#417 — Prepare to deploy v0 or Partner Portal to prod
Repo: Twill-AI/facade State: closed | Status: done Assignee: Unassigned
Created: 2025-07-23 · Updated: 2025-09-15
Description
AC:
- [Security] There was a verification that there are no security (auth) issues in back-end code.
- [Security] There was a verification that there are no sensitive data in UI code.
- [Functional] There was a verification of whole Partner flow in staging. It includes:
- On-boarding flow to Twill Partner Portal for Partner+Owner (including fee configs) and for Sales Rep (including empty merchants table and assigning existing merchants).
- Managing users flow.
- Creating Merchant from nothing to “active” state.
-
https://github.com/Twill-AI/python-shared/issues/56 is fixed.Decided to skip for first deploy.
Testing plan
Preparation for security testing
- Create second partner (“ABC123”) with data (to see cross-partner data bleeding) and users (to check removal). →
aleksandr+ABC123@twillpayments.com/hSPH2L2t&V6W; has separate merchants (one, “a6877fa2-2d02-4f2e-92f9-025705a76c40”) - Create separate fee config for 001 partner.
- Create user-created fee config for “Rep1” user in 001 partner.
Security testing
- Call all “partners” API-s without or with expired creds. → 401
- Call “partners/” API-s under “regular” creds. → 403
- Call not-”partners” API-s under “partner” creds. → 403
- ✔️ 500 with “Partner1” user got error while endpoint handler started to be executed!
2025-07-28 08:55:58.427|ERROR|-no-tenant|endpoint_helpers:80|POST http://ca-staging-twill-facade-eastus.happystone
- ✔️ 500 with “Partner1” user got error while endpoint handler started to be executed!
Notes
Add implementation notes, blockers, and context here
Related
Add wikilinks to related people, meetings, or other tickets