Merge pull request 'GRO-1636: seed.ts creates Better Auth credential accounts for UAT personas' (#434) from flea/gro-1636-better-auth-seed into dev

Merge PR #434: GRO-1636 seed.ts creates Better Auth credential accounts for UAT personas

.github/workflows/ci.yml

@@ -6,11 +6,6 @@ on:
   pull_request:
     branches: [main, dev]
   workflow_dispatch:
-    inputs:
-      ref:
-        description: "Branch or ref to run CI against"
-        required: false
-        default: "main"
 
 jobs:
   lint-typecheck:
@@ -58,47 +53,6 @@ jobs:
       - name: Run tests
         run: pnpm test
 
-  e2e:
-    name: E2E Tests
-    runs-on: ubuntu-latest
-    needs: [lint-typecheck, test]
-    steps:
-      - uses: actions/checkout@v4
-
-      - uses: pnpm/action-setup@v4
-        with:
-          version: '9.15.4'
-
-      - uses: actions/setup-node@v4
-        with:
-          node-version: 20
-          cache: pnpm
-
-      - name: Install dependencies
-        run: pnpm install --frozen-lockfile
-
-      - name: Install Playwright browsers
-        run: pnpm --filter @groombook/e2e exec playwright install --with-deps chromium
-
-      - name: Start Docker Compose stack
-        run: docker compose up -d --wait
-        timeout-minutes: 5
-
-      - name: Run E2E tests
-        run: pnpm --filter @groombook/e2e test
-
-      - name: Upload Playwright report
-        if: failure()
-        uses: actions/upload-artifact@v4
-        with:
-          name: playwright-report
-          path: apps/e2e/playwright-report/
-          retention-days: 7
-
-      - name: Stop Docker Compose stack
-        if: always()
-        run: docker compose down
-
   build:
     name: Build
     runs-on: ubuntu-latest
@@ -126,12 +80,9 @@ jobs:
   docker:
     name: Build & Push Docker Images
     runs-on: ubuntu-latest
-    needs: [build, e2e]
+    needs: [build]
     outputs:
       tag: ${{ steps.version.outputs.tag }}
-    permissions:
-      contents: read
-      packages: write
     steps:
       - uses: actions/checkout@v4
 
@@ -152,12 +103,12 @@ jobs:
       - name: Set up Docker Buildx
         uses: docker/setup-buildx-action@v3
 
-      - name: Log in to GitHub Container Registry
+      - name: Log in to Gitea Container Registry
         uses: docker/login-action@v3
         with:
-          registry: ghcr.io
-          username: ${{ github.actor }}
-          password: ${{ secrets.GITHUB_TOKEN }}
+          registry: git.farh.net
+          username: ${{ gitea.actor }}
+          password: ${{ secrets.REGISTRY_TOKEN }}
 
       - name: Build and push API image
         uses: docker/build-push-action@v6
@@ -167,10 +118,10 @@ jobs:
           target: runner
           push: true
           tags: |
-            ghcr.io/groombook/api:${{ steps.version.outputs.tag }}
-            ${{ github.ref == 'refs/heads/main' && 'ghcr.io/groombook/api:latest' || '' }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
+            git.farh.net/groombook/api:${{ steps.version.outputs.tag }}
+            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/api:latest' || '' }}
+          cache-from: type=registry,ref=git.farh.net/groombook/cache:api
+          cache-to: type=registry,ref=git.farh.net/groombook/cache:api,mode=max
 
       - name: Build and push Migrate image
         uses: docker/build-push-action@v6
@@ -180,10 +131,10 @@ jobs:
           target: migrate
           push: true
           tags: |
-            ghcr.io/groombook/migrate:${{ steps.version.outputs.tag }}
-            ${{ github.ref == 'refs/heads/main' && 'ghcr.io/groombook/migrate:latest' || '' }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
+            git.farh.net/groombook/migrate:${{ steps.version.outputs.tag }}
+            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/migrate:latest' || '' }}
+          cache-from: type=registry,ref=git.farh.net/groombook/cache:migrate
+          cache-to: type=registry,ref=git.farh.net/groombook/cache:migrate,mode=max
 
       - name: Build and push Seed image
         uses: docker/build-push-action@v6
@@ -193,10 +144,10 @@ jobs:
           target: seed
           push: true
           tags: |
-            ghcr.io/groombook/seed:${{ steps.version.outputs.tag }}
-            ${{ github.ref == 'refs/heads/main' && 'ghcr.io/groombook/seed:latest' || '' }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
+            git.farh.net/groombook/seed:${{ steps.version.outputs.tag }}
+            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/seed:latest' || '' }}
+          cache-from: type=registry,ref=git.farh.net/groombook/cache:seed
+          cache-to: type=registry,ref=git.farh.net/groombook/cache:seed,mode=max
 
       - name: Build and push Reset image
         uses: docker/build-push-action@v6
@@ -206,10 +157,10 @@ jobs:
           target: reset
           push: true
           tags: |
-            ghcr.io/groombook/reset:${{ steps.version.outputs.tag }}
-            ${{ github.ref == 'refs/heads/main' && 'ghcr.io/groombook/reset:latest' || '' }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
+            git.farh.net/groombook/reset:${{ steps.version.outputs.tag }}
+            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/reset:latest' || '' }}
+          cache-from: type=registry,ref=git.farh.net/groombook/cache:reset
+          cache-to: type=registry,ref=git.farh.net/groombook/cache:reset,mode=max
 
       - name: Build and push Web image
         uses: docker/build-push-action@v6
@@ -218,19 +169,16 @@ jobs:
           file: apps/web/Dockerfile
           push: true
           tags: |
-            ghcr.io/groombook/web:${{ steps.version.outputs.tag }}
-            ${{ github.ref == 'refs/heads/main' && 'ghcr.io/groombook/web:latest' || '' }}
-          cache-from: type=gha
-          cache-to: type=gha,mode=max
+            git.farh.net/groombook/web:${{ steps.version.outputs.tag }}
+            ${{ github.ref == 'refs/heads/main' && 'git.farh.net/groombook/web:latest' || '' }}
+          cache-from: type=registry,ref=git.farh.net/groombook/cache:web
+          cache-to: type=registry,ref=git.farh.net/groombook/cache:web,mode=max
 
   deploy-dev:
     name: Deploy PR to groombook-dev
     runs-on: runners-groombook
     needs: [docker]
     if: github.event_name == 'pull_request'
-    permissions:
-      contents: read
-      pull-requests: write
     steps:
       - name: Install kubectl
         run: |
@@ -247,7 +195,6 @@ jobs:
           TAG="pr-$PR_NUM-${SHA::7}"
           echo "Deploying images tagged $TAG to groombook-dev..."
 
-          # Run migration with PR image
           kubectl delete job "migrate-pr-$PR_NUM" -n groombook-dev --ignore-not-found
           cat <<EOF | kubectl apply -n groombook-dev -f -
           apiVersion: batch/v1
@@ -262,7 +209,7 @@ jobs:
                 restartPolicy: Never
                 containers:
                 - name: migrate
-                  image: ghcr.io/groombook/migrate:$TAG
+                  image: git.farh.net/groombook/migrate:$TAG
                   env:
                   - name: DATABASE_URL
                     valueFrom:
@@ -273,35 +220,33 @@ jobs:
           kubectl wait --for=condition=complete "job/migrate-pr-$PR_NUM" \
             -n groombook-dev --timeout=120s
 
-          # Update deployments
-          kubectl set image deployment/api api=ghcr.io/groombook/api:$TAG -n groombook-dev
-          kubectl set image deployment/web web=ghcr.io/groombook/web:$TAG -n groombook-dev
+          kubectl set image deployment/api api=git.farh.net/groombook/api:$TAG -n groombook-dev
+          kubectl set image deployment/web web=git.farh.net/groombook/web:$TAG -n groombook-dev
 
-          # Wait for rollout
           kubectl rollout status deployment/api -n groombook-dev --timeout=300s
           kubectl rollout status deployment/web -n groombook-dev --timeout=300s
 
           echo "Deployment complete."
 
       - name: Comment on PR
-        uses: actions/github-script@v7
-        with:
-          script: |
-            const pr = context.issue.number;
-            const tag = `pr-${pr}`;
-            await github.rest.issues.createComment({
-              owner: context.repo.owner,
-              repo: context.repo.repo,
-              issue_number: pr,
-              body: [
-                '## Deployed to groombook-dev',
-                '',
-                `**Images:** \`${tag}\``,
-                '**URL:** https://dev.groombook.farh.net',
-                '',
-                'Ready for UAT validation.'
-              ].join('\n')
-            });
+        env:
+          PR_NUM: ${{ github.event.pull_request.number }}
+        run: |
+          PR_NUM="$PR_NUM"
+          BODY=$(cat <<'EOFBODY'
+          ## Deployed to groombook-dev
+
+          **Images:** `pr-'"$PR_NUM"'`
+
+          **URL:** https://dev.groombook.farh.net
+
+          Ready for UAT validation.
+          EOFBODY
+          )
+          curl -s -X POST "https://git.farh.net/api/v1/repos/groombook/app/issues/${PR_NUM}/comments" \
+            -H "Authorization: Bearer ${{ secrets.REGISTRY_TOKEN }}" \
+            -H "Content-Type: application/json" \
+            -d "{\"body\": $(echo "$BODY" | jq -Rs .)}"
 
   web-e2e:
     name: Web E2E (Dev)
@@ -330,33 +275,15 @@ jobs:
         run: pnpm --filter @groombook/web test:e2e
         timeout-minutes: 10
 
-      - name: Upload Playwright report
-        if: failure()
-        uses: actions/upload-artifact@v4
-        with:
-          name: playwright-web-e2e-report
-          path: apps/web/playwright-report/
-          retention-days: 7
-
   cd:
     name: Update Infra Image Tags
     runs-on: ubuntu-latest
     needs: [docker]
     if: (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/dev') && github.event_name == 'push'
-    permissions:
-      contents: write
-      pull-requests: write
     steps:
-      - name: Generate infra repo token
-        id: infra-token
-        uses: tibdex/github-app-token@v2
-        with:
-          app_id: ${{ vars.GH_APP_ID }}
-          private_key: ${{ secrets.GH_APP_PRIVATE_KEY }}
-
       - name: Clone groombook/infra
         run: |
-          git clone https://x-access-token:${{ steps.infra-token.outputs.token }}@github.com/groombook/infra.git /tmp/infra
+          git clone https://oauth2:${{ secrets.REGISTRY_TOKEN }}@git.farh.net/groombook/infra.git /tmp/infra
 
       - name: Install yq
         run: |
@@ -376,27 +303,23 @@ jobs:
           echo "Updating migration/seed Job names with SHA: $SHORT_SHA"
           cd /tmp/infra
           DEV_KUST="apps/overlays/dev/kustomization.yaml"
-          yq -i '(.images[] | select(.name == "ghcr.io/groombook/api")).newTag = env(TAG)' "$DEV_KUST"
-          yq -i '(.images[] | select(.name == "ghcr.io/groombook/web")).newTag = env(TAG)' "$DEV_KUST"
-          yq -i '(.images[] | select(.name == "ghcr.io/groombook/migrate")).newTag = env(TAG)' "$DEV_KUST"
-          yq -i '(.images[] | select(.name == "ghcr.io/groombook/seed")).newTag = env(TAG)' "$DEV_KUST"
-          yq -i '(.images[] | select(.name == "ghcr.io/groombook/reset")).newTag = env(TAG)' "$DEV_KUST"
+          yq -i '(.images[] | select(.name == "git.farh.net/groombook/api")).newTag = env(TAG)' "$DEV_KUST"
+          yq -i '(.images[] | select(.name == "git.farh.net/groombook/web")).newTag = env(TAG)' "$DEV_KUST"
+          yq -i '(.images[] | select(.name == "git.farh.net/groombook/migrate")).newTag = env(TAG)' "$DEV_KUST"
+          yq -i '(.images[] | select(.name == "git.farh.net/groombook/seed")).newTag = env(TAG)' "$DEV_KUST"
+          yq -i '(.images[] | select(.name == "git.farh.net/groombook/reset")).newTag = env(TAG)' "$DEV_KUST"
 
-          # Update migrate Job name to include short SHA (immutable template fix)
           MIGRATE_JOB="apps/base/migrate-job.yaml"
           if [ -f "$MIGRATE_JOB" ]; then
             yq -i '.metadata.name = "migrate-schema-" + env(SHORT_SHA)' "$MIGRATE_JOB"
             yq -i '.metadata.annotations."groombook.app/deploy-version" = env(TAG)' "$MIGRATE_JOB"
-            # Ensure ttlSecondsAfterFinished is set for automatic cleanup
             yq -i '.spec.ttlSecondsAfterFinished = (.spec.ttlSecondsAfterFinished // 86400)' "$MIGRATE_JOB"
           fi
 
-          # Update seed Job name to include short SHA (immutable template fix)
           SEED_JOB="apps/base/seed-job.yaml"
           if [ -f "$SEED_JOB" ]; then
             yq -i '.metadata.name = "seed-test-data-" + env(SHORT_SHA)' "$SEED_JOB"
             yq -i '.metadata.annotations."groombook.app/deploy-version" = env(TAG)' "$SEED_JOB"
-            # Ensure ttlSecondsAfterFinished is set for automatic cleanup
             yq -i '.spec.ttlSecondsAfterFinished = (.spec.ttlSecondsAfterFinished // 86400)' "$SEED_JOB"
           fi
 
@@ -405,7 +328,6 @@ jobs:
       - name: Create PR on groombook/infra
         env:
           TAG: ${{ needs.docker.outputs.tag }}
-          GH_TOKEN: ${{ steps.infra-token.outputs.token }}
         run: |
           if [ -z "$TAG" ]; then
             TAG="$(date -u +%Y.%m.%d)-${GITHUB_SHA::7}"
@@ -413,24 +335,35 @@ jobs:
 
           cd /tmp/infra
           git config user.name "groombook-engineer[bot]"
-          git config user.email "3141748+groombook-engineer[bot]@users.noreply.github.com"
+          git config user.email "groombook-engineer@farh.net"
           git checkout -b "chore/update-image-tags-${TAG}"
           git add apps/overlays/dev/ apps/base/migrate-job.yaml apps/base/seed-job.yaml
           git commit -m "chore: update image tags and migration/seed Job names to ${TAG}"
 
           git push -u origin "chore/update-image-tags-${TAG}"
 
-          # Check if PR already exists for this branch
-          EXISTING_PR=$(gh pr list --repo groombook/infra --head "chore/update-image-tags-${TAG}" --state open --json number -q '.[0].number' || true)
-          if [ -n "$EXISTING_PR" ]; then
+          EXISTING_PR=$(curl -s "https://git.farh.net/api/v1/repos/groombook/infra/pulls?state=open&head=groombook:chore/update-image-tags-${TAG}" \
+            -H "Authorization: Bearer ${{ secrets.REGISTRY_TOKEN }}" | jq -r '.[0].number')
+          if [ -n "$EXISTING_PR" ] && [ "$EXISTING_PR" != "null" ]; then
             echo "PR #$EXISTING_PR already exists for this tag, merging existing PR"
-            gh pr merge "$EXISTING_PR" --repo groombook/infra --merge
+            curl -s -X PUT "https://git.farh.net/api/v1/repos/groombook/infra/pulls/${EXISTING_PR}/merge" \
+              -H "Authorization: Bearer ${{ secrets.REGISTRY_TOKEN }}" \
+              -H "Content-Type: application/json" \
+              -d '{"do": "merge"}'
           else
-            PR_URL=$(gh pr create \
-              --repo groombook/infra \
-              --base main \
-              --head "chore/update-image-tags-${TAG}" \
-              --title "chore: deploy ${TAG} to dev" \
-              --body "[GRO-178](/GRO/issues/GRO-178) — automated image tag update from main merge")
-            gh pr merge "$PR_URL" --merge
+            PR_RESPONSE=$(curl -s -X POST "https://git.farh.net/api/v1/repos/groombook/infra/pulls" \
+              -H "Authorization: Bearer ${{ secrets.REGISTRY_TOKEN }}" \
+              -H "Content-Type: application/json" \
+              -d "{
+                \"base\": \"main\",
+                \"head\": \"chore/update-image-tags-${TAG}\",
+                \"title\": \"chore: deploy ${TAG} to dev\",
+                \"body\": \"[GRO-178](/GRO/issues/GRO-178) — automated image tag update from main merge\"
+              }")
+            PR_NUM=$(echo "$PR_RESPONSE" | jq -r '.number')
+            echo "Created PR #$PR_NUM"
+            curl -s -X PUT "https://git.farh.net/api/v1/repos/groombook/infra/pulls/${PR_NUM}/merge" \
+              -H "Authorization: Bearer ${{ secrets.REGISTRY_TOKEN }}" \
+              -H "Content-Type: application/json" \
+              -d '{"do": "merge"}'
           fi

SHEDWARD_INSTRUCTIONS.md

@@ -0,0 +1,50 @@
+# Shedward Scissorhands — UAT Agent Instructions
+
+You are the GroomBook User Acceptance Tester. Your sole job is to execute UAT playbooks against deployed environments and report results.
+
+## Mandatory Tooling
+
+You MUST use the **groombook-playwright MCP server** (`mcp__playwright-groombook__*` tools) for ALL browser interaction. Do not:
+
+- Run scripted Playwright suites (`npx playwright test`, `pnpm test:e2e`, etc.)
+- Use manual browser commands or shell-based browser automation
+- Open browsers outside the MCP server
+
+Every page navigation, click, form fill, and verification MUST go through MCP tools.
+
+## Available MCP Tools
+
+| Tool | When to use |
+|------|-------------|
+| `browser_navigate` | Open a URL |
+| `browser_snapshot` | Read page state (preferred over screenshot for assertions) |
+| `browser_take_screenshot` | Capture visual evidence |
+| `browser_click` | Click an element (use ref from snapshot) |
+| `browser_fill_form` | Fill form fields |
+| `browser_type` | Type text into focused element |
+| `browser_press_key` | Press keyboard keys |
+| `browser_select_option` | Select dropdown options |
+| `browser_hover` | Hover over elements |
+| `browser_wait_for` | Wait for elements or navigation |
+| `browser_console_messages` | Check for JS errors |
+| `browser_network_requests` | Inspect API calls |
+| `browser_evaluate` | Run JS in page context |
+| `browser_resize` | Test responsive layouts |
+| `browser_close` | Close browser session |
+
+## Execution Workflow
+
+1. Read the `UAT_PLAYBOOK.md` in the repo being tested.
+2. For each test case, translate the human-readable steps into MCP tool calls.
+3. Capture evidence: use `browser_snapshot` for assertions, `browser_take_screenshot` for visual proof.
+4. Report pass/fail per test case with evidence.
+5. If a test fails, document: severity, steps to reproduce, actual vs expected, and attach screenshots.
+
+## Environments
+
+| Environment | URL | Auth |
+|-------------|-----|------|
+| Dev | `https://dev.groombook.dev` | Dev login selector (no OIDC) |
+| UAT | `https://uat.groombook.dev` | Authentik OIDC at `https://auth.farh.net` |
+| Production | `https://demo.groombook.dev` | Authentik OIDC |
+| Site | `https://groombook.farh.net` | No auth required |

UAT_PLAYBOOK.md

@@ -4,7 +4,49 @@
 
 GroomBook is an open-source, self-hostable pet grooming business management & CRM platform. The monorepo contains the Hono API (`apps/api`), React PWA web app (`apps/web`), E2E tests (`apps/e2e`), and shared packages (`packages/db`, `packages/types`). Tech stack: Hono + React 19 + Vite + PostgreSQL + Drizzle ORM + Authentik OIDC.
 
-## 2. Environments
+## 2. Execution Method
+
+All UAT is executed by **Shedward Scissorhands** via the **groombook-playwright MCP server**. No manual browser checks or scripted Playwright suites are used for UAT.
+
+### MCP Tools
+
+Shedward uses the `mcp__playwright-groombook__*` tool family:
+
+| Tool | Purpose |
+|------|---------|
+| `browser_navigate` | Navigate to a URL |
+| `browser_snapshot` | Capture accessibility snapshot (preferred over screenshot) |
+| `browser_take_screenshot` | Capture visual screenshot when needed |
+| `browser_click` | Click an element by ref or selector |
+| `browser_fill_form` | Fill form fields |
+| `browser_type` | Type text into focused element |
+| `browser_press_key` | Press keyboard keys (Enter, Tab, etc.) |
+| `browser_select_option` | Select dropdown options |
+| `browser_hover` | Hover over elements |
+| `browser_wait_for` | Wait for elements or conditions |
+| `browser_console_messages` | Check console for errors |
+| `browser_network_requests` | Inspect network traffic |
+| `browser_evaluate` | Run JavaScript in page context |
+| `browser_tabs` | Manage browser tabs |
+| `browser_close` | Close browser |
+
+### How Test Cases Map to MCP Calls
+
+Each test case in Section 4 describes steps like "Navigate to X" or "Click Y". Shedward translates these to MCP tool calls:
+
+- **"Navigate to [URL]"** → `browser_navigate` with the environment URL
+- **"Click [element]"** → `browser_snapshot` to find the element ref, then `browser_click`
+- **"Fill in [field]"** → `browser_fill_form` or `browser_click` + `browser_type`
+- **"Verify [state]"** → `browser_snapshot` and inspect the accessibility tree
+- **"Check for errors"** → `browser_console_messages` + `browser_snapshot`
+
+Shedward reads this playbook, executes each test case via MCP tools, captures evidence (snapshots/screenshots), and reports pass/fail per test case.
+
+### Legacy CI Tests
+
+The scripted Playwright suites in `apps/e2e/` and `apps/web/e2e/` are retained for CI regression testing only. They are **not** the primary UAT mechanism. UAT is exclusively MCP-driven by Shedward.
+
+## 3. Environments
 
 | Environment | URL | Notes |
 |-------------|-----|-------|
@@ -14,7 +56,7 @@ GroomBook is an open-source, self-hostable pet grooming business management & CR
 
 **Local Development:** Run `docker compose up --build` at repository root. Web app available at `localhost:8080`, API at `localhost:3000`.
 
-## 3. Pre-conditions
+## 4. Pre-conditions
 
 - UAT environment is accessible at `https://uat.groombook.dev`
 - Test accounts are seeded with the following personas:
@@ -29,18 +71,23 @@ GroomBook is an open-source, self-hostable pet grooming business management & CR
 - Stripe test keys are configured for payment flow testing
 - Email/SMS providers (Telnyx, etc.) are configured for notification testing
 
-## 4. Test Cases
+## 5. Test Cases
 
 ### 4.1 Authentication
 
 | # | Scenario | Steps | Expected |
 |---|----------|-------|----------|
-| TC-APP-4.1.1 | OIDC login | 1. Navigate to UAT environment<br>2. Click "Login with Authentik"<br>3. Enter test credentials<br>4. Authorize the application | User is redirected to app dashboard, session is established |
-| TC-APP-4.1.2 | Session persistence | 1. Log in as any user<br>2. Close browser tab<br>3. Reopen browser and navigate to UAT | User remains logged in, no re-authentication required |
-| TC-APP-4.1.3 | Logout | 1. Log in as any user<br>2. Click logout button<br>3. Attempt to access protected route | User is logged out and redirected to login page |
-| TC-APP-4.1.4 | RBAC - Manager access | 1. Log in as Manager<br>2. Navigate to Settings, Staff Management, Reports | All administrative features are accessible |
-| TC-APP-4.1.5 | RBAC - Staff access | 1. Log in as Staff<br>2. Attempt to access Settings, Staff Management | Access denied or limited view, staff can only see assigned appointments |
-| TC-APP-4.1.6 | RBAC - Client access | 1. Log in as Client<br>2. Navigate to portal<br>3. Attempt to access admin areas | Client can only view their own appointments, pets, and profile |
+| TC-APP-4.1.1 | OIDC login (Authentik) | 1. Navigate to UAT environment<br>2. Click "Login with Authentik"<br>3. Enter test credentials<br>4. Authorize the application | User is redirected to app dashboard, session is established |
+| TC-APP-4.1.2 | Email + password login (UAT Super) | 1. Navigate to UAT environment sign-in page<br>2. Select email+password flow<br>3. Enter `uat-super@groombook.dev` and UAT super password<br>4. Submit | User is logged in and redirected to dashboard with manager access |
+| TC-APP-4.1.3 | Email + password login (UAT Groomer) | 1. Navigate to UAT environment sign-in page<br>2. Select email+password flow<br>3. Enter `uat-groomer@groombook.dev` and UAT groomer password<br>4. Submit | User is logged in and redirected to dashboard with staff/groomer access |
+| TC-APP-4.1.4 | Email + password login (UAT Customer) | 1. Navigate to UAT environment sign-in page<br>2. Select email+password flow<br>3. Enter `uat-customer@groombook.dev` and UAT customer password<br>4. Submit | User is logged in with client portal access |
+| TC-APP-4.1.5 | Email + password login (UAT Tester) | 1. Navigate to UAT environment sign-in page<br>2. Select email+password flow<br>3. Enter `uat-tester@groombook.dev` and UAT tester password<br>4. Submit | User is logged in with staff/tester access |
+| TC-APP-4.1.6 | Session persistence | 1. Log in as any user<br>2. Close browser tab<br>3. Reopen browser and navigate to UAT | User remains logged in, no re-authentication required |
+| TC-APP-4.1.7 | Logout | 1. Log in as any user<br>2. Click logout button<br>3. Attempt to access protected route | User is logged out and redirected to login page |
+| TC-APP-4.1.8 | RBAC - Manager access | 1. Log in as Manager (OIDC or email+password)<br>2. Navigate to Settings, Staff Management, Reports | All administrative features are accessible |
+| TC-APP-4.1.9 | RBAC - Staff access | 1. Log in as Staff (OIDC or email+password)<br>2. Attempt to access Settings, Staff Management | Access denied or limited view, staff can only see assigned appointments |
+| TC-APP-4.1.10 | RBAC - Client access | 1. Log in as Client (email+password)<br>2. Navigate to portal<br>3. Attempt to access admin areas | Client can only view their own appointments, pets, and profile |
+| TC-APP-4.1.11 | Login after hourly reset | 1. Wait for or trigger `reset-demo-data` CronJob to run<br>2. Attempt email+password login as any UAT persona | Login succeeds — Better Auth credential accounts survive the reset cycle |
 
 ### 4.2 Setup Wizard / OOBE
 
@@ -78,6 +125,13 @@ GroomBook is an open-source, self-hostable pet grooming business management & CR
 | TC-APP-4.5.4 | Calendar view (day/week/month) | 1. Navigate to Calendar<br>2. Switch between day, week, and month views | Calendar displays appointments in selected time range correctly |
 | TC-APP-4.5.5 | Appointment groups | 1. Create multiple appointments for same time slot<br>2. View in calendar | Appointments are grouped/linked appropriately |
 | TC-APP-4.5.6 | Appointment availability check | 1. Attempt to book appointment during unavailable slot | System shows conflict or prevents double-booking |
+| TC-APP-4.5.7 | Booking wizard — size/coat selection | 1. Start new appointment booking wizard<br>2. Select a pet with sizeCategory and coatType set<br>3. Observe the service/slot selection step | Size and coat type dropdowns are displayed and persist the pet's existing values |
+| TC-APP-4.5.8 | Large/Xlarge pet slot duration reflects buffer | 1. Add a pet with sizeCategory = "large" or "xlarge" to an appointment<br>2. Note the service duration<br>3. Complete booking and inspect the appointment | Appointment slot includes the service duration plus the configured buffer for the pet's size category |
+| TC-APP-4.5.9 | Appointment overrun cascades downstream | 1. Book three consecutive same-groomer appointments (A → B → C)<br>2. Manually extend appointment A's endTime so it overlaps B's startTime by ≥15 min<br>3. Observe appointment B | Appointment B (and C if still overlapping) is automatically shifted forward by the overrun delta + buffer; no error thrown |
+| TC-APP-4.5.10 | Cascaded appointments appear at new times | 1. Complete TC-APP-4.5.9<br>2. Check the calendar/list view | Appointments B and C are now shown at their shifted start/end times |
+| TC-APP-4.5.11 | Client receives reschedule notification email | 1. Complete TC-APP-4.5.9<br>2. Check the client's email (or notification log) | Client receives an email with subject/lines indicating their appointment was rescheduled from original time to new time |
+| TC-APP-4.5.12 | Appointment flagged when shift crosses day boundary | 1. Book appointment D for late afternoon (e.g. 17:30)<br>2. Extend a prior appointment so D would shift to the next day<br>3. Observe D | Appointment D is flagged for manual review and is NOT auto-shifted to the next day |
+| TC-APP-4.5.13 | Only scheduled/confirmed appointments are cascaded | 1. Start a cascade scenario (TC-APP-4.5.9) where a downstream appointment is already `in_progress`<br>2. Complete the cascade | The `in_progress` appointment is not shifted; cascade continues to next eligible appointment |
 
 ### 4.6 Services
 
@@ -228,7 +282,24 @@ GroomBook is an open-source, self-hostable pet grooming business management & CR
 | TC-APP-4.20.5 | Unread indicator | 1. Client sends a new message | Thread marked unread until staff views it |
 | TC-APP-4.20.6 | Cross-tenant isolation | 1. Staff from Business A attempts to read Business B conversations | 403 or empty response returned |
 
-## 5. Pass/Fail Criteria
+
+### 4.21 SMS Consent (STOP/HELP Keyword Handler)
+
+| # | Scenario | Steps | Expected |
+|---|----------|-------|----------|
+| TC-APP-4.21.1 | STOP → unsubscribe + auto-reply | 1. Send `STOP` (case-insensitive, with whitespace) from a subscribed client's phone number | Client is opted out (`smsOptIn=false`, `smsOptOutDate` set), event is logged, user receives auto-reply: "You have been unsubscribed and will no longer receive messages. Reply START to resubscribe." |
+| TC-APP-4.21.2 | START → resubscribe + auto-reply | 1. Send `START` (case-insensitive) from an opted-out client's phone number | Client is opted back in (`smsOptIn=true`, `smsConsentDate` updated, `smsOptOutDate` cleared), event is logged, user receives auto-reply: "You have been resubscribed to messages. Reply STOP to unsubscribe. Msg & data rates may apply." |
+| TC-APP-4.21.3 | HELP → no opt-in change + default reply | 1. Send `HELP` (case-insensitive) from any client's phone number | No change to opt-in state, no database update, event is logged, user receives auto-reply: "Reply STOP to unsubscribe or START to resubscribe. For help, contact your groomer directly." |
+| TC-APP-4.21.4 | STOPALL / UNSUBSCRIBE / CANCEL / END / QUIT → opt-out | 1. Send each alias from a subscribed client's phone | Same behaviour as STOP: opt-out applied, correct reply sent |
+| TC-APP-4.21.5 | UNSTOP / YES / SUBSCRIBE → opt-in | 1. Send each alias from an opted-out client's phone | Same behaviour as START: opt-in applied, correct reply sent |
+| TC-APP-4.21.6 | INFO → help reply | 1. Send `INFO` from any client's phone | Same behaviour as HELP: no state change, help reply returned |
+| TC-APP-4.21.7 | Double STOP (idempotency) | 1. Send `STOP` from an already-opted-out client | Event is logged, no update call made, idempotent — no duplicate update |
+| TC-APP-4.21.8 | Double START (idempotency) | 1. Send `START` from an already-subscribed client | Event is logged, no update call made, idempotent — no duplicate update |
+| TC-APP-4.21.9 | Case insensitivity | 1. Send `stop`, `Stop`, `sToP`, ` stop ` from subscribed client | All variants are detected and handled as opt-out |
+| TC-APP-4.21.10 | Whitespace trimming | 1. Send `  START  ` or `\tSTOP\n` | Keywords are trimmed before matching |
+| TC-APP-4.21.11 | Non-keyword messages ignored | 1. Send `STOP IT`, `help me`, `hello` | Returns null from `detectKeyword`, no consent event inserted, no reply sent |
+| TC-APP-4.21.12 | Consent event audit log | 1. After any keyword, query `messageConsentEvents` table | Record exists with correct `clientId`, `businessId`, `kind`, and `source: "sms_keyword"` |
+## 6. Pass/Fail Criteria
 
 **Pass:** All test cases execute without errors. Expected results match actual results. No regressions are observed. All functionality works as documented.
 
@@ -241,7 +312,7 @@ GroomBook is an open-source, self-hostable pet grooming business management & CR
 
 **Regressions:** If a previously working feature fails during this UAT run, it is considered a regression and must be addressed before the release can proceed.
 
-## 6. Update Policy
+## 7. Update Policy
 
 **Any PR that changes user-facing behaviour MUST update this file.**
 
@@ -251,4 +322,4 @@ When modifying features that affect:
 - Configuration (settings, integrations)
 - Data visibility (reports, search, filtering)
 
-The corresponding test case(s) in Section 4 must be updated to reflect the new behaviour. The PR description must reference which playbook section was updated (e.g., "Updated UAT_PLAYBOOK.md §4.5 — new appointment group scheduling feature").
+The corresponding test case(s) in Section 5 must be updated to reflect the new behaviour. The PR description must reference which playbook section was updated (e.g., "Updated UAT_PLAYBOOK.md §4.5 — new appointment group scheduling feature").

apps/api/src/lib/cascade.ts

@@ -0,0 +1,281 @@
+import { eq, and, gt, or, asc } from "@groombook/db";
+import { appointments, clients, pets, services, staff, type Db } from "@groombook/db";
+import { resolveBufferMinutes } from "./buffer.js";
+import { sendEmail, buildRescheduleNotificationEmail } from "../services/email.js";
+
+export interface CascadeResult {
+  shifted: ShiftedAppointment[];
+  flaggedForReview: FlaggedAppointment[];
+}
+
+export interface ShiftedAppointment {
+  id: string;
+  oldStartTime: Date;
+  oldEndTime: Date;
+  newStartTime: Date;
+  newEndTime: Date;
+  shiftDeltaMs: number;
+}
+
+export interface FlaggedAppointment {
+  id: string;
+  reason: string;
+  requestedStartTime: Date;
+  requestedEndTime: Date;
+}
+
+interface AppointmentWithGroomer {
+  id: string;
+  clientId: string;
+  petId: string;
+  serviceId: string;
+  staffId: string | null;
+  batherStaffId: string | null;
+  status: string;
+  startTime: Date;
+  endTime: Date;
+  bufferMinutes: number;
+}
+
+/**
+ * Detects and cascades appointment overruns to downstream same-groomer appointments.
+ *
+ * Trigger conditions:
+ * - PATCH extends endTime beyond the original endTime
+ * - Status transitions where current time exceeds endTime + bufferMinutes
+ *
+ * Guard rails:
+ * - Only shifts `scheduled` and `confirmed` appointments
+ * - Skips `in_progress`, `completed`, `cancelled`, `no_show`
+ * - Flags appointments that would fall outside business hours for manual review
+ */
+export async function detectAndCascadeOverrun({
+  db,
+  overrunningAppointmentId,
+  newEndTime,
+  _originalEndTime,
+}: {
+  db: Db;
+  overrunningAppointmentId: string;
+  newEndTime: Date;
+  _originalEndTime: Date;
+}): Promise<CascadeResult> {
+  const result: CascadeResult = { shifted: [], flaggedForReview: [] };
+
+  // Fetch the overrunning appointment to get groomer/staff info
+  const [overrunning] = await db
+    .select()
+    .from(appointments)
+    .where(eq(appointments.id, overrunningAppointmentId))
+    .limit(1);
+
+  if (!overrunning) return result;
+
+  const groomerId = overrunning.staffId;
+  if (!groomerId) return result;
+
+  // Determine the effective buffer for the overrunning appointment
+  const bufferMinutes = await resolveBufferMinutesForAppointment(db, overrunning);
+  const overrunEnd = newEndTime;
+  const effectiveEnd = new Date(overrunEnd.getTime() + bufferMinutes * 60_000);
+
+  // Query same-groomer appointments that start AFTER the overrunning appointment ends
+  // and are ordered by startTime ASC (nearest first)
+  const downstreamAppointments = await db
+    .select()
+    .from(appointments)
+    .where(
+      and(
+        eq(appointments.staffId, groomerId),
+        gt(appointments.startTime, overrunning.endTime),
+        or(
+          eq(appointments.status, "scheduled"),
+          eq(appointments.status, "confirmed")
+        )
+      )
+    )
+    .orderBy(asc(appointments.startTime));
+
+  // Track which appointments have been processed to avoid double-processing in cascade
+  const processedIds = new Set<string>();
+  processedIds.add(overrunningAppointmentId);
+
+  let currentOverrunEnd = effectiveEnd;
+
+  for (const downstream of downstreamAppointments) {
+    if (processedIds.has(downstream.id)) continue;
+
+    const downstreamBuffer = await resolveBufferMinutesForAppointment(db, downstream);
+
+    // Check if this downstream appointment conflicts with the current overrun end
+    const conflictThreshold = new Date(
+      currentOverrunEnd.getTime() + downstreamBuffer * 60_000
+    );
+
+    if (conflictThreshold <= downstream.startTime) {
+      // No conflict — cascade is complete
+      break;
+    }
+
+    // Conflict detected — need to shift this appointment
+    const shiftDeltaMs = conflictThreshold.getTime() - downstream.startTime.getTime();
+    const newStartTime = new Date(downstream.startTime.getTime() + shiftDeltaMs);
+    const newEndTime = new Date(downstream.endTime.getTime() + shiftDeltaMs);
+
+    // Check business hours (simple: only shift within same calendar day window for now)
+    // A more sophisticated implementation would check actual business hours from businessSettings
+    const isSameDay =
+      newStartTime.toDateString() === downstream.startTime.toDateString();
+
+    if (!isSameDay) {
+      result.flaggedForReview.push({
+        id: downstream.id,
+        reason: `Shifted appointment would fall on a different day (${newStartTime.toDateString()})`,
+        requestedStartTime: newStartTime,
+        requestedEndTime: newEndTime,
+      });
+      // Continue cascade check — we still process downstream appointments
+      currentOverrunEnd = newEndTime;
+      processedIds.add(downstream.id);
+      continue;
+    }
+
+    // Apply the shift
+    await db
+      .update(appointments)
+      .set({
+        startTime: newStartTime,
+        endTime: newEndTime,
+        updatedAt: new Date(),
+      })
+      .where(eq(appointments.id, downstream.id));
+
+    result.shifted.push({
+      id: downstream.id,
+      oldStartTime: downstream.startTime,
+      oldEndTime: downstream.endTime,
+      newStartTime,
+      newEndTime,
+      shiftDeltaMs,
+    });
+
+    // Update current overrun end for next iteration
+    currentOverrunEnd = newEndTime;
+    processedIds.add(downstream.id);
+  }
+
+  // Send notifications for all shifted appointments
+  for (const shifted of result.shifted) {
+    await notifyShiftedAppointment(db, shifted);
+  }
+
+  return result;
+}
+
+/**
+ * Determines if an appointment update represents an overrun that triggers cascade logic.
+ */
+export function isOverrun({
+  originalEndTime,
+  newEndTime,
+  _originalStartTime,
+  _newStartTime,
+  status,
+  currentTime,
+  bufferMinutes,
+}: {
+  originalEndTime: Date;
+  newEndTime: Date;
+  _originalStartTime: Date;
+  _newStartTime?: Date;
+  status: string;
+  currentTime: Date;
+  bufferMinutes: number;
+}): boolean {
+  // Case 1: endTime extended beyond original
+  if (newEndTime > originalEndTime) {
+    return true;
+  }
+
+  // Case 2: status transition where current time exceeds endTime + bufferMinutes
+  // This handles cases where an appointment ran long but wasn't explicitly rescheduled
+  if (
+    (status === "in_progress" || status === "completed") &&
+    currentTime > new Date(originalEndTime.getTime() + bufferMinutes * 60_000)
+  ) {
+    return true;
+  }
+
+  return false;
+}
+
+async function resolveBufferMinutesForAppointment(
+  db: Db,
+  appt: AppointmentWithGroomer
+): Promise<number> {
+  // First check if the appointment has an explicit bufferMinutes override
+  if (appt.bufferMinutes > 0) {
+    return appt.bufferMinutes;
+  }
+
+  // Fall back to buffer time rules based on service + pet characteristics
+  const [pet] = await db
+    .select({ sizeCategory: pets.sizeCategory, coatType: pets.coatType })
+    .from(pets)
+    .where(eq(pets.id, appt.petId))
+    .limit(1);
+
+  if (!pet) return 0;
+
+  return resolveBufferMinutes({
+    serviceId: appt.serviceId,
+    sizeCategory: pet.sizeCategory,
+    coatType: pet.coatType,
+    db,
+  });
+}
+
+async function notifyShiftedAppointment(
+  db: Db,
+  shifted: ShiftedAppointment
+): Promise<void> {
+  const [row] = await db
+    .select({
+      clientName: clients.name,
+      clientEmail: clients.email,
+      clientEmailOptOut: clients.emailOptOut,
+      petName: pets.name,
+      serviceName: services.name,
+      groomerName: staff.name,
+      appointmentStartTime: appointments.startTime,
+    })
+    .from(appointments)
+    .innerJoin(clients, eq(clients.id, appointments.clientId))
+    .innerJoin(pets, eq(pets.id, appointments.petId))
+    .innerJoin(services, eq(services.id, appointments.serviceId))
+    .leftJoin(staff, eq(staff.id, appointments.staffId))
+    .where(eq(appointments.id, shifted.id))
+    .limit(1);
+
+  if (!row) return;
+  const { clientName, clientEmail, clientEmailOptOut, petName, serviceName, groomerName } = row;
+
+  if (!clientEmail || clientEmailOptOut) return;
+  if (!petName || !serviceName) return;
+
+  console.log(
+    `[cascade] Notifying shift for appointment ${shifted.id}: ` +
+      `${shifted.oldStartTime.toISOString()} → ${shifted.newStartTime.toISOString()}`
+  );
+
+  await sendEmail(
+    buildRescheduleNotificationEmail(clientEmail, {
+      clientName,
+      petName,
+      serviceName,
+      groomerName: groomerName ?? null,
+      oldStartTime: shifted.oldStartTime,
+      newStartTime: shifted.newStartTime,
+    })
+  );
+}

apps/api/src/routes/appointments.ts

@@ -21,6 +21,10 @@ import {
 } from "@groombook/db";
 import { buildConfirmationEmail, sendEmail } from "../services/email.js";
 import { notifyWaitlistForAppointment } from "../services/waitlistNotify.js";
+import {
+  detectAndCascadeOverrun,
+  isOverrun,
+} from "../lib/cascade.js";
 import type { AppEnv } from "../middleware/rbac.js";
 
 async function withRetry<T>(
@@ -584,6 +588,7 @@ appointmentsRouter.patch(
       // (fixes #18). Also falls back to the existing staffId when staffId is
       // omitted from the request, so rescheduling always checks conflicts (fixes #19).
       let row: typeof appointments.$inferSelect | undefined;
+      let originalEndTime: Date | undefined;
       try {
         row = await db.transaction(async (tx) => {
           const [current] = await tx
@@ -595,6 +600,9 @@ appointmentsRouter.patch(
             throw Object.assign(new Error("not found"), { statusCode: 404 });
           }
 
+          // Preserve original endTime for cascade detection after update
+          originalEndTime = current.endTime;
+
           const start = updateFields.startTime
             ? new Date(updateFields.startTime)
             : current.startTime;
@@ -684,6 +692,29 @@ appointmentsRouter.patch(
       }
 
       if (!row) return c.json({ error: "Not found" }, 404);
+
+      // Cascade delay prevention: detect overrun and shift downstream appointments
+      if (
+        originalEndTime &&
+        updateFields.endTime &&
+        isOverrun({
+          originalEndTime,
+          newEndTime: new Date(updateFields.endTime),
+          _originalStartTime: row.startTime,
+          status: row.status,
+          currentTime: new Date(),
+          bufferMinutes: row.bufferMinutes ?? 0,
+        })
+      ) {
+        const cascadeResult = await detectAndCascadeOverrun({
+          db,
+          overrunningAppointmentId: id,
+          newEndTime: new Date(updateFields.endTime),
+          _originalEndTime: originalEndTime,
+        });
+        return c.json({ ...row, cascade: cascadeResult });
+      }
+
       return c.json(row);
     }
 

apps/api/src/routes/book.ts

@@ -38,11 +38,12 @@ bookRouter.get("/services", async (c) => {
 
 // ─── GET /api/book/availability ─────────────────────────────────────────────
 // Public: return ISO startTime strings for slots where ≥1 groomer is free
-// Query params: serviceId (uuid), date (YYYY-MM-DD)
+// Query params: serviceId (uuid), date (YYYY-MM-DD), petSizeCategory, petCoatType
 
 bookRouter.get("/availability", async (c) => {
   const serviceId = c.req.query("serviceId");
   const dateStr = c.req.query("date");
+  const petSizeCategory = c.req.query("petSizeCategory") ?? undefined;
 
   if (!serviceId || !dateStr) {
     return c.json({ error: "serviceId and date are required" }, 400);
@@ -58,6 +59,12 @@ bookRouter.get("/availability", async (c) => {
     .where(and(eq(services.id, serviceId), eq(services.active, true)));
   if (!service) return c.json({ error: "Service not found" }, 404);
 
+  // Buffer-aware duration: extra time for large/x-large or complex coats
+  const extraBuffer = (petSizeCategory === "large" || petSizeCategory === "xlarge")
+    ? (service.defaultBufferMinutes ?? 0)
+    : 0;
+  const durationMinutes = service.durationMinutes + extraBuffer;
+
   const groomers = await db
     .select({ id: staff.id })
     .from(staff)
@@ -89,7 +96,7 @@ bookRouter.get("/availability", async (c) => {
 
   const slots = generateAvailableSlots({
     dateStr,
-    durationMinutes: service.durationMinutes,
+    durationMinutes,
     groomerIds: groomers.map((g) => g.id),
     booked,
   });
@@ -112,6 +119,12 @@ const bookingSchema = z.object({
   petName: z.string().min(1).max(200),
   petSpecies: z.string().min(1).max(100),
   petBreed: z.string().max(100).optional(),
+  petSizeCategory: z
+    .enum(["small", "medium", "large", "xlarge"])
+    .optional(),
+  petCoatType: z
+    .enum(["smooth", "double", "curly", "wire", "long", "hairless"])
+    .optional(),
   notes: z.string().max(2000).optional(),
 });
 
@@ -129,7 +142,7 @@ bookRouter.post(
       .where(and(eq(services.id, body.serviceId), eq(services.active, true)));
     if (!service) return c.json({ error: "Service not found" }, 404);
 
-    const end = new Date(start.getTime() + service.durationMinutes * 60_000);
+    let end = new Date(start.getTime() + service.durationMinutes * 60_000);
 
     // Find all active groomers
     const groomers = await db
@@ -191,11 +204,18 @@ bookRouter.post(
         name: body.petName,
         species: body.petSpecies,
         breed: body.petBreed ?? null,
+        sizeCategory: body.petSizeCategory ?? null,
+        coatType: body.petCoatType ?? null,
       })
       .returning();
     const pet = petInserted[0];
     if (!pet) return c.json({ error: "Failed to create pet" }, 500);
 
+    // Buffer-aware end time: large/x-large pets add service bufferMinutes
+    if (body.petSizeCategory === "large" || body.petSizeCategory === "xlarge") {
+      end = new Date(start.getTime() + (service.durationMinutes + (service.defaultBufferMinutes ?? 0)) * 60_000);
+    }
+
     // Insert appointment in a transaction to guard against race conditions
     let appointment;
     try {

apps/api/src/services/email.ts

@@ -201,3 +201,52 @@ export function buildWaitlistNotificationEmail(
 <p>— Groom Book</p>`,
   };
 }
+
+// ─── Reschedule notification email ────────────────────────────────────────────
+
+interface RescheduleEmailData {
+  clientName: string;
+  petName: string;
+  serviceName: string;
+  groomerName: string | null;
+  oldStartTime: Date;
+  newStartTime: Date;
+}
+
+export function buildRescheduleNotificationEmail(
+  to: string,
+  data: RescheduleEmailData
+): Mail.Options {
+  const oldTime = formatDateTime(data.oldStartTime);
+  const newTime = formatDateTime(data.newStartTime);
+  const groomer = data.groomerName ? ` with ${data.groomerName}` : "";
+  return {
+    to,
+    subject: `Appointment Rescheduled — ${data.petName}'s appointment has been moved`,
+    text: [
+      `Hi ${data.clientName},`,
+      ``,
+      `Your appointment has been rescheduled.`,
+      ``,
+      `  Pet:      ${data.petName}`,
+      `  Service:  ${data.serviceName}`,
+      `  Was:      ${oldTime}${groomer}`,
+      `  Now:      ${newTime}${groomer}`,
+      ``,
+      `If you have any questions or need to make changes, please contact us.`,
+      ``,
+      `— Groom Book`,
+    ].join("\n"),
+    html: `
+<p>Hi ${data.clientName},</p>
+<p>Your appointment has been <strong>rescheduled</strong>.</p>
+<table style="border-collapse:collapse;margin:1em 0">
+  <tr><td style="padding:4px 12px 4px 0;font-weight:600;color:#6b7280">Pet</td><td>${data.petName}</td></tr>
+  <tr><td style="padding:4px 12px 4px 0;font-weight:600;color:#6b7280">Service</td><td>${data.serviceName}</td></tr>
+  <tr><td style="padding:4px 12px 4px 0;font-weight:600;color:#ef4444">Was</td><td style="text-decoration:line-through;color:#ef4444">${oldTime}${groomer}</td></tr>
+  <tr><td style="padding:4px 12px 4px 0;font-weight:600;color:#10b981">Now</td><td style="color:#10b981">${newTime}${groomer}</td></tr>
+</table>
+<p>If you have any questions or need to make changes, please contact us.</p>
+<p>— Groom Book</p>`,
+  };
+}

apps/api/src/services/messaging/__tests__/consent.test.ts

@@ -0,0 +1,214 @@
+import { describe, it, expect, vi, beforeEach } from "vitest";
+import { detectKeyword } from "../consent.js";
+
+const mockDb = {
+  insert: vi.fn(),
+  update: vi.fn(),
+  select: vi.fn(),
+};
+
+vi.mock("@groombook/db", () => ({
+  getDb: () => mockDb,
+  clients: {},
+  messageConsentEvents: {},
+  businessSettings: {},
+  eq: vi.fn(),
+}));
+
+const { handleConsentKeyword } = await import("../consent.js");
+
+describe("detectKeyword", () => {
+  it.each([
+    ["STOP", "opt_out"],
+    ["STOPALL", "opt_out"],
+    ["UNSUBSCRIBE", "opt_out"],
+    ["CANCEL", "opt_out"],
+    ["END", "opt_out"],
+    ["QUIT", "opt_out"],
+  ])("opt-out keyword %s → opt_out", (keyword, expected) => {
+    expect(detectKeyword(keyword)).toEqual({ kind: expected });
+  });
+
+  it.each([
+    ["START", "opt_in"],
+    ["UNSTOP", "opt_in"],
+    ["YES", "opt_in"],
+    ["SUBSCRIBE", "opt_in"],
+  ])("opt-in keyword %s → opt_in", (keyword, expected) => {
+    expect(detectKeyword(keyword)).toEqual({ kind: expected });
+  });
+
+  it.each([
+    ["HELP", "help"],
+    ["INFO", "help"],
+  ])("help keyword %s → help", (keyword, expected) => {
+    expect(detectKeyword(keyword)).toEqual({ kind: expected });
+  });
+
+  it("is case insensitive", () => {
+    expect(detectKeyword("stop")).toEqual({ kind: "opt_out" });
+    expect(detectKeyword("Stop")).toEqual({ kind: "opt_out" });
+    expect(detectKeyword("sToP")).toEqual({ kind: "opt_out" });
+  });
+
+  it("trims whitespace", () => {
+    expect(detectKeyword("  STOP  ")).toEqual({ kind: "opt_out" });
+    expect(detectKeyword("\tSTART\n")).toEqual({ kind: "opt_in" });
+  });
+
+  it("returns null for non-keyword messages", () => {
+    expect(detectKeyword("hello")).toBeNull();
+    expect(detectKeyword("STOP IT")).toBeNull();
+    expect(detectKeyword("help me")).toBeNull();
+  });
+});
+
+describe("handleConsentKeyword", () => {
+  beforeEach(() => {
+    vi.clearAllMocks();
+    mockDb.insert.mockReturnValue({
+      values: vi.fn().mockResolvedValue([{ id: "event-1" }]),
+    } as any);
+    mockDb.update.mockReturnValue({
+      set: vi.fn().mockReturnValue({
+        where: vi.fn().mockResolvedValue([]),
+      }),
+    } as any);
+  });
+
+  const baseOpts = {
+    clientId: "client-1",
+    businessId: "biz-1",
+    db: mockDb as unknown as ReturnType<typeof import("@groombook/db").getDb>,
+  };
+
+  describe("opt_out", () => {
+    it("inserts consent event with sms_keyword source", async () => {
+      mockDb.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockReturnValue({
+            limit: vi.fn().mockResolvedValue([{ smsOptIn: true }]),
+          }),
+        }),
+      } as any);
+
+      await handleConsentKeyword({ ...baseOpts, kind: "opt_out" });
+
+      expect(mockDb.insert).toHaveBeenCalledOnce();
+    });
+
+    it("sets smsOptIn=false and smsOptOutDate when currently opted in", async () => {
+      mockDb.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockReturnValue({
+            limit: vi.fn().mockResolvedValue([{ smsOptIn: true }]),
+          }),
+        }),
+      } as any);
+
+      await handleConsentKeyword({ ...baseOpts, kind: "opt_out" });
+
+      expect(mockDb.update).toHaveBeenCalled();
+    });
+
+    it("is idempotent — second opt-out logs event but skips client update", async () => {
+      mockDb.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockReturnValue({
+            limit: vi.fn().mockResolvedValue([{ smsOptIn: false }]),
+          }),
+        }),
+      } as any);
+
+      await handleConsentKeyword({ ...baseOpts, kind: "opt_out" });
+
+      expect(mockDb.update).not.toHaveBeenCalled();
+    });
+
+    it("returns unsubscribe reply text", async () => {
+      mockDb.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockReturnValue({
+            limit: vi.fn().mockResolvedValue([{ smsOptIn: true }]),
+          }),
+        }),
+      } as any);
+
+      const result = await handleConsentKeyword({ ...baseOpts, kind: "opt_out" });
+      expect(result.replyText).toBe(
+        "You have been unsubscribed and will no longer receive messages. Reply START to resubscribe."
+      );
+    });
+  });
+
+  describe("opt_in", () => {
+    it("sets smsOptIn=true and smsConsentDate when currently opted out", async () => {
+      mockDb.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockReturnValue({
+            limit: vi.fn().mockResolvedValue([{ smsOptIn: false, smsConsentDate: null }]),
+          }),
+        }),
+      } as any);
+
+      await handleConsentKeyword({ ...baseOpts, kind: "opt_in" });
+
+      expect(mockDb.update).toHaveBeenCalled();
+    });
+
+    it("clears smsOptOutDate on opt-in after opt-out", async () => {
+      mockDb.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockReturnValue({
+            limit: vi.fn().mockResolvedValue([{ smsOptIn: false }]),
+          }),
+        }),
+      } as any);
+
+      await handleConsentKeyword({ ...baseOpts, kind: "opt_in" });
+
+      expect(mockDb.update).toHaveBeenCalled();
+    });
+
+    it("is idempotent — second opt-in skips client update", async () => {
+      mockDb.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockReturnValue({
+            limit: vi.fn().mockResolvedValue([{ smsOptIn: true }]),
+          }),
+        }),
+      } as any);
+
+      await handleConsentKeyword({ ...baseOpts, kind: "opt_in" });
+
+      expect(mockDb.update).not.toHaveBeenCalled();
+    });
+
+    it("returns resubscribe reply text", async () => {
+      mockDb.select.mockReturnValue({
+        from: vi.fn().mockReturnValue({
+          where: vi.fn().mockReturnValue({
+            limit: vi.fn().mockResolvedValue([{ smsOptIn: false }]),
+          }),
+        }),
+      } as any);
+
+      const result = await handleConsentKeyword({ ...baseOpts, kind: "opt_in" });
+      expect(result.replyText).toBe(
+        "You have been resubscribed to messages. Reply STOP to unsubscribe. Msg & data rates may apply."
+      );
+    });
+  });
+
+  describe("help", () => {
+    it("returns default help reply without querying businessSettings", async () => {
+      const result = await handleConsentKeyword({ ...baseOpts, kind: "help" });
+
+      expect(mockDb.update).not.toHaveBeenCalled();
+      expect(mockDb.select).not.toHaveBeenCalled();
+      expect(result.replyText).toBe(
+        "Reply STOP to unsubscribe or START to resubscribe. For help, contact your groomer directly."
+      );
+    });
+  });
+});

apps/api/src/services/messaging/consent.ts

@@ -0,0 +1,77 @@
+import { clients, messageConsentEvents, eq } from "@groombook/db";
+import type { Db } from "@groombook/db";
+
+export type KeywordKind = "opt_in" | "opt_out" | "help";
+
+const OPT_OUT_KEYWORDS = new Set(["STOP", "STOPALL", "UNSUBSCRIBE", "CANCEL", "END", "QUIT"]);
+const OPT_IN_KEYWORDS = new Set(["START", "UNSTOP", "YES", "SUBSCRIBE"]);
+const HELP_KEYWORDS = new Set(["HELP", "INFO"]);
+
+export function detectKeyword(body: string): { kind: KeywordKind } | null {
+  const normalized = body.trim().toUpperCase();
+  if (OPT_OUT_KEYWORDS.has(normalized)) return { kind: "opt_out" };
+  if (OPT_IN_KEYWORDS.has(normalized)) return { kind: "opt_in" };
+  if (HELP_KEYWORDS.has(normalized)) return { kind: "help" };
+  return null;
+}
+
+export async function handleConsentKeyword(opts: {
+  clientId: string;
+  businessId: string;
+  kind: KeywordKind;
+  db: Db;
+}): Promise<{ replyText: string }> {
+  const { clientId, businessId, kind, db: database } = opts;
+
+  await database.insert(messageConsentEvents).values({
+    clientId,
+    businessId,
+    kind,
+    source: "sms_keyword",
+  });
+
+  if (kind === "opt_out") {
+    const [existing] = await database
+      .select({ smsOptIn: clients.smsOptIn })
+      .from(clients)
+      .where(eq(clients.id, clientId))
+      .limit(1);
+
+    if (existing?.smsOptIn !== false) {
+      await database
+        .update(clients)
+        .set({ smsOptIn: false, smsOptOutDate: new Date() })
+        .where(eq(clients.id, clientId));
+    }
+
+    return {
+      replyText: "You have been unsubscribed and will no longer receive messages. Reply START to resubscribe.",
+    };
+  }
+
+  if (kind === "opt_in") {
+    const [existing] = await database
+      .select({ smsOptIn: clients.smsOptIn, smsConsentDate: clients.smsConsentDate })
+      .from(clients)
+      .where(eq(clients.id, clientId))
+      .limit(1);
+
+    if (existing?.smsOptIn !== true) {
+      await database
+        .update(clients)
+        .set({ smsOptIn: true, smsConsentDate: new Date(), smsOptOutDate: null })
+        .where(eq(clients.id, clientId));
+    }
+
+    return {
+      replyText:
+        "You have been resubscribed to messages. Reply STOP to unsubscribe. Msg & data rates may apply.",
+    };
+  }
+
+  // kind === "help"
+  const replyText =
+    "Reply STOP to unsubscribe or START to resubscribe. For help, contact your groomer directly.";
+
+  return { replyText };
+}

apps/api/src/services/messaging/inbound.ts

@@ -1,5 +1,7 @@
 import { getDb, conversations, messages, businessSettings, clients, eq, and } from "@groombook/db";
 import { v4 as uuidv4 } from "uuid";
+import { detectKeyword, handleConsentKeyword } from "./consent.js";
+import { sendMessage } from "./outbound.js";
 
 export interface TelnyxMessageReceivedPayload {
   data: {
@@ -152,7 +154,7 @@ export async function handleMessageReceived(payload: TelnyxMessageReceivedPayloa
     throw new Error(`No business owns messaging number: ${toPhone}`);
   }
 
-  const { id: conversationId } = await findOrCreateConversation(businessId, fromPhone, toPhone);
+  const { id: conversationId, clientId } = await findOrCreateConversation(businessId, fromPhone, toPhone);
 
   await getDb()
     .update(conversations)
@@ -167,6 +169,22 @@ export async function handleMessageReceived(payload: TelnyxMessageReceivedPayloa
     "received"
   );
 
+  const keyword = detectKeyword(message.body ?? "");
+  if (keyword) {
+    const { replyText } = await handleConsentKeyword({
+      clientId,
+      businessId,
+      kind: keyword.kind,
+      db: getDb(),
+    });
+    await sendMessage({
+      businessId,
+      clientId,
+      body: replyText,
+      sentByStaffId: undefined,
+    });
+  }
+
   return { conversationId, messageId };
 }
 

apps/e2e/playwright.config.ts

@@ -19,7 +19,7 @@ export default defineConfig({
   reporter: process.env.CI ? "github" : "list",
 
   use: {
-    baseURL: "http://localhost:8080",
+    baseURL: process.env.PLAYWRIGHT_BASE_URL ?? "http://localhost:8080",
     trace: "on-first-retry",
     screenshot: "only-on-failure",
     serviceWorkers: "block",

apps/web/src/pages/Book.tsx

@@ -13,6 +13,8 @@ interface BookingBody {
   petName: string;
   petSpecies: string;
   petBreed: string;
+  petSizeCategory: string;
+  petCoatType: string;
   notes: string;
 }
 
@@ -123,6 +125,8 @@ export function BookPage() {
     petName: "",
     petSpecies: "",
     petBreed: "",
+    petSizeCategory: "",
+    petCoatType: "",
     notes: "",
   });
   const [formError, setFormError] = useState<string | null>(null);
@@ -168,14 +172,18 @@ export function BookPage() {
     if (!selectedService || !date) return;
     setSlotsLoading(true);
     setSelectedSlot(null);
-    fetch(
-      `/api/book/availability?serviceId=${encodeURIComponent(selectedService.id)}&date=${encodeURIComponent(date)}`
-    )
+    const params = new URLSearchParams({
+      serviceId: selectedService.id,
+      date,
+    });
+    if (form.petSizeCategory) params.set("petSizeCategory", form.petSizeCategory);
+    if (form.petCoatType) params.set("petCoatType", form.petCoatType);
+    fetch(`/api/book/availability?${params}`)
       .then((r) => r.json() as Promise<string[]>)
       .then(setSlots)
       .catch(() => setSlots([]))
       .finally(() => setSlotsLoading(false));
-  }, [selectedService, date]);
+  }, [selectedService, date, form.petSizeCategory, form.petCoatType]);
 
   function goToStep2(svc: Service) {
     setSelectedService(svc);
@@ -214,6 +222,8 @@ export function BookPage() {
           petName: form.petName,
           petSpecies: form.petSpecies,
           petBreed: form.petBreed || undefined,
+          petSizeCategory: form.petSizeCategory || undefined,
+          petCoatType: form.petCoatType || undefined,
           notes: form.notes || undefined,
         }),
       });
@@ -494,6 +504,36 @@ export function BookPage() {
                     placeholder="Golden Retriever"
                   />
                 </div>
+                <div>
+                  <label style={label}>Pet size (optional, but encouraged)</label>
+                  <select
+                    style={input}
+                    value={form.petSizeCategory}
+                    onChange={(e) => setForm((f) => ({ ...f, petSizeCategory: e.target.value }))}
+                  >
+                    <option value="">Select size…</option>
+                    <option value="small">Small (under 15 lbs)</option>
+                    <option value="medium">Medium (15–40 lbs)</option>
+                    <option value="large">Large (40–80 lbs)</option>
+                    <option value="xlarge">X-Large (over 80 lbs)</option>
+                  </select>
+                </div>
+                <div>
+                  <label style={label}>Coat type (optional, but encouraged)</label>
+                  <select
+                    style={input}
+                    value={form.petCoatType}
+                    onChange={(e) => setForm((f) => ({ ...f, petCoatType: e.target.value }))}
+                  >
+                    <option value="">Select coat type…</option>
+                    <option value="smooth">Smooth</option>
+                    <option value="double">Double</option>
+                    <option value="curly">Curly</option>
+                    <option value="wire">Wire</option>
+                    <option value="long">Long</option>
+                    <option value="hairless">Hairless</option>
+                  </select>
+                </div>
                 <div>
                   <label style={label}>Notes for groomer</label>
                   <textarea
@@ -528,7 +568,7 @@ export function BookPage() {
               <div>
                 <div style={{ color: "#9ca3af", fontSize: 12, fontWeight: 600, textTransform: "uppercase" }}>Service</div>
                 <div style={{ fontWeight: 600 }}>{selectedService.name}</div>
-                <div style={{ color: "#6b7280" }}>{fmtPrice(selectedService.basePriceCents)} · {fmtDuration(selectedService.durationMinutes)}</div>
+                <div style={{ color: "#6b7280" }}>{fmtPrice(selectedService.basePriceCents)} · {fmtDuration(selectedService.durationMinutes + ((form.petSizeCategory === "large" || form.petSizeCategory === "xlarge") ? (selectedService.defaultBufferMinutes ?? 0) : 0))}</div>
               </div>
               <div>
                 <div style={{ color: "#9ca3af", fontSize: 12, fontWeight: 600, textTransform: "uppercase" }}>Date & Time</div>
@@ -599,7 +639,8 @@ export function BookPage() {
               setResult(null);
               setForm({
                 serviceId: "", startTime: "", clientName: "", clientEmail: "",
-                clientPhone: "", petName: "", petSpecies: "", petBreed: "", notes: "",
+                clientPhone: "", petName: "", petSpecies: "", petBreed: "",
+                petSizeCategory: "", petCoatType: "", notes: "",
               });
             }}
           >

docker-compose.yml

@@ -43,6 +43,12 @@ services:
         condition: service_healthy
       migrate:
         condition: service_completed_successfully
+    healthcheck:
+      test: ["CMD-SHELL", "curl -f http://localhost:3000/health || exit 1"]
+      interval: 5s
+      timeout: 5s
+      retries: 20
+      start_period: 10s
 
   web:
     build:
@@ -50,8 +56,17 @@ services:
       dockerfile: apps/web/Dockerfile
     ports:
       - "8080:80"
+    extra_hosts:
+      - "host.docker.internal:host-gateway"
     depends_on:
-      - api
+      api:
+        condition: service_healthy
+    healthcheck:
+      test: ["CMD-SHELL", "curl -f http://localhost:80 || exit 1"]
+      interval: 5s
+      timeout: 5s
+      retries: 20
+      start_period: 10s
 
 volumes:
   postgres_data:

packages/db/src/schema.ts

@@ -151,6 +151,8 @@ export const pets = pgTable(
     name: text("name").notNull(),
     species: text("species").notNull(),
     breed: text("breed"),
+    sizeCategory: petSizeCategoryEnum("size_category"),
+    coatType: coatTypeEnum("coat_type"),
     weightKg: numeric("weight_kg", { precision: 5, scale: 2 }),
     dateOfBirth: timestamp("date_of_birth"),
     healthAlerts: text("health_alerts"),
@@ -162,8 +164,6 @@ export const pets = pgTable(
     photoKey: text("photo_key"),
     photoUploadedAt: timestamp("photo_uploaded_at"),
     image: text("image"),
-    sizeCategory: petSizeCategoryEnum("size_category"),
-    coatType: coatTypeEnum("coat_type"),
     createdAt: timestamp("created_at").notNull().defaultNow(),
     updatedAt: timestamp("updated_at").notNull().defaultNow(),
   },

packages/db/src/seed.ts

@@ -20,6 +20,7 @@ import postgres from "postgres";
 import { drizzle } from "drizzle-orm/postgres-js";
 import { eq, sql } from "drizzle-orm";
 import * as schema from "./schema.js";
+import { randomBytes, scrypt } from "node:crypto";
 
 // ── Seed profile configuration ─────────────────────────────────────────────
 
@@ -509,6 +510,81 @@ async function seedKnownUsers() {
   }
   console.log(`✓ Seeded ${demoSvcs.length} services`);
 
+  // ── Better Auth credential accounts for UAT personas ─────────────────────
+  // Creates user + account rows so UAT personas can email+password login.
+  // Uses the same scrypt config as better-auth (keylen=64, N=16384, r=8, p=1).
+  const uatCredAccounts: Array<{ email: string; passwordEnvKey: string; staffId: string }> = [
+    { email: "uat-super@groombook.dev", passwordEnvKey: "SEED_UAT_SUPER_PASSWORD", staffId: "00000000-0000-0000-0000-000000000003" },
+    { email: "uat-groomer@groombook.dev", passwordEnvKey: "SEED_UAT_GROOMER_PASSWORD", staffId: "00000000-0000-0000-0000-000000000004" },
+    { email: "uat-customer@groombook.dev", passwordEnvKey: "SEED_UAT_CUSTOMER_PASSWORD", staffId: "" },
+    { email: "uat-tester@groombook.dev", passwordEnvKey: "SEED_UAT_TESTER_PASSWORD", staffId: "" },
+  ];
+
+  for (const acct of uatCredAccounts) {
+    const password = process.env[acct.passwordEnvKey];
+    if (!password) {
+      console.log(`⊘ No ${acct.passwordEnvKey} set — skipping Better Auth account for ${acct.email}`);
+      continue;
+    }
+
+    // Check if user already exists
+    const [existingUser] = await db
+      .select()
+      .from(schema.user)
+      .where(eq(schema.user.email, acct.email))
+      .limit(1);
+
+    let userId: string;
+    if (existingUser) {
+      userId = existingUser.id;
+      console.log(`✓ Better Auth user '${acct.email}' already exists — skipping`);
+    } else {
+      // Hash with same scrypt params as better-auth: keylen=64, N=16384, r=8, p=1
+      // Use Promise-based scrypt API (callback pattern, wrapped in Promise)
+      const salt = randomBytes(16);
+      const key = await new Promise<Buffer>((resolve, reject) => {
+        // eslint-disable-next-line @typescript-eslint/no-explicit-any
+        scrypt(password.normalize("NFKC"), salt, 64, { N: 16384, r: 8, p: 1 } as any, (err: Error | null, derivedKey: Buffer) => {
+          if (err) reject(err);
+          else resolve(derivedKey);
+        });
+      });
+      const passwordHash = `${salt.toString("hex")}:${key.toString("hex")}`;
+
+      const [newUser] = await db.insert(schema.user).values({
+        id: uuid(),
+        name: acct.email.split("@")[0]!,
+        email: acct.email,
+        emailVerified: true,
+      }).returning();
+      userId = newUser!.id;
+
+      await db.insert(schema.account).values({
+        id: uuid(),
+        accountId: userId,
+        providerId: "credential",
+        userId,
+        password: passwordHash,
+      });
+      console.log(`✓ Created Better Auth credential account for '${acct.email}'`);
+    }
+
+    // Link staff record to Better Auth user if staff exists and has no userId yet
+    if (acct.staffId) {
+      const [existingStaff] = await db
+        .select()
+        .from(schema.staff)
+        .where(eq(schema.staff.id, acct.staffId))
+        .limit(1);
+      if (existingStaff && !existingStaff.userId) {
+        await db.update(schema.staff)
+          .set({ userId })
+          .where(eq(schema.staff.id, acct.staffId));
+        console.log(`  ↳ Linked staff '${acct.email}' to Better Auth user`);
+      }
+    }
+  }
+
   // ── Client: Demo Client ──
   const [existingClient] = await db
     .select()