nodebb-plugin-calendar-onekite 11.1.29 → 11.1.30

package/lib/admin.js

@@ -1,109 +1,76 @@
 'use strict';
 
-const Groups = require.main.require('./src/groups');
 const meta = require.main.require('./src/meta');
-const logic = require('./logic');
-const helloasso = require('./helloasso');
-const settings = require('./settings');
-const db = require('./db');
+const dbi = require('./db');
+const api = require('./api');
 
-async function ensureAdmin(req, res, next) {
-  try {
-    if (!req.uid) return res.status(401).json({ ok:false, error:'not-logged-in' });
-    const ok = await Groups.isMember(req.uid, 'administrators');
-    if (!ok) return res.status(403).json({ ok:false, error:'not-admin' });
-    next();
-  } catch (e) {
-    res.status(500).json({ ok:false, error:'server' });
-  }
+async function getSettings(req, res) {
+  const settings = await meta.settings.get('calendar-onekite');
+  // mask secret
+  if (settings && settings.helloassoClientSecret) settings.helloassoClientSecret = '***';
+  res.json({ ok: true, settings: settings || {} });
 }
 
-function mount(router, prefix, baseMws) {
-  const mws = Array.isArray(baseMws) ? baseMws : [];
-
-  // settings get
-  router.get(`${prefix}/admin/plugins/calendar-onekite/settings`, ...mws, ensureAdmin, async (req, res) => {
-    const s = await meta.settings.get(settings.PLUGIN_ID);
-    const out = s || {};
-    if (out.helloassoClientSecret) out.helloassoClientSecret = '***';
-    res.json({ ok:true, settings: out });
-  });
-
-  // settings put
-  router.put(`${prefix}/admin/plugins/calendar-onekite/settings`, ...mws, ensureAdmin, async (req, res) => {
-    const p = req.body || {};
-    const toSave = {
-      helloassoEnv: p.helloassoEnv || 'sandbox',
-      helloassoClientId: p.helloassoClientId || '',
-      helloassoClientSecret: p.helloassoClientSecret && p.helloassoClientSecret !== '***' ? p.helloassoClientSecret : (await meta.settings.getOne(settings.PLUGIN_ID, 'helloassoClientSecret')) || '',
-      helloassoOrganizationSlug: p.helloassoOrganizationSlug || '',
-      helloassoFormType: p.helloassoFormType || 'shop',
-      helloassoFormSlug: p.helloassoFormSlug || '',
-      creatorGroups: settings.normalizeCsv(p.creatorGroups),
-      validatorGroups: settings.normalizeCsv(p.validatorGroups),
-      notifyGroups: settings.normalizeCsv(p.notifyGroups),
-      holdMinutes: parseInt(p.holdMinutes, 10) || 5,
-    };
-    await meta.settings.set(settings.PLUGIN_ID, toSave);
-    res.json({ ok:true });
-  });
+async function saveSettings(req, res) {
+  const body = req.body || {};
+  // If secret is '***', do not overwrite.
+  const current = await meta.settings.get('calendar-onekite') || {};
+  const next = { ...current, ...body };
+  if (body.helloassoClientSecret === '***') {
+    next.helloassoClientSecret = current.helloassoClientSecret;
+  }
+  await meta.settings.set('calendar-onekite', next);
+  // invalidate catalog cache
+  res.json({ ok: true });
+}
 
-  // pending list (simple: scan by start zset window)
-  router.get(`${prefix}/admin/plugins/calendar-onekite/pending`, ...mws, ensureAdmin, async (req, res) => {
-    const start = '2000-01-01';
-    const end = '2100-01-01';
-    const events = await logic.listEvents(start, end);
-    const pending = events.filter(r => r.status === 'pending' || r.status === 'awaiting_payment');
-    res.json({ ok:true, pending });
-  });
+async function getPending(req, res) {
+  const ids = await dbi.listAllIds(5000);
+  const rows = await dbi.getReservations(ids);
+  const pending = rows.filter(r => (r.status || 'pending') === 'pending')
+    .sort((a,b)=> (b.createdAt||0)-(a.createdAt||0))
+    .slice(0, 200);
+  res.json({ ok: true, pending });
+}
 
-  // approve/refuse from ACP
-  router.post(`${prefix}/admin/plugins/calendar-onekite/reservations/:rid/approve`, ...mws, ensureAdmin, async (req, res) => {
-    const rid = parseInt(req.params.rid, 10);
-    const r = await logic.setStatus(rid, 'awaiting_payment');
-    if (!r) return res.status(404).json({ ok:false, error:'not-found' });
-    res.json({ ok:true });
-  });
-  router.post(`${prefix}/admin/plugins/calendar-onekite/reservations/:rid/refuse`, ...mws, ensureAdmin, async (req, res) => {
-    const rid = parseInt(req.params.rid, 10);
-    const r = await logic.setStatus(rid, 'refused');
-    if (!r) return res.status(404).json({ ok:false, error:'not-found' });
-    res.json({ ok:true });
-  });
+async function purgeByYear(req, res) {
+  const year = String((req.body||{}).year || '').trim();
+  if (!/^\d{4}$/.test(year)) return res.status(400).json({ status: { code: 'bad-request', message: 'Année invalide (YYYY)' } });
+  const y = Number(year);
+  const startTs = Date.UTC(y,0,1,0,0,0);
+  const endTs = Date.UTC(y+1,0,1,0,0,0);
 
-  // purge year
-  router.post(`${prefix}/admin/plugins/calendar-onekite/purge`, ...mws, ensureAdmin, async (req, res) => {
-    const year = String((req.body && req.body.year) || '').trim();
-    if (!/^\d{4}$/.test(year)) return res.status(400).json({ ok:false, error:'invalid-year' });
-    const y = parseInt(year, 10);
-    const startDate = `${year}-01-01`;
-    const endDate = `${year}-12-31`;
-    const startTs = Date.parse(`${startDate}T00:00:00.000Z`);
-    const endTs = Date.parse(`${endDate}T23:59:59.999Z`);
-    const ids = await db.listReservationIdsByStartRange(startTs, endTs, 5000);
-    for (const id of ids) {
-      await db.removeReservation(id);
-    }
-    res.json({ ok:true, removed: ids.length });
-  });
+  const ids = await dbi.listReservationIdsByStartRange(startTs, endTs, 100000);
+  for (const id of ids) {
+    await dbi.deleteReservation(id);
+  }
+  res.json({ ok: true, deleted: ids.length });
+}
 
-  // debug helloasso
-  router.get(`${prefix}/admin/plugins/calendar-onekite/debug`, ...mws, ensureAdmin, async (req, res) => {
-    const s = await meta.settings.get(settings.PLUGIN_ID);
-    const safe = Object.assign({}, s || {});
-    if (safe.helloassoClientSecret) safe.helloassoClientSecret = '***';
-    let tokenOk = false;
-    let count = 0;
-    let sample = [];
-    try {
-      const token = await helloasso.getToken();
-      tokenOk = !!token;
-      const { items } = await helloasso.getCatalogItems();
-      count = items.length;
-      sample = items.slice(0, 10);
-    } catch (e) {}
-    res.json({ ok:true, settings: safe, token: { ok: tokenOk }, items: { ok: true, count, sample } });
-  });
+async function debugHelloAsso(req, res) {
+  const settings = await meta.settings.get('calendar-onekite') || {};
+  const masked = { ...settings };
+  if (masked.helloassoClientSecret) masked.helloassoClientSecret = '***';
+  const out = { ok: true, settings: masked };
+  try {
+    // token + catalog
+    const items = await api._getCatalogItems();
+    out.token = { ok: true };
+    out.catalog = { ok: true, count: items.length, sample: items.slice(0, 10) };
+    // also expose cache error if any
+    const cache = api._catalogCache();
+    if (cache && cache.err) out.catalog.err = cache.err;
+  } catch (e) {
+    out.token = { ok: false, message: e.message };
+    out.catalog = { ok: false, count: 0, sample: [], message: e.message };
+  }
+  res.json(out);
 }
 
-module.exports = { mount, ensureAdmin };
+module.exports = {
+  getSettings,
+  saveSettings,
+  getPending,
+  purgeByYear,
+  debugHelloAsso,
+};

package/lib/api.js

@@ -1,124 +1,228 @@
 'use strict';
 
-const logic = require('./logic');
-const perms = require('./perms');
-const helloasso = require('./helloasso');
-const email = require('./email');
-const User = require.main.require('./src/user');
-const settings = require('./settings');
-
-function mount(router, prefix, baseMws) {
-  const mws = Array.isArray(baseMws) ? baseMws : [];
-  const json = (res, obj) => res.json(obj);
-
-  // events
-  router.get(`${prefix}/plugins/calendar-onekite/events`, ...mws, async (req, res) => {
-    const start = String(req.query.start || '').slice(0,10);
-    const end = String(req.query.end || '').slice(0,10);
-    if (!start || !end) return res.status(400).json({ ok:false, error:'missing-range' });
-    const events = await logic.listEvents(start, end);
-    const canVal = await perms.canValidate(req.uid);
-
-    const fc = events.map(r => ({
-      id: String(r.rid),
-      title: r.title,
-      start: r.startDate,
-      end: r.endDate,
+const meta = require.main.require('./src/meta');
+const dbi = require('./db');
+const hello = require('./helloasso');
+
+const BLOCKING_STATUSES = new Set(['pending', 'awaiting_payment', 'approved', 'paid']);
+
+function overlaps(aStart, aEnd, bStart, bEnd) {
+  return Number(aStart) < Number(bEnd) && Number(bStart) < Number(aEnd);
+}
+
+function parseDateParam(s) {
+  // FullCalendar sends ISO date/time. Accept 'YYYY-MM-DD' too.
+  const d = new Date(s);
+  if (!s || Number.isNaN(d.getTime())) return null;
+  return d;
+}
+
+function toYMD(ts) {
+  const d = new Date(Number(ts));
+  const y = d.getUTCFullYear();
+  const m = String(d.getUTCMonth()+1).padStart(2,'0');
+  const da = String(d.getUTCDate()).padStart(2,'0');
+  return `${y}-${m}-${da}`;
+}
+
+function daysBetweenInclusive(startYMD, endYMDExclusive) {
+  // FullCalendar selection end is exclusive. We compute number of days selected.
+  const s = new Date(startYMD + 'T00:00:00Z');
+  const e = new Date(endYMDExclusive + 'T00:00:00Z');
+  const diff = Math.max(0, Math.round((e - s) / 86400000));
+  return diff || 1;
+}
+
+let catalogCache = { at: 0, items: [], raw: null, ok: false, err: null };
+
+async function sweepExpiredPending() {
+  const now = Date.now();
+  const ids = await dbi.listExpiredIds(now, 5000);
+  if (!ids.length) return 0;
+  const rows = await dbi.getReservations(ids);
+  let expiredCount = 0;
+  for (const r of rows) {
+    if (!r) continue;
+    const status = r.status || 'pending';
+    const expiresAt = Number(r.expiresAt || 0);
+    if (status === 'pending' && expiresAt && expiresAt <= now) {
+      r.status = 'expired';
+      r.expiredAt = now;
+      r.expiresAt = '';
+      await dbi.saveReservation(r);
+      await dbi.clearExpiryIndex(r.id);
+      expiredCount++;
+    } else {
+      // Not actually expired, remove from expiry index to avoid repeated scans
+      if (expiresAt && expiresAt > now) {
+        // keep
+      } else {
+        await dbi.clearExpiryIndex(r.id);
+      }
+    }
+  }
+  return expiredCount;
+}
+
+async function getSettings() {
+  const settings = await meta.settings.get('calendar-onekite');
+  return settings || {};
+}
+
+async function getCatalogItems() {
+  const settings = await getSettings();
+  const now = Date.now();
+  if (catalogCache.ok && (now - catalogCache.at) < 5*60*1000) {
+    return catalogCache.items;
+  }
+  if (!settings.helloassoClientId || !settings.helloassoClientSecret || !settings.helloassoOrganizationSlug || !settings.helloassoFormSlug || !settings.helloassoFormType) {
+    catalogCache = { at: now, items: [], raw: null, ok: true, err: null };
+    return [];
+  }
+  try {
+    const pub = await hello.getShopCatalog(settings);
+    const items = hello.extractItemsFromPublic(pub);
+    catalogCache = { at: now, items, raw: pub, ok: true, err: null };
+    return items;
+  } catch (err) {
+    catalogCache = { at: now, items: [], raw: null, ok: false, err: { message: err.message, statusCode: err.statusCode, body: err.body } };
+    return [];
+  }
+}
+
+async function getCatalog(req, res) {
+  const items = await getCatalogItems();
+  res.json({ ok: true, count: items.length, items });
+}
+
+async function getEvents(req, res) {
+  await sweepExpiredPending();
+  const start = parseDateParam(req.query.start);
+  const end = parseDateParam(req.query.end);
+  const startTs = start ? start.getTime() : Date.now() - 365*86400000;
+  const endTs = end ? end.getTime() : Date.now() + 365*86400000;
+
+  const ids = await dbi.listReservationIdsByStartRange(startTs, endTs, 5000);
+  const rows = await dbi.getReservations(ids);
+
+  const events = rows
+    .filter(r => {
+      const status = r.status || 'pending';
+      // Hide expired requests from calendar
+      return status !== 'expired';
+    })
+    .map(r => {
+    const itemNames = (r.items || []).map(it => it.name).join(', ');
+    const title = itemNames || 'Réservation';
+    const status = r.status || 'pending';
+    const icon = status === 'approved' ? '✅' : status === 'awaiting_payment' ? '💳' : status === 'refused' ? '⛔' : '⏳';
+    return {
+      id: r.id,
+      title: `${icon} ${title}`,
+      start: toYMD(r.startTs),
+      end: toYMD(r.endTs), // end exclusive works for allDay
       allDay: true,
       extendedProps: {
-        rid: r.rid,
-        status: r.status,
-        itemIds: r.itemIds,
-        days: r.days,
-        totalCents: r.totalCents,
-        canValidate: canVal,
+        status,
+        requesterUid: r.uid,
+        items: r.items || [],
+        totalCents: r.totalCents || 0,
+        days: r.days || 1,
       }
-    }));
-    json(res, { ok:true, events: fc });
+    };
   });
 
-  // catalog items
-  router.get(`${prefix}/plugins/calendar-onekite/items`, ...mws, async (req, res) => {
-    try {
-      const { items } = await helloasso.getCatalogItems();
-      json(res, { ok:true, items });
-    } catch (e) {
-      json(res, { ok:false, items: [], error:'helloasso' });
-    }
-  });
+  res.json(events);
+}
 
-  // create reservation
-  router.post(`${prefix}/plugins/calendar-onekite/reservations`, ...mws, async (req, res) => {
-    const uid = req.uid;
-    if (!uid) return res.status(401).json({ ok:false, error:'not-logged-in' });
-    if (!(await perms.canCreate(uid))) return res.status(403).json({ ok:false, error:'not-allowed' });
-
-    const itemIds = Array.isArray(req.body.itemIds) ? req.body.itemIds : [];
-    const startDate = String(req.body.startDate || '').slice(0,10);
-    const endDate = String(req.body.endDate || '').slice(0,10);
-    const note = String(req.body.note || '').slice(0,500);
-
-    if (!itemIds.length) return res.status(400).json({ ok:false, error:'no-items' });
-    if (!startDate || !endDate) return res.status(400).json({ ok:false, error:'missing-dates' });
-
-    try {
-      const r = await logic.createReservation(uid, itemIds, startDate, endDate, note);
-
-      // email notify groups
-      const notifyUids = await perms.listNotifyUids();
-      const user = await User.getUserFields(uid, ['username']);
-      for (const nu of notifyUids) {
-        await email.sendToUid('calendar-onekite-pending', nu, {
-          subject: 'Nouvelle demande de réservation',
-          username: user.username,
-          startDate: r.startDate,
-          endDate: r.endDate,
-          rid: r.rid,
-        });
-      }
+async function createReservation(req, res) {
+  const uid = req.uid;
+  if (!uid) return res.status(403).json({ status: { code: 'forbidden', message: 'Not logged in' } });
 
-      json(res, { ok:true, reservation: r });
-    } catch (e) {
-      if (e.code === 'conflict') {
-        return res.status(409).json({ ok:false, error:'conflict', conflicts: e.conflicts });
-      }
-      res.status(500).json({ ok:false, error:'server' });
+  // Expire old pending holds before checking availability
+  await sweepExpiredPending();
+
+  const body = req.body || {};
+  const startYMD = body.start;
+  const endYMD = body.end;
+  const itemIds = Array.isArray(body.itemIds) ? body.itemIds.map(String) : [];
+  if (!startYMD || !endYMD) return res.status(400).json({ status: { code: 'bad-request', message: 'Missing dates' } });
+  if (!itemIds.length) return res.status(400).json({ status: { code: 'bad-request', message: 'Missing itemIds' } });
+
+  const days = daysBetweenInclusive(startYMD, endYMD);
+
+  const catalog = await getCatalogItems();
+  const chosen = [];
+  let sumPerDay = 0;
+  for (const id of itemIds) {
+    const it = catalog.find(x => x.id === id);
+    if (it) {
+      chosen.push(it);
+      sumPerDay += Number(it.priceCents || 0);
+    } else {
+      // keep unknown item with 0 price to avoid hard fail
+      chosen.push({ id, name: `Item ${id}`, priceCents: 0 });
     }
-  });
+  }
+  const totalCents = sumPerDay * days;
 
-  // validator actions from calendar (approve/refuse)
-  router.post(`${prefix}/plugins/calendar-onekite/reservations/:rid/approve`, ...mws, async (req, res) => {
-    const uid = req.uid;
-    if (!uid) return res.status(401).json({ ok:false, error:'not-logged-in' });
-    if (!(await perms.canValidate(uid))) return res.status(403).json({ ok:false, error:'not-validator' });
-    const rid = parseInt(req.params.rid, 10);
-    const r = await logic.setStatus(rid, 'awaiting_payment');
-    if (!r) return res.status(404).json({ ok:false, error:'not-found' });
-    // notify requester
-    await email.sendToUid('calendar-onekite-approved', r.uid, {
-      subject: 'Réservation validée',
-      startDate: r.startDate,
-      endDate: r.endDate,
-      rid: r.rid,
-    });
-    json(res, { ok:true });
-  });
+  const id = await dbi.nextId();
+  const startTs = new Date(startYMD + 'T00:00:00Z').getTime();
+  const endTs = new Date(endYMD + 'T00:00:00Z').getTime();
 
-  router.post(`${prefix}/plugins/calendar-onekite/reservations/:rid/refuse`, ...mws, async (req, res) => {
-    const uid = req.uid;
-    if (!uid) return res.status(401).json({ ok:false, error:'not-logged-in' });
-    if (!(await perms.canValidate(uid))) return res.status(403).json({ ok:false, error:'not-validator' });
-    const rid = parseInt(req.params.rid, 10);
-    const r = await logic.setStatus(rid, 'refused');
-    if (!r) return res.status(404).json({ ok:false, error:'not-found' });
-    await email.sendToUid('calendar-onekite-refused', r.uid, {
-      subject: 'Réservation refusée',
-      startDate: r.startDate,
-      endDate: r.endDate,
-      rid: r.rid,
+  // Prevent double-booking (reserved OR awaiting payment OR approved) for any selected item
+  // Query candidates by start range; then filter by overlap and item intersection
+  const candidateIds = await dbi.listReservationIdsByStartRange(startTs - 86400000, endTs + 86400000, 10000);
+  const candidates = await dbi.getReservations(candidateIds);
+  const wanted = new Set(itemIds);
+  const conflicts = [];
+  for (const r of candidates) {
+    if (!r) continue;
+    const status = r.status || 'pending';
+    if (!BLOCKING_STATUSES.has(status)) continue;
+    if (status === 'pending' && r.expiresAt && Number(r.expiresAt) <= Date.now()) continue;
+    if (!overlaps(startTs, endTs, Number(r.startTs), Number(r.endTs))) continue;
+    const rItemIds = (r.items || []).map(it => String(it.id));
+    const hit = rItemIds.filter(x => wanted.has(x));
+    if (hit.length) {
+      conflicts.push({ id: r.id, status, itemIds: hit, startYMD: r.startYMD, endYMD: r.endYMD });
+    }
+  }
+  if (conflicts.length) {
+    return res.status(409).json({
+      status: { code: 'conflict', message: 'Matériel déjà réservé ou en attente de paiement.' },
+      conflicts,
     });
-    json(res, { ok:true });
-  });
+  }
+
+  const settings = await getSettings();
+  const holdMinutes = Math.max(1, parseInt(settings.holdMinutes, 10) || 5);
+  const expiresAt = Date.now() + holdMinutes * 60 * 1000;
+
+  const resv = {
+    id,
+    uid: String(uid),
+    startTs,
+    endTs,
+    startYMD,
+    endYMD,
+    items: chosen,
+    days,
+    totalCents,
+    status: 'pending',
+    createdAt: Date.now(),
+    expiresAt,
+  };
+  await dbi.saveReservation(resv);
+
+  res.json({ ok: true, reservation: resv });
 }
 
-module.exports = { mount };
+module.exports = {
+  getEvents,
+  getCatalog,
+  createReservation,
+  _sweepExpiredPending: sweepExpiredPending,
+  _getCatalogItems: getCatalogItems,
+  _catalogCache: () => catalogCache,
+};

package/lib/db.js

@@ -3,86 +3,75 @@
 const db = require.main.require('./src/database');
 
 const KEYS = {
-  nextRid: 'calendar-onekite:nextRid',
-  reservation: (rid) => `calendar-onekite:reservation:${rid}`,
-  zsetStart: 'calendar-onekite:reservationsByStart',
-  zsetExpires: 'calendar-onekite:reservationsByExpires',
+  Z_BY_START: 'calendar-onekite:reservations:byStart',
+  Z_BY_EXPIRES: 'calendar-onekite:reservations:byExpires',
+  HASH: (id) => `calendar-onekite:reservation:${id}`,
+  NEXT_ID: 'calendar-onekite:reservation:nextId',
 };
 
 async function nextId() {
-  const rid = await db.incrObjectField('global', KEYS.nextRid);
-  return rid;
-}
-
-function safeJson(v, fallback) {
-  try { return JSON.parse(v); } catch { return fallback; }
-}
-
-function hydrate(obj) {
-  return {
-    rid: parseInt(obj.rid, 10),
-    uid: parseInt(obj.uid, 10),
-    startDate: obj.startDate,
-    endDate: obj.endDate,
-    startTs: parseInt(obj.startTs, 10),
-    endTs: parseInt(obj.endTs, 10),
-    status: obj.status,
-    createdAt: parseInt(obj.createdAt, 10),
-    expiresAt: parseInt(obj.expiresAt || '0', 10),
-    itemIds: safeJson(obj.itemIds, []),
-    days: parseInt(obj.days || '0', 10),
-    totalCents: parseInt(obj.totalCents || '0', 10),
-    title: obj.title || '',
-    note: obj.note || '',
-  };
+  const id = await db.incrObjectField('calendar-onekite:meta', 'nextId');
+  return String(id);
 }
 
 async function saveReservation(resv) {
-  const key = KEYS.reservation(resv.rid);
-  await db.setObject(key, {
-    rid: String(resv.rid),
-    uid: String(resv.uid),
-    startDate: String(resv.startDate),
-    endDate: String(resv.endDate),
-    startTs: String(resv.startTs),
-    endTs: String(resv.endTs),
-    status: String(resv.status),
-    createdAt: String(resv.createdAt),
-    expiresAt: String(resv.expiresAt || 0),
-    itemIds: JSON.stringify(resv.itemIds || []),
-    days: String(resv.days || 0),
-    totalCents: String(resv.totalCents || 0),
-    title: String(resv.title || ''),
-    note: String(resv.note || ''),
-  });
-  await db.sortedSetAdd(KEYS.zsetStart, resv.startTs, String(resv.rid));
+  await db.setObject(KEYS.HASH(resv.id), resv);
+  await db.sortedSetAdd(KEYS.Z_BY_START, resv.startTs, resv.id);
+
+  // Track expiration for pending reservations
   if (resv.expiresAt) {
-    await db.sortedSetAdd(KEYS.zsetExpires, resv.expiresAt, String(resv.rid));
+    await db.sortedSetAdd(KEYS.Z_BY_EXPIRES, Number(resv.expiresAt), resv.id);
   } else {
-    await db.sortedSetRemove(KEYS.zsetExpires, String(resv.rid));
+    await db.sortedSetRemove(KEYS.Z_BY_EXPIRES, resv.id);
   }
 }
 
-async function getReservation(rid) {
-  const obj = await db.getObject(KEYS.reservation(rid));
-  if (!obj || !obj.rid) return null;
-  return hydrate(obj);
+async function getReservation(id) {
+  return await db.getObject(KEYS.HASH(id));
+}
+
+async function getReservations(ids) {
+  if (!ids.length) return [];
+  const keys = ids.map(KEYS.HASH);
+  const objects = await db.getObjects(keys);
+  return objects.filter(Boolean);
+}
+
+async function listReservationIdsByStartRange(startTs, endTs, limit = 2000) {
+  // NodeBB db API: getSortedSetRangeByScore(set, start, stop, min, max)
+  const ids = await db.getSortedSetRangeByScore(KEYS.Z_BY_START, 0, limit - 1, startTs, endTs);
+  return ids || [];
 }
 
-async function listReservationIdsByStartRange(startTs, endTs, limit = 500) {
-  const ids = await db.getSortedSetRangeByScore(KEYS.zsetStart, 0, limit - 1, startTs, endTs);
-  return (ids || []).map(String);
+async function deleteReservation(id) {
+  await db.delete(KEYS.HASH(id));
+  await db.sortedSetRemove(KEYS.Z_BY_START, id);
+  await db.sortedSetRemove(KEYS.Z_BY_EXPIRES, id);
 }
 
-async function listExpiredIds(nowTs, limit = 500) {
-  const ids = await db.getSortedSetRangeByScore(KEYS.zsetExpires, 0, limit - 1, 0, nowTs);
-  return (ids || []).map(String);
+async function listExpiredIds(nowTs, limit = 5000) {
+  // NodeBB db API: getSortedSetRangeByScore(set, start, stop, min, max)
+  const ids = await db.getSortedSetRangeByScore(KEYS.Z_BY_EXPIRES, 0, limit - 1, 0, nowTs);
+  return ids || [];
 }
 
-async function removeReservation(rid) {
-  await db.delete(KEYS.reservation(rid));
-  await db.sortedSetRemove(KEYS.zsetStart, String(rid));
-  await db.sortedSetRemove(KEYS.zsetExpires, String(rid));
+async function clearExpiryIndex(id) {
+  await db.sortedSetRemove(KEYS.Z_BY_EXPIRES, id);
 }
 
-module.exports = { nextId, saveReservation, getReservation, listReservationIdsByStartRange, listExpiredIds, removeReservation };
+async function listAllIds(limit=100000) {
+  return await db.getSortedSetRange(KEYS.Z_BY_START, 0, limit-1);
+}
+
+module.exports = {
+  KEYS,
+  nextId,
+  saveReservation,
+  getReservation,
+  getReservations,
+  listReservationIdsByStartRange,
+  deleteReservation,
+  listExpiredIds,
+  clearExpiryIndex,
+  listAllIds,
+};