nodebb-plugin-onekite-calendar 2.0.66 → 2.0.68

package/lib/admin.js

@@ -2,97 +2,26 @@
 
 const meta = require.main.require('./src/meta');
 const user = require.main.require('./src/user');
-const emailer = require.main.require('./src/emailer');
-const { forumBaseUrl, formatFR } = require('./utils');
 const { getSettings, invalidateSettings } = require('./settings');
 const realtime = require('./realtime');
-const crypto = require('crypto');
 const nconf = require.main.require('nconf');
 
-function baseUrl() {
-  try { return String(nconf.get('url') || '').replace(/\/$/, ''); } catch (e) { return forumBaseUrl || ''; }
-}
-function hmacSecret() {
-  try {
-    const s = String(nconf.get('secret') || '').trim();
-    if (s) return s;
-  } catch (e) {}
-  return 'calendar-onekite';
-}
-function signCalendarLink(type, id, uid) {
-  try {
-    return crypto.createHmac('sha256', hmacSecret()).update(`${String(type)}:${String(id)}:${String(uid || 0)}`).digest('hex');
-  } catch (e) { return ''; }
-}
-function ymdToCompact(ymd) { return String(ymd || '').replace(/-/g, ''); }
-function dtToGCalUtc(dt) {
-  const d = (dt instanceof Date) ? dt : new Date(dt);
-  return d.toISOString().replace(/[-:]/g, '').replace(/\.\d{3}Z$/, 'Z');
-}
-function buildCalendarLinks({ rid, uid, itemNames, pickupAddress, startYmd, endYmd }) {
-  const sig = signCalendarLink('reservation', String(rid), Number(uid) || 0);
-  const icsUrl = `${baseUrl()}/plugins/calendar-onekite/ics/reservation/${encodeURIComponent(String(rid))}?uid=${encodeURIComponent(String(uid || 0))}&sig=${encodeURIComponent(sig)}`;
-  const title = (Array.isArray(itemNames) && itemNames.length) ? `Location - ${itemNames.join(', ')}` : 'Location';
-  const gcal = new URL('https://calendar.google.com/calendar/render');
-  gcal.searchParams.set('action', 'TEMPLATE');
-  gcal.searchParams.set('text', title);
-  gcal.searchParams.set('dates', `${ymdToCompact(startYmd)}/${ymdToCompact(endYmd)}`);
-  if (pickupAddress) gcal.searchParams.set('location', String(pickupAddress));
-  return { icsUrl, googleCalUrl: gcal.toString() };
-}
-
-function buildHelloAssoItemName(baseLabel, itemNames, start, end) {
-  const base = String(baseLabel || 'Réservation matériel Onekite').trim();
-  const items = Array.isArray(itemNames) ? itemNames.map((s) => String(s || '').trim()).filter(Boolean) : [];
-  const range = (start && end) ? `Du ${formatFR(start)} au ${formatFR(end)}` : '';
-  const lines = [base];
-  items.forEach((it) => lines.push(`• ${it}`));
-  if (range) lines.push(range);
-  let out = lines.join('\n').trim();
-  if (out.length > 250) {
-    out = out.slice(0, 249).trimEnd() + '…';
-  }
-  return out;
-}
-
-async function sendEmail(template, uid, subject, data) {
-  const toUid = Number.isInteger(uid) ? uid : (uid ? parseInt(uid, 10) : NaN);
-  if (!Number.isInteger(toUid) || toUid <= 0) return;
-
-  const params = Object.assign({}, data || {}, subject ? { subject } : {});
-
-  try {
-    if (typeof emailer.send !== 'function') return;
-    // NodeBB 4.x: send(template, uid, params)
-    // Do NOT branch on function.length (unreliable once wrapped/bound).
-    await emailer.send(template, toUid, params);
-  } catch (err) {
-    console.warn('[calendar-onekite] Failed to send email', {
-      template,
-      uid: toUid,
-      err: err && err.message ? err.message : String(err),
-    });
-  }
-}
-
-function normalizeCallbackUrl(configured, meta) {
-  const base = (meta && meta.config && (meta.config.url || meta.config['url'])) ? (meta.config.url || meta.config['url']) : '';
-  let url = (configured || '').trim();
-  if (!url) {
-    url = base ? `${base}/helloasso` : '';
-  }
-  if (url && url.startsWith('/') && base) {
-    url = `${base}${url}`;
-  }
-  return url;
-}
+const shared = require('./shared');
+const {
+  forumBaseUrl,
+  formatFR,
+  sendEmail,
+  buildCalendarLinks,
+  buildHelloAssoItemName,
+  normalizeCallbackUrl,
+  normalizeReturnUrl,
+  calendarDaysExclusiveYmd,
+  yearFromTs,
+  autoFormSlugForYear,
+} = shared;
 
-function normalizeReturnUrl(meta) {
-  const base = (meta && meta.config && (meta.config.url || meta.config['url'])) ? (meta.config.url || meta.config['url']) : '';
-  const b = String(base || '').trim().replace(/\/$/, '');
-  if (!b) return '';
-  return `${b}/calendar`;
-}
+// Kept for local compatibility in accounting helper
+function baseUrl() { return forumBaseUrl(); }
 
 
 const dbLayer = require('./db');
@@ -182,9 +111,6 @@ admin.approveReservation = async function (req, res) {
     clientId: settings.helloassoClientId,
     clientSecret: settings.helloassoClientSecret,
   });
-        if (!token) {
-
-        }
 
   let paymentUrl = null;
   if (token) {
@@ -231,9 +157,6 @@ admin.approveReservation = async function (req, res) {
 
   await dbLayer.saveReservation(r);
 
-  // Real-time refresh for all viewers
-  realtime.emitCalendarUpdated({ kind: 'reservation', action: 'refused', rid: String(rid), status: r.status });
-
   // Real-time refresh for all viewers
   realtime.emitCalendarUpdated({ kind: 'reservation', action: 'approved', rid: String(rid), status: r.status });
 
@@ -500,28 +423,7 @@ admin.getAccounting = async function (req, res) {
   let paidCount = 0;
   let grandTotal = 0;
 
-  // Helper: calendar-day difference (end exclusive) from YYYY-MM-DD strings (UTC midnights).
-  const calendarDaysExclusiveYmd = (startYmd, endYmd) => {
-    try {
-      const s = String(startYmd || '').trim();
-      const e = String(endYmd || '').trim();
-      if (!/^\d{4}-\d{2}-\d{2}$/.test(s) || !/^\d{4}-\d{2}-\d{2}$/.test(e)) return null;
-      const [sy, sm, sd] = s.split('-').map((x) => parseInt(x, 10));
-      const [ey, em, ed] = e.split('-').map((x) => parseInt(x, 10));
-      const sUtc = Date.UTC(sy, sm - 1, sd);
-      const eUtc = Date.UTC(ey, em - 1, ed);
-      const diff = Math.floor((eUtc - sUtc) / (24 * 60 * 60 * 1000));
-      return Math.max(1, diff);
-    } catch (e) {
-      return null;
-    }
-  };
-
-  const yearFromTs = (ts) => {
-    const d = new Date(Number(ts));
-    return Number.isFinite(d.getTime()) ? d.getFullYear() : new Date().getFullYear();
-  };
-  const formSlugForYear = (y) => `locations-materiel-${y}`;
+  // calendarDaysExclusiveYmd, yearFromTs, autoFormSlugForYear imported from shared.js
 
   // Cache HelloAsso catalog price lookups by year to compute *per-item* totals.
   // This prevents a bug where the full reservation total was previously counted on every item line.
@@ -555,7 +457,7 @@ admin.getAccounting = async function (req, res) {
         token: tokenCache,
         organizationSlug: settingsCache.helloassoOrganizationSlug,
         formType: settingsCache.helloassoFormType,
-        formSlug: formSlugForYear(y),
+        formSlug: autoFormSlugForYear(y),
       });
       const byId = new Map((catalog || []).map((it) => [String(it.id), (typeof it.price === 'number' ? it.price : 0)]));
       catalogByYear.set(y, byId);

package/lib/api.js

@@ -9,7 +9,7 @@ const groups = require.main.require('./src/groups');
 const dbLayer = require('./db');
 const { getSettings } = require('./settings');
 
-const nb = require("./nodebb-helpers");
+const shared = require('./shared');
 const {
   normalizeAllowedGroups,
   normalizeUids,
@@ -19,33 +19,25 @@ const {
   sendEmail,
   normalizeUidList,
   usernamesByUids,
-} = nb;
+  formatFR,
+  calendarDaysExclusiveYmd,
+  yearFromTs,
+  autoCreatorGroupForYear,
+  autoFormSlugForYear,
+  normalizeCallbackUrl,
+  normalizeReturnUrl,
+  buildHelloAssoItemName,
+  buildCalendarLinks,
+  signCalendarLink,
+  ymdToCompact,
+  dtToGCalUtc,
+} = shared;
 
 const helloasso = require('./helloasso');
 const discord = require('./discord');
 const realtime = require('./realtime');
 
-function normalizeCallbackUrl(configured, meta) {
-  const base = forumBaseUrl();
-  let url = (configured || '').trim();
-  if (!url) {
-    // Default webhook endpoint (recommended): namespaced under /plugins
-    url = base ? `${base}/plugins/calendar-onekite/helloasso` : '';
-  }
-  if (url && url.startsWith('/') && base) {
-    url = `${base}${url}`;
-  }
-  // Ensure scheme for absolute URLs
-  if (url && !/^https?:\/\//i.test(url)) {
-    url = `https://${url.replace(/^\/\//, '')}`;
-  }
-  return url;
-}
-
-function normalizeReturnUrl(meta) {
-  const base = forumBaseUrl();
-  return base ? `${base}/calendar` : '';
-}
+// normalizeCallbackUrl and normalizeReturnUrl are imported from shared.js
 
 
 function overlap(aStart, aEnd, bStart, bEnd) {
@@ -53,28 +45,7 @@ function overlap(aStart, aEnd, bStart, bEnd) {
 }
 
 
-function buildHelloAssoItemName(baseLabel, itemNames, start, end) {
-  const base = String(baseLabel || '').trim();
-  const items = Array.isArray(itemNames) ? itemNames.map((s) => String(s || '').trim()).filter(Boolean) : [];
-  const range = (start && end) ? ('Du ' + formatFR(start) + ' au ' + formatFR(end)) : '';
-
-  // IMPORTANT:
-  // On the public HelloAsso checkout page, line breaks are not always rendered consistently.
-  // Build a single-line label using bullet separators.
-  let out = '';
-  if (base) out += base;
-  if (items.length) out += (out ? ' — ' : '') + items.map((it) => '• ' + it).join(' ');
-  if (range) out += (out ? ' — ' : '') + range;
-
-  out = String(out || '').trim();
-  if (!out) out = 'Réservation matériel';
-
-  // HelloAsso constraint: itemName max 250 chars
-  if (out.length > 250) {
-    out = out.slice(0, 249).trimEnd() + '…';
-  }
-  return out;
-}
+// buildHelloAssoItemName is imported from shared.js
 
 function toTs(v) {
   if (v === undefined || v === null || v === '') return NaN;
@@ -109,41 +80,8 @@ function toTs(v) {
   return d.getTime();
 }
 
-// Calendar-day difference (end exclusive) computed purely from Y/M/D.
-// Uses UTC midnights to avoid any dependency on local timezone or DST.
-function calendarDaysExclusiveYmd(startYmd, endYmd) {
-  try {
-    const m1 = /^\d{4}-\d{2}-\d{2}$/.exec(String(startYmd || '').trim());
-    const m2 = /^\d{4}-\d{2}-\d{2}$/.exec(String(endYmd || '').trim());
-    if (!m1 || !m2) return null;
-    const [sy, sm, sd] = startYmd.split('-').map((x) => parseInt(x, 10));
-    const [ey, em, ed] = endYmd.split('-').map((x) => parseInt(x, 10));
-    const sUtc = Date.UTC(sy, sm - 1, sd);
-    const eUtc = Date.UTC(ey, em - 1, ed);
-    const diff = Math.floor((eUtc - sUtc) / (24 * 60 * 60 * 1000));
-    return Math.max(1, diff);
-  } catch (e) {
-    return null;
-  }
-}
-
-function yearFromTs(ts) {
-  const d = new Date(Number(ts));
-  return Number.isFinite(d.getTime()) ? d.getFullYear() : new Date().getFullYear();
-}
-
-function autoCreatorGroupForYear(year) {
-  return `onekite-ffvl-${year}`;
-}
-
-
-// (removed) group slug/name resolving helpers: we now use userInAnyGroup() which
-// matches both slugs and names and avoids extra DB lookups.
-
-
-function autoFormSlugForYear(year) {
-  return `locations-materiel-${year}`;
-}
+// calendarDaysExclusiveYmd, yearFromTs, autoCreatorGroupForYear, autoFormSlugForYear
+// are imported from shared.js
 
 async function canRequest(uid, settings, startTs) {
   if (!uid) return false;
@@ -188,14 +126,11 @@ async function canValidate(uid, settings) {
     if (isAdmin) return true;
 
     // NodeBB has a built-in "Global Moderators" group (slug can vary by install/version).
-    // Allow them as validators as well.
     const globalModeratorCandidates = ['global-moderators', 'Global Moderators', 'global moderators'];
-    for (const g of globalModeratorCandidates) {
-      try {
-        // eslint-disable-next-line no-await-in-loop
-        if (await groups.isMember(uid, g)) return true;
-      } catch (e) {}
-    }
+    const checks = await Promise.all(
+      globalModeratorCandidates.map((g) => groups.isMember(uid, g).catch(() => false))
+    );
+    if (checks.some(Boolean)) return true;
   } catch (e) {}
 
   const allowed = normalizeAllowedGroups(settings.validatorGroups || '');
@@ -250,20 +185,9 @@ async function canCreateSpecial(uid, settings) {
 
 /**
  * Determines if a user can join or leave special events as a participant.
- * 
- * This permission is intentionally permissive: any authenticated user can participate
- * in special events, regardless of group membership. This differs from creation/deletion
- * permissions which remain restricted to specific groups.
- * 
- * @param {number|string} uid - The user ID. Falsy values (0, null, undefined, '') indicate guest/unauthenticated users.
- * @param {Object} settings - Plugin settings (unused but kept for API consistency with other permission functions).
- * @returns {boolean} True if the user can join/leave special events (i.e., is authenticated).
- * 
- * @since 1.0.0 Modified to allow all authenticated users (previously restricted to specific groups)
+ * Any authenticated user can participate in special events.
  */
-async function canJoinSpecial(uid, settings) {
-  // Any authenticated user (non-zero uid) can participate in special events.
-  // The !! coercion converts truthy values to true, falsy to false.
+function canJoinSpecial(uid, _settings) {
   return !!uid;
 }
 
@@ -437,78 +361,10 @@ function eventsForOuting(o) {
 
 const api = {};
 
-// --------------------
-// Calendar export helpers (ICS / Google Calendar template link)
-// --------------------
+// baseUrl, hmacSecret, signCalendarLink, ymdToCompact, dtToGCalUtc,
+// buildCalendarLinks are imported from shared.js
 function baseUrl() {
-  try {
-    return String(nconf.get('url') || '').replace(/\/$/, '');
-  } catch (e) {
-    return '';
-  }
-}
-
-function hmacSecret() {
-  // Prefer NodeBB's instance secret if present.
-  try {
-    const s = String(nconf.get('secret') || '').trim();
-    if (s) return s;
-  } catch (e) {}
-  // Fallback: still deterministic per instance.
-  return 'calendar-onekite';
-}
-
-function signCalendarLink(type, id, uid) {
-  try {
-    const msg = `${String(type)}:${String(id)}:${String(uid || 0)}`;
-    return crypto.createHmac('sha256', hmacSecret()).update(msg).digest('hex');
-  } catch (e) {
-    return '';
-  }
-}
-
-function ymdToCompact(ymd) {
-  return String(ymd || '').replace(/-/g, '');
-}
-
-function dtToGCalUtc(dt) {
-  const d = (dt instanceof Date) ? dt : new Date(dt);
-  const iso = d.toISOString().replace(/[-:]/g, '').replace(/\.\d{3}Z$/, 'Z');
-  // 20260116T120000Z style
-  return iso;
-}
-
-function buildCalendarLinks(opts) {
-  const type = String(opts.type || '').trim();
-  const id = String(opts.id || '').trim();
-  const uid = Number(opts.uid) || 0;
-  const title = String(opts.title || '').trim() || 'Évènement';
-  const details = String(opts.details || '').trim();
-  const location = String(opts.location || '').trim();
-  const isAllDay = !!opts.allDay;
-
-  // Signed ICS URL (public, but protected by signature for reservations).
-  const sig = signCalendarLink(type, id, uid);
-  const icsPath = `/plugins/calendar-onekite/ics/${encodeURIComponent(type)}/${encodeURIComponent(id)}?uid=${encodeURIComponent(String(uid))}&sig=${encodeURIComponent(sig)}`;
-  const icsUrl = `${baseUrl()}${icsPath}`;
-
-  // Google Calendar template URL.
-  // docs: action=TEMPLATE&text=...&dates=...&details=...&location=...
-  let dates = '';
-  if (isAllDay) {
-    // Google expects exclusive end date for all-day ranges.
-    dates = `${ymdToCompact(opts.startYmd)}/${ymdToCompact(opts.endYmd)}`;
-  } else {
-    dates = `${dtToGCalUtc(opts.start)}/${dtToGCalUtc(opts.end)}`;
-  }
-  const gcal = new URL('https://calendar.google.com/calendar/render');
-  gcal.searchParams.set('action', 'TEMPLATE');
-  gcal.searchParams.set('text', title);
-  if (dates) gcal.searchParams.set('dates', dates);
-  if (details) gcal.searchParams.set('details', details);
-  if (location) gcal.searchParams.set('location', location);
-
-  return { icsUrl, googleCalUrl: gcal.toString() };
+  return forumBaseUrl();
 }
 
 function computeEtag(payload) {
@@ -531,10 +387,15 @@ api.getEvents = async function (req, res) {
   const endTs = toTs(qEndRaw) || (Date.now() + 365 * 24 * 3600 * 1000);
 
   const settings = await getSettings();
-  const canMod = req.uid ? await canValidate(req.uid, settings) : false;
+  // Parallelize independent permission checks
+  const [canMod, canSpecialCreate, canSpecialDelete] = req.uid
+    ? await Promise.all([
+        canValidate(req.uid, settings),
+        canCreateSpecial(req.uid, settings),
+        canDeleteSpecial(req.uid, settings),
+      ])
+    : [false, false, false];
   const widgetMode = String((req.query && req.query.widget) || '') === '1';
-  const canSpecialCreate = req.uid ? await canCreateSpecial(req.uid, settings) : false;
-  const canSpecialDelete = req.uid ? await canDeleteSpecial(req.uid, settings) : false;
 
   // Fetch a wider window because an event can start before the query range
   // and still overlap.
@@ -900,14 +761,30 @@ api.leaveSpecialEvent = async function (req, res) {
 api.getCapabilities = async function (req, res) {
   const settings = await getSettings();
   const uid = req.uid || 0;
-  const canMod = uid ? await canValidate(uid, settings) : false;
+  if (!uid) {
+    return res.json({
+      canModerate: false,
+      canCreateSpecial: false,
+      canDeleteSpecial: false,
+      canCreateOuting: false,
+      canCreateReservation: false,
+      specialEventCategoryCid: 0,
+    });
+  }
+  const [canMod, canSpecialC, canSpecialD, canOuting, canRes] = await Promise.all([
+    canValidate(uid, settings),
+    canCreateSpecial(uid, settings),
+    canDeleteSpecial(uid, settings),
+    canRequest(uid, settings, Date.now()),
+    canRequest(uid, settings, Date.now()),
+  ]);
   res.json({
     canModerate: canMod,
-    canCreateSpecial: uid ? await canCreateSpecial(uid, settings) : false,
-    canDeleteSpecial: uid ? await canDeleteSpecial(uid, settings) : false,
-    // Outings share the same rights as reservations/locations.
-    canCreateOuting: uid ? await canRequest(uid, settings, Date.now()) : false,
-    canCreateReservation: uid ? await canRequest(uid, settings, Date.now()) : false,
+    canCreateSpecial: canSpecialC,
+    canDeleteSpecial: canSpecialD,
+    canCreateOuting: canOuting,
+    canCreateReservation: canRes,
+    specialEventCategoryCid: parseInt(settings && settings.specialEventCategoryId, 10) || 0,
   });
 };
 
@@ -940,6 +817,7 @@ api.createSpecialEvent = async function (req, res) {
   const notes = String((req.body && req.body.notes) || '').trim();
   const lat = String((req.body && req.body.lat) || '').trim();
   const lon = String((req.body && req.body.lon) || '').trim();
+  const content = String((req.body && req.body.content) || '').trim();
 
   const u = await user.getUserFields(req.uid, ['username']);
   const eid = crypto.randomUUID();
@@ -952,6 +830,7 @@ api.createSpecialEvent = async function (req, res) {
     notes,
     lat,
     lon,
+    content,
     uid: String(req.uid),
     username: u && u.username ? String(u.username) : '',
     createdAt: String(Date.now()),
@@ -966,7 +845,8 @@ api.createSpecialEvent = async function (req, res) {
 
   // Real-time refresh for all viewers
   realtime.emitCalendarUpdated({ kind: 'specialEvent', action: 'created', eid: ev.eid });
-  res.json({ ok: true, eid });
+  const categoryCid = parseInt(settings && settings.specialEventCategoryId, 10) || 0;
+  res.json({ ok: true, eid, categoryCid });
 };
 
 api.deleteSpecialEvent = async function (req, res) {
@@ -1219,10 +1099,6 @@ api.getItems = async function (req, res) {
     clientId: settings.helloassoClientId,
     clientSecret: settings.helloassoClientSecret,
   });
-    if (!token) {
-
-    }
-
   if (!token) {
     return res.json([]);
   }
@@ -1594,8 +1470,8 @@ api.approveReservation = async function (req, res) {
       payerEmail: payer && payer.email ? payer.email : '',
       // By default, point to the forum base url so the webhook hits this NodeBB instance.
       // Can be overridden via ACP setting `helloassoCallbackUrl`.
-      callbackUrl: normalizeReturnUrl(meta),
-      webhookUrl: normalizeCallbackUrl(settings2.helloassoCallbackUrl, meta),
+      callbackUrl: normalizeReturnUrl(),
+      webhookUrl: normalizeCallbackUrl(settings2.helloassoCallbackUrl),
       itemName: buildHelloAssoItemName('', r.itemNames || (r.itemName ? [r.itemName] : []), r.start, r.end),
       containsDonation: false,
       metadata: {

package/lib/db.js

@@ -123,9 +123,12 @@ async function setAllMaintenance(enabled, itemIds) {
     return { count: 0 };
   }
   const ids = Array.isArray(itemIds) ? itemIds.map(String).filter(Boolean) : [];
-  // Add back all ids
-  for (const id of ids) {
-    await db.sortedSetAdd(KEY_MAINTENANCE_ZSET, 0, id);
+  if (!ids.length) return { count: 0 };
+  // Batch add: use sortedSetsAdd if available, otherwise Promise.all
+  if (typeof db.sortedSetAddBulk === 'function') {
+    await db.sortedSetAddBulk(ids.map((id) => [KEY_MAINTENANCE_ZSET, 0, id]));
+  } else {
+    await Promise.all(ids.map((id) => db.sortedSetAdd(KEY_MAINTENANCE_ZSET, 0, id)));
   }
   return { count: ids.length };
 }

package/lib/discord.js

@@ -2,6 +2,7 @@
 
 const https = require('https');
 const { URL } = require('url');
+const { formatFRShort } = require('./shared');
 
 function isEnabled(v, defaultValue) {
   if (v === undefined || v === null || v === '') return defaultValue !== false;
@@ -11,13 +12,7 @@ function isEnabled(v, defaultValue) {
   return defaultValue !== false;
 }
 
-function formatFRShort(ts) {
-  const d = new Date(ts);
-  const dd = String(d.getDate()).padStart(2, '0');
-  const mm = String(d.getMonth() + 1).padStart(2, '0');
-  const yy = String(d.getFullYear()).slice(-2);
-  return `${dd}/${mm}/${yy}`;
-}
+// formatFRShort imported from shared.js
 
 function postWebhook(webhookUrl, payload) {
   return new Promise((resolve, reject) => {

package/lib/helloassoWebhook.js

@@ -11,44 +11,30 @@ const dbLayer = require('./db');
 const helloasso = require('./helloasso');
 const discord = require('./discord');
 const realtime = require('./realtime');
-const { formatFR } = require('./utils');
+const shared = require('./shared');
+const { formatFR, forumBaseUrl, sendEmail, buildCalendarLinks, signCalendarLink, ymdToCompact } = shared;
 
-function baseUrl() {
-  try { return String(nconf.get('url') || '').replace(/\/$/, ''); } catch (e) { return ''; }
-}
-
-function hmacSecret() {
-  try {
-    const s = String(nconf.get('secret') || '').trim();
-    if (s) return s;
-  } catch (e) {}
-  return 'calendar-onekite';
-}
-
-function signCalendarLink(type, id, uid) {
-  try {
-    return crypto.createHmac('sha256', hmacSecret()).update(`${String(type)}:${String(id)}:${String(uid || 0)}`).digest('hex');
-  } catch (e) { return ''; }
-}
+function baseUrl() { return forumBaseUrl(); }
 
-function ymdToCompact(ymd) { return String(ymd || '').replace(/-/g, ''); }
 
 function buildReservationCalendarLinks(r) {
-  const rid = String(r && r.rid ? r.rid : '');
-  const uid = Number(r && r.uid) || 0;
-  const sig = signCalendarLink('reservation', rid, uid);
-  const icsUrl = `${baseUrl()}/plugins/calendar-onekite/ics/reservation/${encodeURIComponent(rid)}?uid=${encodeURIComponent(String(uid))}&sig=${encodeURIComponent(sig)}`;
-  const startYmd = (r.startDate && /^\d{4}-\d{2}-\d{2}$/.test(String(r.startDate))) ? String(r.startDate) : new Date(parseInt(r.start, 10)).toISOString().slice(0, 10);
-  const endYmd = (r.endDate && /^\d{4}-\d{2}-\d{2}$/.test(String(r.endDate))) ? String(r.endDate) : new Date(parseInt(r.end, 10)).toISOString().slice(0, 10);
+  const startYmd = (r.startDate && /^\d{4}-\d{2}-\d{2}$/.test(String(r.startDate)))
+    ? String(r.startDate)
+    : new Date(parseInt(r.start, 10)).toISOString().slice(0, 10);
+  const endYmd = (r.endDate && /^\d{4}-\d{2}-\d{2}$/.test(String(r.endDate)))
+    ? String(r.endDate)
+    : new Date(parseInt(r.end, 10)).toISOString().slice(0, 10);
   const itemNames = Array.isArray(r.itemNames) ? r.itemNames : (r.itemName ? [r.itemName] : []);
-  const title = itemNames.length ? `Location - ${itemNames.join(', ')}` : 'Location';
-  const gcal = new URL('https://calendar.google.com/calendar/render');
-  gcal.searchParams.set('action', 'TEMPLATE');
-  gcal.searchParams.set('text', title);
-  gcal.searchParams.set('dates', `${ymdToCompact(startYmd)}/${ymdToCompact(endYmd)}`);
-  if (r.pickupAddress) gcal.searchParams.set('location', String(r.pickupAddress));
-  if (r.notes) gcal.searchParams.set('details', String(r.notes));
-  return { icsUrl, googleCalUrl: gcal.toString() };
+  return buildCalendarLinks({
+    type: 'reservation',
+    id: String(r.rid || ''),
+    uid: Number(r.uid) || 0,
+    itemNames,
+    pickupAddress: r.pickupAddress || '',
+    allDay: true,
+    startYmd,
+    endYmd,
+  });
 }
 
 async function auditLog(action, actorUid, payload) {
@@ -72,22 +58,7 @@ const SETTINGS_KEY = 'calendar-onekite';
 // Replay protection: store processed payment ids.
 const PROCESSED_KEY = 'calendar-onekite:helloasso:processedPayments';
 
-async function sendEmail(template, uid, subject, data) {
-  const toUid = Number.isInteger(uid) ? uid : (uid ? parseInt(uid, 10) : NaN);
-  if (!Number.isInteger(toUid) || toUid <= 0) return;
-  try {
-    const emailer = require.main.require('./src/emailer');
-    if (typeof emailer.send !== 'function') return;
-    const params = Object.assign({}, data || {}, subject ? { subject } : {});
-    // NodeBB 4.x: send(template, uid, params)
-    // Do NOT branch on function.length: it is unreliable once wrapped/bound and
-    // can lead to params being dropped (empty email bodies / missing subjects).
-    await emailer.send(template, toUid, params);
-  } catch (err) {
-    // eslint-disable-next-line no-console
-    console.warn('[calendar-onekite] Failed to send email (webhook)', { template, uid: toUid, err: String((err && err.message) || err) });
-  }
-}
+// sendEmail imported from shared.js
 
 function getReservationIdFromPayload(payload) {
   try {