Booking Engine (PL-T186)
En bref
The transactional core of the chain-venue platform. Create, update, cancel and check-in bookings with race-free conflict detection via per-(tenant, location) asyncio locks, idempotent submits keyed by client UUID, atomic multi-resource reservations as a single document, no-show grace-period auto-flip, full audit trail per status change, suggested-slot recovery on conflicts, and real-time SSE broadcasts to every connected console and customer page.
Comment ça fonctionne
Every mutation flows through the booking engine. On create, the engine acquires a per-(tenant, location) asyncio lock, validates against opening hours (via the effective-hours resolver), maintenance blocks (via the expansion service), buffer rules, and resource capacity, then writes the Booking document with status RESERVED. Idempotency keys passed by the client cause repeated submits to return the same booking rather than duplicating — critical for flaky mobile networks during checkout.
Multi-resource bookings (e.g. "three adjacent lanes for a corporate event") are stored as a single Booking with a list[resource_ids], so the reservation is atomic — no half-booked groups. Conflict responses don't dead-end the customer: the engine returns suggested_slots from a ±2 h scan around the requested time plus a can_join_waitlist boolean, and the front-end renders alternatives with one-tap selection. Status transitions (RESERVED → CONFIRMED → CHECKED_IN → COMPLETED, or any path to CANCELLED / NO_SHOW) are recorded in an audit_trail array on the document — actor, action, timestamp, optional metadata.
No-show logic runs on a grace period from ChainVenueProfile (e.g. 15 minutes after start time, the booking auto-flips to NO_SHOW unless an operator checks it in). Every status change broadcasts on an SSE channel chain.bookings.{tenant}.{location}, so the calendar, floorplan, and operator console all refresh within a few hundred milliseconds without polling.
Capacités clés
- Race-free conflict detection via per-(tenant, location) asyncio lock
- Idempotency keys + atomic multi-resource bookings (list of resource_ids)
- Conflict response carries suggested_slots (±2 h scan) + can_join_waitlist
- Full status audit trail on every transition
- No-show auto-flip on configurable grace period
- SSE broadcasts on chain.bookings.{tenant}.{location}
- Wait-list FIFO queue with promotion-on-free integration
En pratique
A customer on the tenant CMS picks Saturday 19:30 for a party of six on three adjacent lanes. The wizard POSTs a single booking with three resource_ids and an idempotency key generated client-side. The engine acquires the lane-lock, validates that all three lanes are free, writes one Booking document, releases the lock, and returns 201.
Two seconds later another customer tries to book Lane 2 for the same slot — the engine returns 409 with three suggested ±2 h slots plus a wait-list option. They tap the 20:00 alternative and confirm. Both bookings appear instantly on the venue's wall-mounted floorplan via SSE, and the operator behind the bar sees the new arrivals in the upcoming-arrivals strip without ever clicking refresh.
Fonctionnalités de ce sous-système
15| ID | Status | Fonctionnalités |
|---|---|---|
| F22.04.01 | Livré | Create / update / cancel booking with conflict detection ✅ |
| F22.04.02 | Livré | Booking validation (opening hours, buffer, capacity) ✅ |
| F22.04.03 | Livré | No-show logic with grace period ✅ |
| F22.04.04 | Livré | Audit trail per status change ✅ |
| F22.04.05 | Livré | Idempotency keys on create ✅ |
| F22.04.06 | Livré | WaitListEntry FIFO queue with promotion-on-free ✅ |
| F22.04.07 | Livré | SSE broadcast on status change (chain.bookings.<tenant>.<location>) ✅ |
| F22.04.08 | Livré | Multi-resource atomic booking (single document, list[resource_ids]) ✅ |
| F22.04.09 | Livré | Per-(tenant,location) asyncio lock for race-free conflict check ✅ |
| F22.04.10 | Livré | Conflict response with suggested_slots (±2h scan) and can_join_waitlist ✅ |
| F22.04.20 | Livré | Restricted facility booking (military/school/civic/private_corporate/religious) with permission-gated flow (PL-T217) ✅ |
| F22.04.21 | Livré | Approval-chain (host_admin → security_officer → optional government_clearance) with role-allow-lists och self-approval-skydd (PL-T217) ✅ |
| F22.04.22 | Livré | Access-log audit (checkin/checkout/access_denied) med dispatch till security_officers vid access_denied (PL-T217) ✅ |
| F22.04.23 | Livré | Host-operations-konfliktcheck mot iCal-calendar + restricted_facility_request_expiry_tick (24h-cutoff) (PL-T217) ✅ |
| F22.04.30 | Livré | Shared-facility-overlay — Booking.shared_facility_owner_tenant_id exponerar bokningen som read-only-spegel hos delägar-tenant via list_for_tenant_including_shared (PL-T224) ✅ |
Sous-systèmes liés
Parties prenantes qui ont besoin de ce sous-système
Apparaît dans 1 analyses de parties prenantes