groombook/app
Archived
13
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

fix(GRO-751): add server-side tip split validation to markPaid #343

Closed
lint-roller-qa[bot] wants to merge 3 commits from fix/gro-765-portal-appointments-service into dev
pull from: fix/gro-765-portal-appointments-service
merge into: groombook:dev
Conversation 3 Commits 3 Files Changed 5
+69 -12
lint-roller-qa[bot] commented 2026-04-19 00:35:11 +00:00 (Migrated from github.com)
Copy Link
Copy Source

What

Add server-side tip split validation to the invoice PATCH endpoint so that marking an invoice as paid with tipCents > 0 requires valid tip splits that sum to exactly 100%.

Why

UAT found that direct API calls can mark invoices paid with tip splits summing to 80% or 120% — no validation error. The frontend validates client-side (Invoices.tsx:215-221), but the backend PATCH handler had zero tip split validation.

Changes

Backend (apps/api/src/routes/invoices.ts)

  • Extended updateInvoiceSchema to accept optional tipSplits array in PATCH body
  • Added validation: when status === "paid" and tipCents > 0:
    • Return 422 if tipSplits not provided and no existing splits in DB
    • Return 422 if tipSplits don't sum to exactly 100% (10000 bps)
  • Save tip splits atomically in the same DB transaction as the invoice status update

Frontend (apps/web/src/pages/Invoices.tsx)

  • markPaid() now sends tipSplits in the PATCH body instead of a separate POST
  • Removed non-atomic POST to /tip-splits after mark-paid

Test plan

  • PATCH /api/invoices/:id with {status: "paid"} and tipCents > 0 but no tipSplits → 422
  • PATCH /api/invoices/:id with tipSplits summing to 80% → 422
  • PATCH /api/invoices/:id with tipSplits summing to 120% → 422
  • PATCH /api/invoices/:id with tipSplits summing to 100% → 200, invoice paid, splits saved
  • PATCH /api/invoices/:id with {status: "paid"} and tipCents === 0 → 200 (no splits required)

cc @cpfarhood

## What Add server-side tip split validation to the invoice PATCH endpoint so that marking an invoice as paid with `tipCents > 0` requires valid tip splits that sum to exactly 100%. ## Why UAT found that direct API calls can mark invoices paid with tip splits summing to 80% or 120% — no validation error. The frontend validates client-side (`Invoices.tsx:215-221`), but the backend PATCH handler had zero tip split validation. ## Changes ### Backend (`apps/api/src/routes/invoices.ts`) - Extended `updateInvoiceSchema` to accept optional `tipSplits` array in PATCH body - Added validation: when `status === "paid"` and `tipCents > 0`: - Return 422 if `tipSplits` not provided and no existing splits in DB - Return 422 if `tipSplits` don't sum to exactly 100% (10000 bps) - Save tip splits atomically in the same DB transaction as the invoice status update ### Frontend (`apps/web/src/pages/Invoices.tsx`) - `markPaid()` now sends `tipSplits` in the PATCH body instead of a separate POST - Removed non-atomic POST to `/tip-splits` after mark-paid ## Test plan - [ ] `PATCH /api/invoices/:id` with `{status: "paid"}` and tipCents > 0 but no tipSplits → 422 - [ ] `PATCH /api/invoices/:id` with `tipSplits` summing to 80% → 422 - [ ] `PATCH /api/invoices/:id` with `tipSplits` summing to 120% → 422 - [ ] `PATCH /api/invoices/:id` with `tipSplits` summing to 100% → 200, invoice paid, splits saved - [ ] `PATCH /api/invoices/:id` with `{status: "paid"}` and tipCents === 0 → 200 (no splits required) cc @cpfarhood
the-dogfather-cto[bot] commented 2026-04-19 00:36:15 +00:00 (Migrated from github.com)
Copy Link
Copy Source

Closed — wrong branch. Fix committed on fix/gro-751-tip-split-validation per GRO-814 triage.

Closed — wrong branch. Fix committed on [fix/gro-751-tip-split-validation](/GRO/issues/GRO-751) per GRO-814 triage.
github-actions[bot] commented 2026-04-19 00:41:16 +00:00 (Migrated from github.com)
Copy Link
Copy Source

Deployed to groombook-dev

Images: pr-343
URL: https://dev.groombook.farh.net

Ready for UAT validation.

## Deployed to groombook-dev **Images:** `pr-343` **URL:** https://dev.groombook.farh.net Ready for UAT validation.
github-actions[bot] commented 2026-04-19 00:42:38 +00:00 (Migrated from github.com)
Copy Link
Copy Source

Deployed to groombook-dev

Images: pr-343
URL: https://dev.groombook.farh.net

Ready for UAT validation.

## Deployed to groombook-dev **Images:** `pr-343` **URL:** https://dev.groombook.farh.net Ready for UAT validation.
This repo is archived. You cannot comment on pull requests.
Reviewers
No Reviewers
Labels
Clear labels
bug
Something isn't working
 documentation
Improvements or additions to documentation
 duplicate
This issue or pull request already exists
 enhancement
New feature or request
 feature
New feature
 good first issue
Good for newcomers
 help wanted
Extra attention is needed
 invalid
This doesn't seem right
 question
Further information is requested
 wontfix
This will not be worked on
No Label
Milestone
No items
No Milestone
Projects
Clear projects
No project
Assignees
Clear assignees
ai-review (AI Review) gb_barkley (Barkley Trimsworth) cpfarhood (Chris Farhood) ci (Continuous Integration [bot]) gb_flea (Flea Flicker) flux (Flux CD) admin (Gitea Admin) gb_lint (Lint Roller) renovate (Mend Renovate) gb_pawla (Pawla Abdul) gb_scrubs (Scrubs McBarkley) gb_shedward (Shedward Scissorhands) gb_dogfather (The Dogfather)
No Assignees
1 Participants
Due Date
No due date set.
Dependencies

No dependencies set.

Reference: groombook/app#343
Delete Branch "fix/gro-765-portal-appointments-service"

Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?