Prevent duplicate/overpayments after inspection is already fully paid
Problem
An inspection that has already been paid in full can still receive additional payments in some flows, which creates duplicate payment records/overpayments.
Why this gap exists
- Manual payment creation can still be submitted after full payment in the workorder flow.
- Card/ACH processing routes rely heavily on client-side remaining-balance state and idempotency keys, but do not consistently enforce a strict server-side remaining-balance gate for every payment create path.
- Idempotency protects same-key retries, but does not prevent separate sessions/users from creating additional payments on the same inspection.
Expected behavior
Once an inspection is fully paid, payment creation should be blocked by default unless an explicit override path is used (with clear intent/audit trail).
Suggested scope
- Add server-side balance validation to all payment create routes (manual + processor-backed).
- Define an explicit override mechanism for intentional overpayments/adjustments.
- Ensure UI reflects the server rule and gracefully handles stale pages/concurrent attempts.
- Add telemetry/audit notes when a blocked or override payment attempt occurs.
Reference
- Investigation reference workorder/activity feed: https://www.attik.ai/inspections/1008590042?tab=activity-feed
- Additional example where the system allowed duplicate payment and one payment was later refunded: inspection 1008577802
Please authenticate to join the conversation.
Upvoters
Status
Planned
Board
π
Main App
Date
25 days ago
Author
Linear
Subscribe to post
Get notified by email when there are changes.
Upvoters
Status
Planned
Board
π
Main App
Date
25 days ago
Author
Linear
Subscribe to post
Get notified by email when there are changes.