groombook/api
13
0
Fork 0
Code Issues 2 Pull Requests Actions Packages Projects Releases Wiki Activity

fix(portal): implement PATCH /portal/pets/:petId + enrich GET /portal/pets (GRO-2187)
CI / Test (pull_request) Successful in 12s
Details
CI / Lint & Typecheck (pull_request) Successful in 16s
Details
CI / Build & Push Docker Images (pull_request) Successful in 3m50s
Details

Browse Source 
The customer portal pet-save calls PATCH /api/portal/pets/{petId}, which the
deployed src/ tree never registered → 404, no persistence (UAT §5.23 / GRO-1480
regression). Also GET /portal/pets omitted the extended fields, so a write was
not visible on reload.

- Add portalRouter.patch("/pets/:petId", …) with ownership enforcement
  (pet.clientId === portalClientId → 403, missing pet → 404), mirroring the
  appointment-notes handler.
- Map the web payload to pets columns: name, breed, weightKg (accept
  weightKg/weight), dateOfBirth (birthDate), groomingNotes (notes), healthAlerts,
  photoKey (photoUrl), coatType, petSizeCategory (web "xlarge" → DB
  "extra_large"), preferredCuts, medicalAlerts; set updatedAt.
- Reject invalid coatType/petSizeCategory with 422 (validated in-handler).
- Enrich GET /portal/pets with coatType, petSizeCategory, healthAlerts,
  preferredCuts, medicalAlerts.
- Add src/__tests__/portalPets.test.ts: owner success + persistence, weight
  fallback, non-owner 403, not-found 404, invalid enum 422, missing session 401.
- UAT_PLAYBOOK.md §4.8: add TC-API-8.12–8.15 for portal pet GET/PATCH.

coatType/petSizeCategory enums already present in packages/db/src/schema.ts.

Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Savannah Savings
2026-06-08 08:13:12 +00:00
parent 40bd6dcfea
commit 23be6230ba
3 changed files with 416 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files
UAT_PLAYBOOK.md
+4
View File
@@ -259,6 +259,10 @@ This means:
| TC-API-8.9 | SSO bridge — no Better Auth session | POST /api/portal/session-from-auth without Better Auth session cookie | 401 Unauthorized |
| TC-API-8.10 | SSO bridge — no matching client | POST /api/portal/session-from-auth with valid Better Auth session for a user with no client record | 404 Not Found, error "No client record found for this user" |
| TC-API-8.11 | SSO bridge — returned session works on portal routes | After TC-API-8.8, use returned sessionId as `X-Impersonation-Session-Id` header on GET /api/portal/me | 200 OK, client profile returned |
| TC-API-8.12 | Portal GET pets returns extended fields (GRO-2187) | Establish a portal session (TC-API-8.8), then `GET /api/portal/pets` with `X-Impersonation-Session-Id` | 200 OK; each pet includes `coatType`, `petSizeCategory`, `healthAlerts`, `preferredCuts`, `medicalAlerts` (in addition to id/name/breed/weight/birthDate/photoUrl/notes) |
| TC-API-8.13 | Portal pet update — owner success + persistence (GRO-2187, fixes [GRO-1480](/GRO/issues/GRO-1480) §5.23) | With a portal session for the pet's owner, `PATCH /api/portal/pets/{petId}` with body `{ "name": "...", "breed": "...", "weightKg": 18.25, "healthAlerts": "...", "coatType": "double", "petSizeCategory": "xlarge", "preferredCuts": ["teddy bear"], "medicalAlerts": [{"type":"allergy","description":"oatmeal","severity":"medium"}] }` | 200 OK; response reflects the update with `petSizeCategory: "extra_large"` (web `xlarge` → DB `extra_large`). A follow-up `GET /api/portal/pets` shows the persisted values |
| TC-API-8.14 | Portal pet update — non-owner blocked (GRO-2187) | `PATCH /api/portal/pets/{petId}` for a pet owned by a different client, using another client's portal session | 403 Forbidden (or 404 if pet id is unknown); no mutation persisted |
| TC-API-8.15 | Portal pet update — invalid enum rejected (GRO-2187) | `PATCH /api/portal/pets/{petId}` with `coatType: "fluffy"` or `petSizeCategory: "gigantic"` | 422 Unprocessable Entity; pet unchanged |
### 4.9 Waitlist