tango-app-api-payment-subscription 3.4.4 → 3.5.0

package/src/controllers/brandsBilling.controller.js

@@ -4,6 +4,9 @@ import * as billingService from '../services/billing.service.js';
 import * as dailyPriceService from '../services/dailyPrice.service.js';
 import dayjs from 'dayjs';
 import { logger, checkFileExist, signedUrl, download, insertOpenSearchData } from 'tango-app-api-middleware';
+import * as XLSX from 'xlsx';
+import ExcelJS from 'exceljs';
+import { bulkUpdateBillingGroupRowSchema } from '../dtos/validation.dtos.js';
 
 export async function brandsBillingList( req, res ) {
   try {
@@ -269,13 +272,23 @@ export async function brandInvoiceList( req, res ) {
               {
                 $match: {
                   $expr: {
-                    $eq: [ '$_id', '$$groupId' ],
+                    $eq: [
+                      '$_id',
+                      {
+                        $cond: [
+                          { $eq: [ { $type: '$$groupId' }, 'objectId' ] },
+                          '$$groupId',
+                          { $convert: { input: '$$groupId', to: 'objectId', onError: null, onNull: null } },
+                        ],
+                      },
+                    ],
                   },
                 },
               },
               {
                 $project: {
                   groupName: 1,
+                  registeredCompanyName: 1,
                   stores: { $size: { $ifNull: [ '$stores', [] ] } },
                 },
               },
@@ -303,6 +316,7 @@ export async function brandInvoiceList( req, res ) {
             dueDate: 1,
             products: 1,
             billingGroupStores: '$billingGroup.stores',
+            registeredCompanyName: '$billingGroup.registeredCompanyName',
           },
         },
     );
@@ -335,7 +349,7 @@ export async function brandInvoiceList( req, res ) {
     let summary = {
       totalInvoices: allInvoices.length,
       totalInvoiced: allInvoices.reduce( ( sum, inv ) => sum + ( inv.totalAmount || 0 ), 0 ),
-      pendingApproval: allInvoices.filter( ( inv ) => inv.status === 'pending' ).length,
+      pendingApproval: allInvoices.filter( ( inv ) => [ 'pendingCsm', 'pendingFinance', 'pendingApproval' ].includes( inv.status ) ).length,
       pendingPayment: allInvoices.filter( ( inv ) => inv.paymentStatus === 'unpaid' && inv.status === 'approved' ).length,
       paid: allInvoices.filter( ( inv ) => inv.paymentStatus === 'paid' ).length,
     };
@@ -350,7 +364,7 @@ export async function brandInvoiceList( req, res ) {
           'Generated': dayjs( element.billingDate ).format( 'DD MMM YYYY' ),
           'No of Stores': element.stores,
           'Amount': element.totalAmount,
-          'Status': element.status === 'pending' ? 'Pending Approval' : element.paymentStatus === 'unpaid' ? 'Pending Payment' : 'Paid',
+          'Status': [ 'pendingCsm', 'pendingFinance', 'pendingApproval' ].includes( element.status ) ? 'Pending Approval' : element.paymentStatus === 'unpaid' ? 'Pending Payment' : 'Paid',
         } );
       } );
       await download( exportdata, res );
@@ -706,3 +720,368 @@ export async function getClientBillingInfo( req, res ) {
     return res.sendError( error, 500 );
   }
 }
+
+const COLUMN_HEADERS = [
+  '_id (read-only)',
+  'Client ID (read-only)',
+  'Brand (read-only)',
+  'Group Name',
+  'Group Tag',
+  'Registered Company Name',
+  'GST',
+  'Address Line 1',
+  'Address Line 2',
+  'City',
+  'State',
+  'Country',
+  'Pin Code',
+  'Place Of Supply',
+  'PO #',
+  'Pro-Rata',
+  'Payment Category',
+  'Currency',
+  'Payment Cycle',
+  'Payment Term (days)',
+  'Installation Fee',
+  'Is Installation One-Time',
+  'Attach Annexure',
+  'Advance Invoice',
+  'Is Primary (read-only)',
+  'Stores (count, read-only)',
+  'Invoice Receivers (count, read-only)',
+];
+
+const COLUMN_WIDTHS = [
+  28, 14, 24, 22, 12, 28, 18, 22, 22, 16, 16, 16, 12, 20, 14, 14, 18, 12, 16, 18, 16, 22, 18, 16, 18, 20, 28,
+];
+
+function boolToYesNo( v ) {
+  return v === true ? 'Yes' : 'No';
+}
+
+function yesNoToBool( v ) {
+  if ( typeof v === 'boolean' ) return v;
+  if ( v === undefined || v === null || v === '' ) return undefined;
+  const s = String( v ).trim().toLowerCase();
+  if ( [ 'yes', 'y', 'true', '1' ].includes( s ) ) return true;
+  if ( [ 'no', 'n', 'false', '0' ].includes( s ) ) return false;
+  return undefined;
+}
+
+function trimOrEmpty( v ) {
+  if ( v === undefined || v === null ) return '';
+  return String( v ).trim();
+}
+
+function numberOrUndefined( v ) {
+  if ( v === undefined || v === null || v === '' ) return undefined;
+  const n = Number( v );
+  return Number.isFinite( n ) ? n : NaN;
+}
+
+function normalizeRow( rawRow ) {
+  return {
+    _id: trimOrEmpty( rawRow['_id (read-only)'] ),
+    groupName: trimOrEmpty( rawRow['Group Name'] ),
+    groupTag: trimOrEmpty( rawRow['Group Tag'] ),
+    registeredCompanyName: trimOrEmpty( rawRow['Registered Company Name'] ),
+    gst: trimOrEmpty( rawRow['GST'] ),
+    addressLineOne: trimOrEmpty( rawRow['Address Line 1'] ),
+    addressLineTwo: trimOrEmpty( rawRow['Address Line 2'] ),
+    city: trimOrEmpty( rawRow['City'] ),
+    state: trimOrEmpty( rawRow['State'] ),
+    country: trimOrEmpty( rawRow['Country'] ),
+    pinCode: trimOrEmpty( rawRow['Pin Code'] ),
+    placeOfSupply: trimOrEmpty( rawRow['Place Of Supply'] ),
+    po: trimOrEmpty( rawRow['PO #'] ),
+    proRata: trimOrEmpty( rawRow['Pro-Rata'] ),
+    paymentCategory: trimOrEmpty( rawRow['Payment Category'] ),
+    currency: trimOrEmpty( rawRow['Currency'] ),
+    paymentCycle: trimOrEmpty( rawRow['Payment Cycle'] ),
+    paymentTerm: numberOrUndefined( rawRow['Payment Term (days)'] ),
+    installationFee: numberOrUndefined( rawRow['Installation Fee'] ),
+    isInstallationOneTime: yesNoToBool( rawRow['Is Installation One-Time'] ),
+    attachAnnexure: yesNoToBool( rawRow['Attach Annexure'] ),
+    advanceInvoice: yesNoToBool( rawRow['Advance Invoice'] ),
+  };
+}
+
+export async function bulkDownloadBillingGroups( req, res ) {
+  try {
+    const clientId = req.query?.clientId;
+    if ( !clientId ) {
+      return res.sendError( 'clientId query parameter is required', 400 );
+    }
+
+    const groups = await billingService.aggregatebilling( [
+      { $match: { clientId } },
+      { $lookup: {
+        from: 'clientpayments',
+        localField: 'clientId',
+        foreignField: 'clientId',
+        as: '_client',
+      } },
+      { $unwind: { path: '$_client', preserveNullAndEmptyArrays: true } },
+      { $sort: { groupName: 1 } },
+    ] );
+
+    const rows = groups.map( ( g ) => ( {
+      [COLUMN_HEADERS[0]]: String( g._id || '' ),
+      [COLUMN_HEADERS[1]]: g.clientId || '',
+      [COLUMN_HEADERS[2]]: g._client?.clientName || '',
+      [COLUMN_HEADERS[3]]: g.groupName || '',
+      [COLUMN_HEADERS[4]]: g.groupTag || '',
+      [COLUMN_HEADERS[5]]: g.registeredCompanyName || '',
+      [COLUMN_HEADERS[6]]: g.gst || '',
+      [COLUMN_HEADERS[7]]: g.addressLineOne || '',
+      [COLUMN_HEADERS[8]]: g.addressLineTwo || '',
+      [COLUMN_HEADERS[9]]: g.city || '',
+      [COLUMN_HEADERS[10]]: g.state || '',
+      [COLUMN_HEADERS[11]]: g.country || '',
+      [COLUMN_HEADERS[12]]: g.pinCode || '',
+      [COLUMN_HEADERS[13]]: g.placeOfSupply || '',
+      [COLUMN_HEADERS[14]]: g.po || '',
+      [COLUMN_HEADERS[15]]: g.proRata || '',
+      [COLUMN_HEADERS[16]]: g.paymentCategory || '',
+      [COLUMN_HEADERS[17]]: g.currency || '',
+      [COLUMN_HEADERS[18]]: g.paymentCycle || '',
+      [COLUMN_HEADERS[19]]: g.paymentTerm ?? '',
+      [COLUMN_HEADERS[20]]: g.installationFee ?? '',
+      [COLUMN_HEADERS[21]]: boolToYesNo( g.isInstallationOneTime ),
+      [COLUMN_HEADERS[22]]: boolToYesNo( g.attachAnnexure ),
+      [COLUMN_HEADERS[23]]: boolToYesNo( g.advanceInvoice ),
+      [COLUMN_HEADERS[24]]: boolToYesNo( g.isPrimary ),
+      [COLUMN_HEADERS[25]]: Array.isArray( g.stores ) ? g.stores.length : 0,
+      [COLUMN_HEADERS[26]]: Array.isArray( g.generateInvoiceTo ) ? g.generateInvoiceTo.length : 0,
+    } ) );
+
+    // Build the workbook with ExcelJS so cell protection is actually written
+    // to the file (the community xlsx build strips per-cell styles on write).
+    // Read-only columns by index: 0 (_id), 1 (Client ID), 2 (Brand),
+    //                              24 (Is Primary), 25 (Stores count),
+    //                              26 (Invoice Receivers count).
+    const READ_ONLY_COLS = new Set( [ 0, 1, 2, 24, 25, 26 ] );
+    const wb = new ExcelJS.Workbook();
+    const ws = wb.addWorksheet( 'Billing Groups' );
+    ws.columns = COLUMN_HEADERS.map( ( header, i ) => ( {
+      header,
+      key: `c${i}`,
+      width: COLUMN_WIDTHS[i],
+    } ) );
+    // Header row: bold, locked (cosmetic — protection blocks edits anyway).
+    ws.getRow( 1 ).font = { bold: true };
+    // Add data rows.
+    for ( const r of rows ) {
+      const values = {};
+      COLUMN_HEADERS.forEach( ( h, i ) => {
+        values[`c${i}`] = r[h];
+      } );
+      ws.addRow( values );
+    }
+    // Set per-cell protection on every cell (header + data).
+    // Note: ExcelJS defaults `locked: true`; we explicitly unlock editable cells.
+    const lastRow = ws.lastRow ? ws.lastRow.number : 1;
+    for ( let r = 1; r <= lastRow; r++ ) {
+      for ( let c = 1; c <= COLUMN_HEADERS.length; c++ ) {
+        const cell = ws.getCell( r, c );
+        cell.protection = { locked: READ_ONLY_COLS.has( c - 1 ) };
+      }
+    }
+    // Enable sheet protection with no password. Users can click
+    // Review → Unprotect Sheet to override (no password prompt).
+    await ws.protect( '', {
+      selectLockedCells: true,
+      selectUnlockedCells: true,
+      formatCells: false,
+      formatColumns: false,
+      formatRows: false,
+      insertColumns: false,
+      insertRows: false,
+      insertHyperlinks: false,
+      deleteColumns: false,
+      deleteRows: false,
+      sort: false,
+      autoFilter: false,
+      pivotTables: false,
+    } );
+    const buf = await wb.xlsx.writeBuffer();
+
+    const filename = `billing-groups-${dayjs().format( 'YYYY-MM-DD' )}.xlsx`;
+    res.set( 'Content-Type', 'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet' );
+    res.set( 'Content-Disposition', `attachment; filename="${filename}"` );
+    return res.send( buf );
+  } catch ( error ) {
+    logger.error( { error: error, function: 'bulkDownloadBillingGroups' } );
+    return res.sendError( error, 500 );
+  }
+}
+
+export async function bulkUpdateBillingGroups( req, res ) {
+  try {
+    if ( !req.file?.buffer ) {
+      return res.sendError( 'No file uploaded', 400 );
+    }
+
+    const clientId = req.body?.clientId;
+    if ( !clientId ) {
+      return res.sendError( 'clientId form field is required', 400 );
+    }
+
+    let rawRows;
+    try {
+      const wb = XLSX.read( req.file.buffer, { type: 'buffer' } );
+      const sheet = wb.Sheets[wb.SheetNames[0]];
+      rawRows = XLSX.utils.sheet_to_json( sheet, { defval: '' } );
+    } catch ( parseErr ) {
+      logger.error( { error: parseErr, function: 'bulkUpdateBillingGroups.parse' } );
+      return res.sendError( 'Failed to parse XLSX file', 400 );
+    }
+
+    if ( !Array.isArray( rawRows ) || rawRows.length === 0 ) {
+      return res.sendError( 'Spreadsheet has no data rows', 400 );
+    }
+
+    // First pass: normalize + Joi-validate every row, collecting errors.
+    const normalized = [];
+    const errors = [];
+    for ( let i = 0; i < rawRows.length; i++ ) {
+      const rowNumber = i + 2; // header is row 1
+      const raw = rawRows[i];
+      const row = normalizeRow( raw );
+      const rowErrors = [];
+
+      // Coercion sanity (e.g. "abc" in a number column came back as NaN)
+      if ( Number.isNaN( row.paymentTerm ) ) {
+        rowErrors.push( 'Payment Term (days) must be a number' );
+        row.paymentTerm = undefined;
+      }
+      if ( Number.isNaN( row.installationFee ) ) {
+        rowErrors.push( 'Installation Fee must be a number' );
+        row.installationFee = undefined;
+      }
+
+      // Boolean cells that the user filled in but we couldn't parse → error (not silent skip).
+      const rawIsOneTime = trimOrEmpty( raw[COLUMN_HEADERS[21]] );
+      if ( rawIsOneTime !== '' && row.isInstallationOneTime === undefined ) {
+        rowErrors.push( 'Is Installation One-Time must be Yes or No' );
+      }
+      const rawAttachAnnexure = trimOrEmpty( raw[COLUMN_HEADERS[22]] );
+      if ( rawAttachAnnexure !== '' && row.attachAnnexure === undefined ) {
+        rowErrors.push( 'Attach Annexure must be Yes or No' );
+      }
+      const rawAdvanceInvoice = trimOrEmpty( raw[COLUMN_HEADERS[23]] );
+      if ( rawAdvanceInvoice !== '' && row.advanceInvoice === undefined ) {
+        rowErrors.push( 'Advance Invoice must be Yes or No' );
+      }
+
+      // Cross-brand guard: every row must belong to the brand the user is on.
+      const rowClientId = trimOrEmpty( raw[COLUMN_HEADERS[1]] );
+      if ( rowClientId !== '' && rowClientId !== clientId ) {
+        rowErrors.push( `Row belongs to client ${rowClientId}, not ${clientId}. Upload only rows for the current brand.` );
+      }
+
+      const { error: joiError } = bulkUpdateBillingGroupRowSchema.validate( row, { abortEarly: false, stripUnknown: true } );
+      if ( joiError ) {
+        for ( const d of joiError.details ) rowErrors.push( d.message );
+      }
+
+      if ( rowErrors.length > 0 ) {
+        errors.push( {
+          rowNumber,
+          _id: row._id,
+          brand: raw[COLUMN_HEADERS[2]] || '',
+          errors: rowErrors,
+        } );
+        normalized.push( null );
+        continue;
+      }
+      normalized.push( row );
+    }
+
+    // Second pass: verify each _id exists in the DB AND belongs to clientId.
+    const idsToCheck = normalized
+        .filter( ( r ) => r !== null )
+        .map( ( r ) => r._id );
+    const foundDocs = idsToCheck.length > 0 ?
+        await billingService.find( { _id: { $in: idsToCheck }, clientId } ) :
+        [];
+    const foundIds = new Set( foundDocs.map( ( d ) => String( d._id ) ) );
+    for ( let i = 0; i < normalized.length; i++ ) {
+      const row = normalized[i];
+      if ( !row ) continue;
+      if ( !foundIds.has( row._id ) ) {
+        errors.push( {
+          rowNumber: i + 2,
+          _id: row._id,
+          brand: rawRows[i][COLUMN_HEADERS[2]] || '',
+          errors: [ 'Billing group not found' ],
+        } );
+        normalized[i] = null;
+      }
+    }
+
+    if ( errors.length > 0 ) {
+      errors.sort( ( a, b ) => a.rowNumber - b.rowNumber );
+      return res.sendError(
+          { summary: { total: rawRows.length, failed: errors.length }, errors },
+          422,
+      );
+    }
+
+    const openSearchActivityLog = JSON.parse( process.env.OPENSEARCH ).activityLog;
+
+    // Third pass: serial DB writes.
+    let updated = 0;
+    let aborted = null;
+    for ( let i = 0; i < normalized.length; i++ ) {
+      const row = normalized[i];
+      // eslint-disable-next-line no-unused-vars
+      const { _id, ...payload } = row;
+      try {
+        await billingService.updateOne( { _id }, payload );
+        updated++;
+        insertOpenSearchData( openSearchActivityLog, {
+          userName: req.user?.userName,
+          email: req.user?.email,
+          clientId: rawRows[i][COLUMN_HEADERS[1]] || '',
+          logSubType: 'billingGroupUpdate',
+          logType: 'billing',
+          date: new Date(),
+          changes: [ `Billing group ${_id} updated via bulk upload` ],
+          eventType: '',
+          timestamp: new Date(),
+          showTo: [ 'tango' ],
+        } );
+      } catch ( writeErr ) {
+        logger.error( { error: writeErr, function: 'bulkUpdateBillingGroups.write', rowNumber: i + 2, _id } );
+        aborted = { rowNumber: i + 2, _id, message: writeErr?.message || String( writeErr ) };
+        break;
+      }
+    }
+
+    insertOpenSearchData( openSearchActivityLog, {
+      userName: req.user?.userName,
+      email: req.user?.email,
+      clientId: '',
+      logSubType: 'billingGroupBulkUpdate',
+      logType: 'billing',
+      date: new Date(),
+      changes: [ `Bulk billing-group update: ${updated} of ${normalized.length} groups updated by ${req.user?.email}` ],
+      eventType: '',
+      timestamp: new Date(),
+      showTo: [ 'tango' ],
+    } );
+
+    if ( aborted ) {
+      return res.sendError(
+          { summary: { total: normalized.length, updated, remaining: normalized.length - updated }, aborted },
+          207,
+      );
+    }
+
+    return res.sendSuccess( { summary: { total: normalized.length, updated } } );
+  } catch ( error ) {
+    logger.error( { error: error, function: 'bulkUpdateBillingGroups' } );
+    return res.sendError( error, 500 );
+  }
+}