All required functionality is in place for secure project document & associated info management with remote located project members
- A chatbot editor, useful for the creation of conversational agents
- New site permission: chatbot editor, like an admin, but only for chatbots
- Renamed chat related API endpoints
New API endpoints:
- /chatbot/ POST to create new chatbot
- /chatbot/[chatbotid] GET specific chatbot (must have owning project access)
- /chatbot/project/[projectid] GET all project chatbots
- /chatbot/[chatbotid] PUT update specific chatbot (must have chatbot edit permission)
and
- /aichat/ POST creates a new chatbot conversation
- /aichat/[chatid] GET gets a chatbot conversation (must have owning project access)
- /aichat/project/[projectid] GET all project chatbot conversations
- /aichat/[chatid] PUT update chatbot conversation (ask another question)
Earlier experiments with an 'AI Attorney' proved quite useful. That same 'AI Attorney' is now the default chatbot when creating a project. Chatbots are private to a project, as are their exchanges (conversations.) An example of a custom chatbot might be one tuned with Legal Spanish to Legal English translation.
MiniCMS Features:
- Duel local and prod docker compose setups
- FastAPI, Postgresql, SQLAlchemy, Pydantic, Databases
- User accounts
- Roles: admin, staff, per-Project access, per project chatbot editor
- Basically operate as permissions; having a project role indicates project membership and access
- Email verification
- Until email verification, user account cannot do much, locked out of projects, which is almost everything
- Settings page for account mgmnt
- Password and email change
- Admins get a few more settings:
- Enable/disable public registration to website
- Generate and download a site database backup
- Review site users, their account settings, account roles, project memberships, and site use history
- Create new user controls
- End-user profile pages for end-webmaster to put a GUI for whatever is the purpose behind their using MiniCMS
- Roles: admin, staff, per-Project access, per project chatbot editor
- 'Project' content type
- A collection of uploaded files, memos, comments and AI chats only accessible by Project members
- See the uploaded files description in the Memo section
- A Project overview page for description, members, and project files
- Project Files are isolated, requiring Project membership and Project published status to access Project Files
- Project editor uses an embedded rich text editor (TinyMCE)
- Intended to serve as the secure collection point for project information between members potentially in different locations
- Deleting a Project only deletes empty projects with no Memos or uploaded files
- Attempts to delete a Project with uploaded files that are checked out for modification error
- The checked out files must be checked in, or an Admin must cancel their checkout
- Attempts to delete a Project with content is an archiving operation:
- The Project itself and its Memos are marked as archived
- Any files in the Project's upload directory are zip compressed
- Project members are removed
- Admins continue to see the Project, but as archived
- Attempts to delete a Project with uploaded files that are checked out for modification error
- A collection of uploaded files, memos, comments and AI chats only accessible by Project members
- 'Memo' content type
- Memos are containers for each project's text, image, video, PDF and related info and files
- Any project information needed by different members should be in a project memo
- including info for recreating the project later
- Both Memo and Comment editor use an embedded rich text editor (TinyMCE)
- title, content text, file uploads, upload embedding, status, access, and tags
- files may be uploaded
- which become available as embed links, 'checkout for modification' and download buttons
- image, video and pdf embeds are working
- Uploaded files have 'version control'
- A Project Member is able to check out an uploaded file for modification
- While 'checked out' other Project Memebers can download the uploaded last version of that file, but they cannot upload a modified version
- It is clearly identified as 'locked for modification by username'
- After the 'checked out member' finishes their changes, they can upload the new version
- This will unlock the file for other Project Members to modify
- Upon the modified file's upload, the file's version number increments and the older version is archived
- All uploads go into an isolated Project directory requiring Project Membership to access
- which become available as embed links, 'checkout for modification' and download buttons
- status can be unpublished, published or archived
- once published, a memo can no longer be edited by non-admin project members
- admins can see and edit unpublished and published memos of others
- admins can see archived Projects and their memos and files, but they cannot be modified
- configuring access is different between admin and staff
- admins can set access to: admin, staff, or public
- admin access is only visible to other admins
- staff access is visible to admin and staff
- public access is visible to the public, and staff, but only admins can create public memos
- I am considering removing public access memos
- The new Uploaded File security model makes any File embeds problematic
- I am considering removing public access memos
- staff can only create staff visible memos, so the access controls disappear when a user with only the staff role is editing a memo
- admins can set access to: admin, staff, or public
- files may be uploaded
- 'Comment' content type
- Control for commenting on memos
- access to a Comment is controlled by the Memo and Project it is associated
- Comments use a reduced functionality embed of TinyMCE editor, but still allows image, video and pdf embeds
- Comments, once posted, cannot be edited
- Support for nested comments is in place, just not completed yet, not sure if necessary
- Control for commenting on memos
- 'Chatbot' content type
- An editor interface to create chatbots
- Instruction sets to guide a LLM AI how to behave during a natural language exchange
- i.e. a chat interface on a web site
- Instruction sets to guide a LLM AI how to behave during a natural language exchange
- This is an initial, functional interface for further experimentation, it works
- An editor interface to create chatbots
- 'AI Chat' content type
- A chat interface to a LLM AI chatbot behaving within the role provided by a 'Chatbot'
- A default Chatbot in the role of a CA Law Professor and Attorney is available
- The 'Chatbot' content type and it's editor may be used to create additional chatbots
- A chat interface to a LLM AI chatbot behaving within the role provided by a 'Chatbot'
- 'Tag' content type
- for unique term management, employed for multiple uses
- "system tags" are used for
- "status" (unpublished, published, archived)
- access permissions (admin, staff, public)
- Projects each have a Project Tag, defining an access role for that Project
- Project Tags are used as User Access Roles, as well as Project Memo search terms
- "system tags" are used for
- for unique term management, employed for multiple uses
- 'Note' content type
- Intended for programmatic usage
- has title, description, and data (JSON) fields
- currently only used for site's configuration
- notes do not have a web page GUI for editing them (yet)
Account roles are track admin/staff and unverified (email) statuses, they also hold project memberships. Project memberships are honored by memos, meaning users not members of a project cannot load its memos.
This is a fork of my other repo FastAPI_TDD_Docker, focusing on a more formal CMS experience (without going to far.) From that other repo are tests, yet to be updated to this repo, untested backups, and a Traefik https config for prod. Soon those will get attention.
A Project page showing the project description (top), members, uploaded files, memo links, and the AI Attorney access
The experimental AI Attorney page; it carries extened conversations with CA legal knowledge.
A detail on the rich text editor, with the usual expected rich editing widgets, plus image, video embed controls
A published memo, with the comment editor and upload file controls
The admin settings page. Each user's settings is similar, just fewer things for non-admins