arcodange-org/erp
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a1042a483b5f500cca28e44f6d42b8dcf9c23c9f
erp/.claude/skills/dolibarr/README.md
Gabriel Radureau bd90266372 add arcodange-bank-reco — Qonto + Wise reconciliation against Dolibarr 
V6 — the first cross-system skill (under arcodange-* not dolibarr-*).
Closes the loop between what Dolibarr says (ERP-internal) and what the
bank actually saw.

What ships:
- arcodange-bank-reco/scripts/bank-curl.sh        unified read-only wrapper for Qonto + Wise
- arcodange-bank-reco/scripts/bank-probe.sh       auth + discovery (org slug, profile id, balances)
- arcodange-bank-reco/scripts/qonto-transactions  Qonto txn lister with pagination + filters
- arcodange-bank-reco/scripts/wise-transactions   Wise activity lister with --enrich for wire refs
- arcodange-bank-reco/scripts/bank-match.sh       3-bucket reconciliation (matched/bank-only/dol-only)
                                                  with internal Wise↔Qonto consolidation detection
- arcodange-bank-reco/scripts/bank-balance.sh     live balances + Dolibarr cumulative-by-fk_account

The headline bank-curl.sh is SCA-aware (Wise RSA dance) even though we
don't end up using it: the EU statement endpoint is region-blocked
("Funding transfers and retrieving balance statements via API are not
supported except for accounts based in the US, Canada, Australia, New
Zealand, Singapore, and Malaysia" per Wise docs). The wrapper supports
SCA so when/if Wise opens it, we're ready.

The pivot that unblocked Wise incoming: /v1/profiles/{pid}/activities
(documented at https://docs.wise.com/api-reference/activity/activitylist.md)
returns ALL movements in a unified HTML-tagged feed, no SCA required.
Parsing strips the HTML and recovers structured amount/sign/currency.

CLI integration:
- bin/arcodange bank {probe,qonto-transactions,wise-transactions,match,balance,curl}
- dolibarr/SKILL.md catalogue + Pointers updated
- dolibarr/README.md env schema extended with QONTO_*, WISE_*

Live baseline findings to raise with the cohort review (captured in
examples/bank-match-2026-01-to-05.txt):
- Wise 2026-05-29 +2147 EUR Kissmetrics NOT YET in Dolibarr
- Qonto bank-only: MISTRAL.AI 172.68, CLAUDE.AI 180, URSSAF 493, FOUREZ +1000
- 6 movements matched cleanly across Jan-May 2026
- Wise→Qonto 5000 EUR consolidation on 2026-03-13 auto-detected as internal
- Live balance: Qonto 4191.54 + Wise 5308.25 = 9499.79 EUR

V7 candidates noted in SKILL.md out-of-scope: reference-based matching
via the Wise --enrich wire refs (FOR INVOICE FAC***), multi-row Dolibarr
sub-payment aggregation, smarter avoir cycle handling.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-31 13:57:21 +02:00

3.0 KiB
Raw Blame History

dolibarr — one-time setup

Skill body: SKILL.md. This README is the human-facing setup checklist.

1. Create .env (mode 600, never committed)

cat > .claude/skills/dolibarr/.env <<'EOF'
DOLIBARR_URL=https://erp.arcodange.lab
DOLIBARR_API_KEY=<get from Dolibarr UI: Users → ai_agent → API key>
DOLIBARR_USER=ai_agent
DOLIBARR_PASSWORD=<the ai_agent password, only needed for occasional UI login>

# Required by arcodange-bank-reco only (omit if you only use dolibarr-* skills)
QONTO_LOGIN=arcodange-XXXXX
QONTO_SECRET_KEY=<from Qonto Settings → Integrations → API>
QONTO_ORG_SLUG=arcodange-XXXXX                 # same as login in most cases
WISE_API_TOKEN=<from wise.com/settings/api-tokens>
WISE_PROFILE_ID=<numeric id of the BUSINESS profile — bank probe prints it>
# Optional: only needed if Wise ever opens the EU statement endpoint
WISE_SCA_KEY_PATH=~/.config/arcodange-erp/wise-sca-private.pem
EOF
chmod 600 .claude/skills/dolibarr/.env

Verify it's gitignored:

git check-ignore .claude/skills/dolibarr/.env   # should print the path

2. Grant ai_agent the four voir_tous permission flags

ai_agent is read-only by design. But Dolibarr's per-record ACL silently filters out invoices and thirdparties unless the voir_tous (see-all) flags are ticked. Without them, /invoices returns [] and /thirdparties returns 404 — looks like an empty database.

In the Dolibarr UI (https://erp.arcodange.lab/Setup → Users & Groups → ai_agent → Permissions), tick:

  • Tiers → Lire les tiers
  • Tiers → Voir tous les tiers (et pas seulement ceux liés à l'utilisateur courant)
  • Factures → Lire les factures
  • Factures → Voir toutes les factures (et pas seulement celles liées à l'utilisateur courant)
  • Factures fournisseurs → Lire les factures fournisseurs (required by dolibarr-tva-deductible)
  • Factures fournisseurs → Voir toutes les factures fournisseurs

Save. Future modules used by dolibarr-* sibling skills (Paiements, Produits, …) need the same treatment.

3. Quick-start test

./.claude/skills/dolibarr/scripts/dol-curl.sh /users/info | jq -r .login
# → ai_agent
./.claude/skills/dolibarr/scripts/dol-curl.sh /status
# → {"success":{"code":200,"dolibarr_version":"22.0.4",...}}
./.claude/skills/dolibarr/scripts/dol-curl.sh /thirdparties/1 | jq '{ref, country_code, town}'
# → {"ref":"KissMetrics","country_code":"US","town":"St. Petersburg"}

If the third one returns HTTP 403 Access not allowed for login ai_agent on this thirdparty, the voir_tous flags from step 2 are missing.

4. Rotating the API key

If the key leaks: Dolibarr UI → Users → ai_agent → API key → Generate new → copy the new value into .env. No other change needed; every dolibarr-* skill picks it up via dol-curl.sh.

Pointers

Reference in New Issue View Git Blame Copy Permalink