npm - nodebb-plugin-calendar-onekite - Versions diffs - 11.1.61 → 11.1.63 - Mend

nodebb-plugin-calendar-onekite 11.1.61 → 11.1.63

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (7) hide show

package/lib/admin.js +122 -48
package/lib/api.js +31 -35
package/lib/helloassoWebhook.js +8 -123
package/library.js +3 -1
package/package.json +1 -1
package/public/admin.js +80 -26
package/templates/admin/plugins/calendar-onekite.tpl +41 -1

package/lib/admin.js CHANGED Viewed

@@ -124,23 +124,10 @@ admin.approveReservation = async function (req, res) {
         }
   let paymentUrl = null;
-  const requester = await user.getUserFields(r.uid, ['username', 'email']);
-  // Persist payer email so we can reconcile shop payments when HelloAsso does not provide metadata.
-  if (requester && requester.email) {
-    r.payerEmail = requester.email;
-  }
-  // r.total is stored as an estimated total in euros; store expected total in cents as well.
-  const expectedTotalAmount = Math.max(0, Math.round((Number(r.total) || 0) * 100));
-  r.expectedTotalAmount = expectedTotalAmount;
-  // If admin configured a Shop form, we can't create a cart programmatically with the standard Checkout API.
-  // We therefore redirect the user to the shop page so the transaction is recorded in the Shop form.
-  if (settings.helloassoFormType === 'Shop' && settings.helloassoOrganizationSlug && settings.helloassoFormSlug) {
-    const frontBase = (env === 'sandbox') ? 'https://www.helloasso-sandbox.com' : 'https://www.helloasso.com';
-    // Add rid as UTM for easier manual reconciliation on HelloAsso side (may not be returned in webhooks).
-    paymentUrl = `${frontBase}/associations/${encodeURIComponent(settings.helloassoOrganizationSlug)}/boutiques/${encodeURIComponent(settings.helloassoFormSlug)}?utm_source=nodebb&utm_medium=calendar&utm_campaign=location&utm_content=${encodeURIComponent(String(rid))}`;
-  } else if (token) {
-    const totalAmount = expectedTotalAmount;
+  if (token) {
+    const requester = await user.getUserFields(r.uid, ['username', 'email']);
+    // r.total is stored as an estimated total in euros; HelloAsso expects cents.
+    const totalAmount = Math.max(0, Math.round((Number(r.total) || 0) * 100));
     const base = forumBaseUrl();
     const returnUrl = base ? `${base}/calendar` : '';
     const webhookUrl = base ? `${base}/plugins/calendar-onekite/helloasso` : '';
@@ -241,37 +228,6 @@ admin.purgeByYear = async function (req, res) {
 // Debug endpoint to validate HelloAsso connectivity and item loading
-admin.webhookTest = async function (req, res) {
-  const settings = await meta.settings.get('calendar-onekite');
-  const defaultIps = ['51.138.206.200', '4.233.135.234'];
-  const allowedIps = String(settings.helloassoWebhookAllowedIps || '')
-    .split(/[,\s]+/)
-    .map(s => String(s || '').trim())
-    .filter(Boolean);
-  const finalAllow = allowedIps.length ? allowedIps : defaultIps;
-  const cf = req.headers['cf-connecting-ip'];
-  const xff = req.headers['x-forwarded-for'];
-  const seenIp = (() => {
-    if (cf) return String(cf).trim();
-    if (xff) return String(xff).split(',')[0].trim();
-    return String(req.ip || '').trim();
-  })();
-  return res.json({
-    ok: true,
-    seenIp,
-    allowed: !!(seenIp && finalAllow.includes(seenIp)),
-    allowlist: finalAllow,
-    headers: {
-      'cf-connecting-ip': cf || null,
-      'x-forwarded-for': xff || null,
-      'x-real-ip': req.headers['x-real-ip'] || null,
-      host: req.headers.host || null,
-    },
-  });
-};
 admin.debugHelloAsso = async function (req, res) {
   const settings = await meta.settings.get('calendar-onekite');
   const env = (settings && settings.helloassoEnv) || 'prod';
@@ -360,4 +316,122 @@ admin.debugHelloAsso = async function (req, res) {
   }
 };
+// Accounting endpoint: aggregates paid reservations so you can contabilize what was rented.
+// Query params:
+//   from=YYYY-MM-DD (inclusive, based on reservation.start)
+//   to=YYYY-MM-DD (exclusive, based on reservation.start)
+admin.getAccounting = async function (req, res) {
+  const qFrom = String((req.query && req.query.from) || '').trim();
+  const qTo = String((req.query && req.query.to) || '').trim();
+  const parseDay = (s) => {
+    if (!/^\d{4}-\d{2}-\d{2}$/.test(s)) return null;
+    const [y, m, d] = s.split('-').map((x) => parseInt(x, 10));
+    const dt = new Date(Date.UTC(y, m - 1, d));
+    const ts = dt.getTime();
+    return Number.isFinite(ts) ? ts : null;
+  };
+  const fromTs = parseDay(qFrom);
+  const toTs = parseDay(qTo);
+  // Default: last 12 months (UTC)
+  const now = new Date();
+  const defaultTo = Date.UTC(now.getUTCFullYear(), now.getUTCMonth() + 1, 1);
+  const defaultFrom = Date.UTC(now.getUTCFullYear() - 1, now.getUTCMonth() + 1, 1);
+  const minTs = fromTs ?? defaultFrom;
+  const maxTs = toTs ?? defaultTo;
+  const ids = await dbLayer.listAllReservationIds(100000);
+  const rows = [];
+  const byItem = new Map();
+  for (const rid of ids) {
+    const r = await dbLayer.getReservation(rid);
+    if (!r) continue;
+    if (String(r.status) !== 'paid') continue;
+    const start = parseInt(r.start, 10);
+    if (!Number.isFinite(start)) continue;
+    if (start < minTs || start >= maxTs) continue;
+    const itemNames = Array.isArray(r.itemNames) && r.itemNames.length
+      ? r.itemNames
+      : (r.itemName ? [r.itemName] : []);
+    const total = Number(r.total) || 0;
+    const startDate = formatFR(r.start);
+    const endDate = formatFR(r.end);
+    rows.push({
+      rid: r.rid,
+      uid: r.uid,
+      username: r.username || '',
+      start: r.start,
+      end: r.end,
+      startDate,
+      endDate,
+      items: itemNames,
+      total,
+      paidAt: r.paidAt || '',
+    });
+    for (const name of itemNames) {
+      const key = String(name || '').trim();
+      if (!key) continue;
+      const cur = byItem.get(key) || { item: key, count: 0, total: 0 };
+      cur.count += 1;
+      cur.total += total;
+      byItem.set(key, cur);
+    }
+  }
+  const summary = Array.from(byItem.values()).sort((a, b) => b.count - a.count);
+  rows.sort((a, b) => parseInt(a.start, 10) - parseInt(b.start, 10));
+  return res.json({
+    ok: true,
+    from: new Date(minTs).toISOString().slice(0, 10),
+    to: new Date(maxTs).toISOString().slice(0, 10),
+    summary,
+    rows,
+  });
+};
+admin.exportAccountingCsv = async function (req, res) {
+  // Reuse the same logic and emit a CSV.
+  const fakeRes = { json: (x) => x };
+  const data = await admin.getAccounting(req, fakeRes);
+  // If getAccounting returned via res.json, data is undefined; rebuild by calling logic directly.
+  // Easiest: call getAccounting's internals by fetching the endpoint logic via HTTP is not possible here.
+  // So we re-run getAccounting but capture output by monkeypatching.
+  let payload;
+  await admin.getAccounting(req, { json: (x) => { payload = x; return x; } });
+  if (!payload || !payload.ok) {
+    return res.status(500).send('error');
+  }
+  const escape = (v) => {
+    const s = String(v ?? '');
+    if (/[\n\r,\"]/g.test(s)) {
+      return '"' + s.replace(/"/g, '""') + '"';
+    }
+    return s;
+  };
+  const lines = [];
+  lines.push(['rid', 'username', 'uid', 'start', 'end', 'items', 'total', 'paidAt'].map(escape).join(','));
+  for (const r of payload.rows || []) {
+    lines.push([
+      r.rid,
+      r.username,
+      r.uid,
+      r.startDate,
+      r.endDate,
+      (Array.isArray(r.items) ? r.items.join(' | ') : ''),
+      (Number(r.total) || 0).toFixed(2),
+      r.paidAt ? new Date(parseInt(r.paidAt, 10)).toISOString() : '',
+    ].map(escape).join(','));
+  }
+  const csv = lines.join('\n');
+  res.setHeader('Content-Type', 'text/csv; charset=utf-8');
+  res.setHeader('Content-Disposition', 'attachment; filename="calendar-onekite-accounting.csv"');
+  return res.send(csv);
+};
 module.exports = admin;

package/lib/api.js CHANGED Viewed

@@ -389,44 +389,40 @@ api.approveReservation = async function (req, res) {
   // Create HelloAsso payment link on validation
   try {
     const settings2 = await meta.settings.get('calendar-onekite');
-    const env2 = settings2.helloassoEnv || 'prod';
+    const token = await helloasso.getAccessToken({ env: settings2.helloassoEnv || 'prod', clientId: settings2.helloassoClientId, clientSecret: settings2.helloassoClientSecret });
     const payer = await user.getUserFields(r.uid, ['email']);
-    if (payer && payer.email) {
-      r.payerEmail = payer.email;
-    }
-    const cents = Math.max(0, Math.round((Number(r.total) || 0) * 100));
-    r.expectedTotalAmount = cents;
-    // If a Shop form is configured, redirect to the Shop page so the payment is recorded in the shop.
-    if (settings2.helloassoFormType === 'Shop' && settings2.helloassoOrganizationSlug && settings2.helloassoFormSlug) {
-      const frontBase = (env2 === 'sandbox') ? 'https://www.helloasso-sandbox.com' : 'https://www.helloasso.com';
-      r.paymentUrl = `${frontBase}/associations/${encodeURIComponent(settings2.helloassoOrganizationSlug)}/boutiques/${encodeURIComponent(settings2.helloassoFormSlug)}?utm_source=nodebb&utm_medium=calendar&utm_campaign=location&utm_content=${encodeURIComponent(String(rid))}`;
-    } else {
-      const token = await helloasso.getAccessToken({ env: env2, clientId: settings2.helloassoClientId, clientSecret: settings2.helloassoClientSecret });
-      const intent = await helloasso.createCheckoutIntent({
-        env: env2,
-        token,
-        organizationSlug: settings2.helloassoOrganizationSlug,
-        formType: settings2.helloassoFormType,
-        formSlug: settings2.helloassoFormSlug,
-        totalAmount: cents,
-        payerEmail: payer && payer.email ? payer.email : '',
-        callbackUrl: normalizeReturnUrl(meta),
-        webhookUrl: normalizeCallbackUrl(settings2.helloassoCallbackUrl, meta),
-        itemName: 'Réservation matériel OneKite',
-        containsDonation: false,
-        metadata: { reservationId: String(rid) },
-      });
-      const paymentUrl = intent && (intent.paymentUrl || intent.redirectUrl) ? (intent.paymentUrl || intent.redirectUrl) : (typeof intent === 'string' ? intent : null);
-      const checkoutIntentId = intent && intent.checkoutIntentId ? String(intent.checkoutIntentId) : null;
-      if (paymentUrl) {
-        r.paymentUrl = paymentUrl;
-        if (checkoutIntentId) {
-          r.checkoutIntentId = checkoutIntentId;
+    const intent = await helloasso.createCheckoutIntent({
+      env: settings2.helloassoEnv,
+      token,
+      organizationSlug: settings2.helloassoOrganizationSlug,
+      formType: settings2.helloassoFormType,
+      formSlug: settings2.helloassoFormSlug,
+      // r.total is stored as an estimated total in euros; HelloAsso expects cents.
+      totalAmount: (() => {
+        const cents = Math.max(0, Math.round((Number(r.total) || 0) * 100));
+        if (!cents) {
+          console.warn('[calendar-onekite] HelloAsso totalAmount is 0 (approve API)', { rid, total: r.total });
         }
-      } else {
-        console.warn('[calendar-onekite] HelloAsso payment link not created (approve API)', { rid });
+        return cents;
+      })(),
+      payerEmail: payer && payer.email ? payer.email : '',
+      // By default, point to the forum base url so the webhook hits this NodeBB instance.
+      // Can be overridden via ACP setting `helloassoCallbackUrl`.
+      callbackUrl: normalizeReturnUrl(meta),
+      webhookUrl: normalizeCallbackUrl(settings2.helloassoCallbackUrl, meta),
+      itemName: 'Réservation matériel OneKite',
+      containsDonation: false,
+      metadata: { reservationId: String(rid) },
+    });
+    const paymentUrl = intent && (intent.paymentUrl || intent.redirectUrl) ? (intent.paymentUrl || intent.redirectUrl) : (typeof intent === 'string' ? intent : null);
+    const checkoutIntentId = intent && intent.checkoutIntentId ? String(intent.checkoutIntentId) : null;
+    if (paymentUrl) {
+      r.paymentUrl = paymentUrl;
+      if (checkoutIntentId) {
+        r.checkoutIntentId = checkoutIntentId;
       }
+    } else {
+      console.warn('[calendar-onekite] HelloAsso payment link not created (approve API)', { rid });
     }
   } catch (e) {
     // ignore payment link errors, admin can retry

package/lib/helloassoWebhook.js CHANGED Viewed

@@ -220,111 +220,11 @@ function formatFR(tsOrIso) {
 function getReservationIdFromPayload(payload) {
   try {
-    const data = payload && payload.data ? payload.data : null;
-    if (!data) return null;
-    // Prefer meta/metadata when present (Checkout-intents).
-    const candidates = [
-      data.meta,
-      data.metadata,
-      data.order && (data.order.meta || data.order.metadata),
-      data.checkoutIntent && (data.checkoutIntent.meta || data.checkoutIntent.metadata),
-    ].filter(Boolean);
-    for (const m of candidates) {
-      if (m && typeof m === 'object' && !Array.isArray(m)) {
-        if (m.reservationId) return String(m.reservationId);
-        if (m.reservationID) return String(m.reservationID);
-      }
-      if (Array.isArray(m)) {
-        const found = m.find((x) => x && (x.key === 'reservationId' || x.name === 'reservationId'));
-        if (found && (found.value || found.val)) return String(found.value || found.val);
-      }
-    }
-    return null;
-  } catch (e) {
-    return null;
-  }
-}
-function getFormTypeFromPayload(payload) {
-  try {
-    const data = payload && payload.data ? payload.data : null;
-    const order = data && data.order ? data.order : null;
-    return String((order && order.formType) || data.formType || '').trim();
-  } catch (e) {
-    return '';
-  }
-}
-function getFormSlugFromPayload(payload) {
-  try {
-    const data = payload && payload.data ? payload.data : null;
-    const order = data && data.order ? data.order : null;
-    return String((order && order.formSlug) || data.formSlug || '').trim();
-  } catch (e) {
-    return '';
-  }
-}
-function getPayerEmailFromPayload(payload) {
-  try {
-    const data = payload && payload.data ? payload.data : null;
-    if (!data) return '';
-    const payer = data.payer || data.user || null;
-    return String((payer && payer.email) || data.payerEmail || '').trim().toLowerCase();
-  } catch (e) {
-    return '';
-  }
-}
-function getTotalAmountCentsFromPayload(payload) {
-  try {
-    const data = payload && payload.data ? payload.data : null;
-    if (!data) return null;
-    const amountObj = data.amount || data.totalAmount || data.amountTotal || null;
-    if (typeof amountObj === 'number') return Math.round(amountObj);
-    if (amountObj && typeof amountObj === 'object') {
-      const v = amountObj.total ?? amountObj.value ?? amountObj.amount;
-      if (typeof v === 'number') return Math.round(v);
-    }
-    // Fallback: sum items amounts when provided.
-    const items = Array.isArray(data.items) ? data.items : null;
-    if (items && items.length) {
-      const sum = items.reduce((acc, it) => acc + (Number(it.amount || it.totalAmount || 0) || 0), 0);
-      if (sum) return Math.round(sum);
-    }
-    return null;
-  } catch (e) {
+    const m = payload && payload.data ? payload.data.meta : null;
+    if (!m) return null;
+    if (typeof m === 'object' && m.reservationId) return String(m.reservationId);
+    if (typeof m === 'object' && m.reservationID) return String(m.reservationID);
     return null;
-  }
-}
-async function tryMatchShopOrderToReservation(payload) {
-  try {
-    const payerEmail = getPayerEmailFromPayload(payload);
-    if (!payerEmail) return null;
-    const total = getTotalAmountCentsFromPayload(payload);
-    const latest = await dbLayer.getLatestReservations(200);
-    const candidates = (latest || []).filter((r) => {
-      if (!r || r.status !== 'awaiting_payment') return false;
-      if (!r.payerEmail) return false;
-      if (String(r.payerEmail).trim().toLowerCase() !== payerEmail) return false;
-      // When we know the expected total, require match.
-      if (typeof total === 'number' && Number.isFinite(total)) {
-        const exp = Number(r.expectedTotalAmount);
-        if (Number.isFinite(exp) && exp > 0) {
-          return exp === total;
-        }
-      }
-      return true;
-    });
-    if (!candidates.length) return null;
-    candidates.sort((a, b) => (Number(b.approvedAt || 0) - Number(a.approvedAt || 0)));
-    return String(candidates[0].rid);
   } catch (e) {
     return null;
   }
@@ -395,11 +295,8 @@ async function handler(req, res, next) {
       return res.json({ ok: true, ignored: true });
     }
-    // PaymentId may be absent on Order events; fall back to order id for replay protection.
-    const orderId = payload && payload.data && payload.data.order ? payload.data.order.id : null;
-    const paymentId = payload && payload.data ? (payload.data.id || payload.data.paymentId || (payload.data.payment && payload.data.payment.id)) : null;
-    const processedKey = paymentId || orderId;
-    if (await alreadyProcessed(processedKey)) {
+    const paymentId = payload && payload.data ? (payload.data.id || payload.data.paymentId) : null;
+    if (await alreadyProcessed(paymentId)) {
       return res.json({ ok: true, duplicate: true });
     }
@@ -414,18 +311,6 @@ async function handler(req, res, next) {
       // Some webhook payloads omit metadata; try to fetch the payment details.
       resolvedRid = await tryRecoverReservationIdFromPayment(settings, paymentId);
     }
-    // For Shop forms, HelloAsso often does not include metadata/checkoutIntentId.
-    // As a last resort, reconcile by payer email (+ expected amount when available).
-    if (!resolvedRid) {
-      const formType = getFormTypeFromPayload(payload).toLowerCase();
-      const formSlug = getFormSlugFromPayload(payload);
-      if (formType === 'shop' && String(settings.helloassoFormType || '').toLowerCase() === 'shop') {
-        // If a specific shop slug is configured, require it.
-        if (!settings.helloassoFormSlug || String(settings.helloassoFormSlug) === String(formSlug)) {
-          resolvedRid = await tryMatchShopOrderToReservation(payload);
-        }
-      }
-    }
     if (!resolvedRid) {
       // eslint-disable-next-line no-console
       console.warn('[calendar-onekite] HelloAsso webhook missing reservationId in metadata', { eventType: payload && payload.eventType, paymentId, checkoutIntentId });
@@ -435,7 +320,7 @@ async function handler(req, res, next) {
     const r = await dbLayer.getReservation(resolvedRid);
     if (!r) {
-      await markProcessed(processedKey);
+      await markProcessed(paymentId);
       return res.json({ ok: true, processed: true, reservationNotFound: true });
     }
@@ -467,7 +352,7 @@ async function handler(req, res, next) {
       });
     }
-    await markProcessed(processedKey);
+    await markProcessed(paymentId);
     return res.json({ ok: true, processed: true });
   } catch (err) {
     return next(err);

package/library.js CHANGED Viewed

@@ -94,7 +94,9 @@ Plugin.init = async function (params) {
     router.post(`${base}/purge`, ...adminMws, admin.purgeByYear);
     router.get(`${base}/debug`, ...adminMws, admin.debugHelloAsso);
-    router.get(`${base}/webhook-test`, ...adminMws, admin.webhookTest);
+    // Accounting / exports
+    router.get(`${base}/accounting`, ...adminMws, admin.getAccounting);
+    router.get(`${base}/accounting.csv`, ...adminMws, admin.exportAccountingCsv);
   });
   // HelloAsso callback endpoint (hardened)

package/package.json CHANGED Viewed

@@ -1,6 +1,6 @@
 {
   "name": "nodebb-plugin-calendar-onekite",
-  "version":"11.1.61",
+  "version":"11.1.63",
   "description": "FullCalendar-based equipment reservation workflow with admin approval & HelloAsso payment for NodeBB",
   "main": "library.js",
   "license": "MIT",

package/public/admin.js CHANGED Viewed

@@ -359,12 +359,12 @@ define('admin/plugins/calendar-onekite', ['alerts', 'bootbox'], function (alerts
     }
   }
-  async function testWebhook() {
-    try {
-      return await fetchJson('/api/v3/admin/plugins/calendar-onekite/webhook-test');
-    } catch (e) {
-      return await fetchJson('/api/admin/plugins/calendar-onekite/webhook-test');
-    }
+  async function loadAccounting(from, to) {
+    const params = new URLSearchParams();
+    if (from) params.set('from', from);
+    if (to) params.set('to', to);
+    const qs = params.toString();
+    return await fetchJson(`/api/v3/admin/plugins/calendar-onekite/accounting${qs ? `?${qs}` : ''}`);
   }
   async function init() {
@@ -510,28 +510,82 @@ define('admin/plugins/calendar-onekite', ['alerts', 'bootbox'], function (alerts
         }
       });
     }
-  }
-  return { init };
-});
-    const webhookBtn = document.getElementById('onekite-webhook-test');
-    if (webhookBtn) {
-      webhookBtn.addEventListener('click', async () => {
-        const out = document.getElementById('onekite-debug-output');
-        if (out) out.textContent = 'Test webhook...';
-        try {
-          const result = await testWebhook();
-          if (out) out.textContent = JSON.stringify(result, null, 2);
-          if (result && result.allowed) {
-            showAlert('success', `Webhook: IP autorisée (${result.seenIp})`);
-          } else {
-            showAlert('warning', `Webhook: IP non autorisée (${result && result.seenIp ? result.seenIp : 'inconnue'})`);
-          }
-        } catch (e) {
-          if (out) out.textContent = String(e && e.message ? e.message : e);
-          showAlert('error', 'Test webhook impossible.');
-        }
+    // Accounting (paid reservations)
+    const accFrom = document.getElementById('onekite-acc-from');
+    const accTo = document.getElementById('onekite-acc-to');
+    const accRefresh = document.getElementById('onekite-acc-refresh');
+    const accExport = document.getElementById('onekite-acc-export');
+    const accSummary = document.querySelector('#onekite-acc-summary tbody');
+    const accRows = document.querySelector('#onekite-acc-rows tbody');
+    function ymd(d) {
+      const yyyy = d.getUTCFullYear();
+      const mm = String(d.getUTCMonth() + 1).padStart(2, '0');
+      const dd = String(d.getUTCDate()).padStart(2, '0');
+      return `${yyyy}-${mm}-${dd}`;
+    }
+    if (accFrom && accTo) {
+      const now = new Date();
+      const to = new Date(Date.UTC(now.getUTCFullYear(), now.getUTCMonth() + 1, 1));
+      const from = new Date(Date.UTC(now.getUTCFullYear() - 1, now.getUTCMonth() + 1, 1));
+      if (!accFrom.value) accFrom.value = ymd(from);
+      if (!accTo.value) accTo.value = ymd(to);
+    }
+    function renderAccounting(payload) {
+      if (accSummary) accSummary.innerHTML = '';
+      if (accRows) accRows.innerHTML = '';
+      if (!payload || !payload.ok) {
+        return;
+      }
+      (payload.summary || []).forEach((s) => {
+        const tr = document.createElement('tr');
+        tr.innerHTML = `<td>${escapeHtml(s.item)}</td><td>${escapeHtml(String(s.count || 0))}</td><td>${escapeHtml((Number(s.total) || 0).toFixed(2))}</td>`;
+        accSummary && accSummary.appendChild(tr);
+      });
+      (payload.rows || []).forEach((r) => {
+        const tr = document.createElement('tr');
+        const user = r.username ? `<a href="/user/${encodeURIComponent(r.username)}" target="_blank">${escapeHtml(r.username)}</a>` : '';
+        const items = Array.isArray(r.items) ? r.items.map((x) => escapeHtml(x)).join('<br>') : '';
+        tr.innerHTML = `<td>${escapeHtml(r.startDate)} → ${escapeHtml(r.endDate)}</td><td>${user}</td><td>${items}</td><td>${escapeHtml((Number(r.total) || 0).toFixed(2))}</td><td><code>${escapeHtml(r.rid)}</code></td>`;
+        accRows && accRows.appendChild(tr);
       });
     }
+    async function refreshAccounting() {
+      if (!accRefresh) return;
+      try {
+        const from = accFrom ? accFrom.value : '';
+        const to = accTo ? accTo.value : '';
+        accRefresh.disabled = true;
+        const payload = await loadAccounting(from, to);
+        renderAccounting(payload);
+      } catch (e) {
+        showAlert('error', 'Impossible de charger la comptabilisation.');
+      } finally {
+        accRefresh.disabled = false;
+      }
+    }
+    if (accRefresh) {
+      accRefresh.addEventListener('click', refreshAccounting);
+      // Load once on init
+      refreshAccounting();
+    }
+    if (accExport) {
+      accExport.addEventListener('click', () => {
+        const params = new URLSearchParams();
+        if (accFrom && accFrom.value) params.set('from', accFrom.value);
+        if (accTo && accTo.value) params.set('to', accTo.value);
+        const qs = params.toString();
+        const url = `/api/v3/admin/plugins/calendar-onekite/accounting.csv${qs ? `?${qs}` : ''}`;
+        window.open(url, '_blank');
+      });
+    }
+  }
+  return { init };
+});

package/templates/admin/plugins/calendar-onekite.tpl CHANGED Viewed

@@ -14,6 +14,9 @@
       <li class="nav-item" role="presentation">
         <button class="nav-link" data-bs-toggle="tab" data-bs-target="#onekite-tab-debug" type="button" role="tab">Debug HelloAsso</button>
       </li>
+      <li class="nav-item" role="presentation">
+        <button class="nav-link" data-bs-toggle="tab" data-bs-target="#onekite-tab-accounting" type="button" role="tab">Comptabilisation</button>
+      </li>
     </ul>
     <div class="tab-content pt-3">
@@ -102,9 +105,46 @@
       <div class="tab-pane fade" id="onekite-tab-debug" role="tabpanel">
         <p class="text-muted">Teste la récupération du token et la liste du matériel (catalogue).</p>
         <button type="button" class="btn btn-secondary me-2" id="onekite-debug-run">Tester le chargement du matériel</button>
-        <button type="button" class="btn btn-outline-primary" id="onekite-webhook-test">Tester le webhook (IP + réponse)</button>
         <pre id="onekite-debug-output" class="mt-3 p-3 bg-light" style="max-height: 360px; overflow: auto;"></pre>
       </div>
+      <div class="tab-pane fade" id="onekite-tab-accounting" role="tabpanel">
+        <h4>Comptabilisation des locations (payées)</h4>
+        <div class="d-flex flex-wrap gap-2 align-items-end mb-3">
+          <div>
+            <label class="form-label">Du</label>
+            <input class="form-control" type="date" id="onekite-acc-from" />
+          </div>
+          <div>
+            <label class="form-label">Au</label>
+            <input class="form-control" type="date" id="onekite-acc-to" />
+          </div>
+          <div>
+            <button type="button" class="btn btn-primary" id="onekite-acc-refresh">Rafraîchir</button>
+            <button type="button" class="btn btn-outline-secondary" id="onekite-acc-export">Exporter CSV</button>
+          </div>
+        </div>
+        <h5>Résumé par matériel</h5>
+        <div class="table-responsive">
+          <table class="table table-sm" id="onekite-acc-summary">
+            <thead>
+              <tr><th>Matériel</th><th>Nb locations</th><th>Total (€)</th></tr>
+            </thead>
+            <tbody></tbody>
+          </table>
+        </div>
+        <h5 class="mt-4">Détails</h5>
+        <div class="table-responsive">
+          <table class="table table-sm" id="onekite-acc-rows">
+            <thead>
+              <tr><th>Date</th><th>Utilisateur</th><th>Matériel</th><th>Total (€)</th><th>RID</th></tr>
+            </thead>
+            <tbody></tbody>
+          </table>
+        </div>
+      </div>
     </div>
   </div>
 </div>