feat: add core POS module — transactions, discounts, drawer, tax

Phase 3a backend API for point-of-sale. Includes: Schema (packages/backend/src/db/schema/pos.ts): - pgEnums: transaction_type, transaction_status, payment_method, discount_type, discount_applies_to, drawer_status - Tables: transaction, transaction_line_item, discount, discount_audit, drawer_session - Transaction links to accounts, repair_tickets, repair_batches - Line items link to products and inventory_units Tax system: - tax_rate + service_tax_rate columns on location - tax_category enum (goods/service/exempt) on product - Tax resolves per line item: goods→tax_rate, service→service_tax_rate, exempt→0. Repair line items map: part→goods, labor→service - GET /tax/lookup/:zip stubbed for future API integration (TAX_API_KEY) Services (export const pattern, matching existing codebase): - TransactionService: create, addLineItem, removeLineItem, applyDiscount, recalculateTotals, complete (decrements inventory), void, getReceipt - DiscountService: CRUD + listAll for dropdowns - DrawerService: open/close with expected balance + over/short calc - TaxService: getRateForLocation (by tax category), calculateTax Routes: - POST/GET /transactions, GET /transactions/:id, GET /transactions/:id/receipt - POST /transactions/:id/line-items, DELETE /transactions/:id/line-items/:id - POST /transactions/:id/discounts, /complete, /void - POST /drawer/open, POST /drawer/:id/close, GET /drawer/current, GET /drawer - CRUD /discounts + GET /discounts/all - GET /products/lookup/upc/:upc (barcode scanner support) All routes gated by pos.view/pos.edit/pos.admin + withModule('pos'). POS module already seeded in migration 0026. Still needed: bun install, drizzle-kit generate + migrate, tests, lint. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
2026-04-04 16:26:38 +00:00
parent 7aa81c4e7c
commit 7b15f18e59
17 changed files with 1247 additions and 1 deletions
--- a/packages/backend/src/routes/v1/transactions.ts
+++ b/packages/backend/src/routes/v1/transactions.ts
@@ -0,0 +1,90 @@
+import type { FastifyPluginAsync } from 'fastify'
+import {
+  PaginationSchema,
+  TransactionCreateSchema,
+  TransactionLineItemCreateSchema,
+  ApplyDiscountSchema,
+  CompleteTransactionSchema,
+} from '@lunarfront/shared/schemas'
+import { TransactionService } from '../../services/transaction.service.js'
+
+export const transactionRoutes: FastifyPluginAsync = async (app) => {
+  app.post('/transactions', { preHandler: [app.authenticate, app.requirePermission('pos.edit')] }, async (request, reply) => {
+    const parsed = TransactionCreateSchema.safeParse(request.body)
+    if (!parsed.success) {
+      return reply.status(400).send({ error: { message: 'Validation failed', details: parsed.error.flatten(), statusCode: 400 } })
+    }
+    const txn = await TransactionService.create(app.db, parsed.data, request.user.id)
+    return reply.status(201).send(txn)
+  })
+
+  app.get('/transactions', { preHandler: [app.authenticate, app.requirePermission('pos.view')] }, async (request, reply) => {
+    const query = request.query as Record<string, string | undefined>
+    const params = PaginationSchema.parse(query)
+
+    const filters = {
+      status: query.status,
+      transactionType: query.transactionType,
+      locationId: query.locationId,
+    }
+
+    const result = await TransactionService.list(app.db, params, filters)
+    return reply.send(result)
+  })
+
+  app.get('/transactions/:id', { preHandler: [app.authenticate, app.requirePermission('pos.view')] }, async (request, reply) => {
+    const { id } = request.params as { id: string }
+    const txn = await TransactionService.getById(app.db, id)
+    if (!txn) return reply.status(404).send({ error: { message: 'Transaction not found', statusCode: 404 } })
+    return reply.send(txn)
+  })
+
+  app.get('/transactions/:id/receipt', { preHandler: [app.authenticate, app.requirePermission('pos.view')] }, async (request, reply) => {
+    const { id } = request.params as { id: string }
+    const receipt = await TransactionService.getReceipt(app.db, id)
+    return reply.send(receipt)
+  })
+
+  app.post('/transactions/:id/line-items', { preHandler: [app.authenticate, app.requirePermission('pos.edit')] }, async (request, reply) => {
+    const { id } = request.params as { id: string }
+    const parsed = TransactionLineItemCreateSchema.safeParse(request.body)
+    if (!parsed.success) {
+      return reply.status(400).send({ error: { message: 'Validation failed', details: parsed.error.flatten(), statusCode: 400 } })
+    }
+    const lineItem = await TransactionService.addLineItem(app.db, id, parsed.data)
+    return reply.status(201).send(lineItem)
+  })
+
+  app.delete('/transactions/:id/line-items/:lineItemId', { preHandler: [app.authenticate, app.requirePermission('pos.edit')] }, async (request, reply) => {
+    const { id, lineItemId } = request.params as { id: string; lineItemId: string }
+    const deleted = await TransactionService.removeLineItem(app.db, id, lineItemId)
+    return reply.send(deleted)
+  })
+
+  app.post('/transactions/:id/discounts', { preHandler: [app.authenticate, app.requirePermission('pos.edit')] }, async (request, reply) => {
+    const { id } = request.params as { id: string }
+    const parsed = ApplyDiscountSchema.safeParse(request.body)
+    if (!parsed.success) {
+      return reply.status(400).send({ error: { message: 'Validation failed', details: parsed.error.flatten(), statusCode: 400 } })
+    }
+    await TransactionService.applyDiscount(app.db, id, parsed.data, request.user.id)
+    const txn = await TransactionService.getById(app.db, id)
+    return reply.send(txn)
+  })
+
+  app.post('/transactions/:id/complete', { preHandler: [app.authenticate, app.requirePermission('pos.edit')] }, async (request, reply) => {
+    const { id } = request.params as { id: string }
+    const parsed = CompleteTransactionSchema.safeParse(request.body)
+    if (!parsed.success) {
+      return reply.status(400).send({ error: { message: 'Validation failed', details: parsed.error.flatten(), statusCode: 400 } })
+    }
+    const txn = await TransactionService.complete(app.db, id, parsed.data)
+    return reply.send(txn)
+  })
+
+  app.post('/transactions/:id/void', { preHandler: [app.authenticate, app.requirePermission('pos.admin')] }, async (request, reply) => {
+    const { id } = request.params as { id: string }
+    const txn = await TransactionService.void(app.db, id, request.user.id)
+    return reply.send(txn)
+  })
+}