### **Phase 1: AI as Product Manager (Planning & Requirements)**

### **Goal:** Create a comprehensive Product Requirements Document (PRD).

### **Action Steps**
#### 1. Start with a high-level idea for your application
#### 2. Use an LLM to brainstorm features, user personas, and user stories with acceptance criteria (as you did on **Day 1**)
#### 3. Provide the brainstormed content and a template to the LLM to generate a formal `prd.md` file

### **Artifacts:**  `prd.md`

### **Process:** We utilized *Day 1 Lab 2* to help generate our Product Requirements Document.

### Product Requirements Document: Inventory Management System

| Status | **Final** |
| :--- | :--- |
| **Author** | Inventory Product Team |
| **Version** | 1.0 |
| **Last Updated** | 7/31/2025 |

## 1. Executive Summary & Vision
The Inventory Management System (IMS) is designed to help businesses efficiently track and manage stock across multiple locations. By implementing real-time data tracking, automated stock alerts, and comprehensive reporting, the IMS aims to reduce errors, improve operational efficiency, and ensure that businesses always have the right products at the right time.

## 2. The Problem

**2.1. Problem Statement:**
Businesses currently face fragmented inventory management processes, leading to stock discrepancies, overstocking or understocking, and inefficient warehouse operations that result in decreased productivity and increased operational costs.

**2.2. User Personas & Scenarios:**

**Persona 1: Sarah, the Warehouse Worker**

Sarah struggles with manual inventory tracking, often leading to data entry errors and time-consuming processes when receiving and shipping items.

**Persona 2: Michael, the Inventory Manager**

Michael lacks real-time visibility into stock levels across multiple locations, making it difficult to make informed decisions about reordering and stock allocation.

**Persona 3: John, the Procurement Officer**

John is often caught off-guard by stockouts and relies on manual processes to track supplier performance and place orders, leading to supply chain disruptions.

## 3. Goals & Success Metrics

| Goal | Key Performance Indicator (KPI) | Target |
| :--- | :--- | :--- |
| Ensure Inventory Accuracy | Reduce stock discrepancies | Maintain less than 2% inventory discrepancy rate |
| Improve Order Fulfillment | On-time delivery performance | Achieve 95% on-time deliveries |
| Optimize Stock Management | Reduce excess inventory | Decrease carrying costs by 15% in Q1 |
| Automate Manual Processes | Reduce manual data entry | Automate 60% of inventory tracking tasks |

## 4. Functional Requirements & User Stories

**Epic: Real-Time Stock Tracking**

**Story 1:** As a warehouse worker, I want to scan items as they enter the warehouse, so that stock levels are updated in real-time.

**Acceptance Criteria:**
- Given I scan an item barcode, When the scan is successful, Then the system should automatically update the stock count and timestamp the entry.
- Given I scan a duplicate item, When the system detects it, Then it should increment the quantity rather than create a new entry.

**Story 2:** As an inventory manager, I want to view a dashboard of current stock levels across all locations, so that I can make informed decisions about reordering and stock allocation.

**Acceptance Criteria:**
- Given I am an inventory manager, When I access the dashboard, Then I should see real-time data on stock levels, low stock alerts, and trending items.
- Given I need location-specific data, When I filter by warehouse, Then I should see stock levels for that specific location only.

**Story 3:** As a procurement officer, I want automated reorder alerts, so that I don't run out of critical items.

**Acceptance Criteria:**
- Given a product falls below the reorder threshold, When the system detects this, Then I should receive an automated notification with recommended order quantity.
- Given I receive a reorder alert, When I review it, Then I should see supplier information and lead times.

**Story 4:** As a warehouse worker, I want to log items that are damaged or expired, so that I can update stock records and avoid incorrect reporting.

**Acceptance Criteria:**
- Given I identify a damaged or expired item, When I scan it and mark its status, Then the system should remove it from available inventory and log the reason.
- Given I process damaged goods, When I complete the entry, Then the system should generate a report for accounting purposes.

**Story 5:** As an inventory manager, I want to generate reports on stock movements, so that I can analyze trends and make data-driven decisions.

**Acceptance Criteria:**
- Given I need a stock movement report, When I select a time period and location, Then the system should generate a detailed report with inbound, outbound, and adjustment transactions.
- Given I want to analyze trends, When I view the report, Then it should include charts showing stock level changes over time.

**Story 6:** As a warehouse worker, I want to process outbound shipments efficiently, so that I can ensure accurate order fulfillment.

**Acceptance Criteria:**
- Given I have a pick list, When I scan items for shipment, Then the system should verify the items match the order and update stock levels.
- Given I complete a shipment, When I finalize it, Then the system should generate tracking information and notify relevant parties.

**Story 7:** As a procurement officer, I want to track supplier performance, so that I can make informed decisions about vendor relationships.

**Acceptance Criteria:**
- Given I need supplier metrics, When I access the supplier dashboard, Then I should see delivery performance, quality ratings, and pricing trends.
- Given a supplier consistently underperforms, When I review their metrics, Then I should be able to flag them for review or replacement.

**Story 8:** As an inventory manager, I want to set and manage reorder points, so that I can optimize stock levels for each item.

**Acceptance Criteria:**
- Given I need to set reorder parameters, When I access an item's details, Then I should be able to set minimum stock levels, reorder quantities, and lead times.
- Given seasonal demand changes, When I update reorder points, Then the system should apply the new thresholds immediately.

**Story 9:** As a warehouse worker, I want to perform cycle counts, so that I can maintain inventory accuracy.

**Acceptance Criteria:**
- Given I'm assigned a cycle count, When I access the count list, Then I should see items to count with their expected quantities.
- Given I find discrepancies during counting, When I report them, Then the system should flag them for investigation and adjustment.

## 5. Non-Functional Requirements (NFRs)

- **Performance:** The system must provide real-time inventory updates within 2 seconds of any transaction.
- **Security:** All data must be encrypted in transit and at rest. The system must support role-based access controls and audit trails.
- **Accessibility:** The user interface must be compliant with WCAG 2.1 AA standards and support mobile devices for warehouse operations.
- **Scalability:** The system must support multiple warehouses, up to 1 million SKUs, and 200 concurrent users during peak operations.
- **Reliability:** The system must maintain 99.5% uptime and include offline capability for critical warehouse operations.

## 6. Release Plan & Milestones

- **Version 1.0 (MVP):** 12/1/2025 - Core features including barcode scanning, stock tracking, manual inventory entries, and basic reporting.
- **Version 1.1:** 3/1/2026 - Automated reorder alerts, supplier management, and advanced reporting capabilities.
- **Version 2.0:** 6/1/2026 - Forecasting tools, AI-driven analytics, and integration with ERP systems.

## 7. Out of Scope & Future Considerations

**7.1. Out of Scope for V1.0:**

- Direct integration with existing ERP systems (will be manual import/export).
- Advanced forecasting algorithms and demand planning.
- Native mobile application (the web app will be mobile-responsive).
- Integration with e-commerce platforms.

**7.2. Future Work:**

- Integration with popular ERP systems (SAP, Oracle, QuickBooks).
- AI-powered demand forecasting and optimization.
- IoT sensor integration for automated inventory tracking.
- Advanced analytics and business intelligence dashboards.

## 8. Appendix & Open Questions

- **Open Question:** Which team will be responsible for maintaining the product catalog and SKU information?
- **Dependency:** Integration requirements with existing warehouse management systems need to be finalized by 9/15/2025.
- **Technical Consideration:** Barcode scanner hardware requirements and compatibility need to be

### **Phase 2: AI as Architect (Design & Architecture)**

### **Goal:** Define your application's architecture and data structure.
### **Action:**
#### 1.  Feed your `prd.md` to an LLM.
#### 2.  Prompt it to generate a high-level system architecture. Ask for **diagrams-as-code (PlantUML)** for your architecture document (as you did on **Day 2**).
#### 3.  Prompt it to generate the `CREATE TABLE` statements for your database schema.
### **Artifacts:** `architecture.md` (with diagrams), `schema.sql`

### **Process:** We utilizied *Day 2 Lab 1* to generate our schema and seed data, *Day 2 Lab 2* to generate our ADR and *Day 2 Self-Paced Lab* to help generate our diagram with mermaid.    

In [None]:
CREATE TABLE users (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    username TEXT NOT NULL UNIQUE,
    password_hash TEXT NOT NULL,
    full_name TEXT NOT NULL,
    email TEXT NOT NULL UNIQUE,
    role TEXT NOT NULL, -- e.g., 'warehouse_worker', 'inventory_manager', 'procurement_officer'
    is_active INTEGER NOT NULL DEFAULT 1,
    created_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP
);

CREATE TABLE warehouses (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    name TEXT NOT NULL,
    address TEXT,
    phone TEXT,
    is_active INTEGER NOT NULL DEFAULT 1,
    created_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP
);

CREATE TABLE suppliers (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    name TEXT NOT NULL,
    contact_name TEXT,
    phone TEXT,
    email TEXT,
    address TEXT,
    is_active INTEGER NOT NULL DEFAULT 1,
    created_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP
);

CREATE TABLE products (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    sku TEXT NOT NULL UNIQUE,
    name TEXT NOT NULL,
    description TEXT,
    barcode TEXT UNIQUE,
    supplier_id INTEGER,
    reorder_point INTEGER DEFAULT 0,
    reorder_quantity INTEGER DEFAULT 0,
    lead_time_days INTEGER DEFAULT 0,
    is_active INTEGER NOT NULL DEFAULT 1,
    created_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
    FOREIGN KEY (supplier_id) REFERENCES suppliers(id)
);

CREATE TABLE inventory_levels (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    product_id INTEGER NOT NULL,
    warehouse_id INTEGER NOT NULL,
    quantity INTEGER NOT NULL DEFAULT 0,
    last_updated DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
    UNIQUE(product_id, warehouse_id),
    FOREIGN KEY (product_id) REFERENCES products(id),
    FOREIGN KEY (warehouse_id) REFERENCES warehouses(id)
);

CREATE TABLE stock_movements (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    product_id INTEGER NOT NULL,
    warehouse_id INTEGER NOT NULL,
    user_id INTEGER,
    movement_type TEXT NOT NULL, -- 'inbound', 'outbound', 'adjustment', 'damage', 'cycle_count'
    quantity INTEGER NOT NULL,
    reason TEXT, -- e.g., 'receiving', 'shipment', 'damaged', etc.
    reference_number TEXT,
    created_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
    FOREIGN KEY (product_id) REFERENCES products(id),
    FOREIGN KEY (warehouse_id) REFERENCES warehouses(id),
    FOREIGN KEY (user_id) REFERENCES users(id)
);

CREATE TABLE reorder_alerts (
    id INTEGER PRIMARY KEY AUTOINCREMENT,
    product_id INTEGER NOT NULL,
    warehouse_id INTEGER NOT NULL,
    triggered_at DATETIME NOT NULL DEFAULT CURRENT_TIMESTAMP,
    suggested_quantity INTEGER NOT NULL,
    is_resolved INTEGER NOT NULL DEFAULT 0,
    resolved_at DATETIME,
    FOREIGN KEY (product_id) REFERENCES products(id),
    FOREIGN KEY (warehouse_id) REFERENCES warehouses(id)
);

In [None]:
-- USERS
INSERT INTO users (username, password_hash, full_name, email, role) VALUES ('sarah.w', 'hash1', 'Sarah Williams', 'sarah.w@example.com', 'warehouse_worker');
INSERT INTO users (username, password_hash, full_name, email, role) VALUES ('michael.h', 'hash2', 'Michael Harris', 'michael.h@example.com', 'inventory_manager');
INSERT INTO users (username, password_hash, full_name, email, role) VALUES ('john.p', 'hash3', 'John Peterson', 'john.p@example.com', 'procurement_officer');
INSERT INTO users (username, password_hash, full_name, email, role) VALUES ('emily.t', 'hash4', 'Emily Tran', 'emily.t@example.com', 'warehouse_worker');
INSERT INTO users (username, password_hash, full_name, email, role) VALUES ('david.k', 'hash5', 'David Kim', 'david.k@example.com', 'inventory_manager');
INSERT INTO users (username, password_hash, full_name, email, role) VALUES ('laura.m', 'hash6', 'Laura Martinez', 'laura.m@example.com', 'procurement_officer');
INSERT INTO users (username, password_hash, full_name, email, role) VALUES ('kevin.b', 'hash7', 'Kevin Brown', 'kevin.b@example.com', 'warehouse_worker');
INSERT INTO users (username, password_hash, full_name, email, role) VALUES ('olivia.s', 'hash8', 'Olivia Smith', 'olivia.s@example.com', 'inventory_manager');
INSERT INTO users (username, password_hash, full_name, email, role) VALUES ('daniel.c', 'hash9', 'Daniel Chen', 'daniel.c@example.com', 'procurement_officer');
INSERT INTO users (username, password_hash, full_name, email, role) VALUES ('rachel.j', 'hash10', 'Rachel Jones', 'rachel.j@example.com', 'warehouse_worker');

-- WAREHOUSES
INSERT INTO warehouses (name, address, phone) VALUES ('Central Warehouse', '123 Main St, Springfield', '555-0100');
INSERT INTO warehouses (name, address, phone) VALUES ('North Distribution Center', '456 North Ave, Springfield', '555-0101');
INSERT INTO warehouses (name, address, phone) VALUES ('South Fulfillment Hub', '789 South Rd, Springfield', '555-0102');
INSERT INTO warehouses (name, address, phone) VALUES ('East Storage', '321 East Blvd, Springfield', '555-0103');
INSERT INTO warehouses (name, address, phone) VALUES ('West Logistics Point', '654 West Dr, Springfield', '555-0104');
INSERT INTO warehouses (name, address, phone) VALUES ('Downtown Depot', '100 Center Plaza, Springfield', '555-0105');
INSERT INTO warehouses (name, address, phone) VALUES ('Airport Hub', '1 Aviation Way, Springfield', '555-0106');
INSERT INTO warehouses (name, address, phone) VALUES ('Tech Park Warehouse', '8700 Innovation Pkwy, Springfield', '555-0107');
INSERT INTO warehouses (name, address, phone) VALUES ('Riverside Storage', '202 River Rd, Springfield', '555-0108');
INSERT INTO warehouses (name, address, phone) VALUES ('Suburban Fulfillment', '800 Suburb Ln, Springfield', '555-0109');

-- SUPPLIERS
INSERT INTO suppliers (name, contact_name, phone, email, address) VALUES ('Acme Industrial', 'Helen Grant', '555-1001', 'helen.grant@acmeind.com', '100 Acme Ave, Springfield');
INSERT INTO suppliers (name, contact_name, phone, email, address) VALUES ('Global Parts Co', 'Mike Lee', '555-1002', 'mike.lee@globalparts.com', '2500 Global Dr, Springfield');
INSERT INTO suppliers (name, contact_name, phone, email, address) VALUES ('Prime Logistics', 'Samantha Clark', '555-1003', 's.clark@primelogistics.com', '480 Prime Way, Springfield');
INSERT INTO suppliers (name, contact_name, phone, email, address) VALUES ('Alpha Manufacturing', 'Carlos Rivera', '555-1004', 'c.rivera@alphamfg.com', '700 Alpha Rd, Springfield');
INSERT INTO suppliers (name, contact_name, phone, email, address) VALUES ('Supply Solutions', 'Nina Patel', '555-1005', 'nina.patel@supplysol.com', '900 Solution St, Springfield');
INSERT INTO suppliers (name, contact_name, phone, email, address) VALUES ('Brightline Electronics', 'George Liu', '555-1006', 'g.liu@brightline.com', '300 Circuit Ln, Springfield');
INSERT INTO suppliers (name, contact_name, phone, email, address) VALUES ('Midwest Packaging', 'Lisa Kim', '555-1007', 'lisa.kim@midwestpack.com', '150 Midwest Blvd, Springfield');
INSERT INTO suppliers (name, contact_name, phone, email, address) VALUES ('Optima Paper Goods', 'Paul Turner', '555-1008', 'p.turner@optimapaper.com', '42 Paper Ave, Springfield');
INSERT INTO suppliers (name, contact_name, phone, email, address) VALUES ('Greenfield Plastics', 'Anna Bailey', '555-1009', 'a.bailey@greenfieldplastics.com', '650 Plastic Pkwy, Springfield');
INSERT INTO suppliers (name, contact_name, phone, email, address) VALUES ('Metro Fasteners', 'David Sanders', '555-1010', 'd.sanders@metrofasteners.com', '75 Metro St, Springfield');

-- PRODUCTS
INSERT INTO products (sku, name, description, barcode, supplier_id, reorder_point, reorder_quantity, lead_time_days) VALUES ('SKU1001', 'Standard Shipping Box', 'Cardboard box, 18x18x24 in.', '1234567890123', 7, 100, 500, 7);
INSERT INTO products (sku, name, description, barcode, supplier_id, reorder_point, reorder_quantity, lead_time_days) VALUES ('SKU1002', 'Packing Tape', 'Clear adhesive tape, 2 in. x 110 yds.', '1234567890124', 7, 50, 200, 5);
INSERT INTO products (sku, name, description, barcode, supplier_id, reorder_point, reorder_quantity, lead_time_days) VALUES ('SKU1003', 'Bubble Wrap', 'Protective bubble wrap, 500 ft roll', '1234567890125', 5, 30, 100, 4);
INSERT INTO products (sku, name, description, barcode, supplier_id, reorder_point, reorder_quantity, lead_time_days) VALUES ('SKU1004', 'Industrial Gloves', 'Nitrile gloves, Large, 100 pack', '1234567890126', 1, 20, 50, 10);
INSERT INTO products (sku, name, description, barcode, supplier_id, reorder_point, reorder_quantity, lead_time_days) VALUES ('SKU1005', 'Barcode Scanner', 'Wireless barcode scanner, USB', '1234567890127', 6, 5, 10, 14);
INSERT INTO products (sku, name, description, barcode, supplier_id, reorder_point, reorder_quantity, lead_time_days) VALUES ('SKU1006', 'Pallet Jack', 'Heavy duty pallet jack, 5500 lb', '1234567890128', 4, 2, 5, 21);
INSERT INTO products (sku, name, description, barcode, supplier_id, reorder_point, reorder_quantity, lead_time_days) VALUES ('SKU1007', 'Thermal Printer', 'Label printer, 4x6 in.', '1234567890129', 6, 3, 6, 12);
INSERT INTO products (sku, name, description, barcode, supplier_id, reorder_point, reorder_quantity, lead_time_days) VALUES ('SKU1008', 'Industrial Shelving', 'Steel shelving unit, 72x48x24 in.', '1234567890130', 2, 10, 20, 15);
INSERT INTO products (sku, name, description, barcode, supplier_id, reorder_point, reorder_quantity, lead_time_days) VALUES ('SKU1009', 'Packing Slip Paper', 'Laser paper, 8.5x11 in., 500 sheets', '1234567890131', 8, 25, 100, 6);
INSERT INTO products (sku, name, description, barcode, supplier_id, reorder_point, reorder_quantity, lead_time_days) VALUES ('SKU1010', 'Plastic Pallet', 'Reusable plastic pallet, 48x40 in.', '1234567890132', 9, 12, 30, 18);

-- INVENTORY_LEVELS
INSERT INTO inventory_levels (product_id, warehouse_id, quantity) VALUES (1, 1, 1200);
INSERT INTO inventory_levels (product_id, warehouse_id, quantity) VALUES (2, 1, 350);
INSERT INTO inventory_levels (product_id, warehouse_id, quantity) VALUES (3, 2, 90);
INSERT INTO inventory_levels (product_id, warehouse_id, quantity) VALUES (4, 2, 40);
INSERT INTO inventory_levels (product_id, warehouse_id, quantity) VALUES (5, 3, 7);
INSERT INTO inventory_levels (product_id, warehouse_id, quantity) VALUES (6, 3, 2);
INSERT INTO inventory_levels (product_id, warehouse_id, quantity) VALUES (7, 4, 4);
INSERT INTO inventory_levels (product_id, warehouse_id, quantity) VALUES (8, 5, 15);
INSERT INTO inventory_levels (product_id, warehouse_id, quantity) VALUES (9, 5, 300);
INSERT INTO inventory_levels (product_id, warehouse_id, quantity) VALUES (10, 1, 25);

-- STOCK_MOVEMENTS
INSERT INTO stock_movements (product_id, warehouse_id, user_id, movement_type, quantity, reason, reference_number) VALUES (1, 1, 1, 'inbound', 600, 'receiving', 'PO-1001');
INSERT INTO stock_movements (product_id, warehouse_id, user_id, movement_type, quantity, reason, reference_number) VALUES (2, 1, 4, 'inbound', 200, 'receiving', 'PO-1002');
INSERT INTO stock_movements (product_id, warehouse_id, user_id, movement_type, quantity, reason, reference_number) VALUES (3, 2, 7, 'inbound', 100, 'receiving', 'PO-1003');
INSERT INTO stock_movements (product_id, warehouse_id, user_id, movement_type, quantity, reason, reference_number) VALUES (4, 2, 10, 'inbound', 50, 'receiving', 'PO-1004');
INSERT INTO stock_movements (product_id, warehouse_id, user_id, movement_type, quantity, reason, reference_number) VALUES (1, 1, 1, 'outbound', 100, 'shipment', 'SO-2001');
INSERT INTO stock_movements (product_id, warehouse_id, user_id, movement_type, quantity, reason, reference_number) VALUES (2, 1, 4, 'outbound', 50, 'shipment', 'SO-2002');
INSERT INTO stock_movements (product_id, warehouse_id, user_id, movement_type, quantity, reason, reference_number) VALUES (4, 2, 10, 'damage', 10, 'damaged', 'DMG-3001');
INSERT INTO stock_movements (product_id, warehouse_id, user_id, movement_type, quantity, reason, reference_number) VALUES (6, 3, 1, 'inbound', 2, 'receiving', 'PO-1005');
INSERT INTO stock_movements (product_id, warehouse_id, user_id, movement_type, quantity, reason, reference_number) VALUES (8, 5, 7, 'adjustment', 3, 'cycle count adjustment', 'CC-4001');
INSERT INTO stock_movements (product_id, warehouse_id, user_id, movement_type, quantity, reason, reference_number) VALUES (9, 5, 4, 'inbound', 300, 'receiving', 'PO-1007');

-- REORDER_ALERTS
INSERT INTO reorder_alerts (product_id, warehouse_id, triggered_at, suggested_quantity) VALUES (5, 3, '2025-07-31 09:30:00', 10);
INSERT INTO reorder_alerts (product_id, warehouse_id, triggered_at, suggested_quantity) VALUES (6, 3, '2025-07-31 10:00:00', 5);
INSERT INTO reorder_alerts (product_id, warehouse_id, triggered_at, suggested_quantity) VALUES (7, 4, '2025-07-31 11:15:00', 6);
INSERT INTO reorder_alerts (product_id, warehouse_id, triggered_at, suggested_quantity) VALUES (8, 5, '2025-07-31 12:45:00', 20);
INSERT INTO reorder_alerts (product_id, warehouse_id, triggered_at, suggested_quantity) VALUES (3, 2, '2025-07-30 14:20:00', 100);
INSERT INTO reorder_alerts (product_id, warehouse_id, triggered_at, suggested_quantity) VALUES (4, 2, '2025-07-30 15:10:00', 50);
INSERT INTO reorder_alerts (product_id, warehouse_id, triggered_at, suggested_quantity) VALUES (10, 1, '2025-07-29 11:05:00', 30);
INSERT INTO reorder_alerts (product_id, warehouse_id, triggered_at, suggested_quantity) VALUES (2, 1, '2025-07-28 13:00:00', 200);
INSERT INTO reorder_alerts (product_id, warehouse_id, triggered_at, suggested_quantity) VALUES (1, 1, '2025-07-27 09:00:00', 500);
INSERT INTO reorder_alerts (product_id, warehouse_id, triggered_at, suggested_quantity) VALUES (9, 5, '2025-07-26 16:25:00', 100);

In [3]:
import sys
import os

# Add the project's root directory to the Python path
try:
    project_root = os.path.abspath(os.path.join(os.getcwd(), '..', '..'))
except IndexError:
    project_root = os.path.abspath(os.path.join(os.getcwd()))

if project_root not in sys.path:
    sys.path.insert(0, project_root)

from utils import setup_llm_client, get_vision_completion, get_completion, save_artifact, clean_llm_output
from IPython.display import Image, display, Code

login_form_url = "https://i.postimg.cc/XYwvpHBg/diagram.jpg"
display(Image(url=login_form_url))

### **Phase 3: AI as Backend Developer (Coding)**

### **Goal:** Build a functional FastAPI backend.
### **Action:**
#### 1.  Provide your `schema.sql` to an LLM.
#### 2.  Prompt it to generate Pydantic and SQLAlchemy models.
#### 3.  Prompt it to generate the FastAPI application boilerplate with full CRUD endpoints for your models (as you did on **Day 3**).
#### 4.  Integrate the generated code and connect it to a live SQLite database.
### **Artifacts:** `main.py`, `onboarding.db` (or similar)

### **Process:** We used *Day 3 Lab 1* to help generate our complete database and main.py file.
#### `inventory.db`, `main.py`

---

### **Phase 4: AI as QA Engineer (Testing & Security)**

### **Goal:** Ensure your backend is robust and secure.
### **Action:**
#### 1.  Provide your `main.py` source code to an LLM.
#### 2.  Prompt it to generate a suite of `pytest` unit tests for your API, including "happy path" and edge cases (as you did on **Day 4**).
#### 3.  Prompt it to act as a security expert and identify potential vulnerabilities in your code (e.g., SQL injection, lack of input validation).
### **Artifacts:** `test_main.py`, `security_review.md`

### **Process:** We used *Day 4 Lab 1* to help generate test_main.py and used Co-Pilot to identify any security issues in our app.
#### `test_main.py`

# Security Review: Inventory Management System API

**Date:** July 31, 2025  
**Reviewer:** AI Security Analyst  
**Application:** FastAPI Inventory Management System  
**File Analyzed:** `app/main.py`

## Executive Summary

The Inventory Management System API has been analyzed for security vulnerabilities. While the application demonstrates good practices in some areas, several **critical and high-severity security issues** have been identified that require immediate attention before production deployment.

**Risk Level: HIGH** ⚠️

---

## 🔴 CRITICAL VULNERABILITIES

### 1. Password Storage - No Hashing
**Severity:** CRITICAL  
**Location:** Lines 117, 382  
**Issue:** Passwords are stored in plain text in the database.

```python
password_hash = Column(String, nullable=False)  # Column named "hash" but no hashing implemented
password: str = Field(..., min_length=8, example="securepassword123")  # Plain text password
```

**Impact:** Complete user account compromise if database is breached.

**Recommendation:**
```python
from passlib.context import CryptContext
pwd_context = CryptContext(schemes=["bcrypt"], deprecated="auto")

# Hash passwords before storage
password_hash = pwd_context.hash(password)
```

### 2. No Authentication/Authorization
**Severity:** CRITICAL  
**Location:** All API endpoints  
**Issue:** No authentication required for any API operations.

**Impact:** Anyone can create, read, update, or delete any data.

**Recommendation:** Implement JWT tokens with proper authentication:
```python
from fastapi.security import HTTPBearer
from jose import JWTError, jwt

security = HTTPBearer()

async def get_current_user(token: str = Depends(security)):
    # Verify JWT token and return user
    pass
```

### **Phase 5: AI as Frontend Developer (UI/UX)**

### **Goal:** Create a user interface for your application.
### **Action:**
#### 1.  Create a simple wireframe or find a screenshot of a UI you like.
#### 2.  Use a **vision-capable LLM** to generate a React component with Tailwind CSS from that image (as you did on **Day 7/8**).
#### 3.  Prompt a text-based LLM to create additional components as needed.
### **Artifact:** `src/App.js` and other React components.

### **Process:** We used *Day 3 Lab 2 Challenge 3* to help generate a comprehensive README.md and *Day 8 Lab 1* to take an AI generate UI mockup and convert it into usable React code.
#### `README.md`


In [4]:
login_form_url = "https://i.imghippo.com/files/Tjy7914GZo.png"
display(Image(url=login_form_url))