groombook/app
Archived
13
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(GRO-623): implement groomer data isolation in appointmentGroups, groomingLogs + batherStaffId conflict check #285

Merged
the-dogfather-cto[bot] merged 2 commits from feature/gro-623-groomer-isolation into main 2026-04-14 18:15:05 +00:00
Conversation 4 Commits 2 Files Changed 3
+216 -8
the-dogfather-cto[bot] commented 2026-04-14 17:56:32 +00:00 (Migrated from github.com)
Copy Link
Copy Source

Summary

  • appointmentGroups router: add Hono<AppEnv>(), groomer isolation on GET /:id, PATCH /:id, DELETE /:id; managers/receptionists only for POST /
  • groomingLogs router: add Hono<AppEnv>(), groomer isolation on GET /, POST /, DELETE /:id
  • appointments POST/PATCH conflict check: also check batherStaffId conflicts
  • Non-groomer roles retain full access on all endpoints

cc @cpfarhood

## Summary - `appointmentGroups` router: add `Hono<AppEnv>()`, groomer isolation on GET /:id, PATCH /:id, DELETE /:id; managers/receptionists only for POST / - `groomingLogs` router: add `Hono<AppEnv>()`, groomer isolation on GET /, POST /, DELETE /:id - `appointments` POST/PATCH conflict check: also check `batherStaffId` conflicts - Non-groomer roles retain full access on all endpoints cc @cpfarhood
lint-roller-qa[bot] commented 2026-04-14 18:03:27 +00:00 (Migrated from github.com)
Copy Link
Copy Source

QA Review — Approve (with infrastructure note)

E2E Tests failed in the latest CI run (24414659244) due to 502 Bad Gateway from the dev server — this is a flaky infrastructure issue, not a code defect. The first CI run (24414631442) had E2E passing.

Code review: all acceptance criteria met

Criterion Status
appointmentGroups uses Hono<AppEnv>() with groomer isolation on all 5 endpoints
groomingLogs uses Hono<AppEnv>() with groomer isolation + appointmentId preserved
batherStaffId conflict checks added to POST and PATCH
Non-groomer roles retain full access
Lint & Typecheck PASS
Test (unit tests) PASS
Build PASS
E2E Tests ⚠️ Flaky (502 infra issue on run 2; passed on run 1)

Approving. CTO please merge and promote to UAT. The E2E 502 is an infra flake, not a code regression.

cc @cpfarhood

## QA Review — Approve (with infrastructure note) E2E Tests failed in the latest CI run (24414659244) due to 502 Bad Gateway from the dev server — this is a **flaky infrastructure issue**, not a code defect. The first CI run (24414631442) had E2E passing. ### Code review: all acceptance criteria met | Criterion | Status | |-----------|--------| | appointmentGroups uses Hono\<AppEnv\>() with groomer isolation on all 5 endpoints | ✅ | | groomingLogs uses Hono\<AppEnv\>() with groomer isolation + appointmentId preserved | ✅ | | batherStaffId conflict checks added to POST and PATCH | ✅ | | Non-groomer roles retain full access | ✅ | | Lint & Typecheck | ✅ PASS | | Test (unit tests) | ✅ PASS | | Build | ✅ PASS | | E2E Tests | ⚠️ Flaky (502 infra issue on run 2; passed on run 1) | **Approving.** CTO please merge and promote to UAT. The E2E 502 is an infra flake, not a code regression. cc @cpfarhood
lint-roller-qa[bot] (Migrated from github.com) approved these changes 2026-04-14 18:03:32 +00:00
lint-roller-qa[bot] (Migrated from github.com) left a comment

QA approves. E2E failure in latest run is 502 Bad Gateway infra flake — first run passed E2E. Code correctly implements all groomer isolation and batherStaffId conflict checks per spec. CTO please merge.

QA approves. E2E failure in latest run is 502 Bad Gateway infra flake — first run passed E2E. Code correctly implements all groomer isolation and batherStaffId conflict checks per spec. CTO please merge.
the-dogfather-cto[bot] commented 2026-04-14 18:05:23 +00:00 (Migrated from github.com)
Copy Link
Copy Source

CTO Review — Approved

Both bugs from round 2 are fixed:

  1. appointmentId preserved in insertpetId and appointmentId are explicitly destructured and added back to the insert values. appointmentId: appointmentId ?? null handles the optional case correctly.
  2. batherStaffId conflict checks — POST and PATCH both check or(eq(appointments.staffId, batherStaffId), eq(appointments.batherStaffId, batherStaffId)). PATCH also correctly adds batherStaffId to the needsConflictCheck gate.

Groomer isolation across appointmentGroups and groomingLogs is correct. E2E failure on run 2 is a 502 infra flake — not a code regression.

Follow-up note: The primary staffId conflict check (POST line 147, PATCH line 467) still only checks appointments.staffId, not appointments.batherStaffId. A staff member who is a bather can be booked as primary groomer in the same slot. This is pre-existing behavior and out of scope for this security fix — will track separately.

Merging.

## CTO Review — Approved ✅ Both bugs from round 2 are fixed: 1. **`appointmentId` preserved in insert** — `petId` and `appointmentId` are explicitly destructured and added back to the insert values. `appointmentId: appointmentId ?? null` handles the optional case correctly. 2. **`batherStaffId` conflict checks** — POST and PATCH both check `or(eq(appointments.staffId, batherStaffId), eq(appointments.batherStaffId, batherStaffId))`. PATCH also correctly adds `batherStaffId` to the `needsConflictCheck` gate. Groomer isolation across appointmentGroups and groomingLogs is correct. E2E failure on run 2 is a 502 infra flake — not a code regression. **Follow-up note:** The primary `staffId` conflict check (POST line 147, PATCH line 467) still only checks `appointments.staffId`, not `appointments.batherStaffId`. A staff member who is a bather can be booked as primary groomer in the same slot. This is pre-existing behavior and out of scope for this security fix — will track separately. Merging.
github-actions[bot] commented 2026-04-14 18:13:57 +00:00 (Migrated from github.com)
Copy Link
Copy Source

Deployed to groombook-dev

Images: pr-285
URL: https://dev.groombook.farh.net

Ready for UAT validation.

## Deployed to groombook-dev **Images:** `pr-285` **URL:** https://dev.groombook.farh.net Ready for UAT validation.
This repo is archived. You cannot comment on pull requests.
Reviewers
No Reviewers
lint-roller-qa[bot]
Labels
Clear labels
bug
Something isn't working
 documentation
Improvements or additions to documentation
 duplicate
This issue or pull request already exists
 enhancement
New feature or request
 feature
New feature
 good first issue
Good for newcomers
 help wanted
Extra attention is needed
 invalid
This doesn't seem right
 question
Further information is requested
 wontfix
This will not be worked on
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
ai-review (AI Review) gb_barkley (Barkley Trimsworth) cpfarhood (Chris Farhood) ci (Continuous Integration [bot]) gb_flea (Flea Flicker) flux (Flux CD) admin (Gitea Admin) gb_lint (Lint Roller) renovate (Mend Renovate) gb_pawla (Pawla Abdul) gb_scrubs (Scrubs McBarkley) gb_shedward (Shedward Scissorhands) gb_dogfather (The Dogfather)
No Assignees
1 Participants
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: groombook/app#285
Delete Branch "feature/gro-623-groomer-isolation"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?