fix(GRO-876): remove dead issueRefund function from InvoiceDetailModal

The inline async onClick handler already calls the refund API directly. The
separate issueRefund function was defined but never called, causing
@typescript-eslint/no-unused-vars CI failure on PR #351.

Co-Authored-By: Paperclip <noreply@paperclip.ing>

apps/api/package.json

@@ -24,6 +24,7 @@
     "nodemailer": "^6.9.16",
     "stripe": "^22.0.0",
     "telnyx": "^1.23.0",
+
     "zod": "^4.3.6"
   },
   "devDependencies": {

apps/api/src/lib/auth.ts

@@ -97,9 +97,6 @@ export async function initAuth(): Promise<void> {
           window: 10,
           storage: "memory",
           customRules: {
-            "/sign-in/social": { max: 10, window: 60 },
-            "/sign-in/email": { max: 10, window: 60 },
-            "/sign-up/email": { max: 5, window: 60 },
             "/get-session": false,
           },
         },
@@ -250,9 +247,6 @@ export async function initAuth(): Promise<void> {
         window: 10,
         storage: "memory",
         customRules: {
-          "/sign-in/social": { max: 10, window: 60 },
-          "/sign-in/email": { max: 10, window: 60 },
-          "/sign-up/email": { max: 5, window: 60 },
           "/get-session": false,
         },
       },

apps/api/src/routes/invoices.ts

@@ -130,17 +130,7 @@ invoicesRouter.get("/:id", async (c) => {
     db.select().from(invoiceTipSplits).where(eq(invoiceTipSplits.invoiceId, id)),
   ]);
 
-  let cardLast4: string | null = null;
-  let paymentStatus: string | null = null;
-  if (invoice.stripePaymentIntentId) {
-    const details = await getPaymentIntentDetails(invoice.stripePaymentIntentId);
-    if (details) {
-      cardLast4 = details.cardLast4;
-      paymentStatus = details.paymentStatus;
-    }
-  }
-
-  return c.json({ ...invoice, lineItems, tipSplits, cardLast4, paymentStatus });
+  return c.json({ ...invoice, lineItems, tipSplits });
 });
 
 // Save tip splits for an invoice (replaces existing splits)
@@ -460,6 +450,9 @@ invoicesRouter.post(
     if (invoice.status !== "paid") {
       return c.json({ error: "Refund only allowed on paid invoices" }, 422);
     }
+    if (!invoice.stripePaymentIntentId) {
+      return c.json({ error: "No Stripe payment intent found for this invoice" }, 422);
+    }
 
     return await db.transaction(async (tx) => {
       if (body.idempotencyKey) {
@@ -472,25 +465,17 @@ invoicesRouter.post(
         }
       }
 
-      let refundId: string;
-
-      if (invoice.stripePaymentIntentId) {
-        const result = await processRefund(id, body.amountCents);
-        if (!result) return c.json({ error: "Refund failed" }, 500);
-        refundId = result.refundId;
-      } else {
-        // Manual refund — no Stripe call needed
-        refundId = `manual_${id}_${Date.now()}`;
-      }
+      const result = await processRefund(id, body.amountCents);
+      if (!result) return c.json({ error: "Refund failed" }, 500);
 
       await tx.insert(refunds).values({
         invoiceId: id,
-        stripeRefundId: refundId,
+        stripeRefundId: result.refundId,
         idempotencyKey: body.idempotencyKey ?? null,
         amountCents: body.amountCents ?? null,
       });
 
-      return c.json({ refundId });
+      return c.json({ refundId: result.refundId });
     });
   }
 );

apps/e2e/tests/portal-data.spec.ts

@@ -72,15 +72,9 @@ test.describe("Portal Data Integrity", () => {
   });
 
   test("billing section renders without JS errors", async ({ page }) => {
-    // Mock portal billing endpoints
-    await page.route("**/api/portal/config**", (route) =>
-      route.fulfill({ json: { stripePublishableKey: "" } })
-    );
-    await page.route("**/api/portal/invoices**", (route) =>
-      route.fulfill({ json: [] })
-    );
-    await page.route("**/api/portal/payment-methods**", (route) =>
-      route.fulfill({ json: [] })
+    // Mock billing endpoint
+    await page.route("**/api/billing**", (route) =>
+      route.fulfill({ json: { invoices: [], balanceCents: 0 } })
     );
 
     const consoleErrors: string[] = [];

apps/web/src/pages/Invoices.tsx

@@ -487,7 +487,7 @@ const [showRefundDialog, setShowRefundDialog] = useState(false);
             </div>
           )}
           <div style={{ display: "flex", gap: "0.5rem", justifyContent: "flex-end" }}>
-            {invoice.status === "paid" && !invoice.stripeRefundId && isManager && (
+            {invoice.status === "paid" && invoice.stripePaymentIntentId && !invoice.stripeRefundId && isManager && (
               <button onClick={() => setShowRefundDialog(true)} style={{ ...btnStyle, color: "#fff", backgroundColor: "#7c3aed", borderColor: "#7c3aed" }}>
                 Refund
               </button>
@@ -530,14 +530,6 @@ const [showRefundDialog, setShowRefundDialog] = useState(false);
                 setRefunding(true);
                 setRefundError(null);
                 try {
-                  if (refundType === "partial") {
-                    const parsed = parseFloat(refundAmount);
-                    if (isNaN(parsed) || parsed <= 0) {
-                      setRefundError("Please enter a valid amount greater than zero.");
-                      setRefunding(false);
-                      return;
-                    }
-                  }
                   const body = refundType === "partial" ? { amountCents: Math.round(parseFloat(refundAmount) * 100) } : {};
                   const res = await fetch(`/api/invoices/${invoice.id}/refund`, {
                     method: "POST",
@@ -565,7 +557,8 @@ const [showRefundDialog, setShowRefundDialog] = useState(false);
           </div>
         </div>
       )}
-      </Modal>
+
+          </Modal>
   );
 }
 

apps/web/src/portal/CustomerPortal.tsx

@@ -326,7 +326,7 @@ export function CustomerPortal() {
         )}
 
         {/* Main Content */}
-        <main className="flex-1 min-h-screen overflow-hidden">
+        <main className="flex-1 min-h-screen overflow-x-hidden">
           <div className="hidden md:flex items-center justify-between px-8 py-4 border-b border-stone-200 bg-white">
             <div>
               <h1 className="text-lg font-semibold text-stone-800">

apps/web/src/portal/sections/BillingPayments.tsx

@@ -130,7 +130,7 @@ function BillingPaymentsInner({ sessionId, readOnly }: BillingPaymentsProps) {
         </div>
       )}
 
-      <div className="flex gap-2 flex-wrap overflow-x-auto">
+      <div className="flex gap-2 flex-wrap">
         {([
           { id: "invoices" as const, label: "Invoices", icon: DollarSign },
           { id: "payment" as const, label: "Payment Methods", icon: CreditCard },

charts/groombook/templates/_helpers.tpl

@@ -119,10 +119,3 @@ uri
 database-url
 {{- end -}}
 {{- end }}
-
-{{/*
-Auth secret name — always use groombook-auth (sealed secret name)
-*/}}
-{{- define "groombook.authSecretName" -}}
-{{- printf "%s" "groombook-auth" }}
-{{- end }}

charts/groombook/templates/api-deployment.yaml

@@ -50,27 +50,6 @@ spec:
             - name: OIDC_AUDIENCE
               value: {{ .Values.api.env.oidcAudience | quote }}
             {{- end }}
-            {{- if .Values.api.env.internalBaseUrl }}
-            - name: OIDC_INTERNAL_BASE
-              value: {{ .Values.api.env.internalBaseUrl | quote }}
-            {{- end }}
-            - name: BETTER_AUTH_URL
-              value: {{ .Values.api.env.betterAuthUrl | quote }}
-            - name: OIDC_CLIENT_ID
-              valueFrom:
-                secretKeyRef:
-                  name: {{ include "groombook.authSecretName" . }}
-                  key: OIDC_CLIENT_ID
-            - name: OIDC_CLIENT_SECRET
-              valueFrom:
-                secretKeyRef:
-                  name: {{ include "groombook.authSecretName" . }}
-                  key: OIDC_CLIENT_SECRET
-            - name: BETTER_AUTH_SECRET
-              valueFrom:
-                secretKeyRef:
-                  name: {{ include "groombook.authSecretName" . }}
-                  key: BETTER_AUTH_SECRET
             - name: DATABASE_URL
               valueFrom:
                 secretKeyRef:

charts/groombook/values.yaml

@@ -18,8 +18,6 @@ api:
     corsOrigin: ""
     oidcIssuer: ""
     oidcAudience: groombook
-    betterAuthUrl: ""
-    internalBaseUrl: ""
     port: "3000"
   service:
     type: ClusterIP

packages/db/migrations/0030_messaging.sql

@@ -1,72 +0,0 @@
--- Migration: 0030_messaging.sql
--- Messaging schema: conversations, messages, attachments, consent events + business messaging settings
-
--- ─── Enums ───────────────────────────────────────────────────────────────────
-
-CREATE TYPE "messaging_channel" AS ENUM ('sms', 'mms');
-CREATE TYPE "message_direction" AS ENUM ('inbound', 'outbound');
-CREATE TYPE "message_status" AS ENUM ('queued', 'sent', 'delivered', 'failed', 'received');
-CREATE TYPE "message_consent_kind" AS ENUM ('opt_in', 'opt_out', 'help');
-
--- ─── Tables ───────────────────────────────────────────────────────────────────
-
-CREATE TABLE "conversations" (
-  "id" uuid PRIMARY KEY DEFAULT gen_random_uuid(),
-  "business_id" uuid NOT NULL,
-  "client_id" uuid NOT NULL REFERENCES "clients"("id") ON DELETE CASCADE,
-  "channel" "messaging_channel" NOT NULL,
-  "external_number" text NOT NULL,
-  "business_number" text NOT NULL,
-  "last_message_at" timestamp,
-  "status" text NOT NULL DEFAULT 'active',
-  "created_at" timestamp NOT NULL DEFAULT now(),
-  "updated_at" timestamp NOT NULL DEFAULT now()
-);
-
-CREATE INDEX "idx_conversations_business_id_last_message_at" ON "conversations"("business_id", "last_message_at" DESC);
-CREATE UNIQUE INDEX "uq_conversations_business_client_number" ON "conversations"("business_id", "client_id", "business_number");
-
-CREATE TABLE "messages" (
-  "id" uuid PRIMARY KEY DEFAULT gen_random_uuid(),
-  "conversation_id" uuid NOT NULL REFERENCES "conversations"("id") ON DELETE CASCADE,
-  "direction" "message_direction" NOT NULL,
-  "body" text,
-  "status" "message_status" NOT NULL DEFAULT 'queued',
-  "provider_message_id" text,
-  "error_code" text,
-  "error_message" text,
-  "sent_by_staff_id" uuid REFERENCES "staff"("id") ON DELETE SET NULL,
-  "created_at" timestamp NOT NULL DEFAULT now(),
-  "delivered_at" timestamp,
-  "read_by_client_at" timestamp
-);
-
-CREATE INDEX "idx_messages_conversation_id_created_at" ON "messages"("conversation_id", "created_at" DESC);
-CREATE UNIQUE INDEX "uq_messages_provider_message_id" ON "messages"("provider_message_id");
-
-CREATE TABLE "message_attachments" (
-  "id" uuid PRIMARY KEY DEFAULT gen_random_uuid(),
-  "message_id" uuid NOT NULL REFERENCES "messages"("id") ON DELETE CASCADE,
-  "content_type" text NOT NULL,
-  "url" text NOT NULL,
-  "size" integer NOT NULL,
-  "provider_media_id" text
-);
-
-CREATE INDEX "idx_message_attachments_message_id" ON "message_attachments"("message_id");
-
-CREATE TABLE "message_consent_events" (
-  "id" uuid PRIMARY KEY DEFAULT gen_random_uuid(),
-  "client_id" uuid NOT NULL REFERENCES "clients"("id") ON DELETE CASCADE,
-  "business_id" uuid NOT NULL,
-  "kind" "message_consent_kind" NOT NULL,
-  "source" text,
-  "created_at" timestamp NOT NULL DEFAULT now()
-);
-
-CREATE INDEX "idx_message_consent_events_client_id" ON "message_consent_events"("client_id");
-
--- ─── Business Settings extensions ────────────────────────────────────────────
-
-ALTER TABLE "business_settings" ADD COLUMN "messaging_phone_number" text;
-ALTER TABLE "business_settings" ADD COLUMN "telnyx_messaging_profile_id" text;

packages/db/migrations/meta/_journal.json

@@ -204,20 +204,6 @@
       "when": 1775741667192,
       "tag": "0028_sms_reminders",
       "breakpoints": true
-    },
-    {
-      "idx": 29,
-      "version": "7",
-      "when": 1775784467192,
-      "tag": "0029_db_indexes_constraints",
-      "breakpoints": true
-    },
-    {
-      "idx": 30,
-      "version": "7",
-      "when": 1775828067192,
-      "tag": "0030_messaging",
-      "breakpoints": true
     }
   ]
 }

packages/db/src/schema.ts

@@ -406,117 +406,6 @@ export const impersonationAuditLogs = pgTable(
   (t) => [index("impersonation_audit_logs_session_id_idx").on(t.sessionId)]
 );
 
-// ─── Messaging ───────────────────────────────────────────────────────────────
-
-export const messagingChannelEnum = pgEnum("messaging_channel", ["sms", "mms"]);
-
-export const messageDirectionEnum = pgEnum("message_direction", [
-  "inbound",
-  "outbound",
-]);
-
-export const messageStatusEnum = pgEnum("message_status", [
-  "queued",
-  "sent",
-  "delivered",
-  "failed",
-  "received",
-]);
-
-export const messageConsentKindEnum = pgEnum("message_consent_kind", [
-  "opt_in",
-  "opt_out",
-  "help",
-]);
-
-export const conversations = pgTable(
-  "conversations",
-  {
-    id: uuid("id").primaryKey().defaultRandom(),
-    businessId: uuid("business_id").notNull(),
-    clientId: uuid("client_id")
-      .notNull()
-      .references(() => clients.id, { onDelete: "cascade" }),
-    channel: messagingChannelEnum("channel").notNull(),
-    externalNumber: text("external_number").notNull(),
-    businessNumber: text("business_number").notNull(),
-    lastMessageAt: timestamp("last_message_at"),
-    status: text("status").notNull().default("active"),
-    createdAt: timestamp("created_at").notNull().defaultNow(),
-    updatedAt: timestamp("updated_at").notNull().defaultNow(),
-  },
-  (t) => [
-    index("idx_conversations_business_id_last_message_at").on(
-      t.businessId,
-      t.lastMessageAt.desc()
-    ),
-    unique("uq_conversations_business_client_number").on(
-      t.businessId,
-      t.clientId,
-      t.businessNumber
-    ),
-  ]
-);
-
-export const messages = pgTable(
-  "messages",
-  {
-    id: uuid("id").primaryKey().defaultRandom(),
-    conversationId: uuid("conversation_id")
-      .notNull()
-      .references(() => conversations.id, { onDelete: "cascade" }),
-    direction: messageDirectionEnum("direction").notNull(),
-    body: text("body"),
-    status: messageStatusEnum("status").notNull().default("queued"),
-    providerMessageId: text("provider_message_id"),
-    errorCode: text("error_code"),
-    errorMessage: text("error_message"),
-    sentByStaffId: uuid("sent_by_staff_id").references(() => staff.id, {
-      onDelete: "set null",
-    }),
-    createdAt: timestamp("created_at").notNull().defaultNow(),
-    deliveredAt: timestamp("delivered_at"),
-    readByClientAt: timestamp("read_by_client_at"),
-  },
-  (t) => [
-    index("idx_messages_conversation_id_created_at").on(
-      t.conversationId,
-      t.createdAt.desc()
-    ),
-    unique("uq_messages_provider_message_id").on(t.providerMessageId),
-  ]
-);
-
-export const messageAttachments = pgTable(
-  "message_attachments",
-  {
-    id: uuid("id").primaryKey().defaultRandom(),
-    messageId: uuid("message_id")
-      .notNull()
-      .references(() => messages.id, { onDelete: "cascade" }),
-    contentType: text("content_type").notNull(),
-    url: text("url").notNull(),
-    size: integer("size").notNull(),
-    providerMediaId: text("provider_media_id"),
-  },
-  (t) => [index("idx_message_attachments_message_id").on(t.messageId)]
-);
-
-export const messageConsentEvents = pgTable(
-  "message_consent_events",
-  {
-    id: uuid("id").primaryKey().defaultRandom(),
-    clientId: uuid("client_id")
-      .notNull()
-      .references(() => clients.id, { onDelete: "cascade" }),
-    businessId: uuid("business_id").notNull(),
-    kind: messageConsentKindEnum("kind").notNull(),
-    source: text("source"),
-    createdAt: timestamp("created_at").notNull().defaultNow(),
-  },
-  (t) => [index("idx_message_consent_events_client_id").on(t.clientId)]
-);
-
 export const businessSettings = pgTable("business_settings", {
   id: uuid("id").primaryKey().defaultRandom(),
   businessName: text("business_name").notNull().default("GroomBook"),
@@ -525,8 +414,6 @@ export const businessSettings = pgTable("business_settings", {
   logoKey: text("logo_key"),
   primaryColor: text("primary_color").notNull().default("#4f8a6f"),
   accentColor: text("accent_color").notNull().default("#8b7355"),
-  messagingPhoneNumber: text("messaging_phone_number"),
-  telnyxMessagingProfileId: text("telnyx_messaging_profile_id"),
   createdAt: timestamp("created_at").notNull().defaultNow(),
   updatedAt: timestamp("updated_at").notNull().defaultNow(),
 });

packages/db/src/seed.ts

@@ -978,7 +978,6 @@ async function seed() {
         const invoiceStatus = rand() < 0.95 ? "paid" as const : "pending" as const;
         const paidAt = invoiceStatus === "paid" ? new Date(endTime.getTime() + randInt(5, 30) * 60 * 1000) : null;
 
-        const stripePaymentIntentId = invoiceStatus === "paid" && rand() < 0.2 ? `pi_test_${uuid().replace(/-/g, "").slice(0, 24)}` : null;
         invoiceBatch.push({
           id: invoiceId,
           appointmentId: apptId,
@@ -990,7 +989,6 @@ async function seed() {
           status: invoiceStatus,
           paymentMethod: invoiceStatus === "paid" ? pick(["cash", "card", "card", "card", "check"]) as "cash" | "card" | "check" : null,
           paidAt,
-          stripePaymentIntentId,
           notes: rand() < 0.05 ? "Added extra service at checkout" : null,
         });
 
@@ -1094,14 +1092,13 @@ async function seed() {
       const taxCents = Math.round(effectivePrice * 0.08);
       const totalCents = effectivePrice + taxCents + tipCents;
       const paidAt = new Date(endTime.getTime() + randInt(5, 30) * 60 * 1000);
-      const stripePaymentIntentId = rand() < 0.2 ? `pi_test_${uuid().replace(/-/g, "").slice(0, 24)}` : null;
 
       invoiceBatch.push({
         id: invoiceId, appointmentId: apptId, clientId,
         subtotalCents: effectivePrice, taxCents, tipCents, totalCents,
         status: "paid" as const,
         paymentMethod: pick(["cash", "card", "card", "card", "check"]) as "cash" | "card" | "check",
-        paidAt, stripePaymentIntentId, notes: null,
+        paidAt, notes: null,
       });
       lineItemBatch.push({
         id: uuid(), invoiceId, description: svc.name, quantity: 1,

pnpm-lock.yaml

@@ -4346,12 +4346,10 @@ packages:
 
   uuid@8.3.2:
     resolution: {integrity: sha512-+NYs2QeMWy+GWFOEm9xnn6HCDp0l7QBD7ml8zLUmJ+93Q5NF0NocErnwkTkXVFNiX3/fpC6afS8Dhb/gz7R7eg==}
-    deprecated: uuid@10 and below is no longer supported.  For ESM codebases, update to uuid@latest.  For CommonJS codebases, use uuid@11 (but be aware this version will likely be deprecated in 2028).
     hasBin: true
 
   uuid@9.0.1:
     resolution: {integrity: sha512-b+1eJOlsR9K8HJpow9Ok3fiWOWSIcIzXodvv0rQjVoOVNpWMpxf1wZNpt4y9h10odCNrqnYp1OBzRktckBe3sA==}
-    deprecated: uuid@10 and below is no longer supported.  For ESM codebases, update to uuid@latest.  For CommonJS codebases, use uuid@11 (but be aware this version will likely be deprecated in 2028).
     hasBin: true
 
   victory-vendor@37.3.6: