consultoria-as/app-padel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

feat(api): add bookings CRUD and payment endpoints

Browse Source 
- Add bookings list/create API with filters (siteId, date, status)
- Add booking detail, update, and delete endpoints
- Add payment processing endpoint with transaction support
- Add clients list/search and create API
- Implement membership discounts (free hours and percentage)
- Validate requests with Zod schemas from shared package
- Include Spanish error messages

Co-Authored-By: Claude Opus 4.5 <noreply@anthropic.com>
This commit is contained in:
Ivan
2026-02-01 06:44:54 +00:00
parent d3413c727f
commit ef21748191
6 changed files with 3209 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

227
apps/web/app/api/bookings/[id]/pay/route.ts Normal file
View File

@@ -0,0 +1,227 @@
import { NextRequest, NextResponse } from 'next/server';
import { getServerSession } from 'next-auth';
import { authOptions } from '@/lib/auth';
import { db } from '@/lib/db';
import { z } from 'zod';
import { Decimal } from '@prisma/client/runtime/library';
interface RouteContext {
params: Promise<{ id: string }>;
}
// Validation schema for payment
const paymentSchema = z.object({
paymentType: z.enum(['CASH', 'CARD', 'TRANSFER', 'MEMBERSHIP', 'FREE']),
amount: z.number().positive('El monto debe ser mayor a 0').optional(),
reference: z.string().max(100).optional(),
notes: z.string().max(500).optional(),
cashRegisterId: z.string().uuid().optional(),
});
// POST /api/bookings/[id]/pay - Mark booking as paid
export async function POST(
request: NextRequest,
context: RouteContext
) {
try {
const session = await getServerSession(authOptions);
if (!session?.user) {
return NextResponse.json(
{ error: 'No autorizado' },
{ status: 401 }
);
}
const { id } = await context.params;
// Verify booking exists and belongs to user's organization
const existingBooking = await db.booking.findFirst({
where: {
id,
site: {
organizationId: session.user.organizationId,
},
},
include: {
client: true,
payments: true,
},
});
if (!existingBooking) {
return NextResponse.json(
{ error: 'Reserva no encontrada' },
{ status: 404 }
);
}
// If user is SITE_ADMIN, verify they have access to this site
if (session.user.role === 'SITE_ADMIN' && session.user.siteId !== existingBooking.siteId) {
return NextResponse.json(
{ error: 'No tiene permiso para procesar pagos en esta reserva' },
{ status: 403 }
);
}
// Check if booking is already cancelled
if (existingBooking.status === 'CANCELLED') {
return NextResponse.json(
{ error: 'No se puede procesar el pago de una reserva cancelada' },
{ status: 400 }
);
}
// Check if booking is already fully paid
const totalPaid = existingBooking.payments.reduce(
(sum, p) => sum + Number(p.amount),
0
);
const totalPrice = Number(existingBooking.totalPrice);
if (totalPaid >= totalPrice) {
return NextResponse.json(
{ error: 'La reserva ya está completamente pagada' },
{ status: 400 }
);
}
const body = await request.json();
// Validate input
const validationResult = paymentSchema.safeParse(body);
if (!validationResult.success) {
return NextResponse.json(
{
error: 'Datos de pago inválidos',
details: validationResult.error.flatten().fieldErrors,
},
{ status: 400 }
);
}
const { paymentType, amount, reference, notes, cashRegisterId } = validationResult.data;
// Calculate payment amount
const remainingAmount = totalPrice - totalPaid;
const paymentAmount = amount !== undefined ? Math.min(amount, remainingAmount) : remainingAmount;
if (paymentAmount <= 0) {
return NextResponse.json(
{ error: 'El monto del pago debe ser mayor a 0' },
{ status: 400 }
);
}
// If cash register is provided, verify it exists and is open
if (cashRegisterId) {
const cashRegister = await db.cashRegister.findFirst({
where: {
id: cashRegisterId,
siteId: existingBooking.siteId,
closedAt: null, // Only open registers
},
});
if (!cashRegister) {
return NextResponse.json(
{ error: 'Caja registradora no encontrada o no está abierta' },
{ status: 400 }
);
}
}
// Use transaction for atomicity
const result = await db.$transaction(async (tx) => {
// Create payment record
const payment = await tx.payment.create({
data: {
bookingId: id,
clientId: existingBooking.clientId,
amount: new Decimal(paymentAmount),
paymentType,
reference: reference || null,
notes: notes || null,
cashRegisterId: cashRegisterId || null,
},
});
// Calculate new total paid
const newTotalPaid = totalPaid + paymentAmount;
const isFullyPaid = newTotalPaid >= totalPrice;
// Update booking
const updatedBooking = await tx.booking.update({
where: { id },
data: {
paidAmount: new Decimal(newTotalPaid),
paymentType,
// Set status to CONFIRMED if fully paid and was pending
...(isFullyPaid && existingBooking.status === 'PENDING' && {
status: 'CONFIRMED',
}),
},
include: {
court: {
select: {
id: true,
name: true,
type: true,
pricePerHour: true,
},
},
client: {
select: {
id: true,
firstName: true,
lastName: true,
email: true,
phone: true,
},
},
site: {
select: {
id: true,
name: true,
timezone: true,
},
},
payments: {
select: {
id: true,
amount: true,
paymentType: true,
reference: true,
notes: true,
createdAt: true,
},
orderBy: {
createdAt: 'desc',
},
},
},
});
return {
booking: updatedBooking,
payment,
isFullyPaid,
};
});
return NextResponse.json({
message: result.isFullyPaid
? 'Pago completado. La reserva ha sido confirmada.'
: 'Pago parcial registrado exitosamente.',
booking: result.booking,
payment: result.payment,
remainingAmount: Math.max(0, totalPrice - (totalPaid + paymentAmount)),
});
} catch (error) {
console.error('Error processing payment:', error);
return NextResponse.json(
{ error: 'Error al procesar el pago' },
{ status: 500 }
);
}
}

357
apps/web/app/api/bookings/[id]/route.ts Normal file
View File

@@ -0,0 +1,357 @@
import { NextRequest, NextResponse } from 'next/server';
import { getServerSession } from 'next-auth';
import { authOptions } from '@/lib/auth';
import { db } from '@/lib/db';
import { z } from 'zod';
interface RouteContext {
params: Promise<{ id: string }>;
}
// Validation schema for updating booking
const updateBookingSchema = z.object({
status: z.enum(['PENDING', 'CONFIRMED', 'CANCELLED', 'COMPLETED', 'NO_SHOW']).optional(),
notes: z.string().max(500).optional(),
cancelReason: z.string().max(500).optional(),
playerNames: z.array(z.string()).optional(),
});
// GET /api/bookings/[id] - Get a single booking by ID
export async function GET(
request: NextRequest,
context: RouteContext
) {
try {
const session = await getServerSession(authOptions);
if (!session?.user) {
return NextResponse.json(
{ error: 'No autorizado' },
{ status: 401 }
);
}
const { id } = await context.params;
const booking = await db.booking.findFirst({
where: {
id,
site: {
organizationId: session.user.organizationId,
},
},
include: {
court: {
select: {
id: true,
name: true,
type: true,
status: true,
pricePerHour: true,
features: true,
},
},
client: {
select: {
id: true,
firstName: true,
lastName: true,
email: true,
phone: true,
level: true,
notes: true,
},
},
site: {
select: {
id: true,
name: true,
slug: true,
address: true,
phone: true,
email: true,
timezone: true,
},
},
createdBy: {
select: {
id: true,
firstName: true,
lastName: true,
email: true,
},
},
payments: {
select: {
id: true,
amount: true,
paymentType: true,
reference: true,
notes: true,
createdAt: true,
},
orderBy: {
createdAt: 'desc',
},
},
},
});
if (!booking) {
return NextResponse.json(
{ error: 'Reserva no encontrada' },
{ status: 404 }
);
}
return NextResponse.json(booking);
} catch (error) {
console.error('Error fetching booking:', error);
return NextResponse.json(
{ error: 'Error al obtener la reserva' },
{ status: 500 }
);
}
}
// PUT /api/bookings/[id] - Update a booking
export async function PUT(
request: NextRequest,
context: RouteContext
) {
try {
const session = await getServerSession(authOptions);
if (!session?.user) {
return NextResponse.json(
{ error: 'No autorizado' },
{ status: 401 }
);
}
const { id } = await context.params;
// Verify booking exists and belongs to user's organization
const existingBooking = await db.booking.findFirst({
where: {
id,
site: {
organizationId: session.user.organizationId,
},
},
include: {
site: true,
},
});
if (!existingBooking) {
return NextResponse.json(
{ error: 'Reserva no encontrada' },
{ status: 404 }
);
}
// If user is SITE_ADMIN, verify they have access to this site
if (session.user.role === 'SITE_ADMIN' && session.user.siteId !== existingBooking.siteId) {
return NextResponse.json(
{ error: 'No tiene permiso para modificar esta reserva' },
{ status: 403 }
);
}
const body = await request.json();
// Validate input
const validationResult = updateBookingSchema.safeParse(body);
if (!validationResult.success) {
return NextResponse.json(
{
error: 'Datos de actualización inválidos',
details: validationResult.error.flatten().fieldErrors,
},
{ status: 400 }
);
}
const { status, notes, cancelReason, playerNames } = validationResult.data;
// Build update data
const updateData: {
status?: 'PENDING' | 'CONFIRMED' | 'CANCELLED' | 'COMPLETED' | 'NO_SHOW';
notes?: string | null;
cancelReason?: string | null;
cancelledAt?: Date | null;
playerNames?: string[];
} = {};
if (status !== undefined) {
updateData.status = status;
// If cancelling, set cancellation timestamp
if (status === 'CANCELLED') {
updateData.cancelledAt = new Date();
if (cancelReason) {
updateData.cancelReason = cancelReason;
}
}
}
if (notes !== undefined) {
updateData.notes = notes || null;
}
if (playerNames !== undefined) {
updateData.playerNames = playerNames;
}
const booking = await db.booking.update({
where: { id },
data: updateData,
include: {
court: {
select: {
id: true,
name: true,
type: true,
pricePerHour: true,
},
},
client: {
select: {
id: true,
firstName: true,
lastName: true,
email: true,
phone: true,
},
},
site: {
select: {
id: true,
name: true,
timezone: true,
},
},
},
});
return NextResponse.json(booking);
} catch (error) {
console.error('Error updating booking:', error);
return NextResponse.json(
{ error: 'Error al actualizar la reserva' },
{ status: 500 }
);
}
}
// DELETE /api/bookings/[id] - Cancel/delete a booking
export async function DELETE(
request: NextRequest,
context: RouteContext
) {
try {
const session = await getServerSession(authOptions);
if (!session?.user) {
return NextResponse.json(
{ error: 'No autorizado' },
{ status: 401 }
);
}
const { id } = await context.params;
// Verify booking exists and belongs to user's organization
const existingBooking = await db.booking.findFirst({
where: {
id,
site: {
organizationId: session.user.organizationId,
},
},
include: {
payments: true,
},
});
if (!existingBooking) {
return NextResponse.json(
{ error: 'Reserva no encontrada' },
{ status: 404 }
);
}
// If user is SITE_ADMIN, verify they have access to this site
if (session.user.role === 'SITE_ADMIN' && session.user.siteId !== existingBooking.siteId) {
return NextResponse.json(
{ error: 'No tiene permiso para cancelar esta reserva' },
{ status: 403 }
);
}
// Check if booking has payments
const hasPayments = existingBooking.payments.length > 0;
// Parse optional cancel reason from query params or body
let cancelReason = 'Cancelada por el administrador';
try {
const body = await request.json();
if (body.cancelReason) {
cancelReason = body.cancelReason;
}
} catch {
// No body provided, use default reason
}
if (hasPayments) {
// If there are payments, just cancel the booking (soft delete)
const booking = await db.booking.update({
where: { id },
data: {
status: 'CANCELLED',
cancelledAt: new Date(),
cancelReason,
},
});
return NextResponse.json({
message: 'Reserva cancelada exitosamente',
booking,
note: 'La reserva tiene pagos asociados, por lo que fue cancelada en lugar de eliminada',
});
} else {
// If no payments, allow hard delete for pending bookings only
if (existingBooking.status === 'PENDING') {
await db.booking.delete({
where: { id },
});
return NextResponse.json({
message: 'Reserva eliminada exitosamente',
});
} else {
// For non-pending bookings, soft delete
const booking = await db.booking.update({
where: { id },
data: {
status: 'CANCELLED',
cancelledAt: new Date(),
cancelReason,
},
});
return NextResponse.json({
message: 'Reserva cancelada exitosamente',
booking,
});
}
}
} catch (error) {
console.error('Error deleting booking:', error);
return NextResponse.json(
{ error: 'Error al cancelar la reserva' },
{ status: 500 }
);
}
}