Issue #29 — Backend: Get Payments Endpoints

[yusuftomilola]

Location: backend/src/payments/

Description

Members need to view their own payment history, and admins need visibility into all payments across the platform. Like the bookings endpoints, the same GET /payments endpoint should serve both roles — returning only the requesting member's payments for a USER role, and all payments for admin roles.

Acceptance Criteria

• GET /payments returns a paginated list of payments
  • Supports query params: page (default 1), limit (default 10), status (optional, filters by PaymentStatus)
  • If the requesting user's role is ADMIN, SUPER_ADMIN, or STAFF — returns all payments across all members
  • If the requesting user's role is USER — returns only that user's own payments
  • Each payment includes the booking and user relations
  • Response shape: { success: true, data: Payment[], meta: { total, page, limit, totalPages } }
• GET /payments/:id returns a single payment by UUID
  • Members can only access their own payments — throws ForbiddenException if the payment does not belong to them
  • Throws NotFoundException if the payment does not exist
  • Includes the booking and user relations
  • Response shape: { success: true, data: Payment }
• Both endpoints use @GetCurrentUser('id') and @GetCurrentUser('role') to determine scope
• npx tsc --noEmit passes with no errors