poduck/smoothschedule
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
460bf200d02efd9fa628a7cb844662d55948dce6
smoothschedule/DATA_EXPORT_IMPLEMENTATION.md
poduck e4ad7fca87 feat: Plan-based feature permissions and quota enforcement 
Backend:
- Add HasQuota() permission factory for quota limits (resources, users, services, appointments, email templates, automated tasks)
- Add HasFeaturePermission() factory for feature-based permissions (SMS, masked calling, custom domains, white label, plugins, webhooks, calendar sync, analytics)
- Add has_feature() method to Tenant model for flexible permission checking
- Add new tenant permission fields: can_create_plugins, can_use_webhooks, can_use_calendar_sync, can_export_data
- Create Data Export API with CSV/JSON support for appointments, customers, resources, services
- Create Analytics API with dashboard, appointments, revenue endpoints
- Add calendar sync views and URL configuration

Frontend:
- Add usePlanFeatures hook for checking feature availability
- Add UpgradePrompt components (inline, banner, overlay variants)
- Add LockedSection wrapper and LockedButton for feature gating
- Update settings pages with permission checks

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-02 11:21:11 -05:00

156 lines
4.7 KiB
Markdown
Raw Blame History

# Data Export API Implementation Summary
## Overview
Implemented a comprehensive data export feature for the SmoothSchedule Django backend that allows businesses to export their data in CSV and JSON formats. The feature is properly gated by subscription plan permissions.
## Implementation Date
December 2, 2025
## Files Created/Modified
### New Files Created
1. **`/home/poduck/Desktop/smoothschedule2/smoothschedule/schedule/export_views.py`**
- Main export API implementation
- Contains `ExportViewSet` with 4 export endpoints
- Implements permission checking via `HasExportDataPermission`
- Supports both CSV and JSON formats
- ~450 lines of code
2. **`/home/poduck/Desktop/smoothschedule2/smoothschedule/schedule/test_export.py`**
- Comprehensive test suite for export API
- Tests all endpoints, formats, filters
- Tests permission gating
- ~200 lines of test code
3. **`/home/poduck/Desktop/smoothschedule2/smoothschedule/DATA_EXPORT_API.md`**
- Complete API documentation
- Request/response examples
- Query parameter documentation
- Error handling documentation
- ~300 lines of documentation
4. **`/home/poduck/Desktop/smoothschedule2/test_export_api.py`**
- Standalone test script for manual API testing
- Can be run outside of Django test framework
### Modified Files
1. **`/home/poduck/Desktop/smoothschedule2/smoothschedule/schedule/urls.py`**
- Added import for `ExportViewSet`
- Registered export viewset with router
2. **`/home/poduck/Desktop/smoothschedule2/smoothschedule/core/models.py`**
- Added `can_export_data` BooleanField to Tenant model
- Field defaults to `False` (permission must be explicitly granted)
- Field already had migration applied (0014_tenant_can_export_data_tenant_subscription_plan.py)
## API Endpoints
All endpoints are accessible at the base path `/export/` (not `/api/export/` since schedule URLs are at root level).
### 1. Export Appointments
- **URL**: `GET /export/appointments/`
- **Query Params**: `format`, `start_date`, `end_date`, `status`
- **Formats**: CSV, JSON
- **Data**: Event/appointment information with customer and resource details
### 2. Export Customers
- **URL**: `GET /export/customers/`
- **Query Params**: `format`, `status`
- **Formats**: CSV, JSON
- **Data**: Customer list with contact information
### 3. Export Resources
- **URL**: `GET /export/resources/`
- **Query Params**: `format`, `is_active`
- **Formats**: CSV, JSON
- **Data**: Resource list (staff, rooms, equipment)
### 4. Export Services
- **URL**: `GET /export/services/`
- **Query Params**: `format`, `is_active`
- **Formats**: CSV, JSON
- **Data**: Service catalog with pricing and duration
## Security Features
### Permission Gating
- All endpoints check `tenant.can_export_data` permission
- Returns 403 Forbidden if permission not granted
- Clear error messages guide users to upgrade their subscription
### Authentication
- All endpoints require authentication (IsAuthenticated permission)
- Returns 401 Unauthorized for unauthenticated requests
### Data Isolation
- Leverages django-tenants automatic schema isolation
- Users can only export data from their own tenant
- No risk of cross-tenant data leakage
## Features
### Format Support
- **JSON**: Includes metadata (count, filters, export timestamp)
- **CSV**: Clean, spreadsheet-ready format with proper headers
- Both formats include Content-Disposition header for automatic downloads
### Filtering
- **Date Range**: Filter appointments by start_date and end_date
- **Status**: Filter by active/inactive status for various entities
- **Query Parameters**: Flexible, URL-based filtering
### File Naming
- Timestamped filenames for uniqueness
- Format: `{data_type}_{YYYYMMDD}_{HHMMSS}.{format}`
- Example: `appointments_20241202_103000.csv`
## Testing
Run unit tests with:
```bash
docker compose -f docker-compose.local.yml exec django python manage.py test schedule.test_export
```
## Integration
### Enable Export for a Tenant
```python
# In Django shell or admin
from core.models import Tenant
tenant = Tenant.objects.get(schema_name='your_tenant')
tenant.can_export_data = True
tenant.save()
```
### Example API Calls
```bash
# JSON export
curl -H "Authorization: Bearer YOUR_TOKEN" \
"http://lvh.me:8000/export/appointments/?format=json"
# CSV export with date range
curl -H "Authorization: Bearer YOUR_TOKEN" \
"http://lvh.me:8000/export/appointments/?format=csv&start_date=2024-01-01T00:00:00Z&end_date=2024-12-31T23:59:59Z"
```
## Production Checklist
- [x] Permission gating implemented
- [x] Authentication required
- [x] Unit tests written
- [x] Documentation created
- [x] Database migration applied
- [ ] Rate limiting configured
- [ ] Frontend integration completed
- [ ] Load testing performed
---
**Implementation completed successfully!**
Reference in New Issue View Git Blame Copy Permalink