microsoft
diff --git a/‎src/Apps/W1/TransactionStorage/App/CLAUDE.md‎
Lines changed: 122 additions & 0 deletions b/‎src/Apps/W1/TransactionStorage/App/CLAUDE.md‎
Lines changed: 122 additions & 0 deletions
diff --git a/‎src/Apps/W1/TransactionStorage/App/docs/business-logic.md‎
Lines changed: 191 additions & 0 deletions b/‎src/Apps/W1/TransactionStorage/App/docs/business-logic.md‎
Lines changed: 191 additions & 0 deletions
diff --git a/‎src/Apps/W1/TransactionStorage/App/docs/data-model.md‎
Lines changed: 70 additions & 0 deletions b/‎src/Apps/W1/TransactionStorage/App/docs/data-model.md‎
Lines changed: 70 additions & 0 deletions
@@ -0,0 +1,122 @@
+# Transaction Storage
+
+Compliance archival system that exports Business Central transaction data and
+document attachments to Azure Blob Storage. Designed for regulatory requirements
+(e.g., Denmark Bookkeeping Act) requiring machine-readable transaction preservation.
+
+## Quick reference
+
+**App ID:** `c832ba23-ab01-45f5-8cb2-bfdf061a7a8c`
+**Object range:** 6200-6250
+**Core objects:** 14 (6 tables, 6 codeunits, 1 page, 1 enum)
+**Dependencies:** None
+**Target markets:** SaaS production environments with compliance requirements
+
+## How it works
+
+### Trigger mechanism
+
+The system uses an event-driven approach to initiate exports:
+
+1. **GL posting** (OnAfterGLFinishPosting) sets a flag indicating transactions occurred
+2. **User logout** (OnAfterCompanyClose) detects the flag and schedules a background export task
+3. **Background task** runs asynchronously, typically during scheduled time slots (2:00-4:40 AM)
+
+### Incremental export
+
+The system tracks `last_handled_datetime` per table using `SystemModifiedAt` timestamps.
+Only new or modified records since the last export are included. This prevents
+re-exporting unchanged data.
+
+### Data scope
+
+Exports **29 tables** covering the full transaction audit trail:
+
+- **Ledger entries:** G/L Entry, VAT Entry, Customer/Vendor Ledger, Item Ledger, FA Ledger
+- **Documents:** Sales/Purchase Invoice/Credit Memo headers and lines
+- **Reminders:** Reminder/Finance Charge headers and lines
+- **Master data:** GL Account, Customer, Vendor, Bank, Fixed Asset (referenced by transactions)
+
+### Chunking and limits
+
+- Records exported in chunks of **50,050 records** to manage memory
+- Binary search algorithm limits each table to **200,000 records per run**
+- This prevents runaway exports on large datasets
+
+### Azure upload
+
+- **Dual endpoints:** JSON text endpoint for transactions + base64 document endpoint for attachments
+- **Authentication:** OAuth2 certificate auth with secrets from Azure Key Vault
+- **Blob container:** Formatted Company Registration Number (CVR)
+- **Blob path:** `{AAD-Tenant-ID}_{Env-Name}/{YYYYMMDD}/`
+- **Retention:** 6 years (or 6 years from fiscal year-end)
+
+### Document attachments
+
+Incoming document attachments linked to GL entries are exported as base64-encoded
+files. Maximum size: **100MB per attachment**.
+
+### Error handling
+
+- **Retry logic:** Up to 4 attempts with 5-15 minute random delay
+- **Timeout detection:** Handles long-running operations
+- **OutOfMemory handling:** Graceful degradation on memory exhaustion
+- **Critical alerts:** 7-day consecutive failure monitoring
+
+### Scheduling
+
+- **Distributed scheduling:** Tenant export times spread across 2:00-4:40 AM
+- **Time slot calculation:** Based on tenant ID hex digits to prevent server load spikes
+
+## Structure
+
+All objects are in the flat `src/` folder:
+
+- **Tables (6):** Setup, export status tracking, failure monitoring, task scheduling
+- **Codeunits (6):** Export orchestration, Azure upload, retry logic, scheduling, event subscribers
+- **Page (1):** Setup page for configuration
+- **Enum (1):** Export status values
+- **Permissions:** Permission set definitions in `Permissions/` folder
+
+## Documentation
+
+Reference materials are in the parent `TransactionStorage/` folder:
+
+- **README.md** -- Overview and compliance context
+- **Business Central Transactions and Receipts API Specification.md** -- API contract for Azure endpoint
+
+## Things to know
+
+### Country-specific behavior
+
+- **Denmark:** First run date = 2024-01-01 (when regulation took effect)
+- Other countries may have different start dates or opt-in configuration
+
+### Environment filtering
+
+The system **only runs in SaaS production** environments. It skips:
+
+- Demo companies
+- Evaluation companies
+- Sandbox environments
+
+This prevents test data from polluting compliance archives.
+
+### Background tasks
+
+Exports run as Task Scheduler background tasks. They do not block user sessions
+and can be monitored via the Task Scheduler page. If a task fails, the retry
+logic reschedules it automatically.
+
+### Azure Functions dependency
+
+The system requires a deployed Azure Function endpoint to receive exported data.
+The endpoint URL, certificate thumbprint, and Key Vault details are configured
+in the setup table. Without valid Azure configuration, exports will fail silently
+until corrected.
+
+### SystemModifiedAt tracking
+
+The incremental export relies on `SystemModifiedAt` timestamps, which are
+automatically maintained by the platform. Do not manually modify these fields
+or the export will skip records.
@@ -0,0 +1,191 @@
+# Business Logic
+
+## Overview
+
+The Transaction Storage extension implements an event-driven architecture that captures Business Central transactions, schedules background exports, and uploads data to Azure Blob Storage for long-term archival.
+
+## Trigger Mechanism
+
+**TransStoragePostingState** (SingleInstance codeunit) decouples posting from export:
+
+- Subscribes to **OnAfterGLFinishPosting** (Gen. Jnl.-Post Line) -- sets internal flag when GL entries are posted
+- Subscribes to **OnAfterCompanyClose** (LogInManagement) -- checks flag at user logout; if set, calls TransStorageScheduleTask to schedule export
+- Non-blocking design -- posting completes immediately without waiting for export
+
+## Scheduling Logic
+
+**TransStorageScheduleTask** validates environment and creates a background task:
+
+1. **Environment validation** -- ensures SaaS production environment (skips on-prem, demo, evaluation)
+2. **Duplicate prevention** -- checks if a valid scheduled task already exists; if so, exits without creating duplicate
+3. **Retry reset** -- sets NoOfTasksAttempts to 3 in TransactStorageSetup
+4. **Start time calculation** -- reads Earliest Start Time from setup; if that time has passed today, schedules for tomorrow; otherwise schedules for today
+5. **Tenant distribution** -- CalcTenantExportStartTime() uses first 2 hex characters of AAD tenant ID to distribute start times across 2:00-4:40 AM window (prevents thundering herd)
+6. **Task creation** -- creates TaskScheduler record with:
+   - Run codeunit: TransactStorageExport
+   - Error handler: TransStorageErrorHandler
+   - Scheduled start time
+
+## Export Process
+
+**TransactStorageExport.OnRun()** delegates to **TransactStorageExportData.ExportData()**:
+
+1. **Table iteration** -- processes 29 hard-coded tables (GL Entry, Sales Header, Sales Line, Purchase Header, etc.)
+2. **Date range filtering** -- for each table, calls SetRangeOnDataTable():
+   - SystemModifiedAt between last_handled_datetime (from TransactStorageTableEntry) and task_start_datetime
+   - Volume limiting via CalcFilterRecordToDateTime() if record count exceeds 200,000
+3. **Record collection** -- CollectDataFromTable() iterates records:
+   - Converts each record to JSON object (field whitelist per table)
+   - Chunks JSON into 50,050-record arrays stored in TransStorageExportData temp table (blob parts)
+4. **Document collection** -- for GL Entry records, collects related incoming documents:
+   - Filters by posting date and document number
+   - Converts attached documents to base64
+5. **Master data collection** -- HandleTableFieldSet() identifies foreign key references:
+   - Collects referenced Customers, Vendors, GL Accounts, etc.
+   - Ensures archive is self-contained with all referenced master data
+6. **Upload** -- calls TransactionStorageABS.ArchiveTransactionsToABS():
+   - Uploads JSON text (transaction data + master data)
+   - Uploads base64 documents
+   - Uploads execution log
+   - Uploads metadata file
+
+## Volume Limiting
+
+**CalcFilterRecordToDateTime()** implements binary search to cap record count at 200,000:
+
+1. **First pass** -- halves date range until record count <= 200,000 (day-level granularity)
+2. **Second pass** -- refines end date to millisecond precision to maximize records within limit
+3. **Result** -- returns adjusted SystemModifiedAt filter; unprocessed records handled in next scheduled run
+
+## Azure Upload
+
+**TransactionStorageABS** uploads to Azure Blob Storage:
+
+- **Endpoints** -- separate Azure Function endpoints for JSON text and base64 documents
+- **Secrets** -- retrieved from Key Vault (configured in TransactStorageSetup)
+- **Container** -- formatted CVR number (company registration number)
+- **Blob folder structure** -- {TenantID}_{EnvironmentName}/{YYYYMMDD}
+- **Retention policy** -- 6 years or fiscal year-end + 6 years (configurable via Deletion Date Expression in setup)
+
+## Retry Logic
+
+**TransStorageErrorHandler** captures task errors and decides whether to reschedule:
+
+1. **Attempt exhaustion** -- if 4 attempts consumed, logs critical alert and stops
+2. **Timeout** -- no reschedule (prevents infinite retry loop on slow queries)
+3. **OutOfMemory** -- no reschedule (prevents server instability)
+4. **Duplicate prevention** -- checks if valid task exists before rescheduling
+5. **Reschedule** -- if retriable error, schedules new task 5-15 minutes later (random backoff), decrements NoOfTasksAttempts
+6. **Consecutive failure monitoring** -- if 7 consecutive first-attempt failures detected, logs critical alert
+
+## Flow Diagram
+
+```
+┌─────────────────────┐
+│  GL Posting Event   │
+│ (Gen. Jnl.-Post)    │
+└──────────┬──────────┘
+           │
+           v
+┌─────────────────────┐
+│ TransStoragePosting │
+│   State (flag set)  │
+└──────────┬──────────┘
+           │
+           v
+┌─────────────────────┐
+│   User Logout       │
+│ (OnAfterCompanyClose)│
+└──────────┬──────────┘
+           │
+           v
+┌─────────────────────┐
+│ TransStorageSchedule│
+│  Task (create task) │
+└──────────┬──────────┘
+           │
+           v
+┌─────────────────────┐
+│ TaskScheduler (2-4AM│
+│  next day, run code-│
+│  unit:TransactStorage│
+│  Export)             │
+└──────────┬──────────┘
+           │
+           v
+┌─────────────────────┐
+│ TransactStorageExport│
+│  .OnRun()            │
+└──────────┬──────────┘
+           │
+           v
+┌─────────────────────┐
+│ TransactStorageExport│
+│  Data.ExportData()   │
+│ (29 tables, filter by│
+│  SystemModifiedAt,   │
+│  volume limiting)    │
+└──────────┬──────────┘
+           │
+           v
+┌─────────────────────┐
+│ CollectDataFromTable│
+│ (JSON chunking,      │
+│  50,050 records/chunk)│
+└──────────┬──────────┘
+           │
+           v
+┌─────────────────────┐
+│ Collect documents   │
+│ (incoming docs by    │
+│  posting date + doc  │
+│  no, base64 encode)  │
+└──────────┬──────────┘
+           │
+           v
+┌─────────────────────┐
+│ Collect master data │
+│ (customers, vendors, │
+│  GL accounts via FK  │
+│  references)         │
+└──────────┬──────────┘
+           │
+           v
+┌─────────────────────┐
+│ TransactionStorageABS│
+│ .ArchiveTransactions │
+│  ToABS()             │
+│ (upload JSON, docs,  │
+│  log, metadata)      │
+└──────────┬──────────┘
+           │
+           v
+┌─────────────────────┐
+│  Azure Blob Storage │
+│ (container: CVR,     │
+│  folder: TenantID_   │
+│  EnvName/YYYYMMDD,   │
+│  retention: 6 years) │
+└─────────────────────┘
+
+ERROR PATH:
+┌─────────────────────┐
+│ TransStorageError   │
+│  Handler (on task   │
+│  error)              │
+└──────────┬──────────┘
+           │
+           v
+   ┌───────┴───────┐
+   │  Retriable?   │
+   └───┬───────┬───┘
+       │       │
+      YES      NO
+       │       │
+       v       v
+   Reschedule  Log critical
+   (5-15 min   alert, stop
+   backoff,    retry
+   decrement
+   attempts)
+```
@@ -0,0 +1,70 @@
+# Transaction Storage Data Model
+
+The Transaction Storage extension uses six core tables to manage scheduled exports of transaction data to Azure Blob Storage. The model separates concerns: configuration, execution tracking, retry state, per-table incremental progress, and temporary staging.
+
+## Entity Relationships
+
+```mermaid
+erDiagram
+    TransactionStorageSetup ||--o{ TransactStorageTaskEntry : "schedules"
+    TransactStorageExportState ||--|| TransactionStorageSetup : "controls retries for"
+    TransactStorageTableEntry }o--|| TransactionStorageSetup : "configured by"
+    TransStorageExportData }o--|| TransactStorageTaskEntry : "stages data for"
+
+    TransactionStorageSetup {
+        Time EarliestStartTime
+        Integer MaxNumberOfHours
+    }
+
+    TransactStorageTaskEntry {
+        Guid TaskID
+        Enum Status
+        DateTime StartingDateTime
+        DateTime EndingDateTime
+    }
+
+    TransactStorageExportState {
+        Integer NumberOfAttempts
+        Date FirstRunDate
+    }
+
+    TransactStorageTableEntry {
+        Integer TableID
+        DateTime LastHandledDateTime
+        Boolean ExportedToABS
+    }
+
+    TransStorageExportData {
+        Integer TableID
+        Integer Part
+        Blob Content
+    }
+```
+
+## Configuration Layer
+
+**TransactionStorageSetup (6201)** is a singleton that controls when exports can run. It defines an earliest start time (default 02:00) and a maximum window of hours (default 3, minimum 3). On insert, the system calculates a distributed export time for the tenant to spread load across the time window. This prevents all tenants from starting exports simultaneously.
+
+## Execution Tracking
+
+**TransactStorageTaskEntry (6202)** maintains an audit trail of every export task. Each entry records a task ID (GUID), execution status (via the TransStorageExportStatus enum), start and end times, and error details if the task failed. The error call stack is stored in a blob field and can be retrieved or displayed via dedicated procedures. The table tracks whether each execution is a first attempt and when it was originally scheduled.
+
+## Retry State
+
+**TransactStorageExportState (6203)** is a singleton that tracks retry attempts. It starts with a configurable number of attempts (default 3) and decrements on each failure. The First Run Date field is country-aware -- for Denmark, it defaults to 2024-01-01. A ResetSetup procedure allows the retry counter to be reset when needed.
+
+## Per-Table Progress
+
+**TransactStorageTableEntry (6204)** tracks the export state for each table being monitored. Each record uses the table ID as its primary key and includes a flow field for the table name. The table maintains incremental export state via Filter Record To DT and Last Handled Date/Time fields, allowing the system to resume from where it left off. It records the number of exported records, any record filters applied (up to 2048 characters), whether the data has been exported to Azure Blob Storage, and the blob name used.
+
+## Temporary Staging
+
+**TransStorageExportData (6205)** is a temporary table used during export operations. It has a composite primary key of Table ID and Part, allowing large datasets to be chunked into multiple JSON arrays. The Content blob field stores each chunk, and Record Count tracks how many records are in that part. Data is added via an Add procedure and cleared between runs.
+
+## Status Enumeration
+
+**TransStorageExportStatus (6201)** defines five states: None, Scheduled, Started, Completed, and Failed. This enumeration is not extensible, ensuring consistent status tracking across the export lifecycle.
+
+## Data Flow
+
+During an export cycle, the setup table determines when execution can begin. The export state singleton controls retry logic. For each configured table in the table entry records, the system reads incremental changes, stages them in temporary export data chunks, and writes them to Azure Blob Storage. The task entry table records each execution attempt with full error details if failures occur.