Ramadhan Sjamsani
2c95fd040d
- Backend wraps idn-finlogos npm at /assets/payment-icons/<slug>.svg with
1y immutable cache. Mobile drops bundled SVGs (only placeholder remains)
and fetches via flutter_cache_manager. payment_methods.icon is now a
CSV of slugs; catalog emits icon_urls[]. CARDS tile renders Visa + MC +
JCB side by side.
- Per-method min/max amount bounds (BIGINT, nullable). Picker greys out
out-of-range tiles with subtitle; backend gates with INVALID_PAYMENT_AMOUNT
(422). Defense in depth against stale-catalog clients.
- Xendit channel codes corrected from authoritative docs
(BCA_VA -> BCA_VIRTUAL_ACCOUNT, CREDIT_CARD -> CARDS, ovo -> ovo-new,
shopeepay -> shopee-pay, ...). 18 methods x 5 groups seeded with
Xendit-published per-channel min/max.
- Re-runnable seed (ON CONFLICT DO NOTHING on payment_code + new unique
index on group name). Operator CC edits never clobbered across re-runs.
One-shot reset + inspect scripts under backend/.dev/.
- Customer redirect HTML pages at /payment/return/{success,failure},
brand-styled with "Buka HaloBestie" CTA firing halobestie:// deeplink.
URL scheme registered on Android (intent-filter w/ BROWSABLE on
MainActivity) and iOS (CFBundleURLTypes). Waiting-payment poller still
owns confirmation; deeplink just brings the activity to foreground.
- Control center payment-catalog page: min/max inputs + columns. Other
CC pages restyled with new theme tokens (separate work, bundled here).
169/169 backend tests pass. See requirement/phase5-payment-revamp-2026-05-27.md
for the full revamp doc. Stage 8 (E2E) still pending: webhook URL routing
decision + two client_app follow-ups (legacy /chat/request removal,
extension Custom Tab).
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
202 lines
7.5 KiB
JavaScript
202 lines
7.5 KiB
JavaScript
import { describe, it, expect, beforeAll, beforeEach, afterAll, vi } from 'vitest'
|
|
|
|
// The public app pulls in the websocket plugin which opens real WS upgrades on
|
|
// requests — out of scope for HTTP route tests. Mock it to a no-op.
|
|
vi.mock('../../src/plugins/websocket.js', () => ({
|
|
sendToUser: vi.fn(() => false),
|
|
sendToSessionParticipant: vi.fn(() => false),
|
|
registerWebSocketPlugin: vi.fn(async () => {}),
|
|
registerWebSocketRoute: vi.fn(),
|
|
isUserOnlineWs: vi.fn(() => false),
|
|
getSessionConnections: vi.fn(() => ({})),
|
|
}))
|
|
|
|
vi.mock('../../src/services/notification.service.js', () => ({
|
|
sendPushNotification: vi.fn(async () => true),
|
|
registerDeviceToken: vi.fn(async () => {}),
|
|
}))
|
|
|
|
const { buildPublic } = await import('../helpers/server.js')
|
|
const { resetDb, resetAppConfig, db } = await import('../helpers/db.js')
|
|
const { createCustomer } = await import('../helpers/fixtures.js')
|
|
const { customerJwt, authHeader } = await import('../helpers/jwt.js')
|
|
const { PaymentRequestStatus } = await import('../../src/constants.js')
|
|
|
|
describe('POST /api/client/payment-requests', () => {
|
|
let app
|
|
let customer
|
|
let token
|
|
|
|
beforeAll(async () => {
|
|
await resetAppConfig()
|
|
app = await buildPublic()
|
|
})
|
|
|
|
beforeEach(async () => {
|
|
await resetDb()
|
|
// Phone-verified customer (phone non-null) is required for first-session-discount
|
|
// eligibility under the Phase 4 predicate.
|
|
// Random suffix avoids the unique-phone constraint clashing with parallel test files.
|
|
const phone = `+628${Math.floor(Math.random() * 1e10).toString().padStart(10, '0')}`
|
|
customer = await createCustomer({ callName: 'PaymentTester', phone })
|
|
token = customerJwt(customer.id)
|
|
})
|
|
|
|
afterAll(async () => {
|
|
await app?.close()
|
|
})
|
|
|
|
it('happy path returns 201 + a pending payment-session row at the discounted price for an eligible customer', async () => {
|
|
const res = await app.inject({
|
|
method: 'POST',
|
|
url: '/api/client/payment-requests',
|
|
headers: authHeader(token),
|
|
// Discount duration default is 12 minutes (config seed). Eligible customer →
|
|
// amount forced to actual_price_idr (2000), is_first_session_discount=true.
|
|
payload: { duration_minutes: 12 },
|
|
})
|
|
|
|
expect(res.statusCode).toBe(201)
|
|
const body = res.json()
|
|
expect(body.success).toBe(true)
|
|
expect(body.data.status).toBe(PaymentRequestStatus.PENDING)
|
|
expect(body.data.duration_minutes).toBe(12)
|
|
expect(body.data.is_first_session_discount).toBe(true)
|
|
expect(body.data.amount).toBe(2000)
|
|
expect(body.data.is_extension).toBe(false)
|
|
expect(body.data.mode).toBe('chat')
|
|
|
|
// Verify persistence
|
|
const sql = db()
|
|
const [row] = await sql`SELECT * FROM payment_requests WHERE id = ${body.data.id}`
|
|
expect(row).toBeDefined()
|
|
expect(row.customer_id).toBe(customer.id)
|
|
})
|
|
|
|
it('non-eligible customer pays the standard tier price', async () => {
|
|
// Drop first-session-discount eligibility by inserting a completed session.
|
|
const sql = db()
|
|
await sql`
|
|
INSERT INTO chat_sessions (customer_id, status, duration_minutes, price)
|
|
VALUES (${customer.id}, 'completed', 12, 12000)
|
|
`
|
|
|
|
const res = await app.inject({
|
|
method: 'POST',
|
|
url: '/api/client/payment-requests',
|
|
headers: authHeader(token),
|
|
payload: { duration_minutes: 12 },
|
|
})
|
|
|
|
expect(res.statusCode).toBe(201)
|
|
const body = res.json()
|
|
expect(body.data.is_first_session_discount).toBe(false)
|
|
// 12-minute tier in Phase 4 chat tiers = 12000 IDR.
|
|
expect(body.data.amount).toBe(12000)
|
|
})
|
|
|
|
it('POST /:id/confirm transitions the row and returns 200', async () => {
|
|
// Use a non-discount tier (5 min @ 5000 IDR) so we exercise the regular confirm path.
|
|
const createRes = await app.inject({
|
|
method: 'POST',
|
|
url: '/api/client/payment-requests',
|
|
headers: authHeader(token),
|
|
payload: { duration_minutes: 5 },
|
|
})
|
|
expect(createRes.statusCode).toBe(201)
|
|
const created = createRes.json().data
|
|
expect(created.status).toBe(PaymentRequestStatus.PENDING)
|
|
expect(created.is_first_session_discount).toBe(false)
|
|
expect(created.amount).toBe(5000)
|
|
|
|
const confirmRes = await app.inject({
|
|
method: 'POST',
|
|
url: `/api/client/payment-requests/${created.id}/confirm`,
|
|
headers: authHeader(token),
|
|
payload: {},
|
|
})
|
|
|
|
expect(confirmRes.statusCode).toBe(200)
|
|
const confirmed = confirmRes.json().data
|
|
expect(confirmed.id).toBe(created.id)
|
|
expect(confirmed.status).toBe(PaymentRequestStatus.CONFIRMED)
|
|
expect(confirmed.confirmed_at).toBeTruthy()
|
|
})
|
|
|
|
it('rejects with INVALID_PAYMENT_AMOUNT when amount falls below the method min', async () => {
|
|
// Seed a low-min method and price the request below it.
|
|
const sql = db()
|
|
const [g] = await sql`
|
|
INSERT INTO payment_method_groups (name, display_order, is_active)
|
|
VALUES ('TestGroup-min', 99, true) RETURNING id
|
|
`
|
|
await sql`
|
|
INSERT INTO payment_methods (group_id, display_name, payment_code, display_order,
|
|
icon, min_amount, max_amount, is_active)
|
|
VALUES (${g.id}, 'TestVA', 'TEST_VA', 0, null, 50000, null, true)
|
|
`
|
|
// Bust the catalog cache so the new method is visible.
|
|
const { invalidatePaymentCatalog } = await import('../../src/services/payment-catalog.service.js')
|
|
await invalidatePaymentCatalog()
|
|
|
|
// Eligible discount path puts the price at 2000 — well below TEST_VA's 50000 min.
|
|
const res = await app.inject({
|
|
method: 'POST',
|
|
url: '/api/client/payment-requests',
|
|
headers: authHeader(token),
|
|
payload: { duration_minutes: 12, method: 'TEST_VA' },
|
|
})
|
|
|
|
expect(res.statusCode).toBe(422)
|
|
const body = res.json()
|
|
expect(body.error.code).toBe('INVALID_PAYMENT_AMOUNT')
|
|
expect(body.error.details.min_amount).toBe(50000)
|
|
expect(body.error.details.amount).toBe(2000)
|
|
})
|
|
|
|
it('rejects with INVALID_PAYMENT_AMOUNT when amount exceeds the method max', async () => {
|
|
const sql = db()
|
|
const [g] = await sql`
|
|
INSERT INTO payment_method_groups (name, display_order, is_active)
|
|
VALUES ('TestGroup-max', 99, true) RETURNING id
|
|
`
|
|
await sql`
|
|
INSERT INTO payment_methods (group_id, display_name, payment_code, display_order,
|
|
icon, min_amount, max_amount, is_active)
|
|
VALUES (${g.id}, 'TestWallet', 'TEST_W', 0, null, null, 1000, true)
|
|
`
|
|
const { invalidatePaymentCatalog } = await import('../../src/services/payment-catalog.service.js')
|
|
await invalidatePaymentCatalog()
|
|
|
|
// Discounted 12-min = 2000 IDR, above the 1000 max.
|
|
const res = await app.inject({
|
|
method: 'POST',
|
|
url: '/api/client/payment-requests',
|
|
headers: authHeader(token),
|
|
payload: { duration_minutes: 12, method: 'TEST_W' },
|
|
})
|
|
|
|
expect(res.statusCode).toBe(422)
|
|
const body = res.json()
|
|
expect(body.error.code).toBe('INVALID_PAYMENT_AMOUNT')
|
|
expect(body.error.details.max_amount).toBe(1000)
|
|
})
|
|
|
|
it('call-mode payment session uses the call tier price group', async () => {
|
|
// 20-minute call tier in Phase 4 = 17000 IDR.
|
|
const res = await app.inject({
|
|
method: 'POST',
|
|
url: '/api/client/payment-requests',
|
|
headers: authHeader(token),
|
|
payload: { duration_minutes: 20, mode: 'call' },
|
|
})
|
|
|
|
expect(res.statusCode).toBe(201)
|
|
const body = res.json()
|
|
expect(body.data.mode).toBe('call')
|
|
// Eligible customer but discount modes default = ['chat'], so call is full price.
|
|
expect(body.data.is_first_session_discount).toBe(false)
|
|
expect(body.data.amount).toBe(17000)
|
|
})
|
|
})
|