From 5aad2da55ab9b9fb0a2a44a1d1413d670041b799 Mon Sep 17 00:00:00 2001 From: Barkley Trimsworth Date: Mon, 30 Mar 2026 10:58:54 +0000 Subject: [PATCH 01/21] fix(web): add X-Impersonation-Session-Id header to portal API calls This commit also includes GRO-287 fixes: - PasswordChange: add stateful form with password-match validation - ReportCards: replace window.location.reload() with refetch via useRef Co-Authored-By: Paperclip --- apps/web/src/portal/CustomerPortal.tsx | 2 +- .../src/portal/sections/AccountSettings.tsx | 57 +++++++++++++++++-- apps/web/src/portal/sections/Appointments.tsx | 6 +- apps/web/src/portal/sections/ReportCards.tsx | 56 ++++++++++-------- 4 files changed, 87 insertions(+), 34 deletions(-) diff --git a/apps/web/src/portal/CustomerPortal.tsx b/apps/web/src/portal/CustomerPortal.tsx index d8ba8bc..2a5e8e1 100644 --- a/apps/web/src/portal/CustomerPortal.tsx +++ b/apps/web/src/portal/CustomerPortal.tsx @@ -133,7 +133,7 @@ export function CustomerPortal() { case "pets": return ; case "reports": - return ; + return ; case "billing": return ; case "messages": diff --git a/apps/web/src/portal/sections/AccountSettings.tsx b/apps/web/src/portal/sections/AccountSettings.tsx index 2fba3a6..31e5da5 100644 --- a/apps/web/src/portal/sections/AccountSettings.tsx +++ b/apps/web/src/portal/sections/AccountSettings.tsx @@ -72,7 +72,9 @@ function PersonalInfo({ sessionId, readOnly }: { sessionId: string | null; readO const fetchPersonalInfo = async () => { try { setLoading(true); - const response = await fetch("/api/portal/me"); + const response = await fetch("/api/portal/me", { + headers: { "X-Impersonation-Session-Id": sessionId ?? "" }, + }); if (response.ok) { const data: PersonalInfoData = await response.json(); setForm({ @@ -142,6 +144,14 @@ function PersonalInfo({ sessionId, readOnly }: { sessionId: string | null; readO } function PasswordChange({ readOnly }: { readOnly: boolean }) { + const [currentPassword, setCurrentPassword] = useState(""); + const [newPassword, setNewPassword] = useState(""); + const [confirmPassword, setConfirmPassword] = useState(""); + const [error, setError] = useState(null); + + const passwordsMatch = newPassword === confirmPassword; + const canSubmit = currentPassword.length > 0 && newPassword.length > 0 && passwordsMatch; + if (readOnly) { return (
@@ -150,23 +160,56 @@ function PasswordChange({ readOnly }: { readOnly: boolean }) { ); } + function handleSubmit() { + if (!canSubmit) return; + if (newPassword !== confirmPassword) { + setError("Passwords do not match."); + return; + } + // TODO: Wire up to actual password-change API endpoint once backend support exists + setError(null); + setCurrentPassword(""); + setNewPassword(""); + setConfirmPassword(""); + } + return (

Change Password

- + setCurrentPassword(e.target.value)} + className="w-full border border-stone-300 rounded-lg px-3 py-2 text-sm" + />
- + setNewPassword(e.target.value)} + className="w-full border border-stone-300 rounded-lg px-3 py-2 text-sm" + />
- + setConfirmPassword(e.target.value)} + className="w-full border border-stone-300 rounded-lg px-3 py-2 text-sm" + />
-
@@ -185,7 +228,9 @@ function ManagePets({ sessionId, readOnly }: { sessionId: string | null; readOnl const fetchPets = async () => { try { setLoading(true); - const response = await fetch("/api/portal/pets"); + const response = await fetch("/api/portal/pets", { + headers: { "X-Impersonation-Session-Id": sessionId ?? "" }, + }); if (response.ok) { const data = await response.json(); setPets(Array.isArray(data) ? data : []); diff --git a/apps/web/src/portal/sections/Appointments.tsx b/apps/web/src/portal/sections/Appointments.tsx index 03fcad1..2eb6bc1 100644 --- a/apps/web/src/portal/sections/Appointments.tsx +++ b/apps/web/src/portal/sections/Appointments.tsx @@ -118,7 +118,7 @@ export const AppointmentsSection: React.FC = ({ sessio try { const response = await fetch('/api/portal/appointments', { - headers: { Authorization: `Bearer ${sessionId}` }, + headers: { "X-Impersonation-Session-Id": sessionId ?? "" }, }); if (response.ok) { @@ -744,10 +744,10 @@ function BookingFlow({ onClose, sessionId }: BookingFlowProps) { try { const [petsRes, servicesRes] = await Promise.all([ fetch('/api/portal/pets', { - headers: { Authorization: `Bearer ${sessionId}` }, + headers: { "X-Impersonation-Session-Id": sessionId ?? "" }, }), fetch('/api/portal/services', { - headers: { Authorization: `Bearer ${sessionId}` }, + headers: { "X-Impersonation-Session-Id": sessionId ?? "" }, }), ]); diff --git a/apps/web/src/portal/sections/ReportCards.tsx b/apps/web/src/portal/sections/ReportCards.tsx index a8d471b..f8ced2a 100644 --- a/apps/web/src/portal/sections/ReportCards.tsx +++ b/apps/web/src/portal/sections/ReportCards.tsx @@ -1,4 +1,4 @@ -import { useState, useEffect } from "react"; +import { useState, useEffect, useCallback, useRef } from "react"; import { FileText, Share2, Calendar, Smile, Meh, ChevronRight, Loader2 } from "lucide-react"; type MoodKey = "calm" | "cooperative" | "anxious" | "wiggly"; @@ -24,36 +24,44 @@ interface Appointment { reportCardId?: string; } -export function ReportCards() { +interface Props { + sessionId: string | null; +} + +export function ReportCards({ sessionId }: Props) { const [appointments, setAppointments] = useState([]); const [isLoading, setIsLoading] = useState(true); const [error, setError] = useState(null); const [selectedCard, setSelectedCard] = useState(null); - useEffect(() => { - const fetchReportCards = async () => { - try { - const response = await fetch("/api/portal/appointments"); + const fetchReportCardsRef = useRef<() => Promise>(async () => { + setIsLoading(true); + setError(null); + try { + const response = await fetch("/api/portal/appointments", { + headers: { "X-Impersonation-Session-Id": sessionId ?? "" }, + }); - if (response.ok) { - const data = await response.json(); - const allAppointments: Appointment[] = data.appointments || data || []; - const reportCardAppointments = allAppointments.filter( - (appt) => appt.reportCardId - ); - setAppointments(reportCardAppointments); - } else { - setError("Failed to load report cards."); - } - } catch { - setError("Failed to load report cards. Please try again."); - } finally { - setIsLoading(false); + if (response.ok) { + const data = await response.json(); + const allAppointments: Appointment[] = data.appointments || data || []; + const reportCardAppointments = allAppointments.filter( + (appt) => appt.reportCardId + ); + setAppointments(reportCardAppointments); + } else { + setError("Failed to load report cards."); } - }; + } catch { + setError("Failed to load report cards. Please try again."); + } finally { + setIsLoading(false); + } + }); - fetchReportCards(); - }, []); + useEffect(() => { + void fetchReportCardsRef.current(); + }, [sessionId]); if (isLoading) { return ( @@ -69,7 +77,7 @@ export function ReportCards() {

{error}

+ {toggleError && ( +

{toggleError}

+ )} + {staff.length === 0 ? (

No staff members yet.

) : ( @@ -90,7 +125,7 @@ export function StaffPage() { - {["Name", "Email", "Role", "Status", ""].map((h) => ( + {["Name", "Email", "Role", "Super User", "Status", ""].map((h) => ( ))} @@ -101,12 +136,33 @@ export function StaffPage() { + -- 2.52.0 From 1ba840d003a9a095cceb2651295798d95fca8ec6 Mon Sep 17 00:00:00 2001 From: "groombook-ci[bot]" Date: Mon, 30 Mar 2026 10:56:01 +0000 Subject: [PATCH 04/21] ci: trigger build -- 2.52.0 From 1bdc6d50be54b182312d5e4fa75903e57fa3e5b5 Mon Sep 17 00:00:00 2001 From: "groombook-ci[bot]" Date: Mon, 30 Mar 2026 10:59:00 +0000 Subject: [PATCH 05/21] ci: add workflow_dispatch trigger for manual runs --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b9557c1..e78449c 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -5,6 +5,7 @@ on: branches: [main] pull_request: branches: [main] + workflow_dispatch: jobs: lint-typecheck: -- 2.52.0 From 4662b44ccce370e4e6a11c436a13732fab9cbc89 Mon Sep 17 00:00:00 2001 From: "groombook-ci[bot]" Date: Mon, 30 Mar 2026 11:11:59 +0000 Subject: [PATCH 06/21] ci: remove workflow_dispatch (not needed) --- .github/workflows/ci.yml | 1 - 1 file changed, 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index e78449c..b9557c1 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -5,7 +5,6 @@ on: branches: [main] pull_request: branches: [main] - workflow_dispatch: jobs: lint-typecheck: -- 2.52.0 From fe9f1f8f785fe541c3b462790345b0a78f172b44 Mon Sep 17 00:00:00 2001 From: Flea Flicker Date: Mon, 30 Mar 2026 11:24:17 +0000 Subject: [PATCH 07/21] fix(GRO-286): remove unused useCallback import and eslint-disable - ReportCards.tsx: remove unused useCallback from imports - AccountSettings.tsx: remove unused eslint-disable-next-line directive Co-Authored-By: Paperclip --- apps/web/src/portal/sections/AccountSettings.tsx | 1 - apps/web/src/portal/sections/ReportCards.tsx | 2 +- 2 files changed, 1 insertion(+), 2 deletions(-) diff --git a/apps/web/src/portal/sections/AccountSettings.tsx b/apps/web/src/portal/sections/AccountSettings.tsx index 31e5da5..eb69ed0 100644 --- a/apps/web/src/portal/sections/AccountSettings.tsx +++ b/apps/web/src/portal/sections/AccountSettings.tsx @@ -270,7 +270,6 @@ function ManagePets({ sessionId, readOnly }: { sessionId: string | null; readOnl { setEditingPetId(null); setShowAddForm(false); }} onCancel={() => { setEditingPetId(null); setShowAddForm(false); }} /> diff --git a/apps/web/src/portal/sections/ReportCards.tsx b/apps/web/src/portal/sections/ReportCards.tsx index f8ced2a..018b376 100644 --- a/apps/web/src/portal/sections/ReportCards.tsx +++ b/apps/web/src/portal/sections/ReportCards.tsx @@ -1,4 +1,4 @@ -import { useState, useEffect, useCallback, useRef } from "react"; +import { useState, useEffect, useRef } from "react"; import { FileText, Share2, Calendar, Smile, Meh, ChevronRight, Loader2 } from "lucide-react"; type MoodKey = "calm" | "cooperative" | "anxious" | "wiggly"; -- 2.52.0 From 0098e36fa6867fed5a3d35ad7f945468a3392335 Mon Sep 17 00:00:00 2001 From: "groombook-ci[bot]" Date: Mon, 30 Mar 2026 12:30:10 +0000 Subject: [PATCH 08/21] ci: trigger PR CI for GRO-206 Co-Authored-By: Paperclip -- 2.52.0 From bf1b93aead8a24f23bf45ad74ab7ffa78ca27350 Mon Sep 17 00:00:00 2001 From: Barkley Trimsworth Date: Mon, 30 Mar 2026 12:37:13 +0000 Subject: [PATCH 09/21] ci: add workflow_dispatch trigger for manual CI runs GitHub App token pushes do not trigger pull_request workflow events, blocking CI on bot-authored PRs. Add workflow_dispatch to allow manual CI runs via: gh workflow run ci.yml --ref Co-Authored-By: Paperclip --- .github/workflows/ci.yml | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index ee2f56c..11c4f6a 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -5,6 +5,12 @@ on: branches: [main] pull_request: branches: [main] + workflow_dispatch: + inputs: + ref: + description: "Branch or ref to run CI against" + required: false + default: "main" jobs: lint-typecheck: -- 2.52.0 From c6a08be4c6a11d034c478b5c24fa5b68732365a3 Mon Sep 17 00:00:00 2001 From: "groombook-ci[bot]" Date: Mon, 30 Mar 2026 12:37:44 +0000 Subject: [PATCH 10/21] chore: trigger PR CI for GRO-206 Co-Authored-By: Paperclip --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 31b725d..a73b3ba 100644 --- a/README.md +++ b/README.md @@ -215,3 +215,4 @@ All PRs require CI to pass before merge. See [CONTRIBUTING.md](./CONTRIBUTING.md ## License AGPL-3.0 +# GRO-206 CI trigger -- 2.52.0 From db21947323b1759d497e2322523937475423e2c2 Mon Sep 17 00:00:00 2001 From: "groombook-ci[bot]" Date: Sun, 29 Mar 2026 22:42:59 +0000 Subject: [PATCH 11/21] fix(ci): include GitHub SHA in image tag to prevent stale cache reuse Each CI build now produces an immutable tag (pr-N-sha7 or YYYY.MM.DD-sha7) so that docker/build-push-action cache-from type=gha cannot cross-contaminate between commits. Previously the shared pr-N tag caused GHA layer cache to reuse stale JS bundles from earlier builds of the same PR. Co-Authored-By: Claude Opus 4.6 --- .github/workflows/ci.yml | 7 +++++-- 1 file changed, 5 insertions(+), 2 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 11c4f6a..b58a66b 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -128,8 +128,11 @@ jobs: - name: Generate image tag id: version run: | + # Always include short SHA so each build is immutable and cache-from can never + # cross-contaminate between commits. For PRs the format is pr-N-sha7; for main + # it is YYYY.MM.DD-sha7. if [ "${{ github.event_name }}" = "pull_request" ]; then - TAG="pr-${{ github.event.pull_request.number }}" + TAG="pr-${{ github.event.pull_request.number }}-${GITHUB_SHA::7}" else TAG="$(date -u +%Y.%m.%d)-${GITHUB_SHA::7}" fi @@ -215,7 +218,7 @@ jobs: - name: Deploy to groombook-dev env: - TAG: pr-${{ github.event.pull_request.number }} + TAG: pr-${{ github.event.pull_request.number }}-${{ github.sha::7 }} PR_NUM: ${{ github.event.pull_request.number }} run: | echo "Deploying images tagged $TAG to groombook-dev..." -- 2.52.0 From 0e1c36a4070cb0633427be277c690ece92e3a17c Mon Sep 17 00:00:00 2001 From: "groombook-ci[bot]" Date: Mon, 30 Mar 2026 10:27:27 +0000 Subject: [PATCH 12/21] feat(staff): super user grant/revoke UI + last-super-user guardrail (GRO-206) Backend: - PATCH /api/staff/:id now accepts optional isSuperUser field - Only super users can change isSuperUser (403 otherwise) - Revoke (isSuperUser=false) blocked if target is last super user (400) - Deactivate (active=false) blocked if target is last super user (400) - DELETE /:id blocked if target is last super user (400) - New GET /api/staff/me returns current authenticated staff record Frontend (Staff.tsx): - Super User column in staff table with badge indicator - Grant/Revoke SU button visible only to super users - Last-super-user guardrail disables revoke button with tooltip - API errors shown inline below table header Co-Authored-By: Paperclip --- apps/api/src/routes/staff.ts | 73 +++++++++++++++++++++++++++++++++++- apps/web/src/pages/Staff.tsx | 64 +++++++++++++++++++++++++++++-- 2 files changed, 132 insertions(+), 5 deletions(-) diff --git a/apps/api/src/routes/staff.ts b/apps/api/src/routes/staff.ts index 3316c45..7a4a8b5 100644 --- a/apps/api/src/routes/staff.ts +++ b/apps/api/src/routes/staff.ts @@ -13,10 +13,16 @@ const createStaffSchema = z.object({ role: z.enum(["groomer", "receptionist", "manager"]).default("groomer"), oidcSub: z.string().optional(), active: z.boolean().default(true), + isSuperUser: z.boolean().optional(), }); const updateStaffSchema = createStaffSchema.partial().omit({ email: true }); +staffRouter.get("/me", async (c) => { + const staffRow = c.get("staff"); + return c.json(staffRow); +}); + staffRouter.get("/", async (c) => { const db = getDb(); const includeInactive = c.req.query("includeInactive") === "true"; @@ -46,10 +52,55 @@ staffRouter.post("/", zValidator("json", createStaffSchema), async (c) => { staffRouter.patch("/:id", zValidator("json", updateStaffSchema), async (c) => { const db = getDb(); const body = c.req.valid("json"); + const currentStaff = c.get("staff"); + const targetId = c.req.param("id"); + + // Super user check: only super users can change isSuperUser + if (body.isSuperUser !== undefined && !currentStaff.isSuperUser) { + return c.json({ error: "Forbidden: only super users can grant or revoke super user status" }, 403); + } + + // If revoking super user status, check last-super-user guardrail + if (body.isSuperUser === false) { + const superUserCount = await db + .select({ id: staff.id }) + .from(staff) + .where(eq(staff.isSuperUser, true)) + .limit(2); // just need count; fetch 2 to know if > 1 + if (superUserCount.length <= 1) { + return c.json( + { error: "Cannot revoke the last super user. Assign another super user first." }, + 400 + ); + } + } + + // If deactivating a super user, check last-super-user guardrail + if (body.active === false) { + const [target] = await db + .select({ isSuperUser: staff.isSuperUser }) + .from(staff) + .where(eq(staff.id, targetId)) + .limit(1); + if (target?.isSuperUser) { + const superUserCount = await db + .select({ id: staff.id }) + .from(staff) + .where(eq(staff.isSuperUser, true)) + .limit(2); + if (superUserCount.length <= 1) { + return c.json( + { error: "Cannot deactivate the last super user. Assign another super user first." }, + 400 + ); + } + } + } + const [row] = await db .update(staff) .set({ ...body, updatedAt: new Date() }) - .where(eq(staff.id, c.req.param("id"))) + .where(eq(staff.id, targetId)) .returning(); if (!row) return c.json({ error: "Not found" }, 404); return c.json(row); @@ -81,6 +132,26 @@ staffRouter.delete("/:id", async (c) => { ); } + // Prevent deleting the last super user + const [target] = await db + .select({ isSuperUser: staff.isSuperUser }) + .from(staff) + .where(eq(staff.id, id)) + .limit(1); + if (target?.isSuperUser) { + const superUserCount = await db + .select({ id: staff.id }) + .from(staff) + .where(eq(staff.isSuperUser, true)) + .limit(2); + if (superUserCount.length <= 1) { + return c.json( + { error: "Cannot delete the last super user. Assign another super user first." }, + 400 + ); + } + } + const [row] = await db .delete(staff) .where(eq(staff.id, id)) diff --git a/apps/web/src/pages/Staff.tsx b/apps/web/src/pages/Staff.tsx index aac23a7..a521e1c 100644 --- a/apps/web/src/pages/Staff.tsx +++ b/apps/web/src/pages/Staff.tsx @@ -11,6 +11,7 @@ const EMPTY_FORM: StaffForm = { name: "", email: "", role: "groomer" }; export function StaffPage() { const [staff, setStaff] = useState([]); + const [currentUser, setCurrentUser] = useState(null); const [loading, setLoading] = useState(true); const [error, setError] = useState(null); const [editing, setEditing] = useState(null); @@ -18,11 +19,18 @@ export function StaffPage() { const [form, setForm] = useState(EMPTY_FORM); const [formError, setFormError] = useState(null); const [saving, setSaving] = useState(false); + const [togglingId, setTogglingId] = useState(null); + const [toggleError, setToggleError] = useState(null); async function load() { - const r = await fetch("/api/staff?includeInactive=true"); - if (!r.ok) throw new Error(`HTTP ${r.status}`); - setStaff((await r.json()) as Staff[]); + const [staffRes, meRes] = await Promise.all([ + fetch("/api/staff?includeInactive=true"), + fetch("/api/staff/me"), + ]); + if (!staffRes.ok) throw new Error(`HTTP ${staffRes.status}`); + if (!meRes.ok) throw new Error(`HTTP ${meRes.status}`); + setStaff((await staffRes.json()) as Staff[]); + setCurrentUser((await meRes.json()) as Staff); } useEffect(() => { @@ -71,6 +79,29 @@ export function StaffPage() { await load(); } + async function toggleSuperUser(s: Staff) { + setTogglingId(s.id); + setToggleError(null); + try { + const res = await fetch(`/api/staff/${s.id}`, { + method: "PATCH", + headers: { "Content-Type": "application/json" }, + body: JSON.stringify({ isSuperUser: !s.isSuperUser }), + }); + if (!res.ok) { + const err = (await res.json()) as { error?: string }; + setToggleError(err.error ?? `HTTP ${res.status}`); + return; + } + await load(); + } finally { + setTogglingId(null); + } + } + + const isLastSuperUser = (s: Staff) => + s.isSuperUser && staff.filter((st) => st.isSuperUser).length === 1; + if (loading) return

Loading…

; if (error) return

Error: {error}

; @@ -83,6 +114,10 @@ export function StaffPage() { + {toggleError && ( +

{toggleError}

+ )} + {staff.length === 0 ? (

No staff members yet.

) : ( @@ -90,7 +125,7 @@ export function StaffPage() {
{h}
{s.name} {s.email} {s.role} + {s.isSuperUser ? ( + + Super User + + ) : ( + + )} + {s.active ? "Active" : "Inactive"} + {currentUser?.isSuperUser && ( + <> + + + )}
- {["Name", "Email", "Role", "Status", ""].map((h) => ( + {["Name", "Email", "Role", "Super User", "Status", ""].map((h) => ( ))} @@ -101,12 +136,33 @@ export function StaffPage() { + -- 2.52.0 From 72ecd83d9e686d496c97012c4b10b174ca7ebd5f Mon Sep 17 00:00:00 2001 From: "groombook-ci[bot]" Date: Mon, 30 Mar 2026 10:56:01 +0000 Subject: [PATCH 13/21] ci: trigger build -- 2.52.0 From b06314efe241f2a9cd9665661d7499e386b7b167 Mon Sep 17 00:00:00 2001 From: "groombook-ci[bot]" Date: Mon, 30 Mar 2026 11:43:32 +0000 Subject: [PATCH 14/21] fix(db): guarantee 5 UAT test clients with pending invoices (GRO-290) Before: ~5% probabilistic pending invoices meant UAT couldn't reliably find billing test data. Shedward was blocked from testing Pay Now flows. After: deterministic 5 UAT clients (uat-alpha through uat-echo) each get a completed appointment + pending invoice on every seed run. Client names and emails documented in Shedward AGENTS.md for direct access. Co-Authored-By: Paperclip --- packages/db/src/seed.ts | 58 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) diff --git a/packages/db/src/seed.ts b/packages/db/src/seed.ts index dc6ddfa..645ff18 100644 --- a/packages/db/src/seed.ts +++ b/packages/db/src/seed.ts @@ -546,6 +546,64 @@ async function seed() { console.log(`✓ Created 500 clients with ${petRecords.length} pets`); + // ── UAT test clients (guaranteed pending invoices) ───────────────────────────── + // These 5 clients are deterministic and documented in Shedward AGENTS.md so + // UAT can reliably find billing test data without searching. + interface UatClient { + id: string; + name: string; + email: string; + phone: string; + address: string; + petId: string; + petName: string; + petBreed: string; + } + const uatClients: UatClient[] = [ + { id: uuid(), name: "UAT Test Alpha", email: "uat-alpha@groombook.dev", phone: "(555) 100-0001", address: "100 Test Lane, Springfield, CA 90210", petId: uuid(), petName: "TestBuddy", petBreed: "Golden Retriever" }, + { id: uuid(), name: "UAT Test Bravo", email: "uat-bravo@groombook.dev", phone: "(555) 100-0002", address: "200 Test Lane, Springfield, CA 90210", petId: uuid(), petName: "TestMax", petBreed: "Labrador Retriever" }, + { id: uuid(), name: "UAT Test Charlie", email: "uat-charlie@groombook.dev", phone: "(555) 100-0003", address: "300 Test Lane, Springfield, CA 90210", petId: uuid(), petName: "TestCooper", petBreed: "Poodle" }, + { id: uuid(), name: "UAT Test Delta", email: "uat-delta@groombook.dev", phone: "(555) 100-0004", address: "400 Test Lane, Springfield, CA 90210", petId: uuid(), petName: "TestRocky", petBreed: "French Bulldog" }, + { id: uuid(), name: "UAT Test Echo", email: "uat-echo@groombook.dev", phone: "(555) 100-0005", address: "500 Test Lane, Springfield, CA 90210", petId: uuid(), petName: "TestDuke", petBreed: "Beagle" }, + ]; + + for (const uc of uatClients) { + await db.insert(schema.clients) + .values({ id: uc.id, name: uc.name, email: uc.email, phone: uc.phone, address: uc.address }) + .onConflictDoUpdate({ target: schema.clients.email, set: { name: uc.name, phone: uc.phone, address: uc.address } }); + await db.insert(schema.pets) + .values({ id: uc.petId, clientId: uc.id, name: uc.petName, species: "Dog", breed: uc.petBreed, weightKg: "25.00", dateOfBirth: new Date("2021-03-15T00:00:00Z") }) + .onConflictDoUpdate({ target: schema.pets.id, set: { clientId: uc.id, name: uc.petName, species: "Dog", breed: uc.petBreed, weightKg: "25.00", dateOfBirth: new Date("2021-03-15T00:00:00Z") } }); + // Create one completed appointment for this client + const apptId = uuid(); + const svcIdx = 0; + const svc = servicesDef[svcIdx]!; + const completedTime = randDate(oneYearAgo, now); + completedTime.setHours(randInt(8, 16), pick([0, 15, 30, 45]), 0, 0); + const endTime = new Date(completedTime.getTime() + svc.dur * 60 * 1000); + await db.insert(schema.appointments).values({ + id: apptId, clientId: uc.id, petId: uc.petId, serviceId: serviceIds[svcIdx]!, staffId: groomers[0]!.id, + batherStaffId: bathers[0]!.id, status: "completed" as const, startTime: completedTime, endTime, notes: null, priceCents: svc.price, + }); + // Create a PENDING invoice for that appointment + const invoiceId = uuid(); + const taxCents = Math.round(svc.price * 0.08); + const totalCents = svc.price + taxCents; + await db.insert(schema.invoices).values({ + id: invoiceId, appointmentId: apptId, clientId: uc.id, subtotalCents: svc.price, + taxCents, tipCents: 0, totalCents, status: "pending" as const, + paymentMethod: null, paidAt: null, notes: null, + }); + await db.insert(schema.invoiceLineItems).values({ + id: uuid(), invoiceId, description: svc.name, quantity: 1, unitPriceCents: svc.price, totalCents: svc.price, + }); + await db.insert(schema.groomingVisitLogs).values({ + id: uuid(), petId: uc.petId, appointmentId: apptId, staffId: groomers[0]!.id, + cutStyle: null, productsUsed: null, notes: null, groomedAt: endTime, + }); + } + console.log(`✓ Created ${uatClients.length} UAT test clients with guaranteed pending invoices`); + // ── Appointments, Invoices, Visit Logs ── // Generate ~5 appointments per client on average = ~2500 total const statuses: (typeof schema.appointmentStatusEnum.enumValues)[number][] = [ -- 2.52.0 From f58f7fed5a458987d85c22feb65d313096009739 Mon Sep 17 00:00:00 2001 From: "groombook-ci[bot]" Date: Mon, 30 Mar 2026 11:54:07 +0000 Subject: [PATCH 15/21] ci: trigger CI run for PR 176 -- 2.52.0 From d1e1206e4083940db640faa07dbf85da7bf7fa96 Mon Sep 17 00:00:00 2001 From: "groombook-ci[bot]" Date: Mon, 30 Mar 2026 12:07:35 +0000 Subject: [PATCH 16/21] chore: retrigger CI for PR review -- 2.52.0 From 77593282836e840bc37d1bcddc5ea0f30c27db0a Mon Sep 17 00:00:00 2001 From: Flea Flicker Date: Mon, 30 Mar 2026 12:27:50 +0000 Subject: [PATCH 17/21] chore: trigger CI pipeline Co-Authored-By: Paperclip -- 2.52.0 From 1e80fa64e5f7bcc263dfac58244f866d9502beca Mon Sep 17 00:00:00 2001 From: Paperclip Date: Mon, 30 Mar 2026 13:30:48 +0000 Subject: [PATCH 18/21] ci: trigger PR workflow via commit (GRO-290) Co-Authored-By: Paperclip --- README.md | 1 + 1 file changed, 1 insertion(+) diff --git a/README.md b/README.md index 31b725d..3f56855 100644 --- a/README.md +++ b/README.md @@ -215,3 +215,4 @@ All PRs require CI to pass before merge. See [CONTRIBUTING.md](./CONTRIBUTING.md ## License AGPL-3.0 + -- 2.52.0 From f572e0a8f8d361c552817693a90b4cf41f056fd9 Mon Sep 17 00:00:00 2001 From: Paperclip Date: Mon, 30 Mar 2026 13:35:47 +0000 Subject: [PATCH 19/21] fix(ci): use valid GitHub Actions expression syntax for SHA - Replace invalid ${{ github.sha::7 }} with ${{ github.sha }} and shell ${SHA::7} for substring extraction - Add SHA env var to deploy-dev job Co-Authored-By: Paperclip --- .github/workflows/ci.yml | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b58a66b..dd48fc6 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -218,9 +218,10 @@ jobs: - name: Deploy to groombook-dev env: - TAG: pr-${{ github.event.pull_request.number }}-${{ github.sha::7 }} PR_NUM: ${{ github.event.pull_request.number }} + SHA: ${{ github.sha }} run: | + TAG="pr-$PR_NUM-${SHA::7}" echo "Deploying images tagged $TAG to groombook-dev..." # Run migration with PR image -- 2.52.0 From 7fdb32f95b3119fccc63fa0776431f6009756b02 Mon Sep 17 00:00:00 2001 From: Barkley Trimsworth Date: Mon, 30 Mar 2026 13:55:00 +0000 Subject: [PATCH 20/21] =?UTF-8?q?fix(GRO-206):=20CTO=20review=20fixes=20?= =?UTF-8?q?=E2=80=94=20active=20filter=20on=20super=20user=20count=20+=20C?= =?UTF-8?q?I=20TAG=20fix?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit - Add active=true filter to all 3 super user count queries in staff.ts (revoke, deactivate, delete) so inactive super users aren't counted - Fix ci.yml deploy step: use steps.version.outputs.tag instead of invalid github.sha::7 expression - Remove GRO-206 CI trigger junk line from README.md Co-Authored-By: Paperclip --- .github/workflows/ci.yml | 2 +- README.md | 1 - apps/api/src/routes/staff.ts | 6 +++--- 3 files changed, 4 insertions(+), 5 deletions(-) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index b9557c1..0cd237f 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -212,7 +212,7 @@ jobs: - name: Deploy to groombook-dev env: - TAG: pr-${{ github.event.pull_request.number }}-${{ github.sha::7 }} + TAG: ${{ steps.version.outputs.tag }} PR_NUM: ${{ github.event.pull_request.number }} run: | echo "Deploying images tagged $TAG to groombook-dev..." diff --git a/README.md b/README.md index a73b3ba..31b725d 100644 --- a/README.md +++ b/README.md @@ -215,4 +215,3 @@ All PRs require CI to pass before merge. See [CONTRIBUTING.md](./CONTRIBUTING.md ## License AGPL-3.0 -# GRO-206 CI trigger diff --git a/apps/api/src/routes/staff.ts b/apps/api/src/routes/staff.ts index 7a4a8b5..bf5c8c2 100644 --- a/apps/api/src/routes/staff.ts +++ b/apps/api/src/routes/staff.ts @@ -65,7 +65,7 @@ staffRouter.patch("/:id", zValidator("json", updateStaffSchema), async (c) => { const superUserCount = await db .select({ id: staff.id }) .from(staff) - .where(eq(staff.isSuperUser, true)) + .where(and(eq(staff.isSuperUser, true), eq(staff.active, true))) .limit(2); // just need count; fetch 2 to know if > 1 if (superUserCount.length <= 1) { return c.json( @@ -86,7 +86,7 @@ staffRouter.patch("/:id", zValidator("json", updateStaffSchema), async (c) => { const superUserCount = await db .select({ id: staff.id }) .from(staff) - .where(eq(staff.isSuperUser, true)) + .where(and(eq(staff.isSuperUser, true), eq(staff.active, true))) .limit(2); if (superUserCount.length <= 1) { return c.json( @@ -142,7 +142,7 @@ staffRouter.delete("/:id", async (c) => { const superUserCount = await db .select({ id: staff.id }) .from(staff) - .where(eq(staff.isSuperUser, true)) + .where(and(eq(staff.isSuperUser, true), eq(staff.active, true))) .limit(2); if (superUserCount.length <= 1) { return c.json( -- 2.52.0 From c0e9c3798260b772f7b31b017d5d32456db91358 Mon Sep 17 00:00:00 2001 From: Barkley Trimsworth Date: Mon, 30 Mar 2026 13:55:55 +0000 Subject: [PATCH 21/21] ci: restore workflow_dispatch for manual CI trigger Co-Authored-By: Paperclip --- .github/workflows/ci.yml | 1 + 1 file changed, 1 insertion(+) diff --git a/.github/workflows/ci.yml b/.github/workflows/ci.yml index 0cd237f..739ad69 100644 --- a/.github/workflows/ci.yml +++ b/.github/workflows/ci.yml @@ -5,6 +5,7 @@ on: branches: [main] pull_request: branches: [main] + workflow_dispatch: jobs: lint-typecheck: -- 2.52.0
{h}
{s.name} {s.email} {s.role} + {s.isSuperUser ? ( + + Super User + + ) : ( + + )} + {s.active ? "Active" : "Inactive"} + {currentUser?.isSuperUser && ( + <> + + + )}