Configuracoes

Operacao interna, integracoes e readiness da Suite Trion.

suite.trionscale.com

Readiness das integracoes

Estado seguro para Supabase, Gmail, PandaDoc, dominio e webhooks.

Pronto

Parcial

Bloqueado

Fora

Supabase

Fase 4

Configurado

Persistencia auxiliar, Auth e server repositories da Suite.

Configurar projeto local/remoto e manter service role apenas em runtime server-side.

docs/supabase-local.mddocs/supabase-phase4-schema.md

PandaDoc

Fase 4 / Propostas

Parcial

Provider oficial para propostas e orcamentos.

Confirmar conta, template final, webhook assinado e aprovacao humana antes de criar documentos reais.

docs/pandadoc-proposal-decision.mddocs/phase-4-supabase-persistence-prd.md

Gmail

Fase 4 / Emails

Parcial

Entrada assistida de emails, faturas e pedidos de proposta.

Fechar OAuth, Google Cloud, Pub/Sub e storage seguro de tokens antes de ler emails reais.

docs/gmail-integration-decision.mddocs/qa-emails-phase3.md

Dominio

Preview / Producao

Configurado

Destino final publico da Suite Trion.

Apontar o subdominio suite.trionscale.com quando sair do preview temporario.

docs/phase-4-supabase-persistence-prd.md

Webhooks

Fase 4

Parcial

Protecao de entradas externas e eventos de providers.

Manter todos os endpoints externos atras de segredo, assinatura ou autenticacao equivalente.

docs/runtime-boundaries.mddocs/phase-4-supabase-persistence-prd.md

Notion

MVP financeiro

Configurado

Fonte operacional inicial para financeiro.

Manter Notion como fonte principal ate a migracao Supabase DB ser aprovada.

docs/plano-tecnico.mddocs/phase-1-technical-prd.md

Vercel

Preview

Bloqueado

Preview e deploy temporario antes do dominio final.

Validar preview; depois promover com dominio da Trion Scale quando aprovado.

docs/phase-4-supabase-persistence-prd.md

Prova Supabase Auth

Diagnostico seguro de runtime, servidor e sessao real.

A verificar

A validar runtime Supabase.

Prova runtime faturas

Matriz M15 para provar o caminho email/upload/webhook ate candidato, review e Notion.

Parcial

Real

Parcial

Bloqueado

Prova local

Operador pode tentar prova local/preview quando runtime minimo existe.

Webhook assinado

Exige assinatura e persistencia server-side antes de provider dashboard.

Notion controlado

Exige candidato revisto e runtime Notion antes de escrever.

Provider dashboards permitidos: nao. Expose this server-side proof in /configuracoes, then run operator QA with real session/env.

Supabase runtime

supabase_runtime

Real

Verdade atual

Public Supabase config and server persistence runtime are present.

Run the operator proof and verify a candidate survives reload.

Evidencia exigida

Authenticated operator sessionServer-side persistence runtime availableReloadable invoice candidate

Prova local possivel

Nao bloqueia producao

Signed invoice webhook

signed_invoice_webhook

Parcial

Verdade atual

The Suite can verify signed invoice webhook payloads; candidate persistence still depends on Supabase runtime.

Run signed webhook proof against local/preview runtime.

Evidencia exigida

POST /api/webhooks/invoiceHMAC timestamp/raw-body validationRejected unsigned event

Prova local possivel

Bloqueia producao

Invoice candidate persistence

invoice_candidate_persistence

Parcial

Verdade atual

Repository path can create invoice candidates, but this matrix does not perform writes.

Use M15-04 to create one real signed candidate proof.

Evidencia exigida

invoice_ingest_events rowsource-specific dedupe keyreviewRequired=true

Prova local possivel

Nao bloqueia producao

Human review queue

review_queue

Parcial

Verdade atual

Review queue can load persisted invoice candidates for an authenticated operator.

Expose this proof in /configuracoes and run browser QA with a real session.

Evidencia exigida

Visible persisted rowReload keeps row visibleNo demo row mixed as real

Prova local possivel

Nao bloqueia producao

Controlled Notion bridge

notion_bridge

Parcial

Verdade atual

Notion finance env is present; live write still requires a reviewed candidate and human confirmation.

Run a candidate-to-Notion proof with a real reviewed candidate.

Evidencia exigida

Reviewed candidateHuman confirmationNotion page ID or provider-blocked error

Prova local possivel

Nao bloqueia producao

Post-Notion email intent

post_notion_email_intent

Parcial

Verdade atual

Post-Notion email handling is intent-only. Gmail provider mutation remains disabled until its separate gate is satisfied.

Keep intent-only behavior until Gmail mutation gate is deliberately enabled.

Evidencia exigida

Candidate has notionPageIdIntent audit rowmutateGmail=false

Prova local possivel

Nao bloqueia producao

Gmail live read

gmail_live_read

Bloqueado

Verdade atual

Gmail live read is blocked; persisted snapshots and manual review remain the safe path.

Do not read real Gmail until OAuth, Pub/Sub and token storage proof pass.

Evidencia exigida

OAuth callback proofToken reference stored server-sideSafe snapshot persisted

Prova local bloqueada

Bloqueia producao

Suite domain runtime

domain_runtime

Parcial

Verdade atual

Runtime points at the target domain, but remote webhook QA is still required.

Use local/preview for development and unlock dashboards only after remote QA.

Evidencia exigida

suite.trionscale.com deploymentRemote HTTP QAProvider dashboard URL review

Prova local possivel

Bloqueia producao

Provider dashboards

provider_dashboards

Bloqueado

Verdade atual

Provider dashboards must remain blocked until final domain, secrets and remote route QA are complete.

Do not configure Gmail, n8n or PandaDoc dashboards from local proof.

Evidencia exigida

Final route existsRemote signature QANo client secret leakage

Prova local bloqueada

Bloqueia producao

Real vs Demo vs Bloqueado

Mapa operacional para separar dados persistidos, demos locais e bloqueios externos.

Real

Parcial

Demo

Bloqueado

Supabase

supabase

Real

Expectativa

Persistencia local/remota para estados auxiliares.

Verdade atual

Server-side persistence and Auth verification can be used without exposing privileged keys.

Use the session proof panel before claiming authenticated persisted flows.

supabase/migrationsdocs/supabase-phase4-schema.md

Notion Finance

notion

Real

Expectativa

Validated invoice data creates or updates `Gastos e Receitas`.

Verdade atual

Notion finance repository can create and update records server-side.

Wire reviewed invoice candidates into the existing finance repository.

src/features/notion/notion-finance-repository.server.ts

Upload de faturas

upload

Parcial

Expectativa

Upload creates a real candidate for review.

Verdade atual

Upload can create persisted invoice candidates through server functions when an authenticated Supabase session is available.

Keep the human review gate active and complete end-to-end QA before enabling production automation.

docs/phase-5-real-pipeline-prd.mdTRI-395

Emails

emails

Parcial

Expectativa

Email data is pulled, classified and routed into the Suite.

Verdade atual

Email snapshots and classification feedback can persist in Supabase, but live Gmail read remains blocked by OAuth, Pub/Sub and secure token storage.

Use persisted snapshots now; activate Gmail sync only after credentials and provider setup are approved.

docs/gmail-integration-decision.mdsrc/routes/emails.tsx

Orcamentacao

orcamentacao

Parcial

Expectativa

Quote requests and proposals persist and prepare PandaDoc output.

Verdade atual

Quote requests, quotes and PandaDoc drafts can persist in Supabase when a session is available; local examples remain labelled as fallback.

Use the server-side PandaDoc payload builder and keep real sending blocked until credentials and approval are present.

src/features/quotessrc/routes/orcamentacao.tsx

PandaDoc

pandadoc

Bloqueado

Expectativa

Approved proposals can become PandaDoc documents.

Verdade atual

Provider is decided; payload builder and webhook validator exist, but real calls are blocked by API key, final template, webhook secret, target domain or approval gate.

Activate real document creation only after credentials, approved template, webhook secret, domain and human approval gate are reviewed.

docs/pandadoc-proposal-decision.mdTRI-400TRI-401

Dominio e webhooks

domain

Parcial

Expectativa

`suite.trionscale.com` receives production webhooks.

Verdade atual

Target domain is present in env, but provider webhooks still require secrets and final activation.

Keep local/preview active and activate provider webhooks only after final DNS/env review.

docs/phase-5-real-pipeline-prd.md

VPS nodes

vps

Bloqueado

Expectativa

Production automation nodes run on the VPS.

Verdade atual

VPS is down or not marked ready; local and Vercel work can continue.

Deploy nodes only after VPS is available and secrets are configured.

docs/phase-5-real-pipeline-prd.md

Integracao com ERP

Sincronizacao futura de faturas aprovadas.

Primavera

Ligado

Activo

SAGE

Nao ligado

PHC

Nao ligado

Contas de email

Entrada assistida para faturas e pedidos comerciais.

Importacao automatica

Processar anexos apenas depois de credenciais e politicas aprovadas.

Regras de categorizacao

Regras locais antes de validacao humana.

Fornecedor contem EDP ou GalpUtilidades

Fornecedor contem AWS ou CloudflareSoftware (SaaS)

Valor superior a 1.000 EURMaterial

API e webhooks

Endpoints server-side para providers externos aprovados.

Endpoint base

Segredos de webhook