Files

Ramadhan Sjamsani 3a0cdf5c4e Phase 5/6 polish: end-session flow, notif sound on API 33+, Xendit webview

Customer end-of-session (figma §6):
- PricingBottomSheet: ghost "cukup, akhiri sesi" CTA + dedup divider
- chat_screen._runEndSessionFlow chains ConfirmEndStep1 → ConfirmEndStep2
  → ClosingMessageSheet (or "lewati saja" → close + /home). The four
  popup/sheet widgets already existed; this commit just wires them
- showModalBottomSheet: showDragHandle=false to suppress the Material 3
  auto-injected handle that was stacking with our own pill

Notification sound on API 33+:
- Bump channel halobestie_chat_v1 → halobestie_chat_v2, created from
  native Kotlin in MainActivity.kt with AudioAttributes contentType
  CONTENT_TYPE_SONIFICATION. flutter_local_notifications' default of
  CONTENT_TYPE_UNKNOWN was causing Android 13 to silently drop audio
  focus while the notification still posted (isNoisy=true). Both apps
- Backend FCM payload channelId updated to v2
- AndroidManifest meta-data: default_notification_icon + color → brand
  silhouette tinted pink instead of generic Android bell. Both apps

Customer pairing reliability:
- pairing_notifier: applyPairedFromPush({sessionId, mitraName}) unsticks
  searching screen when WS push failed and FCM/active-session-poll is
  the first signal. Idempotent across PairingSearchingData,
  PairingTargetedWaitingData, PairingErrorData (covers ALREADY_ACTIVE)
- notification_service: dispatches every FCM data payload to an
  onDataMessage callback (foreground + tap + cold-start). main.dart
  wires that to applyPairedFromPush on type=='paired'. Foreground
  'paired' no longer renders a local banner — screen self-advances
- main.dart activeSession listener also calls applyPairedFromPush when
  a session appears server-side while pairing is in a waiting state.
  Covers stale ALREADY_ACTIVE recovery without a full page refresh

Auth refresh token race:
- auth_notifier._refreshFromStorage shares a single in-flight Future
  across all callers (Auth.build + 401-retry path). Backend rotates
  refresh tokens, so concurrent callers using the same stored token
  would race → loser 401s → catch wipes flutter_secure_storage → user
  appears logged out after kill+reopen

Polish:
- method_pick_screen: resizeToAvoidBottomInset=false — prevents the
  one-frame overflow when entering with the previous screen's keyboard
  still animating out
- bestie_history: BestieHistoryItem now carries `status` (backend
  already returns it). Removed _rawHistoryProvider that fetched the
  same endpoint just to read status; the two providers could go out
  of sync mid-rebuild and throw RangeError(length) on indexing

Xendit Stage 8 (carried from WIP):
- xendit_checkout_screen: embedded webview hosting Xendit's invoice
  page (intercepts halobestie:// deeplink + return-page URLs for
  deterministic pop)
- waiting_payment_screen: auto-pushes the webview when the backend
  payload includes xendit_invoice_url; spinner card + "Buka ulang
  halaman pembayaran" CTA for the QR-fallback path
- pubspec: webview_flutter ^4.13.0

Maestro infra:
- subflows/onboarding_returning_user: drop the "Mulai" carousel wait
  (splash auto-advances since 2026-05-26); tap phone-field hint
  instead of point; drop hideKeyboard (sends BACK → /home when the
  IME isn't actually up)
- New flow ts-customer-06-01-end_session_via_timeup_sheet: drives
  the full path to the chat-expired banner. Last step blocked by a
  Maestro+Flutter gesture quirk on the perpanjang ElevatedButton
  (raw `adb input tap` works at the same coords). Documented in
  memory; deeplink fixture or manual verify recommended
- ChatExpiredBanner button wrapped with Semantics(identifier:
  'chat_extend_button', button: true, onTap: …) — good hygiene for
  future tests even though it doesn't fix the dadb tap issue

.dev/: tracked wsl_emulator_bridge.ps1 + wsl_tcp_relay.py for
Maestro-on-WSL setup (Windows-side netsh portproxy + WSL-side
loopback relays). Both referenced from existing CLAUDE.md notes.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>

2026-05-28 21:45:46 +08:00

Pricing: migrate from app_config JSON to relational tables

2026-05-16 00:12:11 +08:00

helpers

Xendit webhook: metadata.app routing + survival audit log + rolling fallback file

2026-05-25 22:09:14 +08:00

routes

Phase 5.x payment revamp + Xendit Stage-8 prep

2026-05-27 21:33:51 +08:00

services

Phase 5/6 polish: end-session flow, notif sound on API 33+, Xendit webview

2026-05-28 21:45:46 +08:00

README.md

…

setup.js

…

README.md

Backend tests (Vitest)

Vitest scaffolding for the Halo Bestie Fastify backend. Three sample tests exist to demonstrate the patterns; broader coverage will be filled in incrementally.

Strategy: schema-isolated remote DB (default)

The remote dev role on omv.sjamsani.id does not have CREATE DATABASE privilege, so the chosen isolation mechanism is a separate schema inside the existing halobestie_clone database. The migration runs into a halobestie_test schema (driven by ?options=-c search_path=... on the test DB URL), leaving the dev public schema untouched.

Valkey isolation uses a separate logical db number (/1) on the same instance.

Why not Docker?

Docker availability could not be verified inside the agent sandbox at scaffold time. A docker-compose.test.yml exists for users who prefer ephemeral local containers — see "Switching to local Docker" below.

Why not a separate Postgres database?

The dev role is non-superuser and lacks CREATE DATABASE. Schema isolation gives us the same isolation guarantee (test tables live in their own namespace) without requiring a privilege bump.

Setup

Copy .env.test.example → .env.test:
```
cp .env.test.example .env.test
```
Adjust TEST_DATABASE_URL / TEST_VALKEY_URL if your dev DB is elsewhere.

(Optional) Verify connectivity:

node -e "import('postgres').then(({default:p})=>{const s=p(process.env.TEST_DATABASE_URL);s\`SELECT 1\`.then(console.log).finally(()=>s.end())})"

The halobestie_test schema and all test tables are created automatically the first time npm test runs (idempotent — re-running npm test is safe).

Running

npm test              # one-shot run
npm run test:watch    # re-run on file change
npm run test:coverage # plus coverage report under coverage/

Required environment variables

Var	Default	Purpose
`TEST_DATABASE_URL`	`postgresql://halobestie_clone:halobestie_clone@omv.sjamsani.id:5432/halobestie_clone`	Same as dev — schema isolates
`TEST_DB_SCHEMA`	`halobestie_test`	Schema name for test tables. Hard-rejected if set to `public`
`TEST_VALKEY_URL`	`redis://omv.sjamsani.id:6379/1`	Note the `/1` — separate logical db from dev
`AUTH_JWT_SECRET`	(must be ≥ 32 chars)	Signs JWTs the prod `authenticate` plugin verifies. Test value can differ from dev
`ACCESS_TOKEN_TTL_SECONDS`	`3600`	Optional
`REFRESH_TOKEN_TTL_DAYS`	`30`	Optional
`CC_ORIGIN`	`http://localhost:5173`	Required by the internal app's CORS config

Adding a new test

Templates by type:

Test type	Template	Sample
Pure service	uses `db()` + fixtures	`test/services/payment.service.test.js`
Service with mocked WS/FCM	`vi.mock('../../src/plugins/websocket.js')` at top	`test/services/pairing.service.test.js`
Route (HTTP-free via inject)	`app.inject({ method, url, headers, payload })`	`test/routes/client.payment.routes.test.js`

Helpers (under test/helpers/):

db.js — db() returns the shared sql client; resetDb() truncates Phase 3.7 + dependent tables; resetAppConfig() restores config defaults.
valkey.js — getTestValkey() for direct keyspace assertions; flushTestDb() to wipe between tests.
server.js — buildPublic() / buildInternal() for route tests.
jwt.js — customerJwt(id), mitraJwt(id), ccJwt(id) mint tokens the prod authenticate plugin accepts. authHeader(token) builds the header.
fixtures.js — createCustomer(), createMitra({ isOnline }).

Patterns to follow (from the sample tests):

Always import status / cause values from ../../src/constants.js — never hard-code 'pending', 'all_mitras_rejected', etc. (See project memory: "Use Enums for Fixed Values".)
Mock ../../src/plugins/websocket.js and ../../src/services/notification.service.js for any test that touches pairing / extension / closure — they fan out via WS + FCM and you don't want either to fire on a real socket / Firebase project.
Call resetDb() in beforeEach, resetAppConfig() once in beforeAll (or in afterEach if your test mutates config).

Isolation notes

Tests run sequentially (fileParallelism: false, sequence.concurrent: false) because they share one DB schema and one Valkey db. If you ever need parallelism: switch to per-test transactions (BEGIN in beforeEach, ROLLBACK in afterEach) or per-test schemas (CREATE SCHEMA test_${random}) and update vitest.config.js.

Switching to local Docker

If you'd rather run an isolated, throwaway Postgres + Valkey on your machine:

docker compose -f docker-compose.test.yml up -d
# In .env.test:
TEST_DATABASE_URL=postgresql://test:test@localhost:55432/halobestie_test
TEST_DB_SCHEMA=public
TEST_VALKEY_URL=redis://localhost:56379/0

npm test
docker compose -f docker-compose.test.yml down -v

The non-default ports (55432, 56379) avoid clashing with any local Postgres / Redis you have running. Note TEST_DB_SCHEMA=public is OK in the Docker case because the whole database is throwaway — schema isolation is only required when sharing with the dev DB.

Safety guards

setup.js hard-fails if TEST_DB_SCHEMA === 'public' AND TEST_DATABASE_URL looks like the dev DB. (Schema reuse on the dev DB would clobber dev tables.)
setup.js hard-fails if any required env var is missing — silent fallback to dev URLs would be catastrophic.
The migration runs as a child process (not in-process) so its sql.end() at the bottom doesn't tear down the singleton this test process shares with services.