smoothschedule/smoothschedule/QUICKSTART.md

# Smooth Schedule - Quick Start (Post-Setup)

## ✅ Database Migrations Complete!

All migrations have been successfully applied:
- ✅ Shared schema (public) created
- ✅ Core app migrations applied (Tenant, Domain, PermissionGrant)
- ✅ Users app migrations applied (Custom User with role hierarchy)

## 🎯 Next Steps

### 1. Create a Superuser

Run this interactively (it will prompt for password):

```bash
docker-compose -f docker-compose.local.yml run --rm django python manage.py createsuperuser
```

When prompted:
- **Email**: admin@smoothschedule.com (or your preferred email)
- **Password**: (choose a secure password)
- **Password confirmation**: (repeat the password)

The superuser will automatically have:
- `role` = SUPERUSER
- `is_staff` = True
- `is_superuser` = True
- `tenant` = None (platform-level user)

### 2. Access Django Admin

Start the services if not running:
```bash
docker-compose -f docker-compose.local.yml up -d
```

Access the admin interface:
- URL: **http://localhost:8000/admin/**
- Login with the email and password you just created

### 3. Create Your First Tenant

In Django Admin, go to **Core > Tenants** and click "Add Tenant+":

**Example**:
- Name: Demo Company
- Schema name: `demo` (lowercase, no spaces)
- Subscription tier: PROFESSIONAL
- Max users: 50
- Max resources: 100

Then go to **Core > Domains** and click "Add Domain+":
- Domain: `demo.localhost`
- Tenant: Demo Company (select from dropdown)
- Is primary: ✓ (checked)

### 4. Run Tenant Migrations

After creating your first tenant:

```bash
docker-compose -f docker-compose.local.yml run --rm django python manage.py migrate_schemas
```

This applies migrations to all tenant schemas.

### 5. Create Tenant Users

In Django Admin, go to **Users > Users** and click "Add User+":

**Example Tenant Owner**:
- Email: owner@demo.com
- Password: (secure password)
- Role: TENANT_OWNER
- Tenant: Demo Company
- First name: John
- Last name: Owner
- Is active: ✓

**Example Demo Account** (for Sales to masquerade):
- Email: demo@demo.com
- Password: demo
- Role: TENANT_OWNER
- Tenant: Demo Company
- Is temporary: ✓ (checked - allows Platform Sales to hijack)

### 6. Test Masquerading

1. Login to admin as superuser
2. Go to Users list
3. Find the demo or tenant owner user
4. Look for the "Hijack" button (usually in the row actions)
5. Click it to masquerade as that user
6. Check `logs/masquerade.log` for audit trail:
   ```bash
   docker-compose -f docker-compose.local.yml logs django | grep masquerade
   ```

## 🔍 Troubleshooting

**Can't access admin?**
- Ensure containers are running: `docker-compose -f docker-compose.local.yml ps`
- Check logs: `docker-compose -f docker-compose.local.yml logs -f django`

**Forgot password?**
- Reset via command: `docker-compose -f docker-compose.local.yml run --rm django python manage.py changepassword admin@smoothschedule.com`

**Need to access tenant subdomain?**
- Add to `/etc/hosts`: `127.0.0.1   demo.localhost`
- Access: http://demo.localhost:8000/

## 📚 Key Files Created

- `core/models.py` - Tenant, Domain, PermissionGrant
- `smoothschedule/users/models.py` - Custom User with 8 roles
- `core/permissions.py` - Masquerading permission matrix
- `core/middleware.py` - Audit logging middleware
- `core/admin.py` - Admin interfaces for core models
- `smoothschedule/users/admin.py` - User admin with hijack button
- `config/settings/multitenancy.py` - Multi-tenancy configuration

## 🎉 You're Ready!

Your multi-tenant SaaS platform is now fully operational. All database tables are created, migrations are applied, and the system is ready for your first tenant!