feat: implement iCal calendar feed (GRO-107)
- Add icalToken column to staff table - Add public calendar feed endpoint GET /api/calendar/:staffId.ics - Add token management routes POST/DELETE /api/staff/:id/ical-token - Hand-build iCal output (RFC 5545) - Update staff factory with icalToken field Co-Authored-By: Paperclip <noreply@paperclip.ing>
This commit is contained in:
Scrubs McBarkley
@@ -0,0 +1,135 @@
|
||||
import { Hono } from "hono";
|
||||
import { randomBytes } from "node:crypto";
|
||||
import {
|
||||
and,
|
||||
eq,
|
||||
gte,
|
||||
getDb,
|
||||
appointments,
|
||||
clients,
|
||||
pets,
|
||||
services,
|
||||
staff,
|
||||
} from "@groombook/db";
|
||||
|
||||
export const calendarRouter = new Hono();
|
||||
|
||||
function formatIcalDate(date: Date): string {
|
||||
return date.toISOString().replace(/[-:]/g, "").replace(/\.\d{3}/, "");
|
||||
}
|
||||
|
||||
function escapeIcalText(text: string | null): string {
|
||||
if (!text) return "";
|
||||
return text.replace(/\\/g, "\\\\").replace(/;/g, "\\;").replace(/,/g, "\\,").replace(/\n/g, "\\n");
|
||||
}
|
||||
|
||||
function buildIcalFeed(
|
||||
appointments: Array<{
|
||||
id: string;
|
||||
startTime: Date;
|
||||
endTime: Date;
|
||||
status: string;
|
||||
clientName: string | null;
|
||||
petName: string | null;
|
||||
serviceName: string | null;
|
||||
}>,
|
||||
staffName: string
|
||||
): string {
|
||||
const lines: string[] = [
|
||||
"BEGIN:VCALENDAR",
|
||||
"VERSION:2.0",
|
||||
"PRODID:-//GroomBook//EN",
|
||||
"CALSCALE:GREGORIAN",
|
||||
"METHOD:PUBLISH",
|
||||
`X-WR-CALNAME:${escapeIcalText(staffName)} - GroomBook`,
|
||||
];
|
||||
|
||||
for (const appt of appointments) {
|
||||
const status = appt.status === "cancelled" ? "CANCELLED" : "CONFIRMED";
|
||||
const summary = `${appt.petName ?? "Pet"} - ${appt.serviceName ?? "Appointment"}`;
|
||||
const description = `Client: ${appt.clientName ?? "Unknown"}\nPet: ${appt.petName ?? "Unknown"}\nService: ${appt.serviceName ?? "Unknown"}`;
|
||||
|
||||
lines.push(
|
||||
"BEGIN:VEVENT",
|
||||
`UID:${appt.id}@groombook`,
|
||||
`DTSTAMP:${formatIcalDate(new Date())}`,
|
||||
`DTSTART:${formatIcalDate(new Date(appt.startTime))}`,
|
||||
`DTEND:${formatIcalDate(new Date(appt.endTime))}`,
|
||||
`SUMMARY:${escapeIcalText(summary)}`,
|
||||
`DESCRIPTION:${escapeIcalText(description)}`,
|
||||
`STATUS:${status}`,
|
||||
"END:VEVENT"
|
||||
);
|
||||
}
|
||||
|
||||
lines.push("END:VCALENDAR");
|
||||
return lines.join("\r\n");
|
||||
}
|
||||
|
||||
calendarRouter.get("/:staffId.ics", async (c) => {
|
||||
const db = getDb();
|
||||
const staffId = c.req.param("staffId") as string;
|
||||
const token = c.req.query("token") as string;
|
||||
|
||||
if (!token) {
|
||||
return c.json({ error: "Missing token parameter" }, 401);
|
||||
}
|
||||
|
||||
const [staffMember] = await db
|
||||
.select()
|
||||
.from(staff)
|
||||
.where(eq(staff.id, staffId))
|
||||
.limit(1);
|
||||
|
||||
if (!staffMember || staffMember.icalToken !== token) {
|
||||
return c.json({ error: "Invalid token" }, 401);
|
||||
}
|
||||
|
||||
const now = new Date();
|
||||
const rows = await db
|
||||
.select()
|
||||
.from(appointments)
|
||||
.where(
|
||||
and(
|
||||
eq(appointments.staffId, staffId),
|
||||
gte(appointments.startTime, now)
|
||||
)
|
||||
)
|
||||
.orderBy(appointments.startTime);
|
||||
|
||||
const enriched = await Promise.all(
|
||||
rows.map(async (appt) => {
|
||||
const [client] = await db
|
||||
.select({ name: clients.name })
|
||||
.from(clients)
|
||||
.where(eq(clients.id, appt.clientId))
|
||||
.limit(1);
|
||||
const [pet] = await db
|
||||
.select({ name: pets.name })
|
||||
.from(pets)
|
||||
.where(eq(pets.id, appt.petId))
|
||||
.limit(1);
|
||||
const [service] = await db
|
||||
.select({ name: services.name })
|
||||
.from(services)
|
||||
.where(eq(services.id, appt.serviceId))
|
||||
.limit(1);
|
||||
return {
|
||||
...appt,
|
||||
clientName: client?.name ?? null,
|
||||
petName: pet?.name ?? null,
|
||||
serviceName: service?.name ?? null,
|
||||
};
|
||||
})
|
||||
);
|
||||
|
||||
const ical = buildIcalFeed(enriched, staffMember.name);
|
||||
return c.text(ical, 200, {
|
||||
"Content-Type": "text/calendar; charset=utf-8",
|
||||
"Content-Disposition": `attachment; filename="${staffMember.name.replace(/\s+/g, "_")}_calendar.ics"`,
|
||||
});
|
||||
});
|
||||
|
||||
export function generateIcalToken(): string {
|
||||
return randomBytes(32).toString("hex");
|
||||
}
|
||||
@@ -1,9 +1,11 @@
|
||||
import { Hono } from "hono";
|
||||
import { zValidator } from "@hono/zod-validator";
|
||||
import { z } from "zod";
|
||||
import { randomBytes } from "node:crypto";
|
||||
import { and, eq, getDb, ne, staff, appointments } from "@groombook/db";
|
||||
import type { AppEnv } from "../middleware/rbac.js";
|
||||
|
||||
export const staffRouter = new Hono();
|
||||
export const staffRouter = new Hono<AppEnv>();
|
||||
|
||||
const createStaffSchema = z.object({
|
||||
name: z.string().min(1).max(200),
|
||||
@@ -86,3 +88,56 @@ staffRouter.delete("/:id", async (c) => {
|
||||
if (!row) return c.json({ error: "Not found" }, 404);
|
||||
return c.json({ ok: true });
|
||||
});
|
||||
|
||||
staffRouter.post("/:id/ical-token", async (c) => {
|
||||
const db = getDb();
|
||||
const id = c.req.param("id");
|
||||
const staffRow = c.get("staff");
|
||||
|
||||
if (staffRow.role !== "manager" && staffRow.id !== id) {
|
||||
return c.json({ error: "Forbidden" }, 403);
|
||||
}
|
||||
|
||||
const [member] = await db
|
||||
.select()
|
||||
.from(staff)
|
||||
.where(eq(staff.id, id))
|
||||
.limit(1);
|
||||
|
||||
if (!member) return c.json({ error: "Not found" }, 404);
|
||||
|
||||
const token = randomBytes(32).toString("hex");
|
||||
const [updated] = await db
|
||||
.update(staff)
|
||||
.set({ icalToken: token, updatedAt: new Date() })
|
||||
.where(eq(staff.id, id))
|
||||
.returning();
|
||||
|
||||
if (!updated) return c.json({ error: "Not found" }, 404);
|
||||
return c.json({ icalToken: updated.icalToken });
|
||||
});
|
||||
|
||||
staffRouter.delete("/:id/ical-token", async (c) => {
|
||||
const db = getDb();
|
||||
const id = c.req.param("id");
|
||||
const staffRow = c.get("staff");
|
||||
|
||||
if (staffRow.role !== "manager" && staffRow.id !== id) {
|
||||
return c.json({ error: "Forbidden" }, 403);
|
||||
}
|
||||
|
||||
const [member] = await db
|
||||
.select()
|
||||
.from(staff)
|
||||
.where(eq(staff.id, id))
|
||||
.limit(1);
|
||||
|
||||
if (!member) return c.json({ error: "Not found" }, 404);
|
||||
|
||||
await db
|
||||
.update(staff)
|
||||
.set({ icalToken: null, updatedAt: new Date() })
|
||||
.where(eq(staff.id, id));
|
||||
|
||||
return c.json({ ok: true });
|
||||
});
|
||||
|
||||
@@ -0,0 +1 @@
|
||||
ALTER TABLE staff ADD COLUMN ical_token TEXT UNIQUE;
|
||||
@@ -52,6 +52,7 @@ export function buildStaff(overrides: Partial<StaffRow> = {}): StaffRow {
|
||||
oidcSub: `oidc-${id}`,
|
||||
role: "groomer",
|
||||
active: true,
|
||||
icalToken: null,
|
||||
createdAt: new Date("2025-01-01T00:00:00Z"),
|
||||
updatedAt: new Date("2025-01-01T00:00:00Z"),
|
||||
...overrides,
|
||||
|
||||
@@ -106,6 +106,8 @@ export const staff = pgTable("staff", {
|
||||
oidcSub: text("oidc_sub").unique(),
|
||||
role: staffRoleEnum("role").notNull().default("groomer"),
|
||||
active: boolean("active").notNull().default(true),
|
||||
// Token for iCal calendar feed subscription (no auth required)
|
||||
icalToken: text("ical_token").unique(),
|
||||
createdAt: timestamp("created_at").notNull().defaultNow(),
|
||||
updatedAt: timestamp("updated_at").notNull().defaultNow(),
|
||||
});
|
||||
|
||||
Reference in New Issue
Block a user