3 (or a CDN in front of it), which is much faster than routing them through your application server.

**Conclusion:** We will handle file uploads by creating a polymorphic `attachments` table to store metadata and using a cloud object storage service like S3 to store the actual files. This is a robust, scalable feature perfect for a V2 release after the core MVP is stable.

#### 1. Why Not Include the `address` Entity in the MVP?

This is a classic trade-off between **data purity** and **development simplicity**.

**The MVP solution:** A simple `billing_address` (Text) field on the `accounts` table.

*   **UI Implementation:** You add one `<textarea>` element to your "New/Edit Account" form. Done.
*   **Backend Implementation:** You add one `billing_address` column to your `accounts` model and migration. Done.
*   **Total Effort:** Very low. It immediately solves the core user need: "I need to know where to send the invoice for this client."

**The "Correct" V2 solution:** A separate, polymorphic `addresses` table.

*   **UI Implementation:**
    *   On the Account page, you can't just have a text box. You need a "Related List" component for addresses.
    *   This list needs "Add Address," "Edit Address," and "Delete Address" buttons.
    *   The "Add/Edit Address" button needs to open a separate modal form with structured fields (`Street`, `City`, `State`, `Zip`).
    *   You need logic to handle a "Primary" address flag.
*   **Backend Implementation:**
    *   You need a new `addresses` table and model.
    *   You need a full set of new API endpoints: `GET /api/accounts/{id}/addresses`, `POST /api/accounts/{id}/addresses`, `PUT /api/addresses/{address_id}`, `DELETE /api/addresses/{address_id}`.
    *   You need to handle the polymorphic relationship in your backend logic.
*   **Total Effort:** High. You are essentially building an entire CRUD feature for `Addresses` instead of just adding one text field.

**Conclusion:** The simple text field provides 80% of the value for 20% of the effort. For an MVP where the goal is to get a functional sales-to-payment system working, the complexity of a separate `addresses` table is not justified. It's a perfect feature to add in V2 once the core system is stable and users start asking for more advanced address management (like multiple office locations).

---

#### 2. How to Add New Entities Later (It's Easier Than You Think)

This is the beauty of using a modern framework like Django and following good design principles. The process is standardized and relatively low-risk.

Let's walk through adding `Cases` and then the `addresses` table.

**How to Add `Cases` in Version 2**

**Scenario:** The MVP is live and successful. Now you want to add support ticket tracking.

1.  **Step 1: Update the Database (The Migration)**
    *   In your Django project, you'll create a new model file for `Case`.
    *   You'll define the `Case` model with its fields (`subject`, `status`, `account_id`, `contact_id`, etc.).
    *   You'll run the command `python manage.py makemigrations`. Django will detect the new model and generate a new migration file.
    *   You'll run `python manage.py migrate`. Django will apply the migration, creating the new `cases` table in your PostgreSQL database. **None of your existing tables or data are affected.**

2.  **Step 2: Build the Backend API**
    *   You'll create a new set of API views and serializers for `Case`.
    *   You'll define the API endpoints in your `urls.py` file: `GET /api/cases`, `POST /api/cases`, `GET /api/cases/{id}`, `PUT /api/cases/{id}`.
    *   You'll add the necessary business logic and validation.

3.  **Step 3: Build the Frontend UI**
    *   You'll create a new top-level navigation item for "Cases".
    *   You'll build a new "Case List" page component that fetches data from `GET /api/cases`.
    *   You'll build a new "Case Detail" page component.
    *   You'll build a "New/Edit Case" modal form component.
    *   Finally, you'll go to your **Account Detail Page** component and add a new "Related List" for Cases, which will fetch data from an endpoint like `GET /api/accounts/{id}/cases`.

**Result:** You've added an entire new feature set to your application in a modular way, without breaking any of the existing functionality.

**How to Add the `addresses` Table in Version 2**

This is a "refactoring" migration, which is slightly more complex but still very manageable.

1.  **Step 1: Create the New Table**
    *   You create the new `addresses` model with its polymorphic fields (`addressable_id`, `addressable_type`).
    *   You run `makemigrations` and `migrate` to create the new, empty table.

2.  **Step 2: The Data Migration Script**
    *   This is the key step. You'll create a **data migration**. This is a special type of migration that contains Python code to move data.
    *   The script will:
        1.  Query all records from the `accounts` table.
        2.  Loop through each account.
        3.  For each account, take the text from the old `billing_address` field.
        4.  Create a **new record** in the `addresses` table with that text (you might put it all in the `street` field initially) and link it to the account (`addressable_id = account.id`, `addressable_type = 'Account'`).
    *   You run this data migration. Now your new `addresses` table is populated with all the old address data.

3.  **Step 3: Update the Application**
    *   You build the new backend API and frontend UI for managing addresses, as described in the first section.
    *   Once the new UI is working, you can go back and create a final database migration to **remove the old `billing_address` and `shipping_address` columns** from the `accounts` table, leaving your schema clean and normalized.

**Conclusion:** Adding new features and even refactoring the database structure is a standard part of the software development lifecycle. By using a powerful framework and following a structured migration process, you can evolve your application over time without having to start from scratch. The MVP gives you the stable foundation you need to make these future changes with confidence.

#### 1. "Do we store the total paid somewhere?  sale_price VS price_at_purchase"

**Answer:** No, you do not store the total paid amount on the `Order` table. This is a deliberate and critical design choice to ensure data integrity.

The total paid amount is a **Calculated Value**, not a Stored Value.

*   **The Single Source of Truth:** The `payments` table is the one and only source of truth for all money that has been received.
*   **The Calculation:** Whenever the application needs to know the total amount paid for an order, it performs a simple calculation:
    ```sql
    SELECT SUM(amount) FROM payments WHERE order_id = [the specific order's ID];
    ```
*   **Why this is better:** Imagine if you *did* store a `total_paid` field on the `orders` table. Every time you added or voided a payment, you would have to remember to update this `total_paid` field. What if the payment saves but the update to the order fails? The data is now corrupt and inconsistent. By always calculating the total from the source `payments` records, you guarantee it is **always 100% accurate**.

So, the workflow you quoted is correct, but the "recalculation" happens in the application code whenever it needs to check the status, not by updating a stored value.

**The Workflow, Clarified:**
1.  A `Payment` is logged against an `Order`.
2.  The application then immediately re-calculates the `Order`'s status:
    *   `order_total = calculate_sum_of_order_line_items(order_id)`
    *   `total_paid = calculate_sum_of_payments(order_id)`
    *   If `total_paid >= order_total`, the `Order.status` is set to 'Paid in Full'.
    *   If `total_paid > 0`, the `Order.status` is set to 'Partially Paid'.

---

2. `sale_price` vs. `price_at_purchase`

> "SO the prices can be different? i thought we copied the records from opportunity_line_items to order_line_items. If the prices are different, we aren't copying them?"

This is an excellent observation, and you are correct to be confused by the naming. Let me clarify the intent.

**Answer:** You are correct. **We ARE copying the value.** At the moment the `Order` is generated, the value in `sale_price` is copied into the `price_at_purchase` field.

The different names are a deliberate choice to reflect the **purpose and immutability** of the two tables.

*   **`opportunity_line_items.sale_price`:**
    *   **Purpose:** This represents **The Negotiable Price**.
    *   **State:** It is part of a *live, mutable* sales negotiation. While the opportunity is open, a salesperson might edit this price multiple times. It is the "price for this sale."

*   **`order_line_items.price_at_purchase`:**
    *   **Purpose:** This represents **The Final, Historical Price**.
    *   **State:** It is part of a *frozen, immutable* record of a confirmed sale. Once the order is created, this price should never change. It is the "price at the moment of purchase."

**The Workflow, Clarified:**

1.  **Negotiation:** An `OpportunityLineItem` has a `sale_price` of **$5,000**. The salesperson edits it and changes it to **$4,500** to give the client a discount.
2.  **Deal Won:** The `Opportunity` is marked "Closed Won". The final `sale_price` on the line item is **$4,500**.
3.  **Generate Order:** The user clicks the "Generate Order" button.
4.  **The Copy Occurs:** The application code does the following:
    *   It reads the `opportunity_line_item` record.
    *   It creates a **new** `order_line_item` record.
    *   It takes the final value from `sale_price` (**$4,500**) and writes it into the `price_at_purchase` column of the new record.

The different names make the code more readable and clearly communicate the intent to future developers. When you see `price_at_purchase`, you immediately know you are looking at a final, historical financial record that should not be changed. When you see `sale_price`, you know you are looking at a part of the sales process that might still be flexible.

#### Code-first or design first workflow


How They Differ: The Core Distinction

The difference is simple: **What is the "source of truth" for your API's design?**

*   **Design-First (API-First):**
    *   **Source of Truth:** The OpenAPI (YAML/JSON) file.
    *   **Workflow:**
        1.  You meticulously **plan and write the OpenAPI contract first**, defining all endpoints, requests, and responses. This is a pure design activity.
        2.  You use this contract to get feedback from stakeholders (e.g., the frontend developer).
        3.  Both the frontend and backend developers then build their respective parts **based on this pre-agreed contract**. The contract dictates the code.
    *   **Best For:** Large teams, complex microservice architectures, or projects where the API is the public-facing product itself. It enforces discipline and allows teams to work in parallel.

*   **Code-First:**
    *   **Source of Truth:** Your backend application code (e.g., your Django models, views, and serializers).
    *   **Workflow:**
        1.  You **write the backend code first**. You create the models, write the business logic, and build the API endpoints.
        2.  As you build, you use tools to **automatically generate the OpenAPI contract** by inspecting your code. The code dictates the contract.
    *   **Best For:** Solo developers, small co-located teams, rapid prototyping, and internal applications where the API is not the primary product. It allows for faster iteration and less upfront planning overhead.

---

How Code-First Works in Practice (Your Proposed Workflow)

Your proposed workflow is a perfect description of the Code-First approach, often called "Vertical Slice" development. It's highly effective.

Let's refine it with testing included, as that's a critical part.

**The Vertical Slice Workflow (Code-First with Testing):**

You build your application one feature, or "vertical slice," at a time, from the database all the way to the UI.

**Slice 1: `Account` CRUD**

1.  **Database (Model):** In your Django project, you create the `Account` model in `models.py`. You define its fields (`name`, `website`, `version`, etc.). You run `makemigrations` and `migrate` to create the table in your database.

2.  **Backend (API Logic & Testing):**
    *   You create the `AccountSerializer` to define how the model is converted to/from JSON.
    *   You write the `AccountViewSet` (the API view) to handle the CRUD logic (`list`, `create`, `retrieve`, `update`).
    *   **Write Backend Tests:** Now, *before moving to the frontend*, you write tests for your API. Using Django REST Framework's test client, you write tests like:
        *   `test_create_account_succeeds_with_valid_data()`
        *   `test_create_account_fails_without_name()`
        *   `test_update_account_with_optimistic_locking_works()`
        *   `test_unauthenticated_user_cannot_access_accounts()`
    *   You run the tests until they all pass. Your backend for `Accounts` is now complete and verified.

3.  **API Contract Generation:**
    *   You use a library like `drf-spectacular` or `drf-yasg` in your Django project.
    *   You configure it and it will inspect your `AccountViewSet` and `AccountSerializer`.
    *   It automatically generates the OpenAPI `schema.yml` file and hosts the interactive Swagger UI documentation for you at an endpoint like `/api/docs/`.

4.  **Frontend (UI):**
    *   Now you switch to your React project.
    *   You look at the auto-generated Swagger UI to see the exact structure of the `/api/v1/accounts/` endpoints.
    *   You build the React components for the `Account` feature: the list view, the detail view, and the create/edit form.
    *   You connect these components to your now-tested and documented backend API.

**Slice 2: `Contact` CRUD**

*   You repeat the entire process, starting from the `Contact` model, then the backend tests, then the frontend components. Because a `Contact` is related to an `Account`, you'll also be building the UI to link them.

---

Why This is Better for You

*   **Speed & Iteration:** You don't get bogged down writing a massive OpenAPI file for the entire system upfront. You can start coding and delivering value immediately.
*   **Pragmatism:** As a solo developer, you are both the frontend and backend team. The risk of miscommunication that Design-First solves is non-existent.
*   **Single Source of Truth:** Your Django code *is* the source of truth. The documentation is always in sync with the implementation because it's generated from it. This avoids the common problem of "documentation drift" where the spec says one thing and the code does another.

**Conclusion:** Your intuition is correct. For your specific context, the **Code-First approach, implemented slice by slice with integrated testing**, is the most efficient and effective way to build this application.

### 1.7 API or system interface

Okay, let's define the API contract for our CRM application using a RESTful approach. <span style="background-color: #FFFACD;">This interface will define how the frontend (or any other client) interacts with the backend system. We'll base the endpoints on the core entities and functional requirements we've identified.</span>

<span style="background-color: #FFFACD;">"Note: PATCH requests for core entities(Account, Contact, Opportunity, Case) should include the current version number of the record in the request body. If the version sent does not match the current version in the database (indicating a concurrent update), the API should return a 409 Conflict status code."<span>


**API Style:** REST over HTTP/S using JSON for request/response bodies.

**Versioning:** `/v1/` prefix for all endpoints.

**Authentication:** Assume most endpoints (except `/auth/login`) require a valid authentication token (e.g., JWT Bearer token) sent in the `Authorization` header.

Best Practice / Most Optimal: Server-side filtering, sorting, and pagination is the standard best practice and the most optimal approach.

**API Style:** REST over HTTP/S using JSON.
**Versioning:** `/v1/` prefix.
**Authentication:** JWT Bearer token required for all endpoints below.

---

Of course. This is an excellent idea. Adding the "Affected Tables" to each endpoint description makes the API contract a much more powerful document. It explicitly connects the API action to the underlying database model, providing complete clarity for the developer.

Here is the definitive High-Level API Interface, now including the affected tables for each operation.

---
High-Level API Interface with Examples: CRM MVP

**Standard Conventions**
*   **Base URL:** `/api/v1`
*   **Authentication:** All endpoints require a valid JWT Bearer Token.
*   **Data Format:** `application/json`

---

**Authentication**

*   **`POST /auth/login`**
    *   **Description:** Authenticates a user.
    *   **Affected Tables:** `users` (Read)
    *   **Request:** `{ "email": "user@example.com", "password": "password123" }`
    *   **Response (200 OK):** `{ "token": "ey...", "user": { "id": 1, "username": "visi sevi" } }`

---

**Leads**

*   **`POST /leads`**
    *   **Description:** Creates a new lead.
    *   **Affected Tables:** `leads` (Create)
    *   **Request:** `{ "last_name": "Smith", "company": "Global Tech", "status": "New" }`
    *   **Response (201 Created):** `{ "id": 2, "last_name": "Smith", ... }`
*   **`POST /leads/{id}/convert`**
    *   **Description:** Converts a lead into an Account, Contact, and Opportunity.
    *   **Affected Tables:** `leads` (Update), `accounts` (Create), `contacts` (Create), `opportunities` (Create)
    *   **Request:** `{ "opportunity_name": "Initial Project for Global Tech" }`
    *   **Response (200 OK):** `{ "message": "Lead converted successfully.", "created_records": { "account": {...}, "contact": {...}, "opportunity": {...} } }`

---

**Accounts**

*   **`GET /accounts`**
    *   **Description:** Retrieves a list of accounts.
    *   **Affected Tables:** `accounts` (Read)
    *   **Response (200 OK):** `[{ "id": 124, "name": "Global Tech", ... }]`
*   **`POST /accounts`**
    *   **Description:** Creates a new account.
    *   **Affected Tables:** `accounts` (Create)
    *   **Request:** `{ "name": "Innovate Corp", "website": "innovate.com" }`
    *   **Response (201 Created):** `{ "id": 125, "name": "Innovate Corp", ... }`
*   **`GET /accounts/{id}`**
    *   **Description:** Retrieves a single account with its key related data.
    *   **Affected Tables:** `accounts`, `contacts`, `opportunities` (Read)
    *   **Response (200 OK):** `{ "id": 125, "name": "Innovate Corp", "contacts": [...], "opportunities": [...] }`
*   **`PUT /accounts/{id}`**
    *   **Description:** Updates an account's information.
    *   **Affected Tables:** `accounts` (Update)
    *   **Request:** `{ "phone": "555-3333", "version": 1 }`
    *   **Response (200 OK):** `{ "id": 125, "phone": "555-3333", "version": 2, ... }`

---

**Opportunities**

*   **`POST /opportunities`**
    *   **Description:** Creates a new, empty opportunity linked to an account.
    *   **Affected Tables:** `opportunities` (Create)
    *   **Request:** `{ "name": "New Website Build", "stage": "Qualifying", "account_id": 125 }`
    *   **Response (201 Created):** `{ "id": 104, "name": "New Website Build", ... }`
*   **`GET /opportunities/{id}`**
    *   **Description:** Retrieves a single opportunity with its line items and roles.
    *   **Affected Tables:** `opportunities`, `opportunity_line_items`, `products`, `opportunity_contact_roles`, `contacts` (Read)
    *   **Response (200 OK):** `{ "id": 104, "name": "New Website Build", "calculated_amount": "0.00", "line_items": [], "contact_roles": [], ... }`
*   **`POST /opportunities/{id}/line_items`**
    *   **Description:** Adds a product to an opportunity.
    *   **Affected Tables:** `opportunity_line_items` (Create)
    *   **Request:** `{ "product_id": 8, "quantity": 1, "sale_price": 5000.00 }`
    *   **Response (201 Created):** `{ "id": 501, "product": { "id": 8, "name": "New Website" }, "sale_price": "5000.00" }`
*   **`POST /opportunities/{id}/contact_roles`**
    *   **Description:** Assigns a contact role to the opportunity.
    *   **Affected Tables:** `opportunity_contact_roles` (Create)
    *   **Request:** `{ "contact_id": 47, "role": "Decision Maker" }`
    *   **Response (201 Created):** `{ "id": 601, "contact_id": 47, "role": "Decision Maker" }`
*   **`POST /opportunities/{id}/generate-order`**
    *   **Description:** Creates a formal Order from a "Closed Won" opportunity.
    *   **Affected Tables:** `orders` (Create), `order_line_items` (Create)
    *   **Request:** (Empty)
    *   **Response (201 Created):** `{ "id": 56, "status": "Awaiting Payment", "line_items": [...] }`

---

**Orders**

*   **`GET /orders`**
    *   **Description:** Retrieves a list of all orders.
    *   **Affected Tables:** `orders`, `accounts`, `order_line_items` (Read, for calculation)
    *   **Response (200 OK):** `[{ "id": 56, "status": "Awaiting Payment", "account_name": "Innovate Corp", "calculated_total": "5000.00" }]`
*   **`GET /orders/{id}`**
    *   **Description:** Retrieves a single order with its line items and payments.
    *   **Affected Tables:** `orders`, `order_line_items`, `products`, `payments` (Read)
    *   **Response (200 OK):** `{ "id": 56, "status": "Awaiting Payment", "line_items": [...], "payments": [] }`
*   **`PUT /orders/{id}`**
    *   **Description:** Updates an order's status.
    *   **Affected Tables:** `orders` (Update)
    *   **Request:** `{ "status": "Fulfilled", "version": 1 }`
    *   **Response (200 OK):** `{ "id": 56, "status": "Fulfilled", "version": 2, ... }`

---

**Payments**

*   **`POST /orders/{id}/payments`**
    *   **Description:** Logs a new payment against a specific order.
    *   **Affected Tables:** `payments` (Create), `orders` (Update, for status change)
    *   **Request:** `{ "amount": 2500.00, "payment_date": "2025-09-01", "payment_method": "Bank Transfer" }`
    *   **Response (201 Created):** `{ "id": 901, "amount": "2500.00", ... }`
*   **`PUT /payments/{id}`**
    *   **Description:** Updates a payment record (e.g., to void it).
    *   **Affected Tables:** `payments` (Update), `orders` (Update, for status change)
    *   **Request:** `{ "status": "Void", "version": 1 }`
    *   **Response (200 OK):** `{ "id": 901, "status": "Void", "version": 2, ... }`

---

**Activities (Tasks & Events)**

*   **`POST /activities`**
    *   **Description:** Creates a new task or event.
    *   **Affected Tables:** `activities` (Create)
    *   **Request:** `{ "type": "Task", "subject": "Draft proposal", "assigned_to_id": 1, "what_id": 104, "what_type": "Opportunity" }`
    *   **Response (201 Created):** `{ "id": 779, "subject": "Draft proposal", ... }`
*   **`PUT /activities/{id}`**
    *   **Description:** Updates an activity (e.g., marks a task as complete).
    *   **Affected Tables:** `activities` (Update)
    *   **Request:** `{ "status": "Completed", "version": 1 }`
    *   **Response (200 OK):** `{ "id": 779, "status": "Completed", "version": 2, ... }`



## 1.8 High level design

Our high-level design will be based on a **well-structured monolith**. This is a single backend application that handles all the business logic. This is the industry-standard and best-practice approach for this scale, as it dramatically simplifies development, deployment, and maintenance.

---

 High-Level Design: CRM Application

This diagram represents the core components of our system and how they interact to fulfill the API contract we've defined.

 **The Components**

1.  **Client (React SPA):** The user's web browser running our single-page React application. It is responsible for all UI rendering and making API calls.
2.  **API Gateway (Nginx):** A reverse proxy that acts as the single entry point for all incoming traffic. It handles routing requests to the backend, SSL termination (HTTPS), and can serve the static frontend files.
3.  **CRM Backend Service (Django Monolith):** The heart of our application. This single Django project contains all the business logic, API endpoints, and data models required to run the entire CRM.
4.  **PostgreSQL Database:** Our primary data store. A single, robust relational database that holds all our tables as defined in the ERD.

 **The Diagram**

```mermaid


graph LR
    A[Client<br/>React App in Browser] 
    B[API Gateway<br/>Nginx]
    C[CRM Backend Service<br/>Django Monolith]
    D[PostgreSQL<br/>Database]
    
    A -->|HTTPS Request| B
    B -->|Routes to| C
    C -->|SQL Query| D
    D -->|Returns Data| C
    C -->|Forwards| B
    B -->|JSON Response| A

```

---

 Building the Design: Satisfying the API Endpoints

Let's walk through a few key API endpoints to see how these components work together.

 **1. Endpoint: `POST /api/v1/accounts` (Create an Account)**

This is a simple write operation.

1.  **Client -> API Gateway:** The React app sends a `POST` request with a JSON body containing the new account details (`{ "name": "Innovate Corp", ... }`).
2.  **API Gateway -> CRM Backend:** The gateway forwards the request to the Django application.
3.  **CRM Backend:**
    *   The authentication middleware verifies the user's JWT.
    *   The request hits the `AccountViewSet`.
    *   The `AccountSerializer` validates the incoming JSON data.
    *   The view's `create` method creates a new `Account` model instance and saves it to the database.
4.  **CRM Backend -> Database:** An `INSERT INTO accounts ...` SQL command is executed.
5.  **Database -> CRM Backend:** The database confirms the write and returns the new record, including its `id`.
6.  **CRM Backend -> Client:** The backend sends a `201 Created` response containing the complete JSON of the newly created account.

 **2. Endpoint: `GET /api/v1/orders/{id}` (Read an Order with Related Data)**

This is a more complex read operation that shows the power of the monolith.

1.  **Client -> API Gateway:** The React app sends a `GET` request for `/api/v1/orders/55`.
2.  **API Gateway -> CRM Backend:** The gateway forwards the request.
3.  **CRM Backend:**
    *   The request hits the `OrderViewSet`.
    *   The view's `retrieve` method is called with `id=55`.
    *   The backend now performs several efficient queries against the database:
        *   `SELECT * FROM orders WHERE id = 55;`
        *   `SELECT * FROM order_line_items WHERE order_id = 55;`
        *   `SELECT * FROM payments WHERE order_id = 55;`
        *   It also joins to the `accounts` table to get the account name.
    *   The `OrderSerializer` assembles all this data into a single, structured JSON response.
4.  **CRM Backend -> Client:** The backend sends a `200 OK` response with the complete JSON object for the order, including nested arrays for its line items and payments.

 **3. Endpoint: `POST /api/v1/opportunities/{id}/generate-order` (A Complex Business Action)**

This is a transactional business process.

1.  **Client -> API Gateway:** The React app sends a `POST` request to `/api/v1/opportunities/101/generate-order`.
2.  **API Gateway -> CRM Backend:** The gateway forwards the request.
3.  **CRM Backend:**
    *   The request hits a custom action on the `OpportunityViewSet`.
    *   The backend code starts a **database transaction**.
    *   It reads the `Opportunity` record and its related `opportunity_line_items`.
    *   It creates a new `Order` record in memory.
    *   It loops through the opportunity line items and creates new `OrderLineItem` records in memory.
    *   It attempts to save all these new records to the database.
4.  **CRM Backend -> Database:** Multiple `INSERT` statements are sent to the database.
5.  **Database -> CRM Backend:**
    *   If all writes succeed, the database commits the transaction.
    *   If *any* write fails, the database **rolls back the entire transaction**, ensuring the system is not left in a partially created, inconsistent state.
6.  **CRM Backend -> Client:** Assuming success, the backend sends a `201 Created` response containing the JSON for the newly created `Order`.

---

 Areas for Future Complexity (To Be Addressed in Deep Dives)

As requested, we will keep the high-level design simple and note these areas for future enhancement:

*   **Caching:** For frequently accessed, rarely changing data (like the list of `Products` or `Users`), we could introduce a Redis cache between the CRM Backend and the Database to improve read performance.
*   **Asynchronous Tasks:** For slow operations that shouldn't block the user (like sending a welcome email after creating a new user), we could add a task queue like **Celery** with a **Redis** or **RabbitMQ** broker. The API would return an immediate `202 Accepted` response, and the task would be handled in the background.
*   **Full-Text Search:** <span style="background-color: #ffff99">While basic filtering can be handled by the database, a more advanced search feature across all entities would be best implemented by syncing data to a dedicated search engine like **Elasticsearch</span>**.

This high-level design is simple, robust, and directly satisfies our API contract. It provides a clear and achievable plan for the MVP while establishing a strong foundation for these future enhancements.

Of course. This is the final, culminating step of our design phase, bringing together the ERD, API contract, and workflows into a single, high-level architectural blueprint.

I will create this design following the exact format you've provided, but redoing it entirely to reflect the specific architecture and entities of **our CRM application**.

---

### High-Level Design: Custom CRM Application

This document outlines the high-level architecture for the CRM application. The design is a **well-structured monolith**, chosen for its development simplicity and suitability for the highly interconnected nature of CRM data, especially for our MVP's scale.

#### **Core Components:**

1.  **Client:** The user's web browser running our frontend Single Page Application (SPA), built with **React**. It is responsible for all UI rendering and state management.
2.  **API Gateway:** A reverse proxy server (**Nginx**) that acts as the single, secure entry point for all API requests. It handles routing to the backend, SSL termination (HTTPS), and serving the static React application files.
3.  **CRM Backend Service:** A monolithic backend service built with **Django REST Framework**. It contains all the core business logic, API endpoints, data models, and serializers for all CRM entities.
4.  **CRM Database:** A single, robust relational database (**PostgreSQL**) that persists all application data, enforcing data integrity through foreign keys and transactions.

#### **High-Level Diagram:**

```mermaid
graph LR
    Client[Client] --> API_Gateway[API Gateway];
    API_Gateway --> CRM_Service[CRM Backend Service];
    CRM_Service <--> CRM_DB[CRM Database];

    subgraph "Database Schema (MVP Entities)"
        direction TB
        CRM_DB -- Manages --> Accounts(Accounts: id, name, owner_id, version, ...);
        CRM_DB -- Manages --> Contacts(Contacts: id, first_name, last_name, account_id, ...);
        CRM_DB -- Manages --> Leads(Leads: id, company, status, owner_id, ...);
        CRM_DB -- Manages --> Opportunities(Opportunities: id, name, stage, account_id, ...);
        CRM_DB -- Manages --> Products(Products: id, name, standard_list_price, ...);
        CRM_DB -- Manages --> Orders(Orders: id, status, order_date, opportunity_id, ...);
        CRM_DB -- Manages --> Payments(Payments: id, amount, payment_date, order_id, ...);
        CRM_DB -- Manages --> Activities(Activities: id, type, subject, what_id, who_id, ...);
        CRM_DB -- Manages --> LineItems(Junction Tables: opp_line_items, order_line_items, ...);
    end

    style Client fill:#f9f,stroke:#333,stroke-width:2px
    style API_Gateway fill:#ccf,stroke:#333,stroke-width:2px
    style CRM_Service fill:#9cf,stroke:#333,stroke-width:2px
    style CRM_DB fill:#9c9,stroke:#333,stroke-width:2px

```

#### **Explanation & Data Flow Examples:**

1.  **Creating a Record (e.g., `POST /api/v1/leads`)**
    *   The **Client** sends a POST request with the new lead data in the JSON body.
    *   The **API Gateway** receives the request and routes it to the **CRM Backend Service**.
    *   The **CRM Backend** authenticates the user, validates the incoming data via a `LeadSerializer`, constructs a `Lead` model instance, and executes an `INSERT` command against the `leads` table in the **CRM Database**.
    *   The **CRM Backend** formats the newly created Lead object into a JSON response and sends it back through the **API Gateway** to the **Client**.

2.  **Reading a Complex Record (e.g., `GET /api/v1/orders/{id}`)**
    *   The **Client** sends a GET request for a specific order.
    *   The **API Gateway** routes the request to the **CRM Backend**.
    *   The **CRM Backend** authenticates the user and executes several efficient queries against the **CRM Database**: it fetches the `Order` record, all related `OrderLineItem` records, and all related `Payment` records.
    *   The `OrderSerializer` assembles all this data into a single, structured JSON response.
    *   The **API Gateway** forwards the complete response back to the **Client**.

3.  **Complex Business Logic (e.g., `POST /api/v1/opportunities/{id}/generate-order`)**
    *   The **Client** sends a POST request to this special action endpoint for a "Closed Won" opportunity.
    *   The **API Gateway** routes the request to the **CRM Backend**.
    *   The **CRM Backend** initiates a **database transaction**. Within the transaction:
        *   It reads the `Opportunity` and its related `OpportunityLineItems` from the database.
        *   It creates a new `Order` record in memory.
        *   It loops through the opportunity's line items and creates new `OrderLineItem` records in memory, copying the final price and quantity.
        *   It sends all the `INSERT` commands to the **CRM Database**.
    *   If all operations succeed, the transaction is **committed**. If any step fails, the entire transaction is **rolled back**, ensuring data integrity.
    *   The **CRM Backend** formats a response containing the ID of the newly created `Order`.

---

#### **Sequence Diagrams for Key Workflows**

**1. Reading a List of Records with Filters:**
```mermaid
sequenceDiagram
    participant Client
    participant API Gateway
    participant CRM Service
    participant Postgres DB

    Client->>+API Gateway: 1. GET /api/v1/opportunities?stage=Proposal
    API Gateway->>+CRM Service: 2. Route Request w/ Params
    CRM Service->>CRM Service: 3. Parse Params & Build DB Query
    CRM Service->>+Postgres DB: 4. Query DB (SELECT ... WHERE stage='Proposal')
    Postgres DB-->>-CRM Service: 5. Return List of Opportunity Records
    CRM Service->>CRM Service: 6. Serialize List (JSON Array)
    CRM Service-->>-API Gateway: 7. Send JSON Response (200 OK)
    API Gateway-->>-Client: 8. Forward Response
```

**2. Updating a Record with Optimistic Locking:**
```mermaid
sequenceDiagram
    participant Client
    participant API Gateway
    participant CRM Service
    participant Postgres DB

    Client->>+API Gateway: 1. PUT /api/v1/accounts/123 (Body: {name: 'New Name', version: 1})
    API Gateway->>+CRM Service: 2. Route Request
    CRM Service->>+Postgres DB: 3. Update DB (UPDATE accounts SET ... WHERE id=123 AND version=1)
    Postgres DB-->>-CRM Service: 4. Return "1 row affected"
    CRM Service->>CRM Service: 5. Serialize Updated Account Data
    CRM Service-->>-API Gateway: 6. Send JSON Response (200 OK)
    API Gateway-->>-Client: 7. Forward Response
```

**3. Generating an Order from an Opportunity:**
```mermaid
sequenceDiagram
    participant Client
    participant API Gateway
    participant CRM Service
    participant Postgres DB

    Client->>+API Gateway: 1. POST /api/v1/opportunities/101/generate-order
    API Gateway->>+CRM Service: 2. Route Request
    CRM Service->>+Postgres DB: 3. START TRANSACTION
    CRM Service->>+Postgres DB: 4. Read Opportunity & Line Items (SELECT ...)
    Postgres DB-->>-CRM Service: 5. Return Records
    CRM Service->>+Postgres DB: 6. Create Order (INSERT orders)
    CRM Service->>+Postgres DB: 7. Create Order Line Items (INSERT order_line_items)
    CRM Service->>+Postgres DB: 8. COMMIT TRANSACTION
    CRM Service->>CRM Service: 9. Format Response (new Order ID)
    CRM Service-->>-API Gateway: 10. Send JSON Response (201 Created)
    API Gateway-->>-Client: 11. Forward Response
```

---

#### **Design Choices & Rationale:**

*   **Monolithic Service:** For an internal business application with a solo developer, a monolith offers the fastest development velocity and simplest deployment. The data is highly interconnected, making a single service a natural fit.
*   **Relational Database (PostgreSQL):** CRM data is inherently relational. PostgreSQL enforces data integrity via foreign keys and guarantees transactional consistency (ACID), which is a core NFR for a reliable business system.
*   **Code-First API with Auto-Generated Docs:** We will write the Django models and views first, then use a library like `drf-spectacular` to automatically generate the OpenAPI (Swagger) documentation. This is the most efficient workflow for a solo developer.

#### **Potential Future Enhancements (Callouts):**

*   **Caching:** A Redis cache could be introduced to store frequently accessed, rarely changing data (e.g., user profiles, product lists) to reduce database load.
*   **Background Job Queue:** For slow operations like sending email notifications or generating complex monthly reports, a Celery worker queue could be added to offload tasks from the main request/response cycle.
*   **File Storage:** For handling file uploads (e.g., attaching a PDF contract to an Order), we will integrate with a cloud object storage service like Amazon S3.

Of course. This is a fantastic exercise that brings our entire design to life. By creating sequence diagrams for these core workflows, we can visualize exactly how the components of our system will interact to achieve the user's goals.

Here are the detailed sequence diagrams for each of the workflows you've outlined, created in Mermaid format.

---

### Workflow 1: The Core Sales Process (From Lead to Confirmed Order)

This macro workflow is best represented by two distinct sequence diagrams: **A) Lead Conversion** and **B) Deal Development & Order Generation**.

#### **A) Lead Capture & Conversion**
This diagram shows a new lead being created and then converted into an Account, Contact, and Opportunity in a single, transactional process.

```mermaid
sequenceDiagram
    participant Client
    participant API Gateway
    participant CRM Service
    participant Postgres DB

    Client->>+API Gateway: 1. POST /api/v1/leads (Body: {company: 'NewCo', ...})
    API Gateway->>+CRM Service: 2. Route Request
    CRM Service->>+Postgres DB: 3. INSERT INTO leads
    Postgres DB-->>-CRM Service: 4. Return New Lead
    CRM Service-->>-API Gateway: 5. Send JSON Response (201 Created)
    API Gateway-->>-Client: 6. Forward Response

    Note over Client, Postgres DB: Salesperson works the lead... then clicks "Convert"

    Client->>+API Gateway: 7. POST /api/v1/leads/{id}/convert
    API Gateway->>+CRM Service: 8. Route Request
    CRM Service->>+Postgres DB: 9. START TRANSACTION
    CRM Service->>+Postgres DB: 10. Read Lead Data (SELECT * FROM leads WHERE id={id})
    Postgres DB-->>-CRM Service: 11. Return Lead Data
    CRM Service->>+Postgres DB: 12. Create Account (INSERT INTO accounts)
    CRM Service->>+Postgres DB: 13. Create Contact (INSERT INTO contacts)
    CRM Service->>+Postgres DB: 14. Create Opportunity (INSERT INTO opportunities)
    CRM Service->>+Postgres DB: 15. Update Lead Status (UPDATE leads SET status='Converted')
    CRM Service->>+Postgres DB: 16. COMMIT TRANSACTION
    CRM Service->>CRM Service: 17. Format Response (new record IDs)
    CRM Service-->>-API Gateway: 18. Send JSON Response (200 OK)
    API Gateway-->>-Client: 19. Forward Response
```

#### **B) Deal Development & Order Generation**
This diagram shows a salesperson adding products to the new Opportunity, updating the price, and finally generating a formal Order when the deal is won.

```mermaid
sequenceDiagram
    participant Client
    participant API Gateway
    participant CRM Service
    participant Postgres DB

    Client->>+API Gateway: 1. POST /api/v1/opportunities/{id}/line_items (Body: {product_id: 1, qty: 1, sale_price: 5000})
    API Gateway->>+CRM Service: 2. Route Request
    CRM Service->>+Postgres DB: 3. INSERT INTO opportunity_line_items
    Postgres DB-->>-CRM Service: 4. Return New Line Item
    CRM Service-->>-API Gateway: 5. Send JSON Response (201 Created)
    API Gateway-->>-Client: 6. Forward Response

    Note over Client, Postgres DB: Salesperson negotiates and gives a discount...

    Client->>+API Gateway: 7. PUT /api/v1/opportunities/{id}/line_items/{line_id} (Body: {sale_price: 4500, version: 1})
    API Gateway->>+CRM Service: 8. Route Request
    CRM Service->>+Postgres DB: 9. UPDATE opportunity_line_items SET sale_price=4500, version=2 WHERE id={line_id} AND version=1
    Postgres DB-->>-CRM Service: 10. Return "1 row affected"
    CRM Service->>CRM Service: 11. Serialize updated line item
    CRM Service-->>-API Gateway: 12. Send JSON Response (200 OK w/ version: 2)
    API Gateway-->>-Client: 12.1. Forward Response

    Note over Client, Postgres DB: Opportunity stage is set to "Closed Won", user clicks "Generate Order"

    Client->>+API Gateway: 13. POST /api/v1/opportunities/{id}/generate-order
    API Gateway->>+CRM Service: 14. Route Request
    CRM Service->>+Postgres DB: 15. START TRANSACTION
    CRM Service->>+Postgres DB: 16. Read Opportunity & Line Items (SELECT ...)
    Postgres DB-->>-CRM Service: 17. Return Records
    CRM Service->>+Postgres DB: 18. Create Order (INSERT orders)
    CRM Service->>+Postgres DB: 19. Create Order Line Items (INSERT order_line_items, copying data)
    CRM Service->>+Postgres DB: 20. COMMIT TRANSACTION
    CRM Service-->>-API Gateway: 21. Send JSON Response (201 Created w/ new Order)
    API Gateway-->>-Client: 22. Forward Response
```

---

### Workflow 2: Financial Tracking (From Order to Paid)

This diagram shows a user logging a payment against an Order and the system automatically updating the Order's status based on the new total paid amount.

```mermaid
sequenceDiagram
    participant Client
    participant API Gateway
    participant CRM Service
    participant Postgres DB

    Client->>+API Gateway: 1. POST /api/v1/orders/{id}/payments (Body: {amount: 2250, ...})
    API Gateway->>+CRM Service: 2. Route Request
    CRM Service->>+Postgres DB: 3. START TRANSACTION
    CRM Service->>+Postgres DB: 4. Create Payment (INSERT INTO payments)
    
    Note over CRM Service, Postgres DB: Payment saved. Now, update Order status.

    CRM Service->>+Postgres DB: 5. Calculate Order Total (SELECT SUM(price*qty) FROM order_line_items)
    Postgres DB-->>-CRM Service: 6. Return Order Total (e.g., 4500)
    
    CRM Service->>+Postgres DB: 7. Calculate Paid Total (SELECT SUM(amount) FROM payments)
    Postgres DB-->>-CRM Service: 8. Return Paid Total (e.g., 2250)

    CRM Service->>CRM Service: 9. Determine new status ('Partially Paid')

    CRM Service->>+Postgres DB: 10. Update Order Status (UPDATE orders SET status='Partially Paid')
    CRM Service->>+Postgres DB: 11. COMMIT TRANSACTION
    
    CRM Service-->>-API Gateway: 12. Send JSON Response (201 Created w/ new Payment)
    API Gateway-->>-Client: 13. Forward Response
```

---

### Workflow 3: Recurring Revenue & Retainer Management Report

This diagram shows how the system generates the 12-month retainer payment report. It highlights the complex query logic handled by the backend.

```mermaid
sequenceDiagram
    participant Client
    participant API Gateway
    participant CRM Service
    participant Postgres DB

    Client->>+API Gateway: 1. GET /api/v1/reports/retainer-payments?year=2025
    API Gateway->>+CRM Service: 2. Route Request
    
    Note over CRM Service, Postgres DB: Logic to identify and aggregate retainer payments based on Products.

    CRM Service->>+Postgres DB: 3. Find Retainer Product IDs (SELECT id FROM products WHERE is_retainer_product = true)
    Postgres DB-->>-CRM Service: 4. Return list of Retainer Product IDs

    CRM Service->>+Postgres DB: 5. Find all Orders containing these products (SELECT DISTINCT order_id FROM order_line_items WHERE product_id IN (...))
    Postgres DB-->>-CRM Service: 6. Return list of relevant Order IDs

    CRM Service->>+Postgres DB: 7. Get all Payments for these Orders in the specified year (SELECT p.amount, p.service_period_start, o.account_id FROM payments p JOIN orders o ON p.order_id = o.id WHERE o.id IN (...) AND EXTRACT(YEAR FROM p.payment_date) = 2025)
    Postgres DB-->>-CRM Service: 8. Return list of all relevant Payments

    Note over CRM Service: Application logic now aggregates the raw payment data.

    CRM Service->>CRM Service: 9. Aggregate data into a 12-month grid by Account (JSON)
    
    CRM Service-->>-API Gateway: 10. Send JSON Response (200 OK)
    API Gateway-->>-Client: 11. Forward Response
```

---

### Workflow 4: Daily Activity & Relationship Management

This diagram shows a user creating a contextual `Activity` and how the system later retrieves the unified timeline.

```mermaid
sequenceDiagram
    participant Client
    participant API Gateway
    participant CRM Service
    participant Postgres DB

    Note over Client, Postgres DB: Creating a Task related to an Opportunity and a Contact

    Client->>+API Gateway: 1. POST /api/v1/activities (Body: {type: 'Task', subject: 'Follow up', what_id: 101, what_type: 'Opportunity', who_id: 456, who_type: 'Contact'})
    API Gateway->>+CRM Service: 2. Route Request
    CRM Service->>+Postgres DB: 3. Create Activity (INSERT INTO activities)
    Postgres DB-->>-CRM Service: 4. Return New Activity
    CRM Service-->>-API Gateway: 5. Send JSON Response (201 Created)
    API Gateway-->>-Client: 6. Forward Response

    Note over Client, Postgres DB: Later, viewing the Opportunity's Activity Timeline

    Client->>+API Gateway: 7. GET /api/v1/opportunities/101
    API Gateway->>+CRM Service: 8. Route Request
    CRM Service->>+Postgres DB: 9. Get Opportunity Details (SELECT * FROM opportunities)
    Postgres DB-->>-CRM Service: 10. Return Opportunity
    
    CRM Service->>+Postgres DB: 11. Get Related Activities (SELECT * FROM activities WHERE what_id=101 AND what_type='Opportunity')
    Postgres DB-->>-CRM Service: 12. Return List of Activities
    
    CRM Service->>CRM Service: 13. Assemble final JSON response with nested activities
    
    CRM Service-->>-API Gateway: 14. Send JSON Response (200 OK)
    API Gateway-->>-Client: 15. Forward Response
```

### The Exact Sequence for Lead Conversion

Here is the step-by-step flow for the `POST /leads/{id}/convert` request, from the user's click to the final UI update.

1.  **Client Action:** The user clicks the "Convert" button on the Lead detail page in the React application.
2.  **HTTPS Request:** The React app sends a `POST` request to the API Gateway at the endpoint `/api/v1/leads/123/convert`. The request body contains the user-provided name for the new opportunity: `{ "opportunity_name": "New Website for Innovate Corp" }`.
3.  **Routing:** The API Gateway (Nginx) receives the request, verifies it's a valid path, and forwards it to the CRM Backend Service.
4.  **Authentication & Authorization:** The CRM Backend receives the request. The first thing it does is run its authentication middleware to check for a valid JWT.
5.  **Start Business Logic (The Transaction):** The request hits the `convert` action in the `LeadViewSet`. The service immediately tells the PostgreSQL Database to **`START TRANSACTION`**. This is critical. It ensures that all the following database operations are treated as a single, atomic unit.
6.  **Read Source Data:** The CRM Service sends a `SELECT * FROM leads WHERE id=123` query to the database to get the data of the lead being converted.
7.  **Orchestrate Creation:** The CRM Service, now holding the lead's data, constructs the new objects *in memory*:
    *   It creates an `Account` object using the lead's `company` field.
    *   It creates a `Contact` object using the lead's `first_name`, `last_name`, etc., and links it to the new Account.
    *   It creates an `Opportunity` object using the `opportunity_name` from the request body and links it to the new Account.
8.  **Execute Writes:** The CRM Service sends the `INSERT` commands for the new objects to the database.
9.  **Execute Update:** The CRM Service sends an `UPDATE leads SET status = 'Converted' WHERE id=123` command to the database.
10. **End Business Logic (Commit):** Since all database commands were successful, the CRM Service sends a final **`COMMIT`** command to the database. The database now makes all the changes permanent. If any of the previous steps had failed, the service would have sent a `ROLLBACK` command instead, and the database would have undone everything.
11. **Prepare Response:** The CRM Service formats a `200 OK` JSON response containing a success message and the details of the newly created records.
12. **Return Response:** The response travels back through the API Gateway to the Client.
13. **UI Update:** The React app receives the success response and displays the "Your lead has been converted" confirmation screen, using the data from the response body to create links to the new records.

#### Sequence Diagram: Lead Conversion

This diagram visually represents the exact flow described above.

```mermaid
sequenceDiagram
    participant Client
    participant API Gateway
    participant CRM Service
    participant Postgres DB

    Client->>+API Gateway: 1. POST /api/v1/leads/{id}/convert
    API Gateway->>+CRM Service: 2. Route Request

    Note over CRM Service, Postgres DB: The business logic lives here.

    CRM Service->>+Postgres DB: 3. START TRANSACTION
    
    CRM Service->>+Postgres DB: 4. Read Lead Data (SELECT)
    Postgres DB-->>-CRM Service: 5. Return Lead Record
    
    Note over CRM Service: Orchestrates creation of new objects in memory

    CRM Service->>+Postgres DB: 6. Create Account (INSERT)
    CRM Service->>+Postgres DB: 7. Create Contact (INSERT)
    CRM Service->>+Postgres DB: 8. Create Opportunity (INSERT)
    CRM Service->>+Postgres DB: 9. Update Lead Status (UPDATE)
    
    CRM Service->>+Postgres DB: 10. COMMIT TRANSACTION
    
    Note over CRM Service: Transaction successful. Prepare response.
    
    CRM Service-->>-API Gateway: 11. Send JSON Response (200 OK)
    API Gateway-->>-Client: 12. Forward Response
```

### 1.9.1 MVP

```  mermaid
graph TD
    subgraph "Your Local File System"
        direction TB
        LocalBackend["Backend Source Code<br/>/backend folder"]
        LocalFrontend["Frontend Source Code<br/>/frontend folder"]
        DockerCompose["docker-compose.yml<br/>Container Orchestration"]
        EnvFile[".env file<br/>Environment Configuration"]
        
        subgraph "Persistent Data"
            PostgresData["./data/postgres/<br/>Database Files"]
        end
    end
    
    subgraph "Docker Environment"
        direction LR
        
        Client["client_container<br/>React Dev Server<br/>Port: 3000"]
        API["api_container<br/>Django Service<br/>Port: 8000"]
        DB["db_container<br/>PostgreSQL<br/>Port: 5432"]
    end
    
    subgraph "User Interface"
        Browser["Your Web Browser"]
    end
    
    %% Local to Container Connections
    LocalBackend -.->|Live Sync via Volume| API
    LocalFrontend -.->|Live Sync via Volume| Client
    DockerCompose -.->|Orchestrates| Client
    DockerCompose -.->|Orchestrates| API
    DockerCompose -.->|Orchestrates| DB
    EnvFile -.->|Config Injection| API
    EnvFile -.->|Config Injection| DB
    
    %% Persistent Storage Connection
    DB -.->|Data Bind Mount| PostgresData
    
    %% User Interface Connections
    Browser -->|localhost:3000| Client
    
    %% Container Interconnections
    Client -->|Proxies API calls to /api/*| API
    API -->|DB Connection| DB
    
    classDef localCode fill:#e6f2ff,stroke:#333,stroke-width:2px,stroke-dasharray: 5 5
    classDef userInterface fill:#fff,stroke:#333,stroke-width:2px
    classDef reactContainer fill:#f9f,stroke:#333,stroke-width:2px
    classDef djangoContainer fill:#9cf,stroke:#333,stroke-width:2px
    classDef dbContainer fill:#f99,stroke:#333,stroke-width:2px
    classDef storageContainer fill:#fcc,stroke:#333,stroke-width:2px
    classDef configFiles fill:#ccf,stroke:#333,stroke-width:2px
    
    class LocalBackend,LocalFrontend localCode
    class DockerCompose,EnvFile configFiles
    class Browser userInterface
    class Client reactContainer
    class API djangoContainer
    class DB dbContainer
    class PostgresData storageContainer

    ```

### 1.9.2 Advanced

``` mermaid
graph TD
    subgraph "Your Local File System (Where you write code)"
        direction TB
        LocalBackend["Backend Source Code<br/>./backend folder"]
        LocalFrontend["Frontend Source Code<br/>./frontend folder"]
    end
    subgraph "Docker Environment (Where code runs)"
        direction TB
        
        Nginx["nginx_container<br/>Load Balancer / API Gateway"]
        subgraph "Application Services"
            direction LR
            API_1["api_container_1<br/>Django Service"]
            API_2["api_container_2<br/>Django Service"]
        end
        subgraph "Database Layer"
            DB_Master["db_container<br/>PostgreSQL Database"]
        end
    end
    subgraph "User Interface"
        Browser["Your Web Browser"]
    end
    
    BuildProcess["Build Process<br/>npm run build"]
    BuildFolder(("build/<br/>Static Files"))
    
    LocalBackend -.->|Live Sync via Volume| API_1
    LocalBackend -.->|Live Sync via Volume| API_2
    
    LocalFrontend --> BuildProcess
    BuildProcess --> BuildFolder
    BuildFolder -.->|Copied into image| Nginx
    
    Browser -->|localhost:80| Nginx
    Nginx -->|Serves Static React App| Browser
    Browser -->|API Calls to /api/*| Nginx
    Nginx -->|Load Balances Traffic| API_1
    Nginx -->|Load Balances Traffic| API_2
    
    API_1 -->|DB Connection| DB_Master
    API_2 -->|DB Connection| DB_Master
    
    classDef localCode fill:#e6f2ff,stroke:#333,stroke-width:2px,stroke-dasharray: 5 5
    classDef userInterface fill:#fff,stroke:#333,stroke-width:2px
    classDef nginx fill:#9f9,stroke:#333,stroke-width:2px
    classDef django fill:#9cf,stroke:#333,stroke-width:2px
    classDef database fill:#f99,stroke:#333,stroke-width:2px
    classDef buildProcess fill:#ffe6cc,stroke:#333,stroke-width:2px
    
    class LocalBackend,LocalFrontend localCode
    class Browser userInterface
    class Nginx nginx
    class API_1,API_2 django
    class DB_Master database
    class BuildProcess,BuildFolder buildProcess
```

### 1.9.3.1 LOCAL dev

```  mermaid
graph TD
    subgraph "Your Local File System"
        direction TB
        LocalBackend["Backend Source Code<br/>/backend folder"]
        LocalFrontend["Frontend Source Code<br/>/frontend folder"]
        DockerCompose["docker-compose.yml<br/>Container Orchestration"]
        EnvFiles[".env files<br/>Environment Configuration"]
        
        subgraph "Persistent Data (Host Bind Mounts)"
            PostgresData["./data/postgres/<br/>Database Files"]
            RedisData["./data/redis/<br/>Cache Files"]
            UploadsData["./data/uploads/<br/>User Files"]
        end
    end
    
    subgraph "Docker Environment"
        direction LR
        
        Client["client_container<br/>React Dev Server<br/>Port: 3000"]
        API["api_container<br/>Django + DRF<br/>Port: 8000"]
        DB["db_container<br/>PostgreSQL<br/>Port: 5432"]
        Redis["redis_container<br/>Cache & Sessions<br/>Port: 6379"]
        MailHog["mailhog_container<br/>Email Testing<br/>Port: 8025"]
    end
    
    subgraph "User Interface"
        Browser["Your Web Browser"]
        APIClient["API Documentation<br/>Swagger/ReDoc"]
        EmailUI["Email Testing UI<br/>MailHog Interface"]
    end
    
    %% Local to Container Connections
    LocalBackend -.->|Live Sync via Volume| API
    LocalFrontend -.->|Live Sync via Volume| Client
    DockerCompose -.->|Orchestrates| API
    DockerCompose -.->|Orchestrates| Client
    DockerCompose -.->|Orchestrates| DB
    DockerCompose -.->|Orchestrates| Redis
    DockerCompose -.->|Orchestrates| MailHog
    EnvFiles -.->|Config Injection| API
    EnvFiles -.->|Config Injection| DB
    EnvFiles -.->|Config Injection| Redis
    
    %% Persistent Storage Connections
    DB -.->|Data Bind Mount| PostgresData
    Redis -.->|Cache Bind Mount| RedisData
    API -.->|File Storage| UploadsData
    
    %% User Interface Connections
    Browser -->|localhost:3000| Client
    Browser -->|localhost:8000/api/docs| APIClient
    Browser -->|localhost:8025| EmailUI
    
    %% Container Interconnections
    Client -->|Proxies API calls to /api/*| API
    API -->|Database Queries| DB
    API -->|Caching & Sessions| Redis
    API -->|Email Services| MailHog
    
    %% Authentication & Authorization Flow
    API -->|JWT/Session Auth| Client
    API -->|Role-based Permissions| DB
    
    classDef localCode fill:#e6f2ff,stroke:#333,stroke-width:2px,stroke-dasharray: 5 5
    classDef userInterface fill:#fff,stroke:#333,stroke-width:2px
    classDef reactContainer fill:#f9f,stroke:#333,stroke-width:2px
    classDef djangoContainer fill:#9cf,stroke:#333,stroke-width:2px
    classDef dbContainer fill:#f99,stroke:#333,stroke-width:2px
    classDef redisContainer fill:#ff9,stroke:#333,stroke-width:2px
    classDef mailContainer fill:#9f9,stroke:#333,stroke-width:2px
    classDef storageContainer fill:#fcc,stroke:#333,stroke-width:2px
    classDef configFiles fill:#ccf,stroke:#333,stroke-width:2px
    
    class LocalBackend,LocalFrontend localCode
    class DockerCompose,EnvFiles configFiles
    class Browser,APIClient,EmailUI userInterface
    class Client reactContainer
    class API djangoContainer
    class DB dbContainer
    class Redis redisContainer
    class MailHog mailContainer
    class PostgresData,RedisData,UploadsData storageContainer
```

### 1.9.3.2 load balancing, multiple crm instances

``` mermaid
graph TD
    subgraph "Your Local File System"
        direction TB
        LocalBackend["Backend Source Code<br/>./backend folder"]
        LocalFrontend["Frontend Source Code<br/>./frontend folder"]
        DockerCompose["docker-compose.yml<br/>Container Orchestration"]
        EnvFiles[".env files<br/>Environment Configuration"]
        
        subgraph "Persistent Data (Host Bind Mounts)"
            PostgresData["./data/postgres/<br/>Database Files"]
            RedisData["./data/redis/<br/>Cache Files"]
            UploadsData["./data/uploads/<br/>User Files"]
        end
    end
    
    subgraph "Docker Environment"
        direction TB
        
        Nginx["nginx_container<br/>Load Balancer / API Gateway<br/>Port: 80"]
        
        subgraph "Application Services"
            direction LR
            API_1["api_container_1<br/>Django + DRF<br/>Port: 8001"]
            API_2["api_container_2<br/>Django + DRF<br/>Port: 8002"]
        end
        
        subgraph "Database & Cache Layer"
            direction LR
            DB["db_container<br/>PostgreSQL<br/>Port: 5432"]
            Redis["redis_container<br/>Cache & Sessions<br/>Port: 6379"]
        end
        
        subgraph "Development Services"
            direction LR
            ReactDev["react_dev_container<br/>React Dev Server<br/>Port: 3000"]
            MailHog["mailhog_container<br/>Email Testing<br/>Port: 8025"]
        end
    end
    
    subgraph "User Interface"
        Browser["Your Web Browser"]
        APIClient["API Documentation<br/>Swagger/ReDoc"]
        EmailUI["Email Testing UI<br/>MailHog Interface"]
    end
    
    %% Build Process
    BuildProcess["Build Process<br/>npm run build"]
    BuildFolder(("build/<br/>Static Files"))
    
    %% Local to Container Connections
    LocalBackend -.->|Live Sync via Volume| API_1
    LocalBackend -.->|Live Sync via Volume| API_2
    LocalFrontend -.->|Live Sync via Volume| ReactDev
    
    %% Build Process (Production Mode)
    LocalFrontend --> BuildProcess
    BuildProcess --> BuildFolder
    BuildFolder -.->|Copied into image| Nginx
    
    %% Persistent Storage Connections
    DB -.->|Data Bind Mount| PostgresData
    Redis -.->|Cache Bind Mount| RedisData
    API_1 -.->|File Storage| UploadsData
    API_2 -.->|File Storage| UploadsData
    
    %% User Interface Connections - Development Mode
    Browser -->|DEV: localhost:3000| ReactDev
    Browser -->|PROD: localhost:80| Nginx
    Browser -->|localhost:8001/api/docs| APIClient
    Browser -->|localhost:8025| EmailUI
    
    %% Load Balancing & Routing
    Nginx -->|Serves Static React App| Browser
    Browser -->|API Calls to /api/*| Nginx
    Nginx -->|Load Balances Traffic| API_1
    Nginx -->|Load Balances Traffic| API_2
    
    %% Development Direct Access
    ReactDev -->|Proxies API calls to /api/*| API_1
    
    %% Container Interconnections
    API_1 -->|Database Queries| DB
    API_2 -->|Database Queries| DB
    API_1 -->|Caching & Sessions| Redis
    API_2 -->|Caching & Sessions| Redis
    API_1 -->|Email Services| MailHog
    API_2 -->|Email Services| MailHog
    
    %% Authentication & Authorization Flow
    API_1 -->|JWT/Session Auth| ReactDev
    API_2 -->|JWT/Session Auth| Nginx
    API_1 -->|Role-based Permissions| DB
    API_2 -->|Role-based Permissions| DB
    
    classDef localCode fill:#e6f2ff,stroke:#333,stroke-width:2px,stroke-dasharray: 5 5
    classDef userInterface fill:#fff,stroke:#333,stroke-width:2px
    classDef nginx fill:#9f9,stroke:#333,stroke-width:2px
    classDef djangoContainer fill:#9cf,stroke:#333,stroke-width:2px
    classDef dbContainer fill:#f99,stroke:#333,stroke-width:2px
    classDef redisContainer fill:#ff9,stroke:#333,stroke-width:2px
    classDef mailContainer fill:#9f9,stroke:#333,stroke-width:2px
    classDef reactContainer fill:#f9f,stroke:#333,stroke-width:2px
    classDef storageContainer fill:#fcc,stroke:#333,stroke-width:2px
    classDef configFiles fill:#ccf,stroke:#333,stroke-width:2px
    classDef buildProcess fill:#ffe6cc,stroke:#333,stroke-width:2px
    
    class LocalBackend,LocalFrontend localCode
    class DockerCompose,EnvFiles configFiles
    class Browser,APIClient,EmailUI userInterface
    class Nginx nginx
    class API_1,API_2 djangoContainer
    class DB dbContainer
    class Redis redisContainer
    class MailHog mailContainer
    class ReactDev reactContainer
    class PostgresData,RedisData,UploadsData storageContainer
    class BuildProcess,BuildFolder buildProcess
```

## Steps. 1 MVP

```mermaid

graph TD
    subgraph "Developer's Host Machine"
        A[Developer] --> B[docker-compose.yml]
        A --> C[Backend Code<br/>./backend/]
        A --> D[Frontend Code<br/>./frontend/]
        A --> E[Terminal]
        E --> F[Docker Engine]
        
        subgraph "Host File System"
            M[./data/<br/>Persistent Storage]
        end
    end
    
    subgraph "Docker Environment"
        F --> G[docker-compose up command]
        G --> H[Reads configuration]
        H --> I[Creates Docker Network<br/>crm-network]
        
        subgraph "Frontend Service"
            J[Frontend Container<br/>React Dev Server<br/>Port: 3000]
            D -.->|Volume Mount| J
            D -.->|Hot Reload| J
        end
        
        subgraph "Backend Service"
            K[Backend Container<br/>Django Server<br/>Port: 8000]
            C -.->|Volume Mount| K
            C -.->|Auto Restart| K
        end
        
        subgraph "Database Service"
            L[Database Container<br/>PostgreSQL<br/>Port: 5432]
            M -.->|Volume Mount| L
        end
        
        I --> J
        I --> K
        I --> L
    end
    
    subgraph "User Interface"
        N[Web Browser]
        O[localhost:3000]
    end
    
    %% User Interaction Flow
    A --> N
    N --> O
    O --> J
    
    %% Service Communication
    J -->|API calls /api/*| K
    K -->|SQL queries| L
    
    %% Configuration Flow
    B -.->|Read by| H
    
    %% Styling
    classDef developer fill:#f9f,stroke:#333,stroke-width:2px
    classDef hostFile fill:#e6f2ff,stroke:#333,stroke-width:2px,stroke-dasharray: 5 5
    classDef dockerEngine fill:#ddd,stroke:#333,stroke-width:2px
    classDef network fill:#fff,stroke:#ccc,stroke-width:2px,stroke-dasharray: 3 3
    classDef frontend fill:#ccf,stroke:#333,stroke-width:2px
    classDef backend fill:#9cf,stroke:#333,stroke-width:2px
    classDef database fill:#9c9,stroke:#333,stroke-width:2px
    classDef browser fill:#ff9,stroke:#333,stroke-width:2px
    classDef storage fill:#fcc,stroke:#333,stroke-width:2px
    
    class A developer
    class B,C,D,E,F hostFile
    class G,H,I dockerEngine
    class J frontend
    class K backend
    class L database
    class N,O browser
    class M storage

```

Setup Phase (A-E):  

A: Developer prepares environment  
B: docker-compose.yml configuration  
C: Backend code ready  
D: Frontend code ready  
E: Terminal interface  

Execution Phase (F-I):  

F: Docker Engine activated  
G: docker-compose up command executed  
H: Configuration read  
I: Docker network created  

Container Phase (J-L):  

J: Frontend container starts  
K: Backend container starts  
L: Database container starts  

User Interaction (N-O):  

N: Browser opened  
O: Access localhost:3000

## Steps 2. Load balancer/Api gateaway. 2 backend instances.

``` mermaid
graph TD
    subgraph "Developer's Host Machine"
        A[Developer] --> B[docker-compose.yml]
        A --> C[Backend Source Code<br/>./backend/]
        A --> D[Frontend Source Code<br/>./frontend/]
        A --> E[Nginx Config<br/>./nginx/]
        A --> F[Terminal]
        
        subgraph "Host File System"
            DataFolder[./data/<br/>Persistent Storage]
        end
        
        subgraph "Build Process"
            G[npm run build]
            H[build/<br/>Static Files]
            D --> G
            G --> H
        end
    end
    
    subgraph "Docker Environment"
        F --> I[Docker Engine]
        I --> J[docker-compose up]
        J --> K[Creates Docker Network<br/>crm-network]
        
        subgraph "API Gateway/Load Balancer"
            M[nginx_container<br/>Reverse Proxy & Static Server<br/>Port: 80]
        end
        
        subgraph "Application Services"
            N[api_container_1<br/>Django Service<br/>Port: 8000]
            O[api_container_2<br/>Django Service<br/>Port: 8001]
        end
        
        subgraph "Database Layer"
            P[db_container<br/>PostgreSQL Database<br/>Port: 5432]
        end
        
        K --> M
        K --> N
        K --> O
        K --> P
    end
    
    subgraph "User Interface"
        Q[Web Browser]
        R[localhost:80]
    end
    
    %% Main Flow
    A --> Q
    Q --> R
    R --> M
    
    %% Service Communication
    M -->|Serves Static Files| Q
    Q -->|API Calls /api/*| M
    M -->|Load Balance| N
    M -->|Load Balance| O
    N -->|Database Query| P
    O -->|Database Query| P
    
    %% Key Volume Mounts (simplified)
    C -.->|Dev Volume Mount| N
    C -.->|Dev Volume Mount| O
    H -.->|Static Files| M
    DataFolder -.->|Data Volume| P
    
    %% Styling
    classDef developer fill:#f9f,stroke:#333,stroke-width:2px
    classDef hostFile fill:#e6f2ff,stroke:#333,stroke-width:2px,stroke-dasharray: 5 5
    classDef buildProcess fill:#ffe6cc,stroke:#333,stroke-width:2px
    classDef dockerEngine fill:#ddd,stroke:#333,stroke-width:2px
    classDef nginx fill:#9f9,stroke:#333,stroke-width:2px
    classDef django fill:#9cf,stroke:#333,stroke-width:2px
    classDef database fill:#f99,stroke:#333,stroke-width:2px
    classDef browser fill:#ff9,stroke:#333,stroke-width:2px
    classDef storage fill:#fcc,stroke:#333,stroke-width:2px
    
    class A developer
    class B,C,D,E,F hostFile
    class G,H buildProcess
    class I,J,K dockerEngine
    class M nginx
    class N,O django
    class P database
    class Q,R browser
    class DataFolder storage

```

Setup Phase (A-F):

A: Developer prepares environment  
B: docker-compose.yml configuration  
C: Backend code ready  
D: Frontend code ready  
E: Nginx configuration ready  
F: Terminal interface  

Build Phase (G-H):  

G: npm run build executed  
H: Static files generated  

Execution Phase (I-K):  

I: Docker Engine activated  
J: docker-compose up command executed  
K: Docker network created  

Container Phase (M-P):  

M: Nginx container starts (API Gateway/Load Balancer)  
N: Backend container 1 starts (Django Service)  
O: Backend container 2 starts (Django Service)  
P: Database container starts (PostgreSQL)  

User Interaction (Q-R):  

Q: Browser opened  
R: Access localhost:80  

Runtime Flow:  

Browser → Nginx (entry point)  
Nginx → Static files (React app served)  
Browser → Nginx (API calls to /api/*)  
Nginx → Backend containers (load balanced)  
Backend containers → Database (data queries)  

## Steps 3. Full local production, file uploadings, env configs, healths checks, logging

``` mermaid
graph TD
    subgraph "Developer's Host Machine"
        A[Developer] --> B[docker-compose.yml]
        A --> C[Backend Source Code<br/>./backend/]
        A --> D[Frontend Source Code<br/>./frontend/]
        A --> E[Nginx Config<br/>./nginx/]
        A --> F[Environment Files<br/>.env, .env.prod]
        A --> G[Terminal]
        
        subgraph "Host File System"
            DataFolder[./data/<br/>Database Storage]
            LogsFolder[./logs/<br/>Application Logs]
            UploadsFolder[./uploads/<br/>User Files]
        end
        
        subgraph "Build Process"
            H[npm run build]
            I[build/<br/>Static Files]
            D --> H
            H --> I
        end
    end
    
    subgraph "Docker Environment"
        G --> J[Docker Engine]
        J --> K[docker-compose up]
        K --> L[Creates Docker Network<br/>crm-network]
        
        subgraph "API Gateway/Load Balancer"
            M[nginx_container<br/>Reverse Proxy & Static Server<br/>Port: 80<br/>✓ Health Check]
        end
        
        subgraph "Application Services"
            N[api_container_1<br/>Django Service<br/>Port: 8000<br/>✓ Health Check]
            O[api_container_2<br/>Django Service<br/>Port: 8001<br/>✓ Health Check]
        end
        
        subgraph "Cache Layer"
            P[redis_container<br/>Redis Cache<br/>Port: 6379<br/>✓ Health Check]
        end
        
        subgraph "Database Layer"
            Q[db_container<br/>PostgreSQL Database<br/>Port: 5432<br/>✓ Health Check]
        end
        
        subgraph "Monitoring"
            R[Log Aggregation<br/>Container Logs]
        end
        
        L --> M
        L --> N
        L --> O
        L --> P
        L --> Q
        L --> R
    end
    
    subgraph "User Interface"
        S[Web Browser]
        T[localhost:80]
    end
    
    %% Main Flow
    A --> S
    S --> T
    T --> M
    
    %% Service Communication
    M -->|Serves Static Files| S
    S -->|API Calls /api/*| M
    M -->|Load Balance| N
    M -->|Load Balance| O
    N -->|Cache Operations| P
    O -->|Cache Operations| P
    N -->|Database Query| Q
    O -->|Database Query| Q
    N -->|File Upload Processing| UploadsFolder
    O -->|File Upload Processing| UploadsFolder
    
    %% Volume Mounts
    C -.->|Dev Volume Mount| N
    C -.->|Dev Volume Mount| O
    I -.->|Static Files| M
    DataFolder -.->|Data Volume| Q
    LogsFolder -.->|Log Volume| R
    UploadsFolder -.->|Upload Volume| N
    UploadsFolder -.->|Upload Volume| O
    F -.->|Environment Config| N
    F -.->|Environment Config| O
    
    %% Health Check Flow
    N -->|Health Status| R
    O -->|Health Status| R
    M -->|Health Status| R
    P -->|Health Status| R
    Q -->|Health Status| R
    
    %% Styling
    classDef developer fill:#f9f,stroke:#333,stroke-width:2px
    classDef hostFile fill:#e6f2ff,stroke:#333,stroke-width:2px,stroke-dasharray: 5 5
    classDef buildProcess fill:#ffe6cc,stroke:#333,stroke-width:2px
    classDef dockerEngine fill:#ddd,stroke:#333,stroke-width:2px
    classDef nginx fill:#9f9,stroke:#333,stroke-width:2px
    classDef django fill:#9cf,stroke:#333,stroke-width:2px
    classDef database fill:#f99,stroke:#333,stroke-width:2px
    classDef cache fill:#ff9,stroke:#333,stroke-width:2px
    classDef monitoring fill:#f9f9f9,stroke:#333,stroke-width:2px
    classDef browser fill:#ff9,stroke:#333,stroke-width:2px
    classDef storage fill:#fcc,stroke:#333,stroke-width:2px
    
    class A developer
    class B,C,D,E,F,G hostFile
    class H,I buildProcess
    class J,K,L dockerEngine
    class M nginx
    class N,O django
    class Q database
    class P cache
    class R monitoring
    class S,T browser
    class DataFolder,LogsFolder,UploadsFolder storage
```

Setup Phase (A-G):

A: Developer prepares environment
B: docker-compose.yml configuration
C: Backend code ready
D: Frontend code ready
E: Nginx configuration ready
F: Environment files (.env, .env.prod) ready
G: Terminal interface

Build Phase (H-I):

H: npm run build executed
I: Static files generated

Execution Phase (J-L):

J: Docker Engine activated
K: docker-compose up command executed
L: Docker network created

Container Phase (M-R):

M: Nginx container starts (API Gateway/Load Balancer) ✓ Health Check
N: Backend container 1 starts (Django Service) ✓ Health Check
O: Backend container 2 starts (Django Service) ✓ Health Check
P: Redis container starts (Cache Layer) ✓ Health Check
Q: Database container starts (PostgreSQL) ✓ Health Check
R: Log aggregation monitoring starts

User Interaction (S-T):

S: Browser opened
T: Access localhost:80

New Enterprise Features Added:

Redis Caching: Fast data retrieval and session management
File Upload Handling: Dedicated volume for user uploads
Environment Configs: Separate .env files for different environments
Health Checks: All containers monitor their own health status
Logging: Centralized log aggregation and monitoring

Key Volume Mounts:

Environment configs → Backend containers
Upload folder → Both backend containers
Logs folder → Monitoring system
Cache operations between backends and Redis

This architecture is now ready for production deployment with proper caching, file handling, monitoring, and health checks!

### Cloud migration

``` mermaid

graph TD
    subgraph "Local Development Environment"
        A[Developer] --> B[docker-compose.yml]
        A --> C[Backend Code]
        A --> D[Frontend Code]
        A --> E[Terminal]
        
        subgraph "Local Build Process"
            F[npm run build]
            G[Static Files]
            D --> F --> G
        end
        
        subgraph "Local Docker Environment"
            H[Docker Engine]
            I[docker-compose up]
            
            J[Nginx Container<br/>Port: 80]
            K[Backend Container 1<br/>Port: 8000]
            L[Backend Container 2<br/>Port: 8001]
            M[Redis Cache<br/>Port: 6379]
            N[PostgreSQL DB<br/>Port: 5432]
            
            E --> H --> I
            I --> J & K & L & M & N
            
            J --> K & L
            K --> M & N
            L --> M & N
        end
        
        subgraph "Local Access"
            O[Web Browser]
            P[localhost:80]
            O --> P --> J
        end
    end
    
    subgraph "CI/CD Pipeline"
        Q[GitHub Actions]
        R[Build Images]
        S[Run Tests]
        T[Push to Registry]
        
        C --> Q
        D --> Q
        Q --> R --> S --> T
    end
    
    subgraph "Cloud Infrastructure"
        subgraph "Container Registry"
            U[Docker Hub/<br/>ECR/ACR]
            T --> U
        end
        
        subgraph "Cloud Platform Options"
            V[AWS ECS/EKS]
            W[DigitalOcean Apps]
            X[Google Cloud Run]
            Y[Azure Container Instances]
        end
        
        subgraph "Managed Services"
            Z[Managed Database<br/>RDS/Cloud SQL]
            AA[File Storage<br/>S3/Cloud Storage]
            BB[Load Balancer<br/>ALB/Cloud LB]
            CC[DNS & SSL<br/>Route 53/CloudFlare]
        end
        
        subgraph "Production Containers"
            DD[Nginx Container<br/>Cloud Load Balanced]
            EE[Backend Container 1<br/>Auto-scaled]
            FF[Backend Container 2<br/>Auto-scaled]
            GG[Redis Cache<br/>Managed/Container]
        end
        
        U --> V & W & X & Y
        V --> DD & EE & FF & GG
        
        DD --> EE & FF
        EE --> GG & Z
        FF --> GG & Z
        
        BB --> DD
        CC --> BB
    end
    
    subgraph "Production Access"
        HH[Web Browser]
        II[domain.com]
        HH --> II --> CC
    end
    
    %% Migration Paths
    N -.->|Migrate Data| Z
    J -.->|Replace with| BB
    M -.->|Upgrade to| GG
    G -.->|Deploy to| AA
    
    %% Volume Mounts (Local)
    C -.->|Code Sync| K & L
    G -.->|Static Files| J
    
    %% Styling
    classDef local fill:#e6f2ff,stroke:#0066cc,stroke-width:2px
    classDef pipeline fill:#fff2e6,stroke:#ff6600,stroke-width:2px
    classDef cloud fill:#e6ffe6,stroke:#00cc00,stroke-width:2px
    classDef production fill:#ffe6f2,stroke:#cc0066,stroke-width:2px
    classDef migration fill:#f0f0f0,stroke:#666,stroke-width:2px,stroke-dasharray: 5 5
    
    class A,B,C,D,E,F,G,H,I,J,K,L,M,N,O,P local
    class Q,R,S,T,U pipeline
    class V,W,X,Y,Z,AA,BB,CC cloud
    class DD,EE,FF,GG,HH,II production

```  

Your Phase 3 architecture is excellent because it demonstrates several key principles of modern cloud migration:
Smart Migration Strategy:

Lift and Shift Approach: You're moving the exact same working architecture to the cloud, minimizing risk
Incremental Migration: Each component can be migrated independently (database first, then containers, etc.)
Proven Local Foundation: Everything works locally before touching cloud infrastructure

Key Migration Benefits:

Scalability: Auto-scaling containers replace fixed local containers
Reliability: Managed services (RDS, S3) provide better uptime than local services
Security: Cloud-native SSL, VPCs, and managed security
Maintenance: No more managing database updates, backups, or server maintenance

What Makes This Approach Effective:

Same Application Logic: Your Django API and React frontend remain unchanged
Consistent Container Architecture: Same Docker containers, just cloud-hosted
Familiar Deployment: CI/CD pipeline mirrors your local docker-compose workflow
Gradual Transition: Can run hybrid (some local, some cloud) during migration

Migration Path Priorities:

Database First: Migrate PostgreSQL to managed service (easiest to rollback)
Static Files: Move to S3/Cloud Storage
Containers: Deploy to cloud container services
Load Balancer: Replace Nginx with cloud load balancer
Domain & SSL: Final production setup

This is exactly how successful teams approach cloud migration - prove it works locally, then systematically move each piece to cloud infrastructure while maintaining the same architecture patterns.  


---------------- ----------------------  

Setup Phase (A-G): (Same as before)

A: Developer prepares environment
B: docker-compose.yml configuration
C: Backend code ready
D: Frontend code ready
E: Nginx configuration ready
F: Environment files (.env, .env.prod) ready
G: Terminal interface

Build Phase (H-I): (Same as before)

H: npm run build executed
I: Static files generated

Execution Phase (J-L): (Same as before)

J: Docker Engine activated
K: docker-compose up command executed
L: Docker network created

Container Phase (M-R): (Same as before)

M: Nginx container starts ✓ Health Check
N: Backend container 1 starts ✓ Health Check
O: Backend container 2 starts ✓ Health Check
P: Redis container starts ✓ Health Check
Q: Database container starts ✓ Health Check
R: Log aggregation monitoring starts

User Interaction (S-T): (Same as before)

S: Browser opened
T: Access localhost:80

Phase 3: Cloud Deployment (U-FF):
Cloud Platform Choice (U-X):

U: AWS ECS/EKS
V: DigitalOcean App Platform
W: Google Cloud Run
X: Azure Container Instances

Cloud Services (Y-CC):

Y: Managed Database (RDS/Cloud SQL)
Z: File Storage (S3/Cloud Storage)
AA: Load Balancer (ALB/Cloud Load Balancer)
BB: Container Registry (ECR/Docker Hub)
CC: Domain & SSL (Route 53/CloudFlare)

Deployment Pipeline (DD-FF):

DD: CI/CD Pipeline (GitHub Actions)
EE: Build & Push Images
FF: Deploy to Cloud

Migration Path:

Local PostgreSQL → Managed Database
Local file uploads → Cloud Storage
Local Nginx → Cloud Load Balancer
Docker images → Container Registry

This complete architecture now shows the full journey from local development to production cloud deployment!  

-------------------------- ------------------------------------  
Phase 3 is purely migration - we're taking the exact same architecture we built locally and moving it to the cloud. We're not adding new features or changing the application logic.
What we're migrating:

Local PostgreSQL → AWS RDS/Cloud SQL (same database, just managed)
Local file uploads → S3/Cloud Storage (same files, just cloud storage)
Local Nginx load balancer → Cloud Load Balancer (same load balancing, just cloud-native)
Docker containers → Cloud container services (same containers, just cloud-hosted)

What stays the same:

Backend code (Django API)
Frontend code (React app)
Redis caching
Container architecture
Service communication patterns
Load balancing logic

What changes:

Where it runs (cloud vs local)
How it's deployed (CI/CD vs docker-compose)
Infrastructure management (managed services vs self-hosted)
Scaling capabilities (auto-scaling vs manual)
Domain access (custom domain vs localhost)

So Phase 3 is essentially "lift and shift" - we're lifting our working local architecture and shifting it to cloud infrastructure for better scalability, reliability, and production readiness. The application itself remains identical from a user perspective.
This is actually a very common and smart approach - get it working locally first, then migrate to cloud rather than trying to build cloud-native from the start.

### refined

```mermaid
graph TD
    subgraph "User Domain"
        Client[Client Browser - SPA]
    end

    subgraph "Network Edge"
        CDN[CDN e.g., CloudFront] --> Client
        API_Gateway[API Gateway e.g., AWS API Gateway]
    end

    subgraph "Application Layer (AWS VPC - Private Subnets)"
        LB[Load Balancer e.g., ALB]
        CRM_Service_1[CRM Service Instance 1]
        CRM_Service_2[CRM Service Instance 2]
        CRM_Service_N[...]
        Cache[(Cache e.g., Redis/ElastiCache)]
        SecretsMgr[(Secrets Manager)]
        Monitoring[Monitoring & Logging e.g., CloudWatch]
    end

    subgraph "Data Layer (AWS VPC - Private Subnets)"
        DB_Primary[(Primary DB - PostgreSQL e.g., RDS)]
        DB_Standby[(Standby DB - PostgreSQL)]
        Backups[(Automated Backups e.g., S3)]
    end

    Client -- Static Assets --> CDN
    Client -- API Calls --> API_Gateway
    API_Gateway -- Routes Traffic --> LB
    LB -- Distributes Traffic --> CRM_Service_1
    LB -- Distributes Traffic --> CRM_Service_2
    LB -- Distributes Traffic --> CRM_Service_N

    CRM_Service_1 <--> Cache
    CRM_Service_2 <--> Cache
    CRM_Service_N <--> Cache

    CRM_Service_1 --> Monitoring
    CRM_Service_2 --> Monitoring
    CRM_Service_N --> Monitoring

    CRM_Service_1 -- Reads/Writes --> DB_Primary
    CRM_Service_2 -- Reads/Writes --> DB_Primary
    CRM_Service_N -- Reads/Writes --> DB_Primary

    CRM_Service_1 -- Reads Secrets --> SecretsMgr
    CRM_Service_2 -- Reads Secrets --> SecretsMgr
    CRM_Service_N -- Reads Secrets --> SecretsMgr

    DB_Primary -- Replicates --> DB_Standby
    DB_Primary -- Backs up --> Backups

    %% Styling (Optional)
    style Client fill:#f9f,stroke:#333,stroke-width:2px
    style CDN fill:#ff9,stroke:#333,stroke-width:1px
    style API_Gateway fill:#ccf,stroke:#333,stroke-width:2px
    style LB fill:#cff,stroke:#333,stroke-width:1px
    style CRM_Service_1 fill:#9cf,stroke:#333,stroke-width:2px
    style CRM_Service_2 fill:#9cf,stroke:#333,stroke-width:2px
    style CRM_Service_N fill:#9cf,stroke:#333,stroke-width:2px
    style Cache fill:#f99,stroke:#333,stroke-width:1px
    style SecretsMgr fill:#f99,stroke:#333,stroke-width:1px
    style Monitoring fill:#f99,stroke:#333,stroke-width:1px
    style DB_Primary fill:#9c9,stroke:#333,stroke-width:2px
    style DB_Standby fill:#9c9,stroke:#333,stroke-width:1px
    style Backups fill:#9c9,stroke:#333,stroke-width:1px

```

### MVP steps

```mermaid
graph TD
    subgraph "User Domain"
        Client[Client Browser - SPA]
    end

    subgraph "Network Edge"
        API_Gateway[API Gateway e.g., AWS API Gateway]
    end

    subgraph "Application Layer (AWS VPC - Private Subnets)"
        CRM_Service_1[CRM Service Instance 1]
        SecretsMgr[(Secrets Manager)]
        Monitoring[Basic Monitoring & Logging e.g., CloudWatch]
    end

    subgraph "Data Layer (AWS VPC - Private Subnets)"
        DB_Primary[(Primary DB - PostgreSQL e.g., RDS Single-AZ)]
        Backups[(Automated Backups e.g., S3)]
    end

    Client -- API Calls --> API_Gateway
    API_Gateway -- Routes Traffic --> CRM_Service_1

    CRM_Service_1 --> Monitoring
    CRM_Service_1 -- Reads/Writes --> DB_Primary
    CRM_Service_1 -- Reads Secrets --> SecretsMgr

    DB_Primary -- Backs up --> Backups

    %% Styling (Optional)
    style Client fill:#f9f,stroke:#333,stroke-width:2px
    style API_Gateway fill:#ccf,stroke:#333,stroke-width:2px
    style CRM_Service_1 fill:#9cf,stroke:#333,stroke-width:2px
    style SecretsMgr fill:#f99,stroke:#333,stroke-width:1px
    style Monitoring fill:#f99,stroke:#333,stroke-width:1px
    style DB_Primary fill:#9c9,stroke:#333,stroke-width:2px
    style Backups fill:#9c9,stroke:#333,stroke-width:1px
```

## After MVP implementation

``` mermaid
graph TD
    subgraph "Phase 1: MVP (Current)"
        MVP["✅ React + Django + PostgreSQL<br/>✅ Basic CRM features<br/>✅ Local development"]
    end
    
    subgraph "Phase 2: Local Production Simulation"
        direction TB
        LocalEnhanced["🔧 Add Locally:<br/>• Nginx load balancer<br/>• Multiple API instances<br/>• Redis caching<br/>• File upload handling<br/>• Environment configs<br/>• Health checks<br/>• Logging"]
        
        LocalTesting["🧪 Test Locally:<br/>• Load testing<br/>• Container failures<br/>• Database connections<br/>• File uploads<br/>• Cache performance"]
    end
    
    subgraph "Phase 3: Cloud Deployment"
        direction TB
        CloudChoice["☁️ Choose Cloud Platform:<br/>• AWS (ECS/EKS)<br/>• DigitalOcean (App Platform)<br/>• Google Cloud (Cloud Run)<br/>• Azure (Container Instances)"]
        
        CloudServices["🏗️ Cloud Services:<br/>• Managed Database (RDS/Cloud SQL)<br/>• File Storage (S3/Cloud Storage)<br/>• Load Balancer (ALB/Cloud Load Balancer)<br/>• Container Registry<br/>• Domain & SSL"]
    end
    
    subgraph "Phase 4: Production Optimization"
        direction TB
        Monitoring["📊 Add Monitoring:<br/>• Application logs<br/>• Performance metrics<br/>• Error tracking<br/>• Uptime monitoring"]
        
        Scaling["🚀 Auto-scaling:<br/>• Horizontal pod autoscaling<br/>• Database scaling<br/>• CDN for static files<br/>• Multi-region deployment"]
    end
    
    MVP --> LocalEnhanced
    LocalEnhanced --> LocalTesting
    LocalTesting --> CloudChoice
    CloudChoice --> CloudServices
    CloudServices --> Monitoring
    Monitoring --> Scaling
    
    classDef currentPhase fill:#e6f7ff,stroke:#0066cc,stroke-width:3px
    classDef nextPhase fill:#fff2e6,stroke:#ff8800,stroke-width:2px
    classDef futurePhase fill:#f0f8f0,stroke:#00aa00,stroke-width:2px
    classDef finalPhase fill:#ffeef0,stroke:#cc0066,stroke-width:2px
    
    class MVP currentPhase
    class LocalEnhanced,LocalTesting nextPhase
    class CloudChoice,CloudServices futurePhase
    class Monitoring,Scaling finalPhase

```

### 1.9.3 Sync dB data

The Role of the Docker Volume

In our `docker-compose.yml` file, we have this crucial section for the database service:

```yaml
services:
  db:
    image: postgres:15-alpine
    volumes:
      - postgres_data:/var/lib/postgresql/data/
```

*   **What this line does:** It tells Docker, "Create a special managed folder on this computer's hard drive called `postgres_data`, and make sure the data directory *inside the PostgreSQL container* is always synced with it."

*   **The Consequence:** The database's data files physically live on the hard drive of the computer where you run `docker-compose up`.

**Analogy:** Think of your `crm-project` code (managed by Git) as a set of **blueprints** for a house. Think of the database data (managed by the Docker Volume) as the **physical furniture** inside the house.

*   **On Computer A:** You use the blueprints (`git clone`) to build a house. You then run `docker-compose up`, which is like buying and arranging all new furniture. You add an `Account` record—this is like putting a new chair in the living room.
*   **On Computer B:** You use the *same blueprints* (`git clone`) to build an identical house. You run `docker-compose up`, which buys and arranges its own separate set of new, empty furniture. The house is empty. The chair you added on Computer A does not magically appear here.

The database data is **state**, and it is **local** to the machine running the Docker containers. It is **not** part of your Git repository and is not shared when you clone the code.

---

So, How Do You Sync Your Development Data?

This is the real question. What if you've added 20 test accounts on Computer A and you want to have that same data on Computer B to continue your work?

You have two professional ways to handle this:

**Method 1: Database Seeding (The Clean Slate Approach)**

This is the best practice for creating a consistent starting point. You write a script that populates the database with a standard set of fake data. In Django, this is often done with a **data migration** or a custom management command.

*   **Workflow:**
    1.  On Computer B, you run `docker-compose up --build`. This creates a fresh, **empty** database.
    2.  You then run a command like `docker-compose exec api python manage.py seed_database`.
    3.  This script runs and creates your standard 10 users, 20 accounts, 50 contacts, etc.
*   **Best For:** Starting fresh on a new machine or for running automated tests that require a predictable database state.

**Method 2: Backup and Restore (The Exact Clone Approach)**

This is what you do when you need to transfer the *exact current state* of your database from one machine to another.

*   **Workflow:**
    1.  **On Computer A (Source):** Run a `pg_dump` command to create a backup file of your database.
        ```bash
        # This command connects to the running 'db' container and dumps its contents to a file
        docker-compose exec -T db pg_dump -U crm_user -d crm_db > crm_backup.sql
        ```
        You now have a file named `crm_backup.sql` on Computer A.

    2.  **Transfer the File:** Copy `crm_backup.sql` from Computer A to Computer B (using a USB drive, cloud storage, network share, etc.).

    3.  **On Computer B (Destination):**
        *   Start with a fresh, empty database by running `docker-compose up -d`.
        *   Run a `psql` command to restore the data from your backup file.
        ```bash
        # This command pipes the contents of your backup file into the 'db' container's psql client
        cat crm_backup.sql | docker-compose exec -T db psql -U crm_user -d crm_db
        ```

*   **Best For:** Cloning a complex development environment to debug a specific data-related issue, or for moving your exact work-in-progress to a new machine.

**Conclusion:** The database for your project is always local to the machine you are working on. This is intentional and good practice. You use **seeding** for creating a clean, consistent state and **backup/restore** for cloning an exact state between machines.

## Core Concept Choices for the CRM Application

| Core Concept | MVP Choice & Rationale | Full Version / Future Enhancement |
| :--- | :--- | :--- |
| **1. Networking (Protocols)** | **RESTful API over HTTPS.** This is the universal standard for communication between a web frontend (React) and a backend (Django). It's stateless, well-understood, and perfectly suited for the CRUD (Create, Read, Update, Delete) operations that form the backbone of our CRM. HTTPS is non-negotiable for security. | **WebSockets (for real-time notifications).** In a future version, if we want to implement features like "User A just updated an Opportunity you are viewing," we would add a WebSocket connection to push live updates from the server to the client without needing a page refresh. |
| **2. Databases** | **Relational (SQL) - specifically PostgreSQL.** Our data is highly structured and interconnected (Accounts have Contacts, Orders have Payments). A relational database is the only choice that provides the essential features we need: **Transactional Integrity (ACID)** for complex operations like Lead Conversion, and **Data Integrity** through foreign key constraints to prevent orphaned records. | **No change needed.** A well-designed PostgreSQL database can scale to handle millions of records. We might introduce a **Read Replica** (as discussed in our scaled-up architecture) to handle heavy reporting loads, but the core database will remain relational. |
| **3. Caching** | **None.** For an MVP with 1-5 users, the database will be incredibly fast. Adding a cache now would introduce significant complexity (especially cache invalidation) for no real performance benefit. Our performance NFRs will be met with efficient database queries and proper indexing. | **Redis Cache.** In a future version with more users or complex dashboards, we would introduce Redis to cache the results of expensive queries. For example, the 12-month retainer report or a dashboard with many KPIs would be perfect candidates for caching with a 1-hour expiration. |
| **4. Asynchronous Processing** | **None (Synchronous Operations Only).** For the MVP, all operations will happen within the request-response cycle. An action like "Generate Order" will complete before the user gets a response. For a small-scale app, this is simpler and more reliable to build initially. | **Task Queue (Celery with Redis/RabbitMQ).** For slow operations that shouldn't block the user, we would add a background job system. Examples: sending notification emails, generating a large PDF report, or syncing data with another service. This makes the UI feel much faster. |
| **5. Load Balancing** | **None (Single Application Server).** The initial deployment will run on a single server (e.g., one Docker container on an EC2 instance or a Heroku dyno). This is the simplest and most cost-effective deployment for a small user base. | **Application Load Balancer (e.g., AWS ALB).** When we need to scale for more users or achieve high availability, we will run multiple instances of our Django application container. A load balancer will sit in front of them to distribute traffic, providing both scalability and fault tolerance. |
| **6. Data Ingestion** | **Not Applicable (User-Driven Data Entry).** This concept is about processing large volumes of data from external sources. Our CRM is a transactional system where data is created one record at a time by users typing into forms. | **Batch Processing (for future features).** If we were to build an "Import from CSV" feature for Leads or Contacts, that would be a form of **batch processing**. This would likely be implemented as an asynchronous background job using Celery to handle parsing the file without tying up the web server. |
| **7. Security** | **Implemented from Day 1 (Non-Negotiable).** This is not an enhancement; it's a core requirement. <br> - **Authentication:** JWTs. <br> - **Authorization:** Role-Based Access Control (RBAC) in the Django backend. <br> - **Encryption:** HTTPS for data in transit, `bcrypt` for hashing passwords at rest. | **Enhanced Auditing and Permissions.** A future version would likely expand on this with more granular permissions (e.g., user-level permissions, not just roles) and a detailed **audit trail** table that logs every significant change made to a record (`CREATE`, `UPDATE`, `DELETE`). |

### Key Technology Choices for the CRM Application

**1. Databases**

*   **Our Choice:** **Relational (SQL) Database - PostgreSQL.**
*   **Why It's the Right Fit for Our CRM:**
    *   **Relational Data Model:** Our CRM data is fundamentally relational. `Accounts` have `Contacts`, `Orders` have `Payments`, and these relationships must be strictly enforced. A relational database is built for this.
    *   **Data Integrity & Durability (NFR):** PostgreSQL is ACID-compliant, which is essential for our transactional workflows like `Lead Conversion` and `Generate Order`. It guarantees that these multi-step operations either complete fully or fail completely, preventing data corruption. Foreign key constraints ensure we can't have "orphaned" records (like a `Payment` without an `Order`).
    *   **Why Not NoSQL?** A NoSQL database (like MongoDB) is optimized for unstructured or semi-structured data and horizontal scaling for massive datasets. Our data is highly structured, and our scale does not warrant the complexity or the loss of transactional guarantees that come with NoSQL.
*   **Future Evolution (V2 and Beyond):**
    *   The core database will remain PostgreSQL. To handle increased read traffic (e.g., from many users running reports), we would introduce one or more **Read Replicas**. The application would be configured to send all write operations to the primary database and distribute read operations across the replicas.

**2. Caches**

*   **Our Choice (MVP):** **None.**
*   **Why It's the Right Fit for Our CRM:**
    *   **Avoids Premature Optimization:** For our initial user base (1-5 users), the performance of a well-indexed PostgreSQL database will be more than sufficient to meet our performance NFRs (<3 second load times).
    *   **Reduces Complexity:** Introducing a cache adds significant complexity, primarily around **cache invalidation** (ensuring the cache is updated or cleared when the source data changes). For the MVP, this complexity is an unnecessary risk.
*   **Future Evolution (V2 and Beyond):**
    *   We would introduce a **Redis Cache** using the **cache-aside pattern**.
    *   **Use Cases:** Caching the results of expensive, frequently accessed queries like the 12-month retainer report, dashboard KPIs, or user permission checks. This would dramatically reduce database load and improve perceived performance.

**3. Message Queues (Asynchronous Processing)**

*   **Our Choice (MVP):** **None.** All API operations will be synchronous.
*   **Why It's the Right Fit for Our CRM:**
    *   **Simplicity:** The MVP workflows do not contain any operations that are so slow that they would unacceptably block the user's UI. A synchronous approach is simpler to build, debug, and manage initially.
*   **Future Evolution (V2 and Beyond):**
    *   We would introduce a task queue system like **Celery** with **Redis** or **RabbitMQ** as the message broker.
    *   **Use Cases:** Offloading tasks from the request-response cycle to improve UI responsiveness. Examples include: sending email notifications, generating large PDF reports, or handling webhook integrations from third-party services like Stripe.

**4. Load Balancers**

*   **Our Choice (MVP):** **None** for the initial local setup and single-server deployment.
*   **Why It's the Right Fit for Our CRM:**
    *   A single application server is sufficient for the initial user load and is the simplest deployment model.
*   **Future Evolution (V2 and Beyond):**
    *   An **Application Load Balancer (e.g., AWS ALB)** is a core component of our "Hardened" production architecture.
    *   **Use Cases:** To achieve high availability (fault tolerance) and horizontal scalability. The load balancer would distribute incoming API requests across multiple running instances of our Django application container.

**5. Search Engines**

*   **Our Choice (MVP):** **Database Search.**
*   **Why It's the Right Fit for Our CRM:**
    *   For the MVP's data scale, PostgreSQL's built-in search capabilities are powerful enough. We can use simple `LIKE` queries for basic searches and enable the `pg_trgm` extension for more advanced, faster text search capabilities on indexed columns.
*   **Future Evolution (V2 and Beyond):**
    *   We would introduce a dedicated search engine like **Elasticsearch** or **OpenSearch**.
    *   **Use Cases:** To power a global, "Google-like" search bar that can instantly search for a term across multiple fields and multiple entities simultaneously (e.g., find "Innovate" in an Account name, a Contact's email, and an Opportunity's description all at once).

**6. Containerization**

*   **Our Choice (MVP):** **Docker and Docker Compose from Day 1.**
*   **Why It's the Right Fit for Our CRM:**
    *   **Consistency (Operability NFR):** It guarantees that the environment running on your local machine is identical to the one that will run in production, eliminating "it works on my machine" problems.
    *   **Dependency Management:** It encapsulates all dependencies (Python version, Django version, system libraries) within the container, simplifying setup for any developer.
    *   **Simplified Deployment:** Containerization is the foundation of modern cloud deployment, making the transition from local development to a scalable cloud environment seamless.

**7. Cloud Providers**

*   **Our Choice (MVP):** Not yet deployed, but the architecture is designed for the cloud.
*   **Future Evolution (V2 and Beyond):**
    *   We would deploy our containerized application to a major cloud provider like **Amazon Web Services (AWS)**.
    *   **Specific Services:**
        *   **EC2 (Elastic Compute Cloud):** To run our Django and Nginx Docker containers.
        *   **RDS (Relational Database Service):** To run our PostgreSQL database as a managed service, handling backups, patching, and failover.
        *   **ElastiCache:** To run Redis as a managed cache and message broker.
        *   **S3 (Simple Storage Service):** To handle file uploads for attachments.

### Architecture Design

*   **System Architecture:** Decide on monolithic vs. microservices (or a hybrid). Consider trade-offs (complexity, scalability, deployment independence).

Monolith

### Security Design: Think about security from the start (OWASP Top 10)

### Scalability and Performance Design for the CRM

Checks steps notebook

### 2 Implementation/Development/Build phase



### 2.1Set Up Development Environment & Tooling  


### Write clean, mantainable code

### Frontend Development Best Practices  

### Backend Development Best Practices  

### Code reviews


### 3.Phase 3: Testing  


###  Automate Testing (CI)  

### Phase 4: Deployment & Operations*  

#### Automate deployments (CD)

### Monitoring, Logging, and Alerting

### Documentation  

### Maintenance & Iteration  

### When is the right time to introduce all these tools and processes?


**Phase 1: Right from the Start (Day 0 / Week 1) - The Non-Negotiable Foundation**

*   **Git (Version Control):** **Absolutely Day 0.** There's no modern development without it. The overhead is minimal, and the benefits (history, collaboration, branching, rollback) are immediate and essential.
*   **Linters / Formatters / Pre-commit Hooks:** **Very early (Day 1-3).** The effort to set up Black, Flake8, Prettier, ESLint, and pre-commit hooks is *very low*. The immediate benefit is huge: consistent code style across the team (even if it's just one person initially), catching trivial errors automatically, and reducing noise in code reviews. This saves time *immediately*.
*   **Docker & Docker Compose (Local Dev):** **Strongly recommend starting Week 1.**
    *   **Why now?** While it *seems* faster to install Python/Node/Postgres locally, the risk of the "works on my machine" problem is high. Debugging environment inconsistencies later is *much* more time-consuming than the initial Docker setup. It ensures everyone (including future you or new hires) has the *exact* same environment with one command (`docker-compose up`). It also makes CI setup easier later as you already have Dockerfiles.
    *   **Trade-off:** Small learning curve if new to Docker, but the payoff in consistency and reduced future debugging is massive for a full-stack app.
*   **Basic README:** **Day 1.** How to set up and run the project locally. Essential for anyone touching the code.
*   **Secrets Management (Conceptual):** **Day 1.** Decide *how* secrets will be handled (environment variables, `.env` file locally, Secrets Manager in cloud). **Never commit secrets.** Implement the actual Secrets Manager integration when deploying.
*   **Unit Tests (Start Writing):** **As soon as you write the first piece of non-trivial logic.** Don't wait. Writing tests alongside code provides immediate feedback, prevents regressions from the start, and encourages better code design.

**Phase 2: Early Development (First Few Weeks) - Building Quality In**

*   **CI Pipeline (Linting, Unit Tests, Integration Tests):** **Set this up as soon as you have tests to run.** The value is automating the checks you're already doing locally. It ensures every PR is validated automatically, providing a crucial quality gate before merging. Start simple (lint + test jobs).
*   **Integration Tests:** Start writing these **as components begin interacting** (e.g., API endpoint + DB, frontend component + mocked API). They verify the connections between units.
*   **Code Reviews:** **Implement from the first Pull Request.** This is fundamental for quality, knowledge sharing, and consistency, even in a small team (review each other's code, or do thorough self-review if solo).
*   **API Contract (OpenAPI - Basic):** Start drafting the basic structure **as you design/implement the first API endpoints.** It doesn't need every detail initially, but defining paths, methods, and basic request/response shapes early clarifies the contract.

**Phase 3: Preparing for First Deployment (Staging) - Operational Readiness**

*   **IaC (Terraform - Basic):** Start using this **when you provision the first cloud resources** for a staging environment. Define the minimal setup (API Gateway, single compute instance, managed DB, secrets). It's much easier than managing manually and crucial for reproducibility.
*   **CD Pipeline (Deploy to Staging):** Automate deployment to a staging environment **once the CI pipeline is stable and you have something deployable.** This makes testing consistent and reduces manual deployment errors.
*   **Centralized Logging (Basic):** Configure structured logging and ensure logs are sent to a central place (e.g., CloudWatch Logs) **when deploying to staging.** Essential for troubleshooting in a non-local environment.
*   **Monitoring (Basic):** Set up basic infrastructure metrics (CPU, memory) and maybe API Gateway error/latency metrics **when deploying to staging.** Know if your deployed app is up and responsive.
*   **API Contract (OpenAPI - Detailed):** Flesh out the details (schemas, error codes, examples) **before or during the implementation of corresponding endpoints** to ensure accuracy. Generate documentation from it.

**Phase 4: Post-Launch / Maturing - Enhancing & Optimizing**

*   **E2E Tests:** Introduce these **once key user flows are stable**, likely around the first production release or shortly after. Focus on critical paths.
*   **Alerting:** Set up alerts based on metrics/logs **once you have baseline data from production** and understand normal operating parameters. Start with critical alerts (app down, high error rate).
*   **Advanced Monitoring (APM):** Consider adding APM **if you encounter performance issues you can't easily diagnose** with logs/metrics, or if you need deeper request tracing.
*   **Load Testing:** Perform **before significant expected load increases** or if users report performance degradation under normal load.
*   **Advanced Caching / Async Processing:** Implement these **only when performance monitoring indicates a clear need** and bottleneck (e.g., specific slow queries, API endpoints timing out). Don't add this complexity prematurely.
*   **Dependency Update Process:** Formalize the review/testing of dependency updates **once the application is stable in production.**

**Why not skip tests if it "works fine"?**

This is addressed in the previous answer, but the core reasons are: **preventing regressions** (things break unexpectedly when you change other things), **enabling safe refactoring**, **faster feedback during development**, **documentation**, and **handling edge cases**. Manual testing doesn't scale and misses things. Tests are the **safety net and quality guarantee** over the *lifetime* of the project.

**Conclusion:**

It's not about using *every* tool to its *maximum* complexity from Day 1. It's about layering practices appropriately:

1.  **Start with the foundation:** Git, Docker, Linters, basic Unit Tests.
2.  **Build quality in early:** CI, Integration Tests, Code Reviews, basic API contract.
3.  **Prepare for operations:** IaC, CD to Staging, basic Logging/Monitoring, detailed API contract.
4.  **Enhance based on need:** E2E tests, Alerting, APM, Load Testing, advanced performance optimizations.

This phased approach introduces complexity gradually, ensuring each step provides tangible value without overwhelming the development process initially.


### Tuts


**Phase 1: Foundational Web & Data Concepts (Essential Prerequisite)**

*These bridge the gap between basic programming and web application development.*

1.  **Web Fundamentals (HTTP, HTML, CSS):**
    *   **Goal:** Understand how browsers talk to servers and how web pages are structured/styled.
    *   **Topics:** HTTP Request/Response cycle, Methods (GET, POST, PUT, PATCH, DELETE), Status Codes (200, 201, 404, 500 etc.), Headers. Basic HTML tags (div, span, form, input, button, etc.), Basic CSS selectors, properties (layout like Flexbox/Grid is helpful).
    *   **Resources:** MDN Web Docs (Introduction to HTML, CSS basics, HTTP overview). You don't need to be a CSS expert, but understand the basics for React.

2.  **Basic Relational Database & SQL Concepts:**
    *   **Goal:** Understand how data is stored relationally, even though Django's ORM will abstract much of the SQL.
    *   **Topics:** Tables, Columns, Rows, Data Types (integer, varchar, boolean, date, etc.), Primary Keys, Foreign Keys, Basic SQL queries (SELECT, INSERT, UPDATE, DELETE), JOINs (conceptual understanding).
    *   **Resources:** Khan Academy SQL course, Codecademy SQL course (free parts), Mode Analytics SQL Tutorial. Focus on concepts over complex query writing.

3.  **REST API Concepts:**
    *   **Goal:** Understand the principles behind the API you'll be building and consuming.
    *   **Topics:** What is an API? REST principles (Statelessness, Resources, Representations), Endpoints, JSON data format, using HTTP verbs correctly.
    *   **Resources:** Search for "Introduction to REST APIs" tutorials (many good articles and videos exist).

4.  **Git Basics:**
    *   **Goal:** Manage your code effectively.
    *   **Topics:** Repositories, `clone`, `add`, `commit`, `push`, `pull`, `branch`, `merge`. Understanding Pull Requests on GitHub.
    *   **Resources:** GitHub's own guides, Atlassian Git tutorials, interactive tutorials like "Learn Git Branching".

**Phase 2: Backend Development (Django & DRF)**

*), JOINs (conceptual understanding).
    *   **Resources:** Khan Academy SQL course, Codecademy SQL course (free parts), Mode Analytics SQL Tutorial. Focus on concepts over complex query writing.

3.  **REST API Concepts:**
    *   **Goal:** Understand the principles behind the API you'll be building and consuming.
    *   **Topics:** What is an API? REST principles (Statelessness, Resources, Representations), Endpoints, JSON data format, using HTTP verbs correctly.
    *   **Resources:** Search for "Introduction to REST APIs" tutorials (many good articles and videos exist).

4.  **Git Basics:**
    *   **Goal:** Manage your code effectively.
    *   **Topics:** Repositories, `clone`, `add`, `commit`, `push`, `pull`, `branch`, `merge`. Understanding Pull Requests on GitHub.
    *   **Resources:** GitHub's own guides, Atlassian Git tutorials, interactive tutorials like "Learn Git Branching".

**Phase 2: Backend Development (Django & DRF)**

*Focus on building the API server.*

5.  **Official Django Tutorial (Polls App):**
    *   **Goal:** Learn the fundamentals of the Django framework. **This is crucial.**
    *   **Topics Covered:** Project/App structure, Models (defining database tables in Python), Migrations (applying model changes to the database), Views (handling requests), Templates (less critical for API-only backend, but good context), URL routing, Forms (important for validation concepts), the Admin interface. Pay close attention to the ORM (QuerySets).
    *   **Resource:** The official Django documentation tutorial. Work through it step-by-step.

6.  **Official Django REST Framework (DRF) Tutorial:**
    *   **Goal:** Learn how to build REST APIs specifically using Django. **Equally crucial.**
    *   **Topics Covered:** Serializers (converting data between Python objects and JSON), ModelSerializers (automating serialization based on Django models), Views/ViewSets (specifically APIView, Generic Views, ViewSets, ModelViewSet), Routers (automating URL generation for ViewSets), Authentication (TokenAuthentication), Permissions.
    *   **Resource:** The official DRF documentation tutorial.

**Phase 3: Frontend Development (React)**

*Focus on building the user interface.*

7.  **Official React Tutorial (Tic-Tac-Toe) or Main Concepts:**
    *   **Goal:** Learn the fundamentals of the React library.
    *   **Topics Covered:** Components (functional components preferred), JSX, Props, State (`useState` hook), Handling Events, Conditional Rendering, Lists and Keys, Composition.
    *   **Resource:** The official React documentation tutorial and "Main Concepts" section.

8.  **React Hooks (Beyond `useState`):**
    *   **Goal:** Understand essential hooks for managing side effects and state.
    *   **Topics:** `useEffect` (crucial for fetching data from your API), `useContext` (for state management, optional initially).
    *   **Resource:** Official React documentation on Hooks.

9.  **Making API Calls from React:**
    *   **Goal:** Learn how to fetch data from your Django/DRF backend.
    *   **Topics:** Using the browser's `fetch` API or a library like `axios` within `useEffect` to make GET, POST, PATCH, DELETE requests to your API endpoints. Handling loading states and errors.
    *   **Resource:** Many tutorials online for "React fetch data" or "React axios tutorial".

10. **React Router:**
    *   **Goal:** Implement client-side navigation between different views/pages in your SPA.
    *   **Topics:** Basic routing setup, `Link` component, dynamic routes (e.g., `/accounts/:accountId`).
    *   **Resource:** Official React Router documentation/tutorial.

**Phase 4: Development Environment & Workflow**

*Focus on setting up a consistent and efficient local environment.*

11. **Docker Basics:**
    *   **Goal:** Understand containers and how to define them.
    *   **Topics:** Images vs. Containers, basic Docker commands (`build`, `run`, `ps`, `stop`), writing a simple `Dockerfile`.
    *   **Resource:** Official Docker "Get Started" guide.

12. **Docker Compose:**
    *   **Goal:** Define and run multi-container applications (backend + frontend + database). **Very important for this project.**
    *   **Topics:** Writing a `docker-compose.yml` file, defining services, linking services (networking), using volumes (for code mounting), environment variables.
    *   **Resource:** Official Docker Compose documentation and tutorials.

**Phase 5: Deployment Concepts (Learn as you approach deployment)**

*No need to master these before starting implementation, but be aware of them.*

13. **Basic Cloud Concepts (AWS):** Understand VMs (EC2), Managed Databases (RDS), Containers (ECS/App Runner), Object Storage (S3), API Gateway basics.
14. **Basic CI/CD Concepts (GitHub Actions):** Understand workflows, jobs, steps, triggers.
15. **Basic IaC Concepts (Terraform):** Understand providers, resources, state.

**Summary of Priority:**

1.  **Fundamentals:** Web/HTTP, Relational DB/SQL Concepts, REST, Git.
2.  **Backend:** Django Tutorial, DRF Tutorial.
3.  **Frontend:** React Tutorial, Hooks (`useEffect`), API Calls, React Router.
4.  **Dev Env:** Docker & Docker Compose Tutorials.
5.  **Deployment Concepts:** Learn these later when needed.


### Updated MVP Architecture Diagram (with Tools/Processes)

This version shows the initial deployment structure, emphasizing how the application gets deployed and how infrastructure is managed, even for the simpler setup.

```mermaid

graph TD
    subgraph "Development & Deployment Tools"
        Developer[Developer Workstation w/ Docker] -- Pushes Code --> GitHub[GitHub Repo]
        GitHub -- Triggers --> CI_CD[GitHub Actions CI/CD Pipeline]
        CI_CD -- Builds & Pushes Image --> ECR[AWS ECR - Container Registry]
        CI_CD -- Deploys App --> AppRunner[AWS App Runner - CRM Service Container]
        IaC[Terraform Code in GitHub] -- Provisions/Manages --> AWS_Resources[AWS Resources via API]
    end

    subgraph "User Domain"
        Client[Client Browser - SPA]
    end

    subgraph "AWS Cloud Environment (Managed by Terraform)"
        subgraph "Network Edge"
            API_Gateway[API Gateway]
            S3_Static[S3 Bucket - Static Frontend Assets] --> Client
        end

        subgraph "Application Layer (AWS VPC - Private Subnets)"
            AppRunner -- Runs Container Image from --> ECR
            AppRunner -- Uses Secrets --> SecretsMgr[(Secrets Manager)]
            AppRunner -- Sends Logs/Metrics --> Monitoring[Basic Monitoring & Logging - CloudWatch]
        end

        subgraph "Data Layer (AWS VPC - Private Subnets)"
            DB_Primary[(RDS PostgreSQL Single-AZ)]
            Backups[(Automated Backups - via RDS to S3)]
        end

        AWS_Resources --- API_Gateway
        AWS_Resources --- S3_Static
        AWS_Resources --- AppRunner
        AWS_Resources --- SecretsMgr
        AWS_Resources --- Monitoring
        AWS_Resources --- DB_Primary
        AWS_Resources --- ECR
        AWS_Resources --- Backups
    end

    Client -- API Calls --> API_Gateway
    API_Gateway -- Routes Traffic --> AppRunner
    AppRunner -- Reads/Writes --> DB_Primary

    style Client fill:#f9f,stroke:#333,stroke-width:2px
    style Developer fill:#ddd
    style GitHub fill:#ddd
    style CI_CD fill:#ddd
    style ECR fill:#ddd
    style IaC fill:#ddd
    style API_Gateway fill:#ccf
    style S3_Static fill:#ccf
    style AppRunner fill:#9cf
    style SecretsMgr fill:#f99
    style Monitoring fill:#f99
    style DB_Primary fill:#9c9
    style Backups fill:#9c9


```

Changes Explained (MVP):

1. Development & Deployment Tools: Added a section showing the developer workflow: code pushed to GitHub triggers a CI/CD pipeline (GitHub Actions).

2. Containerization: The pipeline builds a Docker image and pushes it to a container registry (AWS ECR).

3. Compute Service: Replaced generic "CRM Service Instance 1" with AWS App Runner. App Runner is a simple AWS service to deploy containerized web apps directly from a registry, managing the underlying instance, scaling (basic), and deployment process. It fits the simplified MVP well.

4. Deployment Flow: Arrows show CI/CD deploying the application to App Runner by referencing the image in ECR.

5. Infrastructure as Code (IaC): Added Terraform explicitly, showing it manages the creation and configuration of all AWS resources.

6. Frontend Hosting: Added an S3 Bucket to host the static files (HTML, CSS, JS) for the React SPA. The Client browser fetches these assets directly (potentially via CloudFront later, but S3 is the minimum).

###  Updated Refined High-Level Architecture Diagram (with Tools/Processes)  

``` mermaid

graph TD
    subgraph "Development & Deployment Tools"
        Developer[Developer Workstation w/ Docker] -- Pushes Code --> GitHub[GitHub Repo]
        GitHub -- Triggers --> CI_CD[GitHub Actions CI/CD Pipeline]
        CI_CD -- Builds & Pushes Image --> ECR[AWS ECR - Container Registry]
        CI_CD -- Deploys App (Blue/Green) --> ECS_Service[AWS ECS Service - Fargate]
        IaC[Terraform Code in GitHub] -- Provisions/Manages --> AWS_Resources[AWS Resources via API]
    end

    subgraph "User Domain"
        Client[Client Browser - SPA]
    end

    subgraph "AWS Cloud Environment (Managed by Terraform)"
        subgraph "Network Edge"
            CDN[CDN - CloudFront] --> Client
            S3_Static[S3 Bucket - Static Frontend Assets] --> CDN
            API_Gateway[API Gateway]
        end

        subgraph "Application Layer (AWS VPC - Private Subnets)"
            LB[Application Load Balancer - ALB]
            ECS_Service -- Runs Tasks --> Task1[ECS Task/Container 1]
            ECS_Service -- Runs Tasks --> Task2[ECS Task/Container 2]
            ECS_Service -- Runs Tasks --> TaskN[...]
            Cache[(ElastiCache - Redis)]
            SecretsMgr[(Secrets Manager)]
            Monitoring[Monitoring & Logging - CloudWatch]
        end

        subgraph "Data Layer (AWS VPC - Private Subnets)"
            DB_Primary[(RDS PostgreSQL Multi-AZ Primary)]
            DB_Standby[(RDS PostgreSQL Multi-AZ Standby)]
            Backups[(Automated Backups - via RDS to S3)]
        end

        AWS_Resources --- CDN
        AWS_Resources --- S3_Static
        AWS_Resources --- API_Gateway
        AWS_Resources --- LB
        AWS_Resources --- ECS_Service
        AWS_Resources --- Cache
        AWS_Resources --- SecretsMgr
        AWS_Resources --- Monitoring
        AWS_Resources --- DB_Primary
        AWS_Resources --- ECR
        AWS_Resources --- Backups
    end

    Client -- API Calls --> API_Gateway
    API_Gateway -- Routes Traffic --> LB
    LB -- Distributes Traffic --> Task1
    LB -- Distributes Traffic --> Task2
    LB -- Distributes Traffic --> TaskN

    Task1 <--> Cache
    Task2 <--> Cache
    TaskN <--> Cache

    Task1 --> Monitoring
    Task2 --> Monitoring
    TaskN --> Monitoring

    Task1 -- Reads/Writes --> DB_Primary
    Task2 -- Reads/Writes --> DB_Primary
    TaskN -- Reads/Writes --> DB_Primary

    Task1 -- Reads Secrets --> SecretsMgr
    Task2 -- Reads Secrets --> SecretsMgr
    TaskN -- Reads Secrets --> SecretsMgr

    DB_Primary -- Replicates --> DB_Standby

    style Developer fill:#ddd
    style GitHub fill:#ddd
    style CI_CD fill:#ddd
    style ECR fill:#ddd
    style IaC fill:#ddd
    style Client fill:#f9f
    style CDN fill:#ff9
    style S3_Static fill:#ccf
    style API_Gateway fill:#ccf
    style LB fill:#cff
    style ECS_Service fill:#9cf
    style Task1 fill:#9cf
    style Task2 fill:#9cf
    style TaskN fill:#9cf
    style Cache fill:#f99
    style SecretsMgr fill:#f99
    style Monitoring fill:#f99
    style DB_Primary fill:#9c9
    style DB_Standby fill:#9c9
    style Backups fill:#9c9

```


Changes Explained (Refined):
1. Development & Deployment Tools: Same as MVP, showing the flow from developer to deployed application via CI/CD, ECR, and IaC.

2. Compute Service: Replaced generic "Instances" with AWS ECS (Elastic Container Service) using the Fargate launch type. This is a standard way to run containerized applications at scale without managing underlying EC2 instances. The diagram shows the ECS Service managing multiple running Tasks/Containers.

3. Deployment Strategy: Explicitly noted that the CI/CD pipeline deploys to ECS using a Blue/Green strategy (managed via ECS deployment configurations or ALB target group weighting).

4. Load Balancer: Labeled as Application Load Balancer (ALB), which integrates well with ECS.

5. Database: Labeled as RDS PostgreSQL Multi-AZ Primary/Standby to reflect the high-availability setup.

6. Cache: Labeled as ElastiCache (Redis).

7. CDN: Included CloudFront serving static assets from S3.

8. Infrastructure as Code (IaC): Terraform manages all these more complex resources.

These updated diagrams provide a more concrete view of how the application would be built, deployed, and managed using the specific tools and cloud services discussed, reflecting both the initial pragmatic deployment and the future scaled-up version.  


### UI then start implementing.


### User Persona : The Overwhelmed Agency Professional  

https://www.coursera.org/learn/principles-of-ux-ui-design/supplement/K2oqv/exercise-create-a-persona

![image.png](attachment:9688634c-2f51-4702-945c-a8ecd5cc6d59.png)

---
### The Recommended "Just-in-Time" Design Workflow

The most efficient process for you is to integrate the design work into your vertical slice development plan. You will design **just enough** for the feature you are about to build.

Here is the refined, step-by-step workflow for a single vertical slice (e.g., "Account Management").

#### **Slice 1: Account Management**

**Phase 1: High-Level Design (Done Once for the Whole App)**

*   **What you do:** You create the one wireframe that affects everything: **The Main App Shell**.
*   **Why:** You need to establish the global layout (left sidebar, top nav, main content area) before you can design any individual page. This is the only piece of UI you need to design for the entire app at the start.
*   **Output:** One wireframe for the application's container.

**Phase 2: Feature-Specific Design (Just for Accounts)**

*   **What you do:** Before writing any code for the Account feature, you create the specific wireframes needed *only for Accounts*.
    1.  **Wireframe the Account List View:** A page with a table, search bar, and "New Account" button.
    2.  **Wireframe the Account Detail View:** The three-column layout showing fields, the activity timeline placeholder, and related list placeholders.
    3.  **Wireframe the New/Edit Account Modal:** The form with the specific fields for an Account.
*   **Interactive Prototypes?** For a solo developer, creating a full, clickable prototype in Figma is likely overkill. Your time is better spent building the real thing. The static wireframes are enough to give you a clear blueprint.
*   **Output:** 3-4 static wireframes that completely define the UI for the Account Management feature.

**Phase 3: Implementation (The Vertical Slice)**

*   **Step 3a (Backend):** You now have everything you need. You look at your **ERD** and **API Contract** and build the Django models, serializers, and views for Accounts. You write the backend tests.
*   **Step 3b (Frontend):** You look at your **Account-specific wireframes** and the now-documented **API Contract**. You build the React components (`AccountListPage`, `AccountDetailPage`, `AccountFormModal`) and connect them to the live API endpoints.

**Phase 4: Repeat for the Next Slice**

Now you move on to the next feature, e.g., **"Opportunity Management"**.

*   You go back to the **Feature-Specific Design** phase.
*   You create the wireframes needed *only for Opportunities*: the Kanban pipeline view, the detail page, and the "Add Line Item" modal.
*   Then you move to implementation for that slice.

### Why This Approach is Superior for a Solo Developer

1.  **Reduces Wasted Effort:** You don't spend time designing the `Orders` and `Payments` UI until you are actually ready to build them. By then, you will have learned things from building the `Accounts` and `Opportunities` features that will make your `Orders` design better.
2.  **Maintains Momentum:** It allows you to continuously move between design and development, which keeps the project feeling dynamic and prevents you from getting stuck in a month-long "design-only" phase.
3.  **Agile and Adaptable:** If you discover a problem while building the Account UI, you can easily adjust the wireframes for the upcoming Opportunity UI to account for it. Your design evolves with your implementation knowledge.

**Conclusion:** Integrate your UI design work into your vertical slice process. Design the global shell once at the beginning, and then, for each new feature, **design only the wireframes you need for that specific feature right before you start coding it.** This is the most efficient, agile, and pragmatic path forward.

Finishing figma design course, starting wireframing of dashboard and accounts view soon.
Vertical design implementation.


### The Recommended "Just-in-Time" Design Workflow

The most efficient process for you is to integrate the design work into your vertical slice development plan. You will design **just enough** for the feature you are about to build.

Here is the refined, step-by-step workflow for a single vertical slice (e.g., "Account Management").

#### **Slice 1: Account Management**

**Phase 1: High-Level Design (Done Once for the Whole App)**

*   **What you do:** You create the one wireframe that affects everything: **The Main App Shell**.
*   **Why:** You need to establish the global layout (left sidebar, top nav, main content area) before you can design any individual page. This is the only piece of UI you need to design for the entire app at the start.
*   **Output:** One wireframe for the application's container.

**Phase 2: Feature-Specific Design (Just for Accounts)**

*   **What you do:** Before writing any code for the Account feature, you create the specific wireframes needed *only for Accounts*.
    1.  **Wireframe the Account List View:** A page with a table, search bar, and "New Account" button.
    2.  **Wireframe the Account Detail View:** The three-column layout showing fields, the activity timeline placeholder, and related list placeholders.
    3.  **Wireframe the New/Edit Account Modal:** The form with the specific fields for an Account.
*   **Interactive Prototypes?** For a solo developer, creating a full, clickable prototype in Figma is likely overkill. Your time is better spent building the real thing. The static wireframes are enough to give you a clear blueprint.
*   **Output:** 3-4 static wireframes that completely define the UI for the Account Management feature.

**Phase 3: Implementation (The Vertical Slice)**

*   **Step 3a (Backend):** You now have everything you need. You look at your **ERD** and **API Contract** and build the Django models, serializers, and views for Accounts. You write the backend tests.
*   **Step 3b (Frontend):** You look at your **Account-specific wireframes** and the now-documented **API Contract**. You build the React components (`AccountListPage`, `AccountDetailPage`, `AccountFormModal`) and connect them to the live API endpoints.

**Phase 4: Repeat for the Next Slice**

Now you move on to the next feature, e.g., **"Opportunity Management"**.

*   You go back to the **Feature-Specific Design** phase.
*   You create the wireframes needed *only for Opportunities*: the Kanban pipeline view, the detail page, and the "Add Line Item" modal.
*   Then you move to implementation for that slice.

### Why This Approach is Superior for a Solo Developer

1.  **Reduces Wasted Effort:** You don't spend time designing the `Orders` and `Payments` UI until you are actually ready to build them. By then, you will have learned things from building the `Accounts` and `Opportunities` features that will make your `Orders` design better.
2.  **Maintains Momentum:** It allows you to continuously move between design and development, which keeps the project feeling dynamic and prevents you from getting stuck in a month-long "design-only" phase.
3.  **Agile and Adaptable:** If you discover a problem while building the Account UI, you can easily adjust the wireframes for the upcoming Opportunity UI to account for it. Your design evolves with your implementation knowledge.

**Conclusion:** Integrate your UI design work into your vertical slice process. Design the global shell once at the beginning, and then, for each new feature, **design only the wireframes you need for that specific feature right before you start coding it.** This is the most efficient, agile, and pragmatic path forward.

### Implementation

DashBoard and Log In wireframes.

User model.  
user logs in and re-directed to DashBoard, whose main section is empty.

Account model 
Account wireframe and frontend implementation.


Dashboard updates with Accounts data.

#### Dashboard wireframe

![image.png](attachment:e8b682d6-7855-4836-8b7f-b357f52b2017.png)


django rest done, now implementation phase to start  

go over:
erd
diagrams


auth and log in page
accounts wireframe, model, and frontend 