Turnpike/handle_volunteers.go

package main

import (
	"encoding/json"
	"log"
	"net/http"
	"strconv"
)

func (app *App) handleListVolunteers(w http.ResponseWriter, r *http.Request) {
	q := r.URL.Query()
	search := q.Get("search")
	since := q.Get("since")

	var deptID *int
	if d := q.Get("dept"); d != "" {
		id, err := strconv.Atoi(d)
		if err == nil {
			deptID = &id
		}
	}

	claims := claimsFromContext(r)
	if claims.Role == "colead" && deptID == nil && len(claims.DeptIDs) > 0 {
		deptID = &claims.DeptIDs[0]
	}

	volunteers, err := app.listVolunteers(search, deptID, since)
	if err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	writeJSON(w, volunteers)
}

func (app *App) handleCreateVolunteer(w http.ResponseWriter, r *http.Request) {
	var body struct {
		Volunteer
		TicketName string `json:"ticket_name"`
	}
	if err := json.NewDecoder(r.Body).Decode(&body); err != nil {
		writeError(w, "invalid request", http.StatusBadRequest)
		return
	}
	v := body.Volunteer
	if v.Name == "" {
		writeError(w, "name is required", http.StatusBadRequest)
		return
	}
	if v.Email == "" {
		writeError(w, "email is required", http.StatusBadRequest)
		return
	}
	claims := claimsFromContext(r)
	if claims.Role == "colead" {
		if v.DepartmentID == nil || !inSlice(*v.DepartmentID, claims.DeptIDs) {
			writeError(w, "forbidden: outside your department", http.StatusForbidden)
			return
		}
	}
	if v.Email != "" && v.ParticipantID == nil {
		p, _ := app.getParticipantByEmail(v.Email)
		if p == nil {
			p, _ = app.createParticipant(Participant{PreferredName: v.Name, Email: v.Email, TicketName: body.TicketName})
		} else if body.TicketName != "" && p.TicketName == "" {
			app.db.Exec(`UPDATE participants SET ticket_name = ?, updated_at = ? WHERE id = ?`, body.TicketName, now(), p.ID)
		}
		if p != nil {
			v.ParticipantID = &p.ID
		}
	}
	confirmToken, err := generateConfirmationToken()
	if err != nil {
		writeError(w, "internal error", http.StatusInternalServerError)
		return
	}
	v.ConfirmationToken = &confirmToken
	created, err := app.createVolunteer(v)
	if err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	go func() {
		if err := app.sendConfirmationEmail(v.Email, v.Name, confirmToken); err != nil {
			log.Printf("confirmation email to %s failed: %v", v.Email, err)
		}
	}()
	w.WriteHeader(http.StatusCreated)
	writeJSON(w, created)
}

func (app *App) handleGetVolunteer(w http.ResponseWriter, r *http.Request) {
	id, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid id", http.StatusBadRequest)
		return
	}
	v, err := app.getVolunteer(id)
	if err != nil || v == nil {
		writeError(w, "not found", http.StatusNotFound)
		return
	}
	writeJSON(w, v)
}

func (app *App) handleUpdateVolunteer(w http.ResponseWriter, r *http.Request) {
	id, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid id", http.StatusBadRequest)
		return
	}
	var v Volunteer
	if err := json.NewDecoder(r.Body).Decode(&v); err != nil {
		writeError(w, "invalid request", http.StatusBadRequest)
		return
	}
	if v.Name == "" {
		writeError(w, "name is required", http.StatusBadRequest)
		return
	}
	claims := claimsFromContext(r)
	if claims.Role == "colead" {
		existing, _ := app.getVolunteer(id)
		if existing == nil || existing.DepartmentID == nil || !inSlice(*existing.DepartmentID, claims.DeptIDs) {
			writeError(w, "forbidden: outside your department", http.StatusForbidden)
			return
		}
	}
	v.ID = id
	if err := app.updateVolunteer(v); err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}

	if v.IsLead {
		app.confirmVolunteer(id)
	}
	updated, _ := app.getVolunteer(id)
	writeJSON(w, updated)
}

func (app *App) handleDeleteVolunteer(w http.ResponseWriter, r *http.Request) {
	id, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid id", http.StatusBadRequest)
		return
	}
	if err := app.deleteVolunteer(id); err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	w.WriteHeader(http.StatusNoContent)
}

func (app *App) handleMarkVolunteerReady(w http.ResponseWriter, r *http.Request) {
	id, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid id", http.StatusBadRequest)
		return
	}
	claims := claimsFromContext(r)
	v, err := app.markVolunteerReady(id, claims.UserID)
	if err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	app.broker.publish("checkin", map[string]any{"type": "volunteer", "volunteer": v})
	writeJSON(w, v)
}

func (app *App) handleConfirmVolunteer(w http.ResponseWriter, r *http.Request) {
	id, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid id", http.StatusBadRequest)
		return
	}
	v, err := app.confirmVolunteer(id)
	if err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	writeJSON(w, v)
}

func (app *App) handleAssignShift(w http.ResponseWriter, r *http.Request) {
	volunteerID, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid volunteer id", http.StatusBadRequest)
		return
	}
	var body struct {
		ShiftID int `json:"shift_id"`
	}
	if err := json.NewDecoder(r.Body).Decode(&body); err != nil || body.ShiftID == 0 {
		writeError(w, "shift_id required", http.StatusBadRequest)
		return
	}
	if err := app.assignShift(volunteerID, body.ShiftID); err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	w.WriteHeader(http.StatusNoContent)
}

func (app *App) handleUnassignShift(w http.ResponseWriter, r *http.Request) {
	volunteerID, err := strconv.Atoi(r.PathValue("id"))
	if err != nil {
		writeError(w, "invalid volunteer id", http.StatusBadRequest)
		return
	}
	shiftID, err := strconv.Atoi(r.PathValue("shift_id"))
	if err != nil {
		writeError(w, "invalid shift id", http.StatusBadRequest)
		return
	}
	if err := app.unassignShift(volunteerID, shiftID); err != nil {
		writeError(w, err.Error(), http.StatusInternalServerError)
		return
	}
	w.WriteHeader(http.StatusNoContent)
}

func inSlice(v int, s []int) bool {
	for _, x := range s {
		if x == v {
			return true
		}
	}
	return false
}
Created Turnpike, event attendee and volunteer management Built after prototype, Traverse, an attendee and volunteer list maintainer. 2026-03-03 11:27:07 -06:00			`package main`

			`import (`
			`"encoding/json"`
Generate confirmation email for manually-entered volunteers. 2026-03-05 20:28:21 -06:00			`"log"`
Created Turnpike, event attendee and volunteer management Built after prototype, Traverse, an attendee and volunteer list maintainer. 2026-03-03 11:27:07 -06:00			`"net/http"`
			`"strconv"`
			`)`

			`func (app App) handleListVolunteers(w http.ResponseWriter, r http.Request) {`
			`q := r.URL.Query()`
			`search := q.Get("search")`
			`since := q.Get("since")`

			`var deptID *int`
			`if d := q.Get("dept"); d != "" {`
			`id, err := strconv.Atoi(d)`
			`if err == nil {`
			`deptID = &id`
			`}`
			`}`

			`claims := claimsFromContext(r)`
Renamed and updated roles and privileges. 2026-03-04 12:00:36 -06:00			`if claims.Role == "colead" && deptID == nil && len(claims.DeptIDs) > 0 {`
Created Turnpike, event attendee and volunteer management Built after prototype, Traverse, an attendee and volunteer list maintainer. 2026-03-03 11:27:07 -06:00			`deptID = &claims.DeptIDs[0]`
			`}`

			`volunteers, err := app.listVolunteers(search, deptID, since)`
			`if err != nil {`
			`writeError(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
			`writeJSON(w, volunteers)`
			`}`

			`func (app App) handleCreateVolunteer(w http.ResponseWriter, r http.Request) {`
Update manual Volunteer entry. 2026-03-05 20:09:58 -06:00			`var body struct {`
			`Volunteer`
			TicketName string `json:"ticket_name"`
			`}`
			`if err := json.NewDecoder(r.Body).Decode(&body); err != nil {`
Created Turnpike, event attendee and volunteer management Built after prototype, Traverse, an attendee and volunteer list maintainer. 2026-03-03 11:27:07 -06:00			`writeError(w, "invalid request", http.StatusBadRequest)`
			`return`
			`}`
Update manual Volunteer entry. 2026-03-05 20:09:58 -06:00			`v := body.Volunteer`
Created Turnpike, event attendee and volunteer management Built after prototype, Traverse, an attendee and volunteer list maintainer. 2026-03-03 11:27:07 -06:00			`if v.Name == "" {`
			`writeError(w, "name is required", http.StatusBadRequest)`
			`return`
			`}`
Require email on Volunteer entry. 2026-03-05 20:17:25 -06:00			`if v.Email == "" {`
			`writeError(w, "email is required", http.StatusBadRequest)`
			`return`
			`}`
Created Turnpike, event attendee and volunteer management Built after prototype, Traverse, an attendee and volunteer list maintainer. 2026-03-03 11:27:07 -06:00			`claims := claimsFromContext(r)`
Renamed and updated roles and privileges. 2026-03-04 12:00:36 -06:00			`if claims.Role == "colead" {`
Created Turnpike, event attendee and volunteer management Built after prototype, Traverse, an attendee and volunteer list maintainer. 2026-03-03 11:27:07 -06:00			`if v.DepartmentID == nil \|\| !inSlice(*v.DepartmentID, claims.DeptIDs) {`
			`writeError(w, "forbidden: outside your department", http.StatusForbidden)`
			`return`
			`}`
			`}`
Renamed and updated roles and privileges. 2026-03-04 12:00:36 -06:00			`if v.Email != "" && v.ParticipantID == nil {`
			`p, _ := app.getParticipantByEmail(v.Email)`
			`if p == nil {`
Update manual Volunteer entry. 2026-03-05 20:09:58 -06:00			`p, _ = app.createParticipant(Participant{PreferredName: v.Name, Email: v.Email, TicketName: body.TicketName})`
			`} else if body.TicketName != "" && p.TicketName == "" {`
			app.db.Exec(`UPDATE participants SET ticket_name = ?, updated_at = ? WHERE id = ?`, body.TicketName, now(), p.ID)
Renamed and updated roles and privileges. 2026-03-04 12:00:36 -06:00			`}`
			`if p != nil {`
			`v.ParticipantID = &p.ID`
			`}`
			`}`
Generate confirmation email for manually-entered volunteers. 2026-03-05 20:28:21 -06:00			`confirmToken, err := generateConfirmationToken()`
			`if err != nil {`
			`writeError(w, "internal error", http.StatusInternalServerError)`
			`return`
			`}`
			`v.ConfirmationToken = &confirmToken`
Created Turnpike, event attendee and volunteer management Built after prototype, Traverse, an attendee and volunteer list maintainer. 2026-03-03 11:27:07 -06:00			`created, err := app.createVolunteer(v)`
			`if err != nil {`
			`writeError(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
Generate confirmation email for manually-entered volunteers. 2026-03-05 20:28:21 -06:00			`go func() {`
			`if err := app.sendConfirmationEmail(v.Email, v.Name, confirmToken); err != nil {`
			`log.Printf("confirmation email to %s failed: %v", v.Email, err)`
			`}`
			`}()`
Created Turnpike, event attendee and volunteer management Built after prototype, Traverse, an attendee and volunteer list maintainer. 2026-03-03 11:27:07 -06:00			`w.WriteHeader(http.StatusCreated)`
			`writeJSON(w, created)`
			`}`

			`func (app App) handleGetVolunteer(w http.ResponseWriter, r http.Request) {`
			`id, err := strconv.Atoi(r.PathValue("id"))`
			`if err != nil {`
			`writeError(w, "invalid id", http.StatusBadRequest)`
			`return`
			`}`
			`v, err := app.getVolunteer(id)`
			`if err != nil \|\| v == nil {`
			`writeError(w, "not found", http.StatusNotFound)`
			`return`
			`}`
			`writeJSON(w, v)`
			`}`

			`func (app App) handleUpdateVolunteer(w http.ResponseWriter, r http.Request) {`
			`id, err := strconv.Atoi(r.PathValue("id"))`
			`if err != nil {`
			`writeError(w, "invalid id", http.StatusBadRequest)`
			`return`
			`}`
			`var v Volunteer`
			`if err := json.NewDecoder(r.Body).Decode(&v); err != nil {`
			`writeError(w, "invalid request", http.StatusBadRequest)`
			`return`
			`}`
			`if v.Name == "" {`
			`writeError(w, "name is required", http.StatusBadRequest)`
			`return`
			`}`
			`claims := claimsFromContext(r)`
Renamed and updated roles and privileges. 2026-03-04 12:00:36 -06:00			`if claims.Role == "colead" {`
Created Turnpike, event attendee and volunteer management Built after prototype, Traverse, an attendee and volunteer list maintainer. 2026-03-03 11:27:07 -06:00			`existing, _ := app.getVolunteer(id)`
			`if existing == nil \|\| existing.DepartmentID == nil \|\| !inSlice(*existing.DepartmentID, claims.DeptIDs) {`
			`writeError(w, "forbidden: outside your department", http.StatusForbidden)`
			`return`
			`}`
			`}`
			`v.ID = id`
			`if err := app.updateVolunteer(v); err != nil {`
			`writeError(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
Set co-leads to confirmed automatically, and updated test and documents. 2026-03-05 16:51:39 -06:00
			`if v.IsLead {`
			`app.confirmVolunteer(id)`
			`}`
Created Turnpike, event attendee and volunteer management Built after prototype, Traverse, an attendee and volunteer list maintainer. 2026-03-03 11:27:07 -06:00			`updated, _ := app.getVolunteer(id)`
			`writeJSON(w, updated)`
			`}`

			`func (app App) handleDeleteVolunteer(w http.ResponseWriter, r http.Request) {`
			`id, err := strconv.Atoi(r.PathValue("id"))`
			`if err != nil {`
			`writeError(w, "invalid id", http.StatusBadRequest)`
			`return`
			`}`
			`if err := app.deleteVolunteer(id); err != nil {`
			`writeError(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
			`w.WriteHeader(http.StatusNoContent)`
			`}`

Refactored volunteer check_in as ready status. 2026-03-05 17:34:50 -06:00			`func (app App) handleMarkVolunteerReady(w http.ResponseWriter, r http.Request) {`
Created Turnpike, event attendee and volunteer management Built after prototype, Traverse, an attendee and volunteer list maintainer. 2026-03-03 11:27:07 -06:00			`id, err := strconv.Atoi(r.PathValue("id"))`
			`if err != nil {`
			`writeError(w, "invalid id", http.StatusBadRequest)`
			`return`
			`}`
			`claims := claimsFromContext(r)`
Refactored volunteer check_in as ready status. 2026-03-05 17:34:50 -06:00			`v, err := app.markVolunteerReady(id, claims.UserID)`
Created Turnpike, event attendee and volunteer management Built after prototype, Traverse, an attendee and volunteer list maintainer. 2026-03-03 11:27:07 -06:00			`if err != nil {`
			`writeError(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
			`app.broker.publish("checkin", map[string]any{"type": "volunteer", "volunteer": v})`
			`writeJSON(w, v)`
			`}`

Set up Unconfirmed -> Registered -> Confirmed -> Ready flow for Volunteers 2026-03-05 15:52:40 -06:00			`func (app App) handleConfirmVolunteer(w http.ResponseWriter, r http.Request) {`
			`id, err := strconv.Atoi(r.PathValue("id"))`
			`if err != nil {`
			`writeError(w, "invalid id", http.StatusBadRequest)`
			`return`
			`}`
			`v, err := app.confirmVolunteer(id)`
			`if err != nil {`
			`writeError(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
			`writeJSON(w, v)`
			`}`

Created Turnpike, event attendee and volunteer management Built after prototype, Traverse, an attendee and volunteer list maintainer. 2026-03-03 11:27:07 -06:00			`func (app App) handleAssignShift(w http.ResponseWriter, r http.Request) {`
			`volunteerID, err := strconv.Atoi(r.PathValue("id"))`
			`if err != nil {`
			`writeError(w, "invalid volunteer id", http.StatusBadRequest)`
			`return`
			`}`
			`var body struct {`
			ShiftID int `json:"shift_id"`
			`}`
			`if err := json.NewDecoder(r.Body).Decode(&body); err != nil \|\| body.ShiftID == 0 {`
			`writeError(w, "shift_id required", http.StatusBadRequest)`
			`return`
			`}`
			`if err := app.assignShift(volunteerID, body.ShiftID); err != nil {`
			`writeError(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
			`w.WriteHeader(http.StatusNoContent)`
			`}`

			`func (app App) handleUnassignShift(w http.ResponseWriter, r http.Request) {`
			`volunteerID, err := strconv.Atoi(r.PathValue("id"))`
			`if err != nil {`
			`writeError(w, "invalid volunteer id", http.StatusBadRequest)`
			`return`
			`}`
			`shiftID, err := strconv.Atoi(r.PathValue("shift_id"))`
			`if err != nil {`
			`writeError(w, "invalid shift id", http.StatusBadRequest)`
			`return`
			`}`
			`if err := app.unassignShift(volunteerID, shiftID); err != nil {`
			`writeError(w, err.Error(), http.StatusInternalServerError)`
			`return`
			`}`
			`w.WriteHeader(http.StatusNoContent)`
			`}`

			`func inSlice(v int, s []int) bool {`
			`for _, x := range s {`
			`if x == v {`
			`return true`
			`}`
			`}`
			`return false`
			`}`