Phase 3.7: paid pairing flow + returning chat + extension flip

- Backend: payment_sessions + pairing_failures tables; payment.service.js and pairing-failure.service.js (new); rewritten pairing.service.js (payment-gated blast + targeted "Curhat lagi" + cancel + fallback); rewritten extension.service.js (data-driven auto-approve with offline safeguard, charge-at-approval); pricing.service.js (extension tiers without free trial); mitra-status.service.js (countAvailableMitras cached path); 60s sweeper for stale payment sessions - Backend routes: client.payment.routes, client.mitra-availability.routes, internal/failed-pairings.routes; client.chat.routes rewritten for payment-gated start + /returning + /cancel + /fallback-to-blast; internal/config.routes adds 4 new keys with Valkey invalidate publish - client_app: mitra-availability poll, payment screen + notifier, pairing notifier rewrite (PairingTargetedWaiting + PairingFailed states), targeted-waiting overlay + bestie-unavailable dialog, "Curhat lagi" CTA, failed-pairing terminal, extension via payment-session - mitra_app: PairingRequestType enum, returning-chat 20s countdown auto-dismiss, extension card "otomatis disetujui" copy - control_center: 4 new config rows in Settings, Failed Pairings page (filter + paginate + action menu), sidebar + route registered - Test infrastructure: Vitest backend (7/7 pass), Playwright CC (4/4 pass), Maestro mobile scaffold (CLI install pending) - Bugs found via Playwright + fixed: LoginPage labels not associated with inputs (a11y); backend internal CORS missing PATCH/PUT/DELETE in allow-methods (silent settings breakage in browsers since Stage 4) - Docs: phase3.7.md PRD, phase3.7-plan.md, phase3.7-questions.md (Q&A), phase3.7-testing.md (E2E checklist), phase3.7-test-run-2026-05-03.md (today's run results) Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
2026-05-03 23:02:49 +08:00
parent f3766813f3
commit d09e50af55
92 changed files with 9579 additions and 437 deletions
--- a/backend/test/services/payment.service.test.js
+++ b/backend/test/services/payment.service.test.js
@@ -0,0 +1,85 @@
+import { describe, it, expect, beforeAll, beforeEach, afterAll } from 'vitest'
+import {
+  createPaymentSession,
+  confirmPaymentSession,
+  getPaymentSession,
+} from '../../src/services/payment.service.js'
+import { PaymentSessionStatus } from '../../src/constants.js'
+import { resetDb, resetAppConfig } from '../helpers/db.js'
+import { createCustomer } from '../helpers/fixtures.js'
+
+describe('payment.service', () => {
+  let customer
+  let otherCustomer
+
+  beforeAll(async () => {
+    await resetAppConfig()
+  })
+
+  beforeEach(async () => {
+    await resetDb()
+    customer = await createCustomer({ callName: 'Alice' })
+    otherCustomer = await createCustomer({ callName: 'Bob' })
+  })
+
+  afterAll(async () => {
+    // Leave the seeded users alone for the next test file's speed.
+  })
+
+  it('createPaymentSession writes a row with status pending and expires_at in the future', async () => {
+    const before = Date.now()
+    const session = await createPaymentSession({
+      customerId: customer.id,
+      durationMinutes: 15,
+      amount: 30000,
+    })
+
+    expect(session.status).toBe(PaymentSessionStatus.PENDING)
+    expect(session.customer_id).toBe(customer.id)
+    expect(session.duration_minutes).toBe(15)
+    expect(session.amount).toBe(30000)
+    expect(session.is_free_trial).toBe(false)
+    expect(session.is_extension).toBe(false)
+    expect(new Date(session.expires_at).getTime()).toBeGreaterThan(before)
+
+    // Verify it's actually persisted (not just returned from the INSERT)
+    const reloaded = await getPaymentSession(session.id)
+    expect(reloaded.id).toBe(session.id)
+    expect(reloaded.status).toBe(PaymentSessionStatus.PENDING)
+  })
+
+  it('confirmPaymentSession transitions pending → confirmed', async () => {
+    const session = await createPaymentSession({
+      customerId: customer.id,
+      durationMinutes: 30,
+      amount: 60000,
+    })
+    expect(session.status).toBe(PaymentSessionStatus.PENDING)
+
+    const confirmed = await confirmPaymentSession(session.id, customer.id)
+
+    expect(confirmed.status).toBe(PaymentSessionStatus.CONFIRMED)
+    expect(confirmed.confirmed_at).toBeTruthy()
+    expect(new Date(confirmed.confirmed_at).getTime()).toBeGreaterThan(0)
+  })
+
+  it('confirmPaymentSession throws when the session belongs to a different customer', async () => {
+    const session = await createPaymentSession({
+      customerId: customer.id,
+      durationMinutes: 15,
+      amount: 30000,
+    })
+
+    await expect(
+      confirmPaymentSession(session.id, otherCustomer.id),
+    ).rejects.toMatchObject({
+      code: 'FORBIDDEN',
+      statusCode: 403,
+    })
+
+    // Row should still be pending — the failed confirm must not have side effects.
+    const reloaded = await getPaymentSession(session.id)
+    expect(reloaded.status).toBe(PaymentSessionStatus.PENDING)
+    expect(reloaded.confirmed_at).toBeNull()
+  })
+})