Product Service

┌─────────────────┐
│   Product       │
│   Service       │
└────────┬────────┘
         │
    ┌────┴─────────────┬──────────────┬──────────────┐
    ▼                  ▼              ▼              ▼
┌──────────┐   ┌─────────────┐  ┌──────────┐  ┌──────────┐
│ Customer │   │   Access    │  │  Payment │  │  Tenant  │
│ Service  │   │   Service   │  │ Gateway  │  │ Service  │
└──────────┘   └─────────────┘  └──────────┘  └──────────┘

ProductService.add():
  - Validates at least one price per product
  - Validates unique price IDs within product
  - Validates unique SKUs within product
  - Runs transaction to prevent race conditions
  - Checks for duplicate SKUs globally (up to 30 SKUs per batch)
  - Creates product document
  - Creates all price subcollection documents
  - Rolls back automatically if any step fails
  - Returns combined product-with-price view

TenantProductService features:
  - Create tenant-specific product associations from SKU
  - Batch product assignment to multiple tenants
  - Automatic payment integration selection (Stripe or Custom)
  - Product permission inheritance to tenant scope
  - Global queries across all tenant products
  - Query by SKU, priceId, or productId across tenants
 
Creation flow:
  - Fetch product and price by SKU
  - Validate tenant existence
  - Create denormalized tenant-product with:
    • Product name and description
    • Price amount and currency
    • Payment integration details
    • Quantity transforms
    • Recurring billing information
    • Product permissions

ProductPaymentService.createSubscription():
  - Checks for existing active subscriptions (prevents duplicates)
  - Handles pending subscription retrieval and payment method updates
  - Creates payment gateway subscription with metadata
  - Configures auto-renewal and payment behavior
  - Expands invoice and payment intent for client secret
  - Creates local subscription tracking with status
  - Returns unified subscription view
 
Subscription states:
  - Pending: Awaiting first payment
  - Active: Paid and current
  - Cancelled: Terminated (soft delete preserves history)
 
Update capabilities:
  - Change payment method
  - Enable/disable auto-renewal
  - Cancel at period end
  - Gateway sync via async tasks

Payment routing logic:
  - Gateway available + product configured → Gateway payment intent
  - Gateway unavailable OR not configured → Custom invoice
 
Gateway payment intent:
  - Validates payment method ownership
  - Creates payment intent with metadata tracking
  - Sets receipt email and customer
  - Returns client secret for frontend
  - Metadata includes: customerKey, productId, priceId, intent type
 
Custom invoice fallback:
  - Creates invoice with line items
  - Calculates tax (configurable rate)
  - Sets due date and status
  - Returns invoice for manual processing
 
Payment method validation:
  - Retrieves method from gateway
  - Verifies customer ownership
  - Returns 400 if invalid or not owned

Automatic triggers:
  - Subscription activated → Create customer product
  - Subscription deactivated → Delete customer product
  - Customer product created/deleted → Sync customer record
  - Customer product updated (productId changed) → Sync customer record
 
SyncCustomerProductsHandler:
  - Queries all products for customer
  - Extracts product IDs
  - Updates customer document with product array
  - Enables permission checks via customer.products
 
Product sources tracked:
  - Subscription (includes subscriptionId)
  - OneTimePayment (purchase completed)

ProductPriceRepository.findGloballyFromSKUs():
  - Accepts array of prices (max 30)
  - Performs collection group query across all products
  - Uses Firestore 'in' operator for batch lookup
  - Returns matching prices with product context
  - Used for duplicate detection in transactions
 
ProductPriceRepository.getPriceFromSKU():
  - Performs global SKU search
  - Validates exactly one match (errors on 0 or >1)
  - Enables SKU-based product discovery
  - Used for tenant product creation
 
SKU validation rules:
  - Globally unique across all products
  - Unique within product
  - Cannot be changed after creation
  - Required for each price

CustomerInvoiceService features:
  - Create invoices with multiple line items
  - Transform product/price references to full line items
  - Validate product and price existence
  - Fetch customer information for invoicing
  - Track invoice history with diff preservation
  - Support multiple invoice statuses
 
CreateCustomerInvoiceDto transformation:
  - Accepts product/price/quantity DTOs
  - Fetches product name and description
  - Fetches price amount and currency
  - Builds enriched IProductWithPrice objects
  - Validates all references exist
  - Returns 400 if product or price not found
 
Invoice statuses:
  - DRAFT, OPEN, PAID, VOID, OVERDUE, UNCOLLECTABLE
 
Invoice includes:
  - Customer key and information
  - Order line items with quantities
  - Total due and tax calculation
  - Due date and paid date
  - Payment notes

DefaultProductService.createDefaultProductSubscriptions():
  - Accepts array of default product IDs
  - Builds price ID from product ID convention
  - Fetches product and price documents
  - Checks for existing subscriptions (prevents duplicates)
  - Creates Active subscription (no payment required)
  - Associates with tenant and customer
  - Marks as system product
  - Used during customer provisioning
 
Subscription properties:
  - Status: Active (immediate access)
  - autoRenew: true
  - isSystemProduct: true (exempt from billing)
  - tenantId: Originating tenant
 
Use cases:
  - Free tier products
  - Trial period products
  - Platform base features
  - Onboarding products

Product creation triggers:
  - ProductCreatedEvent → CreateStripeProductCommand (if Stripe integration)
  - Creates gateway product with metadata
  - Updates local product with gateway ID
 
Price creation triggers:
  - PriceCreatedEvent → CreateStripePriceCommand (if Stripe integration)
  - Creates gateway price with metadata
  - Updates local price with gateway ID
 
Product update triggers:
  - ProductUpdatedEvent → UpdateStripeProductCommand
  - Syncs name and description to gateway
 
Price update triggers:
  - PriceUpdatedEvent → UpdateStripePriceCommand
  - Archives old price and creates new one (gateway immutability)
 
Subscription sync:
  - Subscription status changes via webhook
  - UpdateSubscriptionStatusHandler maps gateway status
  - Updates autoRenew from cancel_at_period_end
 
One-time purchase completion:
  - payment_intent.succeeded webhook
  - Filters by PaymentIntentType.OneTimePayment
  - Publishes ONE_TIME_PURCHASE_COMPLETED event

UpdateTenantProductHandler:
  - Triggered by ProductUpdatedEvent
  - Queries all tenant products for product ID
  - Updates product name, description, payment integration
  - Updates permissions across all tenants
  - Runs in parallel for all affected tenants
 
UpdateTenantProductHandler (price updates):
  - Triggered by PriceUpdatedEvent
  - Queries all tenant products for price ID
  - Updates amount, currency, quantity transforms
  - Updates recurring billing information
  - Updates gateway references
  - Maintains consistency across tenant products
 
Delete cascades:
  - ProductDeletedEvent → Delete all tenant products
  - PriceDeletedEvent → Delete tenant products for price

UpsertProductPermissionsHandler:
  - Triggered by ProductCreatedEvent and ProductUpdatedEvent
  - Checks if product has permissions defined
  - Calls PermissionAdminService.upsertProductPermission
  - Maps product ID to permission arrays
  - Enables product-based access control
 
DeleteProductPermissionsHandler:
  - Triggered by ProductDeletedEvent
  - Removes product from permission map
  - Cleans up orphaned permissions
 
Permission structure:
  - Product.permissions: Record<string, string[]>
  - Maps permission keys to allowed values
  - Inherited by tenant products
  - Synced to customer on product assignment
 
Access control flow:
  - Customer purchases product
  - Customer product created with productId
  - Customer.products array updated
  - Permission checks validate product ownership

CreateSubscriptionInvoiceHandler:
  - Queries all active subscriptions
  - Filters by billing cycle (due for invoice)
  - Creates invoice for each subscription
  - Populates line items from subscription
  - Sets due date based on billing period
  - Sets status to OPEN
  - Publishes invoice notification event
 
Invoice notification saga:
  - Waits configured delay (default: 3 days)
  - SendInvoiceNotificationCommand triggered
  - Sends email/SMS to customer
  - Includes invoice details and payment link
 
History tracking:
  - UpdateCustomerInvoiceHistoryHandler
  - Records all invoice changes
  - Stores diff of old vs. new values
  - Maintains audit trail
  - Enables invoice dispute resolution

ProductService.getAllEnabled():
  - Fetches enabled products (optionally including system products)
  - Fetches all prices for each product
  - Determines type from price.recurring field
  - Returns products with type: 'recurring' | 'one-time'
 
ProductService.getRecurring():
  - Fetches all products
  - Filters to products with at least one recurring price
  - Returns only recurring products
  - Used for subscription product listings
 
Price structure:
  - recurring?: IRecurringPriceInformation {
      interval: 'day' | 'week' | 'month' | 'year'
      intervalCount?: number
    }
  - Presence determines product classification
 
Product with multiple prices:
  - If any price is recurring → type: 'recurring'
  - If all prices are one-time → type: 'one-time'

IPaymentCustomer model:
  - id: Customer key
  - stripeId?: Gateway customer ID
  - Created on first payment
  - Cached for subsequent payments
 
PaymentCustomerPipe:
  - Extracts customerKey from claims
  - Fetches or creates payment customer
  - Injects into controller
 
Validation:
  - validateUserPaymentMethod()
  - Retrieves payment method from gateway
  - Verifies method.customer === paymentCustomer.stripeId
  - Returns 400 if mismatch or not found
 
Used for:
  - Payment intent creation
  - Subscription creation
  - Payment method validation
  - Customer billing portal

IQuantityTransform:
  - divideBy: number (transform multiplier)
  - round: 'up' | 'down' (rounding strategy)
 
Use cases:
  - Usage-based pricing (API calls, storage, etc.)
  - Tiered volume pricing
  - Unit conversion (e.g., GB to TB)
 
Example:
  - divideBy: 1000, round: 'up'
  - 1,250 units → 2 billing units (rounded up)
 
Applied in:
  - Price creation and updates
  - Invoice line item calculations
  - Tenant product pricing
  - Subscription billing
 
Preserved across:
  - Product price documents
  - Tenant product denormalization
  - Invoice line items

Event types published:
  - PRODUCT_CREATED/UPDATED/DELETED
  - PRICE_CREATED/UPDATED/DELETED
  - CUSTOMER_PRODUCT_CREATED/UPDATED/DELETED
  - SUBSCRIPTION_CREATED/UPDATED/DELETED
  - SUBSCRIPTION_ACTIVATED/DEACTIVATED
  - CUSTOMER_INVOICE_CREATED/UPDATED/DELETED
  - ONE_TIME_PURCHASE_COMPLETED
 
Task queues:
  - product-product-events (product lifecycle)
  - product-price-events (price lifecycle)
  - product-customer-product-events (ownership)
  - product-subscription-events (subscriptions)
  - product-customer-invoice-events (billing)
  - product-stripe-events (gateway webhooks)
  - product-retry (failed task retry)
 
Saga orchestration:
  - StripeProductSagas (gateway sync)
  - CustomerProductSagas (ownership sync)
  - StripeSubscriptionSagas (subscription sync)
  - ProductSagas (tenant product updates)
  - InvoiceNotificationSagas (billing alerts)

Guards available:
  - @HasPermission(Permissions.ViewProducts)
  - @HasPermission(Permissions.EditProducts)
  - @HasPermission(Permissions.EditProductPrice)
  - @HasPermission(Permissions.ViewBillingDetails)
  - @HasPermission(Permissions.EditBillingDetails)
  - @HasPermission(Permissions.PlatformAdminViewBillingDetails)
  - @HasPermission(Permissions.PlatformAdminEditBillingDetails)
  - @HasPermission(Permissions.PlatformAdminViewSubscriptions)
  - @HasPermission(Permissions.PlatformAdminEditSubscriptions)
  - @HasPermission(Permissions.PlatformAdminViewTenantProducts)
  - @HasPermission(Permissions.PlatformAdminEditTenantProducts)
 
Permission evaluation:
  - Extracts user claims from request
  - Checks user permissions against required
  - Returns 403 if insufficient permissions
  - Supports platform admin vs. tenant scope