poduck/smoothschedule
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
bc094f2f804bd9b0a85b506f980aaf293450bebb
smoothschedule/DATA_EXPORT_IMPLEMENTATION.md
poduck e4ad7fca87 feat: Plan-based feature permissions and quota enforcement 
Backend:
- Add HasQuota() permission factory for quota limits (resources, users, services, appointments, email templates, automated tasks)
- Add HasFeaturePermission() factory for feature-based permissions (SMS, masked calling, custom domains, white label, plugins, webhooks, calendar sync, analytics)
- Add has_feature() method to Tenant model for flexible permission checking
- Add new tenant permission fields: can_create_plugins, can_use_webhooks, can_use_calendar_sync, can_export_data
- Create Data Export API with CSV/JSON support for appointments, customers, resources, services
- Create Analytics API with dashboard, appointments, revenue endpoints
- Add calendar sync views and URL configuration

Frontend:
- Add usePlanFeatures hook for checking feature availability
- Add UpgradePrompt components (inline, banner, overlay variants)
- Add LockedSection wrapper and LockedButton for feature gating
- Update settings pages with permission checks

🤖 Generated with [Claude Code](https://claude.com/claude-code)

Co-Authored-By: Claude <noreply@anthropic.com>
2025-12-02 11:21:11 -05:00

4.7 KiB
Raw Blame History

Data Export API Implementation Summary

Overview

Implemented a comprehensive data export feature for the SmoothSchedule Django backend that allows businesses to export their data in CSV and JSON formats. The feature is properly gated by subscription plan permissions.

Implementation Date

December 2, 2025

Files Created/Modified

New Files Created

  1. /home/poduck/Desktop/smoothschedule2/smoothschedule/schedule/export_views.py

    • Main export API implementation
    • Contains ExportViewSet with 4 export endpoints
    • Implements permission checking via HasExportDataPermission
    • Supports both CSV and JSON formats
    • ~450 lines of code

  2. /home/poduck/Desktop/smoothschedule2/smoothschedule/schedule/test_export.py

    • Comprehensive test suite for export API
    • Tests all endpoints, formats, filters
    • Tests permission gating
    • ~200 lines of test code

  3. /home/poduck/Desktop/smoothschedule2/smoothschedule/DATA_EXPORT_API.md

    • Complete API documentation
    • Request/response examples
    • Query parameter documentation
    • Error handling documentation
    • ~300 lines of documentation

  4. /home/poduck/Desktop/smoothschedule2/test_export_api.py

    • Standalone test script for manual API testing
    • Can be run outside of Django test framework

Modified Files

  1. /home/poduck/Desktop/smoothschedule2/smoothschedule/schedule/urls.py

    • Added import for ExportViewSet
    • Registered export viewset with router

  2. /home/poduck/Desktop/smoothschedule2/smoothschedule/core/models.py

    • Added can_export_data BooleanField to Tenant model
    • Field defaults to False (permission must be explicitly granted)
    • Field already had migration applied (0014_tenant_can_export_data_tenant_subscription_plan.py)

API Endpoints

All endpoints are accessible at the base path /export/ (not /api/export/ since schedule URLs are at root level).

1. Export Appointments

  • URL: GET /export/appointments/
  • Query Params: format, start_date, end_date, status
  • Formats: CSV, JSON
  • Data: Event/appointment information with customer and resource details

2. Export Customers

  • URL: GET /export/customers/
  • Query Params: format, status
  • Formats: CSV, JSON
  • Data: Customer list with contact information

3. Export Resources

  • URL: GET /export/resources/
  • Query Params: format, is_active
  • Formats: CSV, JSON
  • Data: Resource list (staff, rooms, equipment)

4. Export Services

  • URL: GET /export/services/
  • Query Params: format, is_active
  • Formats: CSV, JSON
  • Data: Service catalog with pricing and duration

Security Features

Permission Gating

  • All endpoints check tenant.can_export_data permission
  • Returns 403 Forbidden if permission not granted
  • Clear error messages guide users to upgrade their subscription

Authentication

  • All endpoints require authentication (IsAuthenticated permission)
  • Returns 401 Unauthorized for unauthenticated requests

Data Isolation

  • Leverages django-tenants automatic schema isolation
  • Users can only export data from their own tenant
  • No risk of cross-tenant data leakage

Features

Format Support

  • JSON: Includes metadata (count, filters, export timestamp)
  • CSV: Clean, spreadsheet-ready format with proper headers
  • Both formats include Content-Disposition header for automatic downloads

Filtering

  • Date Range: Filter appointments by start_date and end_date
  • Status: Filter by active/inactive status for various entities
  • Query Parameters: Flexible, URL-based filtering

File Naming

  • Timestamped filenames for uniqueness
  • Format: {data_type}_{YYYYMMDD}_{HHMMSS}.{format}
  • Example: appointments_20241202_103000.csv

Testing

Run unit tests with:

docker compose -f docker-compose.local.yml exec django python manage.py test schedule.test_export

Integration

Enable Export for a Tenant

# In Django shell or admin
from core.models import Tenant

tenant = Tenant.objects.get(schema_name='your_tenant')
tenant.can_export_data = True
tenant.save()

Example API Calls

# JSON export
curl -H "Authorization: Bearer YOUR_TOKEN" \
  "http://lvh.me:8000/export/appointments/?format=json"

# CSV export with date range
curl -H "Authorization: Bearer YOUR_TOKEN" \
  "http://lvh.me:8000/export/appointments/?format=csv&start_date=2024-01-01T00:00:00Z&end_date=2024-12-31T23:59:59Z"

Production Checklist

  • Permission gating implemented
  • Authentication required
  • Unit tests written
  • Documentation created
  • Database migration applied
  • Rate limiting configured
  • Frontend integration completed
  • Load testing performed

Implementation completed successfully!

Reference in New Issue View Git Blame Copy Permalink