docs(UAT_PLAYBOOK.md): add TC-API-8.8/8.9/8.10 for portal pet update

Updated §4.8 — new PATCH /api/portal/pets/:id test cases per GRO-1742. Co-Authored-By: Paperclip <noreply@paperclip.ing>
fix(GRO-1742): add portal PATCH /portal/pets/:id endpoint
2026-05-25 15:26:38 +00:00 · 2026-05-25 15:24:58 +00:00 · 2026-05-24 20:11:44 +00:00 · 2026-05-23 18:31:01 +00:00 · 2026-05-23 18:30:57 +00:00 · 2026-05-23 01:40:07 +00:00
13 changed files with 372 additions and 21 deletions
@@ -78,6 +78,8 @@ jobs:

      - name: Set up Docker Buildx
        uses: docker/setup-buildx-action@v3
+        with:
+          driver-opts: network=host

      - name: Log in to Gitea Container Registry
        uses: docker/login-action@v3
@@ -93,6 +95,7 @@ jobs:
          file: Dockerfile
          target: runner
          push: true
+          provenance: false
          tags: |
            git.farh.net/groombook/api:${{ steps.version.outputs.tag }}
            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/api:latest' || '' }}
@@ -106,6 +109,7 @@ jobs:
          file: Dockerfile
          target: migrate
          push: true
+          provenance: false
          tags: |
            git.farh.net/groombook/migrate:${{ steps.version.outputs.tag }}
            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/migrate:latest' || '' }}
@@ -119,6 +123,7 @@ jobs:
          file: Dockerfile
          target: seed
          push: true
+          provenance: false
          tags: |
            git.farh.net/groombook/seed:${{ steps.version.outputs.tag }}
            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/seed:latest' || '' }}
@@ -132,6 +137,7 @@ jobs:
          file: Dockerfile
          target: reset
          push: true
+          provenance: false
          tags: |
            git.farh.net/groombook/reset:${{ steps.version.outputs.tag }}
            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/reset:latest' || '' }}
@@ -21,6 +21,14 @@ GroomBook API is a Hono-based REST service (TypeScript/Node.js) powering the pet

 ## Test Cases

+### 4.0 Health Check
+
+| # | Scenario | Steps | Expected |
+|---|----------|-------|----------|
+| TC-API-0.1 | Unauthenticated health check | GET /api/health | 200 OK, `{"status":"ok"}` |
+
+> **Note (GRO-1544):** Health endpoint registered on `api` basePath before auth middleware at `/api/health`. The old path `/health` was incorrect (routed to web pod via HTTPRoute `/*` rule).
+
 ### 4.1 Authentication

 | # | Scenario | Steps | Expected |
@@ -131,6 +139,9 @@ GroomBook API is a Hono-based REST service (TypeScript/Node.js) powering the pet
 | TC-API-8.5 | Add waitlist entry | POST /api/portal/waitlist with pet and service | 201 Created, waitlist entry created |
 | TC-API-8.6 | View portal invoices | GET /api/portal/invoices | 200 OK, list of client's invoices returned |
 | TC-API-8.7 | Pay multiple invoices | POST /api/portal/invoices/pay-multiple with invoice IDs | 200 OK, payment intent created |
+| TC-API-8.8 | Update pet profile | PATCH /api/portal/pets/{id} with name, breed, groomingNotes | 200 OK, pet updated in portal shape |
+| TC-API-8.9 | Update pet — ownership check | PATCH /api/portal/pets/{id} with session for different client | 403 Forbidden, pet belongs to another client |
+| TC-API-8.10 | Update pet — not found | PATCH /api/portal/pets/{nonexistent-id} | 404 Not Found |

 ### 4.9 Waitlist

@@ -6,8 +6,10 @@
 CREATE TYPE "pet_size_category" AS ENUM ('small', 'medium', 'large', 'xlarge');
 CREATE TYPE "coat_type" AS ENUM ('smooth', 'double', 'wire', 'curly', 'long', 'hairless');

-- ─── Alter pets columns to use new enums ─────────────────────────────────────
+-- ─── Add columns to pets if missing, then cast to enums ──────────────────────

+ALTER TABLE "pets" ADD COLUMN IF NOT EXISTS "coat_type" text;
+ALTER TABLE "pets" ADD COLUMN IF NOT EXISTS "pet_size_category" text;
 ALTER TABLE "pets" ALTER COLUMN "coat_type" TYPE "coat_type" USING "coat_type"::text::"coat_type";
 ALTER TABLE "pets" ALTER COLUMN "pet_size_category" TYPE "pet_size_category" USING "pet_size_category"::text::"pet_size_category";

@@ -0,0 +1 @@
+-- no-op: journal entry exists but no schema change was needed
@@ -0,0 +1,6 @@
+-- Migration: 0033_add_services_default_buffer_minutes.sql
+-- Adds missing default_buffer_minutes column to services table.
+-- 0031_buffer_rules was applied to the DB but its journal entry was missing,
+-- so this ensures idempotent column addition for fresh DB restores.
+
+ALTER TABLE "services" ADD COLUMN IF NOT EXISTS "default_buffer_minutes" integer DEFAULT 0 NOT NULL;
@@ -0,0 +1,103 @@
+{
+  "id": "0033_add_services_default_buffer_minutes",
+  "version": "7",
+  "dialect": "postgresql",
+  "tables": {
+    "authProviderConfig": {
+      "name": "auth_provider_config",
+      "columns": {
+        "id": { "name": "id", "type": "uuid", "primaryKey": true, "default": "gen_random_uuid()", "isNullable": false },
+        "providerId": { "name": "provider_id", "type": "text", "isNullable": false },
+        "displayName": { "name": "display_name", "type": "text", "isNullable": false },
+        "issuerUrl": { "name": "issuer_url", "type": "text", "isNullable": false },
+        "internalBaseUrl": { "name": "internal_base_url", "type": "text", "isNullable": true },
+        "clientId": { "name": "client_id", "type": "text", "isNullable": false },
+        "clientSecret": { "name": "client_secret", "type": "text", "isNullable": false },
+        "scopes": { "name": "scopes", "type": "text", "isNullable": false, "default": "'openid profile email'" },
+        "enabled": { "name": "enabled", "type": "boolean", "isNullable": false, "default": "true" },
+        "createdAt": { "name": "created_at", "type": "timestamp", "isNullable": false, "default": "now()" },
+        "updatedAt": { "name": "updated_at", "type": "timestamp", "isNullable": false, "default": "now()" }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {}
+    },
+    "businessSettings": {
+      "name": "business_settings",
+      "columns": {
+        "id": { "name": "id", "type": "uuid", "primaryKey": true, "default": "gen_random_uuid()", "isNullable": false },
+        "businessName": { "name": "business_name", "type": "text", "isNullable": false, "default": "'GroomBook'" },
+        "logoBase64": { "name": "logo_base64", "type": "text", "isNullable": true },
+        "logoMimeType": { "name": "logo_mime_type", "type": "text", "isNullable": true },
+        "logoKey": { "name": "logo_key", "type": "text", "isNullable": true },
+        "primaryColor": { "name": "primary_color", "type": "text", "isNullable": false, "default": "'#4f8a6f'" },
+        "accentColor": { "name": "accent_color", "type": "text", "isNullable": false, "default": "'#8b7355'" },
+        "createdAt": { "name": "created_at", "type": "timestamp", "isNullable": false, "default": "now()" },
+        "updatedAt": { "name": "updated_at", "type": "timestamp", "isNullable": false, "default": "now()" }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {}
+    },
+    "clients": {
+      "name": "clients",
+      "columns": {
+        "id": { "name": "id", "type": "uuid", "primaryKey": true, "default": "gen_random_uuid()", "isNullable": false },
+        "name": { "name": "name", "type": "text", "isNullable": false },
+        "email": { "name": "email", "type": "text", "isNullable": true },
+        "phone": { "name": "phone", "type": "text", "isNullable": true },
+        "address": { "name": "address", "type": "text", "isNullable": true },
+        "notes": { "name": "notes", "type": "text", "isNullable": true },
+        "emailOptOut": { "name": "email_opt_out", "type": "boolean", "isNullable": false, "default": "false" },
+        "smsOptIn": { "name": "sms_opt_in", "type": "boolean", "isNullable": false, "default": "false" },
+        "smsConsentDate": { "name": "sms_consent_date", "type": "timestamp", "isNullable": true },
+        "smsOptOutDate": { "name": "sms_opt_out_date", "type": "timestamp", "isNullable": true },
+        "smsConsentText": { "name": "sms_consent_text", "type": "text", "isNullable": true },
+        "stripeCustomerId": { "name": "stripe_customer_id", "type": "text", "isNullable": true },
+        "status": { "name": "status", "type": "client_status", "isNullable": false, "default": "'active'" },
+        "disabledAt": { "name": "disabled_at", "type": "timestamp", "isNullable": true },
+        "createdAt": { "name": "created_at", "type": "timestamp", "isNullable": false, "default": "now()" },
+        "updatedAt": { "name": "updated_at", "type": "timestamp", "isNullable": false, "default": "now()" }
+      },
+      "indexes": {},
+      "foreignKeys": {},
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": { "idx_clients_stripe_customer_id": { "columns": ["stripe_customer_id"] } }
+    },
+    "invoices": {
+      "name": "invoices",
+      "columns": {
+        "id": { "name": "id", "type": "uuid", "primaryKey": true, "default": "gen_random_uuid()", "isNullable": false },
+        "appointmentId": { "name": "appointment_id", "type": "uuid", "isNullable": true },
+        "clientId": { "name": "client_id", "type": "uuid", "isNullable": false },
+        "subtotalCents": { "name": "subtotal_cents", "type": "integer", "isNullable": false },
+        "taxCents": { "name": "tax_cents", "type": "integer", "isNullable": false, "default": "0" },
+        "tipCents": { "name": "tip_cents", "type": "integer", "isNullable": false, "default": "0" },
+        "totalCents": { "name": "total_cents", "type": "integer", "isNullable": false },
+        "status": { "name": "status", "type": "invoice_status", "isNullable": false, "default": "'draft'" },
+        "paymentMethod": { "name": "payment_method", "type": "payment_method", "isNullable": true },
+        "paidAt": { "name": "paid_at", "type": "timestamp", "isNullable": true },
+        "stripePaymentIntentId": { "name": "stripe_payment_intent_id", "type": "text", "isNullable": true },
+        "stripeRefundId": { "name": "stripe_refund_id", "type": "text", "isNullable": true },
+        "paymentFailureReason": { "name": "payment_failure_reason", "type": "text", "isNullable": true },
+        "notes": { "name": "notes", "type": "text", "isNullable": true },
+        "createdAt": { "name": "created_at", "type": "timestamp", "isNullable": false, "default": "now()" },
+        "updatedAt": { "name": "updated_at", "type": "timestamp", "isNullable": false, "default": "now()" }
+      },
+      "indexes": { "idx_invoices_client_id": { "columns": ["client_id"] }, "idx_invoices_status": { "columns": ["status"] }, "idx_invoices_created_at": { "columns": ["created_at"] } },
+      "foreignKeys": { "invoices_appointment_id_fkey": { "columns": ["appointmentId"], "reference": { "table": "appointments", "columns": ["id"] } }, "invoices_client_id_fkey": { "columns": ["clientId"], "reference": { "table": "clients", "columns": ["id"] } } },
+      "compositePrimaryKeys": {},
+      "uniqueConstraints": { "idx_invoices_stripe_payment_intent_id": { "columns": ["stripe_payment_intent_id"] } }
+    }
+  },
+  "enums": {
+    "appointment_status": { "name": "appointment_status", "values": ["scheduled", "confirmed", "in_progress", "completed", "cancelled", "no_show"] },
+    "client_status": { "name": "client_status", "values": ["active", "disabled"] },
+    "impersonation_session_status": { "name": "impersonation_session_status", "values": ["active", "ended", "expired"] },
+    "invoice_status": { "name": "invoice_status", "values": ["draft", "pending", "paid", "void"] },
+    "payment_method": { "name": "payment_method", "values": ["cash", "card", "check", "other"] },
+    "staff_role": { "name": "staff_role", "values": ["groomer", "receptionist", "manager"] },
+    "waitlist_status": { "name": "waitlist_status", "values": ["active", "notified", "expired", "cancelled"] }
+  },
+  "nativeEnums": {}
+}
@@ -218,6 +218,27 @@
      "when": 1775828067192,
      "tag": "0030_messaging",
      "breakpoints": true
+    },
+    {
+      "idx": 31,
+      "version": "7",
+      "when": 1775860800000,
+      "tag": "0031_buffer_rules",
+      "breakpoints": true
+    },
+    {
+      "idx": 32,
+      "version": "7",
+      "when": 1775894400000,
+      "tag": "0032_staff_read_at",
+      "breakpoints": true
+    },
+    {
+      "idx": 33,
+      "version": "7",
+      "when": 1779500000000,
+      "tag": "0033_add_services_default_buffer_minutes",
+      "breakpoints": true
    }
  ]
 }
@@ -12,7 +12,7 @@ export function getDb() {
  if (_db) return _db;
  const url = process.env.DATABASE_URL;
  if (!url) throw new Error("DATABASE_URL is not set");
-  const client = postgres(url, { max: 10 });
+  const client = postgres(url, { max: 10, connect_timeout: 5 });
  _db = drizzle(client, { schema });
  return _db;
 }
@@ -4,6 +4,7 @@ import { Hono } from "hono";
 const CLIENT_ID = "550e8400-e29b-41d4-a716-446655440001";
 const APPOINTMENT_ID = "660e8400-e29b-41d4-a716-446655440002";
 const SESSION_ID = "770e8400-e29b-41d4-a716-446655440003";
+const PET_ID = "880e8400-e29b-41d4-a716-446655440004";

 const futureDate = () => new Date(Date.now() + 30 * 60 * 1000);
 const pastDate = () => new Date(Date.now() - 5 * 60 * 1000);
@@ -37,13 +38,38 @@ const APPOINTMENT = {
  cancelledAt: null,
 };

+const PET = {
+  id: PET_ID,
+  clientId: CLIENT_ID,
+  name: "Fido",
+  species: "dog",
+  breed: "Labrador",
+  weightKg: "30.00",
+  dateOfBirth: null,
+  healthAlerts: null,
+  groomingNotes: null,
+  cutStyle: null,
+  shampooPreference: null,
+  specialCareNotes: null,
+  coatType: null,
+  petSizeCategory: null,
+  customFields: {},
+  photoKey: null,
+  photoUploadedAt: null,
+  image: null,
+  createdAt: new Date(),
+  updatedAt: new Date(),
+};
+
 let selectSessionRow: Record<string, unknown> | null = null;
 let selectAppointmentRow: Record<string, unknown> | null = null;
+let selectPetRow: Record<string, unknown> | null = null;
 let updatedValues: Record<string, unknown>[] = [];

 function resetMock() {
  selectSessionRow = null;
  selectAppointmentRow = null;
+  selectPetRow = null;
  updatedValues = [];
 }

@@ -62,6 +88,8 @@ vi.mock("@groombook/db", () => {
    return chain;
  }

+  let activeUpdateTable: string | null = null;
+
  const impersonationSessions = new Proxy(
    { _name: "impersonationSessions" },
    { get: (t, p) => (p === "_name" ? "impersonationSessions" : { table: "impersonationSessions", column: p }) }
@@ -72,6 +100,16 @@ vi.mock("@groombook/db", () => {
    { get: (t, p) => (p === "_name" ? "appointments" : { table: "appointments", column: p }) }
  );

+  const pets = new Proxy(
+    { _name: "pets" },
+    { get: (t, p) => (p === "_name" ? "pets" : { table: "pets", column: p }) }
+  );
+
+  const impersonationAuditLogs = new Proxy(
+    { _name: "impersonationAuditLogs" },
+    { get: (t, p) => (p === "_name" ? "impersonationAuditLogs" : { table: "impersonationAuditLogs", column: p }) }
+  );
+
  return {
    getDb: () => ({
      select: () => ({
@@ -82,26 +120,44 @@ vi.mock("@groombook/db", () => {
          if (table._name === "appointments") {
            return makeChainable(selectAppointmentRow ? [selectAppointmentRow] : []);
          }
+          if (table._name === "pets") {
+            return makeChainable(selectPetRow ? [selectPetRow] : []);
+          }
          return makeChainable([]);
        },
      }),
-      update: () => ({
-        set: (vals: Record<string, unknown>) => ({
-          where: () => ({
-            returning: () => {
-              if (selectAppointmentRow) {
-                const updated = { ...selectAppointmentRow, ...vals };
-                updatedValues.push(vals);
-                return [updated];
-              }
-              return [];
-            },
-          }),
+      insert: () => ({
+        values: () => ({
+          returning: () => [{}],
        }),
      }),
+      update: (table: { _name: string }) => {
+        activeUpdateTable = table._name;
+        return {
+          set: (vals: Record<string, unknown>) => ({
+            where: () => ({
+              returning: () => {
+                if (activeUpdateTable === "appointments" && selectAppointmentRow) {
+                  const updated = { ...selectAppointmentRow, ...vals };
+                  updatedValues.push(vals);
+                  return [updated];
+                }
+                if (activeUpdateTable === "pets" && selectPetRow) {
+                  const updated = { ...selectPetRow, ...vals };
+                  updatedValues.push(vals);
+                  return [updated];
+                }
+                return [];
+              },
+            }),
+          }),
+        };
+      },
    }),
    impersonationSessions,
    appointments,
+    pets,
+    impersonationAuditLogs,
    eq: vi.fn(),
    and: vi.fn(),
  };
@@ -420,4 +476,81 @@ describe("POST /portal/appointments/:id/cancel", () => {
    );
    expect(res.status).toBe(404);
  });
+});
+
+// ─── PATCH /portal/pets/:id ───────────────────────────────────────────────────
+
+function jsonPetPatch(path: string, body: unknown, headers?: Record<string, string>) {
+  return app.request(path, {
+    method: "PATCH",
+    headers: {
+      "Content-Type": "application/json",
+      ...headers,
+    },
+    body: JSON.stringify(body),
+  });
+}
+
+describe("PATCH /portal/pets/:id", () => {
+  it("updates a pet and returns the updated pet in portal shape", async () => {
+    selectSessionRow = ACTIVE_SESSION;
+    selectPetRow = { ...PET, dateOfBirth: new Date("2020-01-15"), photoKey: "pets/test.jpg" };
+    const res = await jsonPetPatch(
+      `/portal/pets/${PET_ID}`,
+      { name: "Fido Jr.", groomingNotes: "Needs extra brushing" },
+      { "X-Impersonation-Session-Id": SESSION_ID }
+    );
+    expect(res.status).toBe(200);
+    const body = await res.json();
+    expect(body).toHaveProperty("id");
+    expect(body).toHaveProperty("name", "Fido Jr.");
+    expect(body).toHaveProperty("notes", "Needs extra brushing");
+    expect(body).toHaveProperty("breed");
+    expect(body).toHaveProperty("photoUrl");
+    expect(body).not.toHaveProperty("clientId");
+    expect(body).not.toHaveProperty("customFields");
+  });
+
+  it("returns 401 without X-Impersonation-Session-Id header", async () => {
+    const res = await jsonPetPatch(`/portal/pets/${PET_ID}`, { name: "Test" });
+    expect(res.status).toBe(401);
+    const body = await res.json();
+    expect(body.error).toBe("Unauthorized");
+  });
+
+  it("returns 401 with expired session", async () => {
+    selectSessionRow = EXPIRED_SESSION;
+    const res = await jsonPetPatch(
+      `/portal/pets/${PET_ID}`,
+      { name: "Test" },
+      { "X-Impersonation-Session-Id": SESSION_ID }
+    );
+    expect(res.status).toBe(401);
+    const body = await res.json();
+    expect(body.error).toBe("Unauthorized");
+  });
+
+  it("returns 403 when pet belongs to a different client", async () => {
+    selectSessionRow = { ...ACTIVE_SESSION, clientId: "different-client-id" };
+    selectPetRow = { ...PET };
+    const res = await jsonPetPatch(
+      `/portal/pets/${PET_ID}`,
+      { name: "Hacked" },
+      { "X-Impersonation-Session-Id": SESSION_ID }
+    );
+    expect(res.status).toBe(403);
+    const body = await res.json();
+    expect(body.error).toBe("Forbidden");
+  });
+
+  it("returns 404 when pet not found", async () => {
+    selectSessionRow = ACTIVE_SESSION;
+    selectPetRow = null;
+    const res = await jsonPetPatch(
+      `/portal/pets/nonexistent-id`,
+      { name: "Ghost" },
+      { "X-Impersonation-Session-Id": SESSION_ID }
+    );
+    expect(res.status).toBe(404);
+  });
 });
@@ -58,8 +58,11 @@ app.use(
  })
 );

-// Health check (no auth required)
+// Health check — no auth required, registered on app at full path before auth middleware
+// /health: used by Dockerfile HEALTHCHECK and K8s readinessProbe/livenessProbe (port 3000 direct)
 app.get("/health", (c) => c.json({ status: "ok" }));
+// /api/health: used by Gateway HTTPRoute (/api/* → API pod)
+app.get("/api/health", (c) => c.json({ status: "ok" }));

 // Public booking routes — no auth required, must be registered before auth middleware
 app.route("/api/book", bookRouter);
@@ -282,14 +285,16 @@ startReminderScheduler();

 function shutdown() {
  console.log("Shutting down gracefully...");
+  // SIGTERM/SIGINT → server.close() → callback → process.exit(0)
+  // If graceful close takes >8s, force-exit to avoid being killed undrained
+  setTimeout(() => {
+    console.error("Graceful close timeout — forcing exit");
+    process.exit(1);
+  }, 8_000);
  server.close(() => {
    console.log("HTTP server closed");
    process.exit(0);
  });
-  setTimeout(() => {
-    console.error("Forced shutdown after timeout");
-    process.exit(1);
-  }, 10_000);
 }

 process.on("SIGTERM", shutdown);
@@ -186,7 +186,9 @@ export async function initAuth(): Promise<void> {
    const discoveryUrlStr = `${providerConfig.issuerUrl}/.well-known/openid-configuration`;
    let oidcConfig: Record<string, string> = {};
    try {
-      const discoveryRes = await fetch(discoveryUrlStr);
+      const discoveryRes = await fetch(discoveryUrlStr, {
+        signal: AbortSignal.timeout(5000),
+      });
      if (discoveryRes.ok) {
        const discovery = await discoveryRes.json() as {
          authorization_endpoint?: string;
@@ -23,7 +23,7 @@ if (process.env.AUTH_DISABLED === "true") {
 }

 export const authMiddleware: MiddlewareHandler = async (c, next) => {
-  if (c.req.path.startsWith("/api/auth/")) {
+  if (c.req.path.startsWith("/api/auth/") || c.req.path === "/api/health") {
    await next();
    return;
  }
@@ -152,6 +152,67 @@ portalRouter.get("/pets", async (c) => {
  return c.json(clientPets.map(p => ({ id: p.id, name: p.name, breed: p.breed, weight: p.weightKg, birthDate: p.dateOfBirth, photoUrl: p.photoKey, notes: p.groomingNotes })));
 });

+const portalUpdatePetSchema = z.object({
+  name: z.string().min(1).max(200).optional(),
+  species: z.string().min(1).max(100).optional(),
+  breed: z.string().max(200).optional(),
+  weightKg: z.number().positive().optional(),
+  dateOfBirth: z.string().datetime().optional(),
+  healthAlerts: z.string().max(2000).optional(),
+  groomingNotes: z.string().max(2000).optional(),
+  cutStyle: z.string().max(500).optional(),
+  shampooPreference: z.string().max(500).optional(),
+  specialCareNotes: z.string().max(2000).optional(),
+  customFields: z.record(z.string(), z.string()).optional(),
+  petSizeCategory: z.enum(["small", "medium", "large", "extra_large"]).optional(),
+  coatType: z.enum(["short", "medium", "long", "double", "wire", "silky", "curly", "hairless"]).optional(),
+});
+
+portalRouter.patch(
+  "/pets/:id",
+  zValidator("json", portalUpdatePetSchema),
+  async (c) => {
+    const db = getDb();
+    const petId = c.req.param("id");
+    const clientId = c.get("portalClientId");
+    const body = c.req.valid("json");
+
+    const [existing] = await db
+      .select()
+      .from(pets)
+      .where(eq(pets.id, petId))
+      .limit(1);
+
+    if (!existing) return c.json({ error: "Not found" }, 404);
+    if (existing.clientId !== clientId) return c.json({ error: "Forbidden" }, 403);
+
+    const { weightKg, dateOfBirth, customFields, ...rest } = body;
+    const [updated] = await db
+      .update(pets)
+      .set({
+        ...rest,
+        weightKg: weightKg?.toString(),
+        dateOfBirth: dateOfBirth ? new Date(dateOfBirth) : undefined,
+        ...(customFields !== undefined ? { customFields } : {}),
+        updatedAt: new Date(),
+      })
+      .where(eq(pets.id, petId))
+      .returning();
+
+    if (!updated) return c.json({ error: "Not found" }, 404);
+
+    return c.json({
+      id: updated.id,
+      name: updated.name,
+      breed: updated.breed,
+      weight: updated.weightKg,
+      birthDate: updated.dateOfBirth,
+      photoUrl: updated.photoKey,
+      notes: updated.groomingNotes,
+    });
+  }
+);
+
 portalRouter.get("/invoices", async (c) => {
  const db = getDb();
  const clientId = c.get("portalClientId");
Author	SHA1	Message	Date
Flea Flicker	cca83b18cf	docs(UAT_PLAYBOOK.md): add TC-API-8.8/8.9/8.10 for portal pet update CI / Test (pull_request) Successful in 10s Details CI / Lint & Typecheck (pull_request) Successful in 12s Details CI / Build & Push Docker Images (pull_request) Successful in 18s Details Updated §4.8 — new PATCH /api/portal/pets/:id test cases per GRO-1742. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-25 15:26:38 +00:00
Flea Flicker	59cc1742cc	fix(GRO-1742): add portal PATCH /portal/pets/:id endpoint CI / Test (pull_request) Successful in 9s Details CI / Lint & Typecheck (pull_request) Successful in 10s Details CI / Build & Push Docker Images (pull_request) Successful in 47s Details - Add portalRouter.patch("/pets/:id", ...) handler in src/routes/portal.ts - Ownership validation: return 403 if pet's clientId != portalClientId - Uses same update schema as staff PATCH /api/pets/:id minus staff-only fields - Returns pet in portal shape matching GET /portal/pets response - Add 5 test cases covering: success, 401 missing/expired session, 403 wrong owner, 404 not found - Fix mock to support pets table + insert for impersonationAuditLogs Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-25 15:24:58 +00:00
Scrubs McBarkley	b486c44a82	fix(api): add timeouts for OIDC discovery fetch and DB connection (#66 ) CI / Lint & Typecheck (push) Successful in 10s Details CI / Test (push) Successful in 9s Details CI / Build & Push Docker Images (push) Successful in 45s Details	2026-05-24 20:11:44 +00:00
The Dogfather	b5a08a2c7e	Merge pull request 'fix(GRO-1441): remove duplicate coatType/petSizeCategory from buildPet' (#35 ) from fix/gro-1441-remove-duplicate-coat-props into dev CI / Lint & Typecheck (push) Successful in 47s Details CI / Test (push) Successful in 48s Details CI / Build & Push Docker Images (push) Failing after 2m41s Details fix(GRO-1441): remove duplicate coatType/petSizeCategory from buildPet (#35)	2026-05-23 18:31:01 +00:00
The Dogfather	06d72b5baf	Merge pull request 'fix(GRO-1544): restore /health alongside /api/health endpoint' (#60 ) from fix/gro-1544-api-health-endpoint into dev CI / Lint & Typecheck (push) Successful in 45s Details CI / Test (push) Successful in 46s Details CI / Build & Push Docker Images (push) Successful in 2m45s Details fix(GRO-1544): restore /health alongside /api/health endpoint (#60)	2026-05-23 18:30:57 +00:00
The Dogfather	33aa63b10f	Merge pull request 'fix(GRO-1576): add provenance: false to all build-push-action steps' (#64 ) from fix/gro-1576-ci-provenance-false into dev CI / Lint & Typecheck (push) Successful in 10s Details CI / Test (push) Successful in 11s Details CI / Build & Push Docker Images (push) Successful in 20s Details fix(GRO-1576): add provenance: false to all build-push-action steps (#64) Disables OCI attestation manifest generation that was hitting a Gitea registry bug when image layers are pre-existing. Reviewed-by: Lint Roller (QA) Approved-by: The Dogfather (CTO)	2026-05-23 01:40:07 +00:00
Flea Flicker	e26d960046	fix(GRO-1576): add provenance: false to all build-push-action steps CI / Lint & Typecheck (pull_request) Successful in 11s Details CI / Test (pull_request) Successful in 11s Details CI / Build & Push Docker Images (pull_request) Failing after 2m28s Details Docker Buildx v6 defaults to OCI attestation manifests (--attest type=provenance,mode=max). These hit a Gitea registry bug when image layers are pre-existing (blob mount), causing "unknown" errors on manifest list push. API image succeeds because it pushes new layers; migrate/seed/ reset fail because their layers already exist. Disabling provenance attestation on all four build-push-action steps resolves the push failures. Addresses GRO-1575. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 01:30:16 +00:00
The Dogfather	4e8c66f3ca	fix: add network=host to buildx driver-opts for DinD DNS resolution CI / Test (push) Successful in 43s Details CI / Lint & Typecheck (push) Successful in 44s Details CI / Build & Push Docker Images (push) Failing after 39s Details Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-23 00:52:59 +00:00
The Dogfather	ea28095434	Merge pull request 'fix(GRO-1566): bypass auth for /api/health endpoint on UAT' (#61 ) from fix/gro-1566-api-health-auth-bypass into dev CI / Test (push) Failing after 1m33s Details CI / Lint & Typecheck (push) Failing after 1m39s Details CI / Build & Push Docker Images (push) Has been skipped Details	2026-05-22 22:39:41 +00:00
Flea Flicker	3b9c72c2c4	fix(GRO-1566): bypass auth for /api/health endpoint on UAT CI / Lint & Typecheck (pull_request) Failing after 1m27s Details CI / Test (pull_request) Failing after 1m38s Details CI / Build & Push Docker Images (pull_request) Has been skipped Details The /api/health endpoint returns 401 on UAT because authMiddleware was not skipping it — the health check was registered on the Hono app instance (not the api sub-router), placing it below authMiddleware on the base app. The fix adds /api/health to the auth skip list alongside /api/auth/. The /health endpoint (registered at app level, above all middleware) correctly returns 200. The /api/health endpoint must also be public since the task requires confirming it returns 200. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 22:36:15 +00:00
Flea Flicker	49f70eb74b	fix(GRO-1544): restore /health alongside /api/health endpoint CI / Lint & Typecheck (pull_request) Failing after 1m34s Details CI / Test (pull_request) Failing after 1m38s Details CI / Build & Push Docker Images (pull_request) Has been skipped Details The previous GRO-1544 PR changed /health to /api/health but removed the /health endpoint entirely. This breaks: - Dockerfile HEALTHCHECK (curl -f http://localhost:3000/health) - K8s readinessProbe/livenessProbe (httpGet: path: /health, port: 3000) Both paths are registered before auth middleware so both remain publicly accessible without authentication. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-22 22:18:52 +00:00
The Dogfather	62dfc7776b	Merge pull request 'fix(GRO-1544): register health endpoint at /api/health not /health' (#52 ) from fix/gro-1544-api-health-endpoint into dev CI / Lint & Typecheck (push) Failing after 1m29s Details CI / Test (push) Failing after 1m29s Details CI / Build & Push Docker Images (push) Has been skipped Details fix(GRO-1544): register health endpoint at /api/health not /health Merge PR #52 to dev. Unblocks GRO-1485 UAT regression chain.	2026-05-22 21:49:55 +00:00
The Dogfather	68df697cf3	Merge pull request 'fix(GRO-1533): fix migration 0031 for empty databases' (#57 ) from fix/gro-1533-migration-0031-coat-type into dev CI / Test (push) Successful in 16s Details CI / Lint & Typecheck (push) Successful in 17s Details CI / Build & Push Docker Images (push) Successful in 30s Details fix(GRO-1533): fix migration 0031 for empty databases (#57) Adds ADD COLUMN IF NOT EXISTS for coat_type and pet_size_category before ALTER TYPE casts, making migration safe for both fresh and existing databases. Reviewed-by: gb_lint (QA) Approved-by: CTO	2026-05-22 15:20:50 +00:00
Chris Farhood	174d1c667b	fix(GRO-1533): add missing coat_type/pet_size_category columns in migration 0031 CI / Lint & Typecheck (pull_request) Successful in 10s Details CI / Test (pull_request) Successful in 10s Details CI / Build & Push Docker Images (pull_request) Successful in 40s Details Migration 0031 tries to ALTER the coat_type and pet_size_category columns on the pets table to use new enum types, but no prior migration adds these columns. On a fresh DB (after the reset CronJob wiped all tables), this causes the entire migration chain to fail and roll back. Added ADD COLUMN IF NOT EXISTS before the ALTER TYPE so the migration works both on fresh databases and existing ones with the columns. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 15:12:07 +00:00
The Dogfather	9fe6e15012	Merge pull request 'fix(GRO-1533): add missing 0032_staff_read_at.sql migration file' (#55 ) from fix/gro-1533-missing-migration-0032 into dev CI / Lint & Typecheck (push) Successful in 9s Details CI / Test (push) Successful in 10s Details CI / Build & Push Docker Images (push) Successful in 21s Details fix(GRO-1533): add missing 0032_staff_read_at.sql migration file Merged by CTO after QA approval (Review #3513). Unblocks UAT migration pipeline.	2026-05-22 14:38:34 +00:00
Chris Farhood	002e6575ba	fix(GRO-1533): add missing 0032_staff_read_at.sql migration file CI / Test (pull_request) Successful in 2m30s Details CI / Lint & Typecheck (pull_request) Successful in 2m32s Details CI / Build & Push Docker Images (pull_request) Successful in 4m6s Details The migration journal references 0032_staff_read_at but the SQL file was never committed. drizzle-kit migrate fails with "No file ./migrations/0032_staff_read_at.sql found" which blocks all subsequent migrations including the 0033 default_buffer_minutes fix. Added as a no-op since the staff table schema has no readAt column. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 14:28:48 +00:00
The Dogfather	f9c679b392	Merge pull request 'fix(GRO-1533): add missing default_buffer_minutes migration' (#53 ) from fix/gro-1533-missing-migration-journal into dev CI / Lint & Typecheck (push) Failing after 3s Details CI / Test (push) Successful in 9s Details CI / Build & Push Docker Images (push) Has been skipped Details Merge fix/gro-1533-missing-migration-journal into dev: add missing default_buffer_minutes migration (GRO-1533)	2026-05-22 14:08:55 +00:00
Flea Flicker	ce0739b3ba	fix(GRO-1533): fix snapshot id in 0033_snapshot.json CI / Test (pull_request) Successful in 10s Details CI / Lint & Typecheck (pull_request) Successful in 10s Details CI / Build & Push Docker Images (pull_request) Successful in 49s Details Fixes id from "0026_stripe_payment" to "0033_add_services_default_buffer_minutes". Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 14:07:39 +00:00
Flea Flicker	3609087980	fix(GRO-1533): add missing default_buffer_minutes migration CI / Lint & Typecheck (pull_request) Successful in 9s Details CI / Test (pull_request) Successful in 9s Details CI / Build & Push Docker Images (pull_request) Successful in 46s Details Adds 0033_add_services_default_buffer_minutes.sql with idempotent ALTER TABLE to ensure services.default_buffer_minutes exists. Also fixes _journal.json by adding missing 0031_buffer_rules entry (idx 31) and 0032_staff_read_at entry (idx 32) that were absent from the journal. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 13:55:38 +00:00
Flea Flicker	7b2b533c16	docs(api): update UAT_PLAYBOOK.md §4.0 — new health endpoint path CI / Test (pull_request) Successful in 9s Details CI / Lint & Typecheck (pull_request) Successful in 10s Details CI / Build & Push Docker Images (pull_request) Failing after 46s Details Added TC-API-0.1 for GET /api/health (unauthenticated). Corrected path from /health to /api/health (GRO-1544). Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-22 13:49:15 +00:00
Flea Flicker	55894c6ff2	fix(GRO-1544): register health endpoint at /api/health not /health The health check was registered on `app` at `/health`, but the HTTPRoute routes `/api/*` to the API pod. Since auth middleware protects the /api basePath, GET /api/health fell through to authMiddleware → 401. Now registered on `api` before auth middleware at /api/health. Updated UAT_PLAYBOOK.md §GRO-1485 — new health endpoint path. Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>	2026-05-22 13:49:15 +00:00
The Dogfather	f55c74983f	Merge pull request 'revert: undo PR #47 Dockerfile apps/api switch (broke CI Docker build)' (#50 ) from revert/gro-1533-dockerfile-fix into dev CI / Lint & Typecheck (push) Successful in 9s Details CI / Test (push) Successful in 9s Details CI / Build & Push Docker Images (push) Successful in 50s Details revert: undo PR #47 Dockerfile apps/api switch (broke CI Docker build) Restores root src/ build path. PR #47 broke CI because pnpm-workspace.yaml and lockfile dont include apps/*. Admin 500 root cause is in code/schema changes. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 13:31:12 +00:00
Chris Farhood	8bdab69288	revert: undo PR #47 Dockerfile apps/api switch (broke CI Docker build) CI / Test (pull_request) Successful in 8s Details CI / Lint & Typecheck (pull_request) Successful in 9s Details CI / Build & Push Docker Images (pull_request) Successful in 47s Details Reverts the Dockerfile to the root src/ build. PR #47 switched to apps/api/ but the pnpm workspace config and lockfile don't include apps/*, causing Docker build failures (CI runs #968, #970). The actual admin 500 root cause needs further investigation — it's in the code/schema changes, not the Dockerfile build path. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 13:30:51 +00:00
The Dogfather	8f7104c3a0	Merge pull request 'fix(GRO-1533): revert Dockerfile to build from apps/api/src/' (#47 ) from fix/gro-1533-revert-dockefile-build-change into dev CI / Test (push) Successful in 9s Details CI / Lint & Typecheck (push) Successful in 10s Details CI / Build & Push Docker Images (push) Failing after 18s Details fix(GRO-1533): revert Dockerfile to build from apps/api/src/ Reverts the Dockerfile change that switched from pnpm --filter @groombook/api build to pnpm build, which caused the image to build from root src/ instead of apps/api/src/. This produced HTTP 500 on all authenticated admin routes. Conflict with PR #45 (seed filter fix) resolved: migrate/seed/reset stages use @groombook/api db:migrate\|seed\|reset since the builder only has apps/api/. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 13:23:49 +00:00
Flea Flicker	dab9bfab71	fix(GRO-1533): revert Dockerfile to build from apps/api/src/ CI / Test (pull_request) Successful in 10s Details CI / Lint & Typecheck (pull_request) Successful in 10s Details CI / Build & Push Docker Images (pull_request) Failing after 18s Details The Dockerfile build change (pnpm build → pnpm --filter @groombook/api) was made against dev HEAD, but the root src/ directory was never fully audited for parity with apps/api/src/. Admin routes returning 500 for authenticated users post-OIDC login is consistent with the image running code with incomplete middleware chain or mismatched schema types when the root build path was used. Revert to the apps/api/ build path which is known to work correctly. UAT is running images from dev branch commit `9462915` which includes this change alongside schema cleanup commits. Root cause: Dockerfile was changed to build from root src/ instead of apps/api/src/ without confirming the two source trees are functionally identical. The proper fix path (schema audit + reconciliation) is tracked in GRO-1536. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-22 13:23:33 +00:00
The Dogfather	70bc946a0d	Merge pull request 'fix(seed): use --filter @groombook/db for seed/migrate/reset scripts' (#45 ) from flea-flicker/gro-1531-seed-db-filter into dev CI / Lint & Typecheck (push) Successful in 10s Details CI / Test (push) Successful in 10s Details CI / Build & Push Docker Images (push) Successful in 21s Details fix(seed): use --filter @groombook/db for seed/migrate/reset scripts Merge PR #45 to dev. QA approved (review #3506), CTO reviewed.	2026-05-22 13:17:09 +00:00
Flea Flicker	9f2809e89b	fix(GRO-1441): remove duplicate coatType/petSizeCategory from buildPet CI / Lint & Typecheck (pull_request) Successful in 15s Details CI / Test (pull_request) Successful in 20s Details CI / Build & Push Docker Image (pull_request) Successful in 25s Details Lines 108-109 were duplicates of lines 102-103 from the PR #12 merge. Removing the duplicate pair resolves the TS1117 error on dev. Co-Authored-By: Paperclip <noreply@paperclip.ing>	2026-05-21 10:31:43 +00:00
				`@@ -0,0 +1 @@`
				`-- no-op: journal entry exists but no schema change was needed`