nodebb-plugin-calendar-onekite 1.4.7 → 2.0.0

package/.drone.yml

@@ -0,0 +1,62 @@
+kind: pipeline
+type: docker
+name: deploy-nodebb-plugin
+
+trigger:
+  branch:
+    - master
+  event:
+    - push
+
+steps:
+  - name: sanity-check
+    image: node:20-alpine
+    commands:
+      - node -v
+      - test -f plugin.json
+      - test -f library.js
+      - test -d static
+      - test -d templates
+
+  - name: deploy-files
+    image: appleboy/drone-scp
+    settings:
+      host:
+        from_secret: SSH_HOST
+      username:
+        from_secret: SSH_USER
+      port:
+        from_secret: SSH_PORT
+      key:
+        from_secret: SSH_KEY
+      source:
+        - ./
+      target:
+        from_secret: PLUGIN_TARGET_DIR
+      strip_components: 0
+      overwrite: true
+
+  - name: install-and-build
+    image: appleboy/drone-ssh
+    environment:
+      PLUGIN_TARGET_DIR:
+        from_secret: PLUGIN_TARGET_DIR
+    settings:
+      host:
+        from_secret: SSH_HOST
+      username:
+        from_secret: SSH_USER
+      port:
+        from_secret: SSH_PORT
+      key:
+        from_secret: SSH_KEY
+      script:
+        - 'echo "Plugin: $PLUGIN_TARGET_DIR"'
+        - 'test -d "$PLUGIN_TARGET_DIR"'
+
+        - 'cd "$PLUGIN_TARGET_DIR"'
+        - 'if [ -f package.json ]; then npm ci --omit=dev; else echo "No package.json, skipping npm ci"; fi'
+
+        #- 'cd "$NODEBB_PATH"'
+        #- './nodebb build'
+        #- './nodebb restart || true'

package/README.md

@@ -0,0 +1,21 @@
+# nodebb-plugin-calendar-onekite (no-jQuery)
+
+## Features
+- FullCalendar frontend (Month/Week/Day/List) with drag&drop + resize (editable for authorized groups)
+- Event CRUD, booking (multi-day), admin validation workflow, HelloAsso payment intent + webhook
+- Admin pages (ACP) without jQuery; robust under ajaxify via MutationObserver
+- Widget: calendarUpcoming
+
+## Important: FullCalendar assets
+This package loads FullCalendar from jsDelivr CDN in templates/calendar.tpl.
+If you need offline / no-CDN, tell me and I will vendor the files under static/vendor/fullcalendar.
+
+## Install
+- Copy into your NodeBB plugins folder
+- Activate plugin in ACP
+- Rebuild: ./nodebb build
+
+## Routes
+- Pages: /calendar, /calendar/my-reservations
+- Admin: /admin/plugins/calendar-onekite, /admin/calendar/planning
+- API: available under /api/... and /api/v3/... (NodeBB v4 client helper uses /api/v3)

package/helloasso.js

@@ -1,81 +1,129 @@
-'use strict';
-
-const fetch = require('node-fetch');
-
-const HELLOASSO_CLIENT_ID     = process.env.HELLOASSO_CLIENT_ID;
-const HELLOASSO_CLIENT_SECRET = process.env.HELLOASSO_CLIENT_SECRET;
-const HELLOASSO_ORG_SLUG      = process.env.HELLOASSO_ORG_SLUG;
-const HELLOASSO_FORM_SLUG     = process.env.HELLOASSO_FORM_SLUG;
-const HELLOASSO_API_BASE      = 'https://api.helloasso.com';
-
-async function getHelloAssoAccessToken() {
-  if (!HELLOASSO_CLIENT_ID || !HELLOASSO_CLIENT_SECRET) {
-    throw new Error('[HelloAsso] HELLOASSO_CLIENT_ID/SECRET non définis');
-  }
-
-  const res = await fetch(`${HELLOASSO_API_BASE}/oauth2/token`, {
-    method: 'POST',
-    headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
-    body: new URLSearchParams({
-      grant_type: 'client_credentials',
-      client_id: HELLOASSO_CLIENT_ID,
-      client_secret: HELLOASSO_CLIENT_SECRET
-    })
-  });
-
-  if (!res.ok) {
-    const txt = await res.text();
-    throw new Error('[HelloAsso] échec OAuth2: ' + txt);
-  }
-  const data = await res.json();
-  return data.access_token;
-}
-
-async function createHelloAssoCheckoutIntent({ eid, rid, uid, itemId, quantity, amount }) {
-  if (!HELLOASSO_ORG_SLUG || !HELLOASSO_FORM_SLUG) {
-    console.warn('[calendar-onekite] HelloAsso non configuré, retournera une URL générique.');
-    return 'https://www.helloasso.com/';
-  }
-
-  const token = await getHelloAssoAccessToken();
-
-  const body = {
-    items: [{
-      name: `Réservation ${itemId} (événement ${eid})`,
-      quantity,
-      amount: Math.round(amount * 100)
-    }],
-    customFields: {
-      eid,
-      rid,
-      uid,
-      itemId,
-      quantity
-    },
-    returnUrl: 'https://tonforum.fr/calendar/payment/ok',
-    cancelUrl: 'https://tonforum.fr/calendar/payment/cancel'
-  };
-
-  const url = `${HELLOASSO_API_BASE}/v5/organizations/${HELLOASSO_ORG_SLUG}/forms/${HELLOASSO_FORM_SLUG}/checkout-intents`;
-
-  const res = await fetch(url, {
-    method: 'POST',
-    headers: {
-      Authorization: 'Bearer ' + token,
-      'Content-Type': 'application/json'
-    },
-    body: JSON.stringify(body)
-  });
-
-  if (!res.ok) {
-    const txt = await res.text();
-    throw new Error('[HelloAsso] erreur CheckoutIntent: ' + txt);
-  }
-
-  const data = await res.json();
-  return data.redirectUrl || data.paymentUrl || 'https://www.helloasso.com/';
-}
-
-module.exports = {
-  createHelloAssoCheckoutIntent,
-};
+'use strict';
+
+/**
+ * HelloAsso integration helper.
+ *
+ * This file contains a minimal implementation to create a checkout "intent" URL.
+ * You MUST configure the following settings in the plugin ACP (or environment variables):
+ * - helloassoOrganizationSlug
+ * - helloassoFormSlug (checkout form)
+ * - helloassoClientId
+ * - helloassoClientSecret
+ *
+ * Notes:
+ * - HelloAsso uses OAuth2 client_credentials for API access.
+ * - Depending on your HelloAsso setup, endpoints may differ (sandbox/production).
+ * - This module is designed to be easy to adapt.
+ */
+
+const meta = require.main.require('./src/meta');
+const Settings = meta.settings;
+
+let cachedToken = null;
+let cachedTokenExp = 0;
+
+async function getSettings() {
+  const s = (await Settings.get('calendar-onekite')) || {};
+  return {
+    apiBase: s.helloassoApiBase || 'https://api.helloasso.com',
+    organizationSlug: s.helloassoOrganizationSlug || '',
+    formSlug: s.helloassoFormSlug || '',
+    clientId: s.helloassoClientId || '',
+    clientSecret: s.helloassoClientSecret || '',
+    returnUrl: s.helloassoReturnUrl || '',
+  };
+}
+
+async function fetchJson(url, opts) {
+  const res = await fetch(url, opts);
+  const text = await res.text();
+  let data = null;
+  try { data = text ? JSON.parse(text) : null; } catch {}
+  if (!res.ok) {
+    const msg = data?.message || data?.error || text || `HTTP ${res.status}`;
+    throw new Error(msg);
+  }
+  return data;
+}
+
+async function getAccessToken() {
+  const s = await getSettings();
+  if (!s.clientId || !s.clientSecret) {
+    throw new Error('HelloAsso: clientId/clientSecret non configurés');
+  }
+
+  const now = Math.floor(Date.now() / 1000);
+  if (cachedToken && cachedTokenExp && now < cachedTokenExp - 30) {
+    return cachedToken;
+  }
+
+  const tokenUrl = `${s.apiBase}/oauth2/token`;
+  const body = new URLSearchParams();
+  body.set('grant_type', 'client_credentials');
+  body.set('client_id', s.clientId);
+  body.set('client_secret', s.clientSecret);
+
+  const data = await fetchJson(tokenUrl, {
+    method: 'POST',
+    headers: { 'Content-Type': 'application/x-www-form-urlencoded' },
+    body,
+  });
+
+  cachedToken = data.access_token;
+  cachedTokenExp = now + Number(data.expires_in || 3600);
+  return cachedToken;
+}
+
+/**
+ * Create a checkout intent (returns a URL).
+ * We store rid/eid/uid in "metadata"/customFields so the webhook can reconcile.
+ *
+ * This implementation targets the "checkout intent" endpoint. If your HelloAsso
+ * account uses a different flow, adapt this function accordingly.
+ */
+async function createHelloAssoCheckoutIntent({ eid, rid, uid, itemId, quantity, amount }) {
+  const s = await getSettings();
+  if (!s.organizationSlug || !s.formSlug) {
+    throw new Error('HelloAsso: organizationSlug/formSlug non configurés');
+  }
+
+  const token = await getAccessToken();
+
+  // Endpoint may vary. This is the common v5 checkout intent endpoint.
+  const url = `${s.apiBase}/v5/organizations/${encodeURIComponent(s.organizationSlug)}/forms/Checkout/${encodeURIComponent(s.formSlug)}/checkout-intents`;
+
+  const payload = {
+    totalAmount: Math.round(Number(amount || 0) * 100), // cents
+    initialAmount: Math.round(Number(amount || 0) * 100),
+    // Return URL after payment
+    returnUrl: s.returnUrl || undefined,
+    // Store custom fields for reconciliation (webhook)
+    metadata: {
+      eid: String(eid),
+      rid: String(rid),
+      uid: String(uid),
+      itemId: String(itemId),
+      quantity: String(quantity),
+    },
+  };
+
+  const data = await fetchJson(url, {
+    method: 'POST',
+    headers: {
+      'Authorization': `Bearer ${token}`,
+      'Content-Type': 'application/json',
+    },
+    body: JSON.stringify(payload),
+  });
+
+  // HelloAsso returns a checkoutUrl / redirectUrl depending on endpoint
+  const checkoutUrl = data?.redirectUrl || data?.checkoutUrl || data?.url;
+  if (!checkoutUrl) {
+    throw new Error('HelloAsso: checkout URL introuvable dans la réponse');
+  }
+  return checkoutUrl;
+}
+
+module.exports = {
+  createHelloAssoCheckoutIntent,
+};