228 lines
6.1 KiB
TypeScript
228 lines
6.1 KiB
TypeScript
import { NextRequest, NextResponse } from 'next/server';
|
|
import { getServerSession } from 'next-auth';
|
|
import { authOptions } from '@/lib/auth';
|
|
import { db } from '@/lib/db';
|
|
import { z } from 'zod';
|
|
import { Decimal } from '@prisma/client/runtime/library';
|
|
|
|
interface RouteContext {
|
|
params: Promise<{ id: string }>;
|
|
}
|
|
|
|
// Validation schema for payment
|
|
const paymentSchema = z.object({
|
|
paymentType: z.enum(['CASH', 'CARD', 'TRANSFER', 'MEMBERSHIP', 'FREE']),
|
|
amount: z.number().positive('Amount must be greater than 0').optional(),
|
|
reference: z.string().max(100).optional(),
|
|
notes: z.string().max(500).optional(),
|
|
cashRegisterId: z.string().uuid().optional(),
|
|
});
|
|
|
|
// POST /api/bookings/[id]/pay - Mark booking as paid
|
|
export async function POST(
|
|
request: NextRequest,
|
|
context: RouteContext
|
|
) {
|
|
try {
|
|
const session = await getServerSession(authOptions);
|
|
|
|
if (!session?.user) {
|
|
return NextResponse.json(
|
|
{ error: 'Unauthorized' },
|
|
{ status: 401 }
|
|
);
|
|
}
|
|
|
|
const { id } = await context.params;
|
|
|
|
// Verify booking exists and belongs to user's organization
|
|
const existingBooking = await db.booking.findFirst({
|
|
where: {
|
|
id,
|
|
site: {
|
|
organizationId: session.user.organizationId,
|
|
},
|
|
},
|
|
include: {
|
|
client: true,
|
|
payments: true,
|
|
},
|
|
});
|
|
|
|
if (!existingBooking) {
|
|
return NextResponse.json(
|
|
{ error: 'Booking not found' },
|
|
{ status: 404 }
|
|
);
|
|
}
|
|
|
|
// If user is SITE_ADMIN, verify they have access to this site
|
|
if (session.user.role === 'SITE_ADMIN' && session.user.siteId !== existingBooking.siteId) {
|
|
return NextResponse.json(
|
|
{ error: 'You do not have permission to process payments for this booking' },
|
|
{ status: 403 }
|
|
);
|
|
}
|
|
|
|
// Check if booking is already cancelled
|
|
if (existingBooking.status === 'CANCELLED') {
|
|
return NextResponse.json(
|
|
{ error: 'Cannot process payment for a cancelled booking' },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
// Check if booking is already fully paid
|
|
const totalPaid = existingBooking.payments.reduce(
|
|
(sum, p) => sum + Number(p.amount),
|
|
0
|
|
);
|
|
const totalPrice = Number(existingBooking.totalPrice);
|
|
|
|
if (totalPaid >= totalPrice) {
|
|
return NextResponse.json(
|
|
{ error: 'The booking is already fully paid' },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
const body = await request.json();
|
|
|
|
// Validate input
|
|
const validationResult = paymentSchema.safeParse(body);
|
|
if (!validationResult.success) {
|
|
return NextResponse.json(
|
|
{
|
|
error: 'Invalid payment data',
|
|
details: validationResult.error.flatten().fieldErrors,
|
|
},
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
const { paymentType, amount, reference, notes, cashRegisterId } = validationResult.data;
|
|
|
|
// Calculate payment amount
|
|
const remainingAmount = totalPrice - totalPaid;
|
|
const paymentAmount = amount !== undefined ? Math.min(amount, remainingAmount) : remainingAmount;
|
|
|
|
if (paymentAmount <= 0) {
|
|
return NextResponse.json(
|
|
{ error: 'Payment amount must be greater than 0' },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
|
|
// If cash register is provided, verify it exists and is open
|
|
if (cashRegisterId) {
|
|
const cashRegister = await db.cashRegister.findFirst({
|
|
where: {
|
|
id: cashRegisterId,
|
|
siteId: existingBooking.siteId,
|
|
closedAt: null, // Only open registers
|
|
},
|
|
});
|
|
|
|
if (!cashRegister) {
|
|
return NextResponse.json(
|
|
{ error: 'Cash register not found or is not open' },
|
|
{ status: 400 }
|
|
);
|
|
}
|
|
}
|
|
|
|
// Use transaction for atomicity
|
|
const result = await db.$transaction(async (tx) => {
|
|
// Create payment record
|
|
const payment = await tx.payment.create({
|
|
data: {
|
|
bookingId: id,
|
|
clientId: existingBooking.clientId,
|
|
amount: new Decimal(paymentAmount),
|
|
paymentType,
|
|
reference: reference || null,
|
|
notes: notes || null,
|
|
cashRegisterId: cashRegisterId || null,
|
|
},
|
|
});
|
|
|
|
// Calculate new total paid
|
|
const newTotalPaid = totalPaid + paymentAmount;
|
|
const isFullyPaid = newTotalPaid >= totalPrice;
|
|
|
|
// Update booking
|
|
const updatedBooking = await tx.booking.update({
|
|
where: { id },
|
|
data: {
|
|
paidAmount: new Decimal(newTotalPaid),
|
|
paymentType,
|
|
// Set status to CONFIRMED if fully paid and was pending
|
|
...(isFullyPaid && existingBooking.status === 'PENDING' && {
|
|
status: 'CONFIRMED',
|
|
}),
|
|
},
|
|
include: {
|
|
court: {
|
|
select: {
|
|
id: true,
|
|
name: true,
|
|
type: true,
|
|
pricePerHour: true,
|
|
},
|
|
},
|
|
client: {
|
|
select: {
|
|
id: true,
|
|
firstName: true,
|
|
lastName: true,
|
|
email: true,
|
|
phone: true,
|
|
},
|
|
},
|
|
site: {
|
|
select: {
|
|
id: true,
|
|
name: true,
|
|
timezone: true,
|
|
},
|
|
},
|
|
payments: {
|
|
select: {
|
|
id: true,
|
|
amount: true,
|
|
paymentType: true,
|
|
reference: true,
|
|
notes: true,
|
|
createdAt: true,
|
|
},
|
|
orderBy: {
|
|
createdAt: 'desc',
|
|
},
|
|
},
|
|
},
|
|
});
|
|
|
|
return {
|
|
booking: updatedBooking,
|
|
payment,
|
|
isFullyPaid,
|
|
};
|
|
});
|
|
|
|
return NextResponse.json({
|
|
message: result.isFullyPaid
|
|
? 'Payment completed. The booking has been confirmed.'
|
|
: 'Partial payment recorded successfully.',
|
|
booking: result.booking,
|
|
payment: result.payment,
|
|
remainingAmount: Math.max(0, totalPrice - (totalPaid + paymentAmount)),
|
|
});
|
|
} catch (error) {
|
|
console.error('Error processing payment:', error);
|
|
return NextResponse.json(
|
|
{ error: 'Error processing payment' },
|
|
{ status: 500 }
|
|
);
|
|
}
|
|
}
|