tango-app-api-payment-subscription 3.4.4 → 3.5.1

package/src/dtos/validation.dtos.js

@@ -371,6 +371,31 @@ export const updateBillingGroupsSchema = {
   body: updateBillingGroupBody,
 };
 
+export const bulkUpdateBillingGroupRowSchema = joi.object( {
+  groupName: joi.string().required(),
+  groupTag: joi.string().required(),
+  registeredCompanyName: joi.string().required(),
+  gst: joi.string().allow( '' ).optional(),
+  addressLineOne: joi.string().allow( '' ).optional(),
+  addressLineTwo: joi.string().allow( '' ).optional(),
+  city: joi.string().allow( '' ).optional(),
+  state: joi.string().allow( '' ).optional(),
+  country: joi.string().allow( '' ).optional(),
+  pinCode: joi.string().allow( '' ).optional(),
+  placeOfSupply: joi.string().allow( '' ).optional(),
+  po: joi.string().allow( '' ).optional(),
+  proRata: joi.string().allow( '' ).optional(),
+  paymentCategory: joi.string().allow( '' ).optional(),
+  currency: joi.string().allow( '' ).optional(),
+  paymentCycle: joi.string().allow( '' ).optional(),
+  paymentTerm: joi.number().integer().min( 0 ).max( 365 ).optional(),
+  installationFee: joi.number().min( 0 ).optional(),
+  isInstallationOneTime: joi.boolean().optional(),
+  attachAnnexure: joi.boolean().optional(),
+  advanceInvoice: joi.boolean().optional(),
+  storeId: joi.string().allow( '' ).optional(),
+} );
+
 export const deleteBillingGroupQuery = {
   _id: joi.string().required(),
 };
@@ -468,3 +493,33 @@ export const clientProductsParam = joi.object().keys( {
 export const clientProductsValid = {
   params: clientProductsParam,
 };
+
+const INVOICE_STATUS_VALUES = [ 'pendingCsm', 'pendingFinance', 'pendingApproval', 'approved' ];
+
+export const invoiceStatusEnum = INVOICE_STATUS_VALUES;
+
+export const approveInvoiceTransitionBody = joi.object( {
+  invoiceId: joi.string().length( 24 ).hex().required(),
+} );
+
+export const approveInvoiceTransitionSchema = {
+  body: approveInvoiceTransitionBody,
+};
+
+export const updateInvoiceHeadsBody = joi.object( {
+  data: joi.array().items(
+      joi.object( {
+        role: joi.string().valid( 'csm', 'finance' ).required(),
+        // email may be a single string (csm) or an array of strings (finance).
+        // Empty string / empty array are allowed for un-setting.
+        email: joi.alternatives().try(
+            joi.string().email().allow( '' ),
+            joi.array().items( joi.string().email() ),
+        ).required(),
+      } ),
+  ).min( 1 ).required(),
+} );
+
+export const updateInvoiceHeadsSchema = {
+  body: updateInvoiceHeadsBody,
+};

package/src/hbs/invoicePdf.hbs

@@ -1612,6 +1612,14 @@
                                 {{#eq billingCurrency 'dollar'}}
                                 US Dollar
                                 {{/eq}}
+
+                                {{#eq billingCurrency 'singaporedollar'}}
+                                Singapore Dollar
+                                {{/eq}}
+
+                                {{#eq billingCurrency 'euro'}}
+                                Euro
+                                {{/eq}}
                                 {{amountwords}} Only
                             </div>
                         </div>

package/src/routes/brandsBilling.routes.js

@@ -1,7 +1,21 @@
 
 import express from 'express';
-import { brandsBillingList, brandInvoiceList, latestDailyPricing, brandBillingGroups, updateDailyPricingWorkingDays, updateDailyPricingStoreField, getClientBillingInfo } from '../controllers/brandsBilling.controller.js';
+import multer from 'multer';
+import { brandsBillingList, brandInvoiceList, latestDailyPricing, brandBillingGroups, updateDailyPricingWorkingDays, updateDailyPricingStoreField, getClientBillingInfo, bulkDownloadBillingGroups, bulkUpdateBillingGroups } from '../controllers/brandsBilling.controller.js';
 import { isAllowedSessionHandler, accessVerification } from 'tango-app-api-middleware';
+
+const bulkUpload = multer( {
+  storage: multer.memoryStorage(),
+  limits: { fileSize: 5 * 1024 * 1024 },
+  fileFilter: ( _req, file, cb ) => {
+    const ok = [
+      'application/vnd.openxmlformats-officedocument.spreadsheetml.sheet',
+      'application/vnd.ms-excel',
+      'application/octet-stream',
+    ].includes( file.mimetype );
+    cb( ok ? null : new Error( 'Invalid file format — use XLSX' ), ok );
+  },
+} );
 export const brandsBillingRouter = express.Router();
 
 brandsBillingRouter.post( '/brandsBillingList', isAllowedSessionHandler, accessVerification( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [] } ] } ), brandsBillingList );
@@ -11,3 +25,5 @@ brandsBillingRouter.post( '/brandBillingGroups', isAllowedSessionHandler, access
 brandsBillingRouter.put( '/updateDailyPricingWorkingDays', isAllowedSessionHandler, accessVerification( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [ 'isEdit' ] } ] } ), updateDailyPricingWorkingDays );
 brandsBillingRouter.put( '/updateDailyPricingStoreField', isAllowedSessionHandler, accessVerification( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [ 'isEdit' ] } ] } ), updateDailyPricingStoreField );
 brandsBillingRouter.post( '/getClientBillingInfo', isAllowedSessionHandler, accessVerification( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [] } ] } ), getClientBillingInfo );
+brandsBillingRouter.get( '/bulk-download-billing-groups', isAllowedSessionHandler, accessVerification( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [ 'isEdit' ] } ] } ), bulkDownloadBillingGroups );
+brandsBillingRouter.post( '/bulk-update-billing-groups', isAllowedSessionHandler, accessVerification( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [ 'isEdit' ] } ] } ), bulkUpload.single( 'file' ), bulkUpdateBillingGroups );

package/src/routes/invoice.routes.js

@@ -1,22 +1,44 @@
 import express from 'express';
-import { createInvoice, invoiceDownload, clientInvoiceList, creditTransactionlist, pendingInvoices, applyDiscount, migrateInvoice, PaymentStatusChange, checkPaymentStatus, getInvoice, updateInvoice, getClientBasePricing, deleteInvoice } from '../controllers/invoice.controller.js';
-import { isAllowedSessionHandler, accessVerification } from 'tango-app-api-middleware';
+import { createInvoice, invoiceDownload, invoiceDownloadBulk, clientInvoiceList, creditTransactionlist, pendingInvoices, applyDiscount, migrateInvoice, PaymentStatusChange, checkPaymentStatus, getInvoice, invoiceAnnexure, updateInvoice, getClientBasePricing, deleteInvoice, approveInvoiceCsm, approveInvoiceFinance, approveInvoiceApproval } from '../controllers/invoice.controller.js';
+import { isAllowedSessionHandler, accessVerification, validate } from 'tango-app-api-middleware';
+import { getInvoiceHeads, updateInvoiceHeads } from '../controllers/applicationDefault.controllers.js';
+import { updateInvoiceHeadsSchema } from '../dtos/validation.dtos.js';
 export const invoiceRouter = express.Router();
 
+// Superadmin bypass: if the authenticated user has role 'superadmin', skip the
+// granular access check that follows. Place between isAllowedSessionHandler and
+// accessVerification so req.user is populated.
+function superadminBypass( accessConfig ) {
+  const verify = accessVerification( accessConfig );
+  return function( req, res, next ) {
+    if ( req.user && req.user.role === 'superadmin' ) {
+      return next();
+    }
+    return verify( req, res, next );
+  };
+}
+
 
 invoiceRouter.post( '/createInvoice', isAllowedSessionHandler, createInvoice );
 invoiceRouter.post( '/regerateInvoice', isAllowedSessionHandler, createInvoice );
+invoiceRouter.post( '/invoiceDownload/bulk', isAllowedSessionHandler, accessVerification( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [] } ] } ), invoiceDownloadBulk );
 invoiceRouter.post( '/invoiceDownload/:invoiceId', isAllowedSessionHandler, invoiceDownload );
 invoiceRouter.post( '/clientInvoiceList', isAllowedSessionHandler, accessVerification( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [] } ] } ), clientInvoiceList );
 invoiceRouter.post( '/creditTransactionlist', isAllowedSessionHandler, accessVerification( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [] } ] } ), creditTransactionlist );
 invoiceRouter.post( '/pendingInvoices', isAllowedSessionHandler, pendingInvoices );
-invoiceRouter.post( '/applyDiscount', isAllowedSessionHandler, accessVerification( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [ 'isEdit' ] } ] } ), applyDiscount );
+invoiceRouter.post( '/applyDiscount', isAllowedSessionHandler, superadminBypass( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [ 'isEdit' ] } ] } ), applyDiscount );
 invoiceRouter.post( '/migrateInvoice', migrateInvoice );
-invoiceRouter.post( '/PaymentStatusChange', isAllowedSessionHandler, accessVerification( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [ 'isEdit' ] } ] } ), PaymentStatusChange );
+invoiceRouter.post( '/PaymentStatusChange', isAllowedSessionHandler, superadminBypass( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [ 'isEdit' ] } ] } ), PaymentStatusChange );
 invoiceRouter.post( '/checkPaymentStatus', checkPaymentStatus );
-invoiceRouter.get( '/getInvoice/:invoiceId', isAllowedSessionHandler, accessVerification( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [] } ] } ), getInvoice );
-invoiceRouter.put( '/updateInvoice', isAllowedSessionHandler, accessVerification( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [ 'isEdit' ] } ] } ), updateInvoice );
+invoiceRouter.get( '/getInvoice/:invoiceId', isAllowedSessionHandler, superadminBypass( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [] } ] } ), getInvoice );
+invoiceRouter.get( '/invoiceAnnexure/:invoiceId', isAllowedSessionHandler, superadminBypass( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [] } ] } ), invoiceAnnexure );
+invoiceRouter.put( '/updateInvoice', isAllowedSessionHandler, superadminBypass( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [ 'isEdit' ] } ] } ), updateInvoice );
 invoiceRouter.get( '/getClientBasePricing/:clientId', isAllowedSessionHandler, getClientBasePricing );
-invoiceRouter.delete( '/deleteInvoice/:invoiceId', isAllowedSessionHandler, accessVerification( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [ 'isEdit' ] } ] } ), deleteInvoice );
+invoiceRouter.delete( '/deleteInvoice/:invoiceId', isAllowedSessionHandler, superadminBypass( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [ 'isEdit' ] } ] } ), deleteInvoice );
 
+invoiceRouter.post( '/approveInvoiceCsm', isAllowedSessionHandler, superadminBypass( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'csmApproval', permissions: [ 'isEdit' ] } ] } ), approveInvoiceCsm );
+invoiceRouter.post( '/approveInvoiceFinance', isAllowedSessionHandler, superadminBypass( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'financeApproval', permissions: [ 'isEdit' ] } ] } ), approveInvoiceFinance );
+invoiceRouter.post( '/approveInvoiceApproval', isAllowedSessionHandler, superadminBypass( { userType: [ 'tango' ], access: [ { featureName: 'TangoAdmin', name: 'invoiceApproval', permissions: [ 'isEdit' ] } ] } ), approveInvoiceApproval );
 
+invoiceRouter.get( '/getInvoiceHeads', isAllowedSessionHandler, getInvoiceHeads );
+invoiceRouter.post( '/updateInvoiceHeads', isAllowedSessionHandler, validate( updateInvoiceHeadsSchema ), updateInvoiceHeads );

package/src/services/applicationDefault.service.js

@@ -0,0 +1,13 @@
+import model from 'tango-api-schema';
+
+export async function findOneApplicationDefault( query, projection ) {
+  return model.applicationDefaultModel.findOne( query, projection );
+}
+
+export async function upsertApplicationDefault( query, payload ) {
+  return model.applicationDefaultModel.findOneAndUpdate(
+      query,
+      { $set: payload },
+      { new: true, upsert: true },
+  );
+}

package/src/utils/currency.js

@@ -0,0 +1,14 @@
+/**
+ * Centralised currency symbol map for invoices, transactions, and PDFs.
+ * Keys must match the values stored in billing.currency / transaction.currency
+ * enums (see tango-api-schema). Unknown keys fall back to '$' to preserve the
+ * pre-existing two-currency-ternary behaviour.
+ */
+export const CURRENCY_SYMBOLS = {
+  inr: '₹',
+  dollar: '$',
+  singaporedollar: 'S$',
+  euro: '€',
+};
+
+export const symbolFor = ( currency ) => CURRENCY_SYMBOLS[currency] ?? '$';