@7365admin1/core 2.11.0 → 2.13.0

package/dist/index.js

@@ -4968,7 +4968,8 @@ function useMemberRepo() {
     try {
       const data = await collection.find({
         role: { $in: roles },
-        type,
+        // type,
+        // ...(type && { type }),
         status: "active"
       }).toArray();
       setCache(cacheKey, data, 15 * 60).then(() => {
@@ -5598,6 +5599,7 @@ function useRoleRepo() {
     }
   }
   const { delNamespace, setCache, getCache, delCache } = (0, import_node_server_utils23.useCache)(namespace_collection);
+  const { delNamespace: _delDashboardNameSpace } = (0, import_node_server_utils23.useCache)("dashboard");
   async function addRole(value, session) {
     value = new MRole(value);
     try {
@@ -5860,15 +5862,21 @@ function useRoleRepo() {
         { session }
       );
       if (res.modifiedCount === 0) {
-        throw new import_node_server_utils23.InternalServerError("Unable to update feedback status.");
+        throw new import_node_server_utils23.InternalServerError("Unable to update role status.");
       }
-      const cacheKey = (0, import_node_server_utils23.makeCacheKey)(namespace_collection, { _id });
-      delCache(cacheKey).then(() => {
-        import_node_server_utils23.logger.info(`Cache deleted for key: ${cacheKey}`);
+      delNamespace().then(() => {
+        import_node_server_utils23.logger.info(`Cache cleared for namespace: ${namespace_collection}`);
       }).catch((err) => {
-        import_node_server_utils23.logger.error(`Failed to delete cache for key: ${cacheKey}`, err);
+        import_node_server_utils23.logger.error(
+          `Failed to clear cache for namespace: ${namespace_collection}`,
+          err
+        );
+      });
+      _delDashboardNameSpace().then(() => {
+        import_node_server_utils23.logger.info(`Cache cleared for namespace: dashboard`);
+      }).catch((err) => {
+        import_node_server_utils23.logger.error(`Failed to clear cache for namespace: dashboard`, err);
       });
-      return "Successfully deleted role.";
     } catch (error) {
       throw new import_node_server_utils23.InternalServerError("Failed to delete role.");
     }
@@ -6957,7 +6965,7 @@ function useRoleController() {
   }
   async function deleteRole(req, res, next) {
     const validation = import_joi15.default.string().hex().required();
-    const _id = req.params.id;
+    const _id = req.query.id;
     const { error } = validation.validate(_id);
     if (error) {
       import_node_server_utils29.logger.log({ level: "error", message: error.message });
@@ -7066,7 +7074,7 @@ function useMemberService() {
       throw new import_node_server_utils30.BadRequestError("No owner role found.");
     }
     const roles = owner.map((r) => r._id?.toString() ?? "");
-    const ownerMembers = await getByRoles(roles, type);
+    const ownerMembers = await getByRoles(roles, type = "");
     if (!ownerMembers.length) {
       throw new import_node_server_utils30.BadRequestError("No owner members found.");
     }
@@ -7608,7 +7616,7 @@ function useFileController() {
   }
   async function deleteFile(req, res, next) {
     const validation = import_joi18.default.string().hex().required();
-    const _id = req.params.id;
+    const _id = req.query.id;
     const { error } = validation.validate(_id);
     if (error) {
       import_node_server_utils34.logger.log({ level: "error", message: error.message });
@@ -11022,7 +11030,6 @@ function useFeedbackController() {
   async function deleteFeedback(req, res, next) {
     const validation = import_joi28.default.string().hex().required();
     const _id = req.query.id;
-    console.log(_id);
     const { error } = validation.validate(_id);
     if (error) {
       import_node_server_utils55.logger.log({ level: "error", message: error.message });
@@ -14727,7 +14734,7 @@ function MPerson(value) {
   return {
     _id: value._id,
     name: value.name,
-    contact: value.contact,
+    contact: value.contact ?? "",
     block: value.block,
     level: value.level,
     unit: value.unit,
@@ -15180,7 +15187,8 @@ function usePersonRepo() {
         $or: [
           { name: { $regex: search, $options: "i" } },
           { email: { $regex: search, $options: "i" } },
-          { nric: { $regex: search, $options: "i" } }
+          { nric: { $regex: search, $options: "i" } },
+          { "plates.plateNumber": { $regex: search, $options: "i" } }
         ]
       },
       ...import_mongodb44.ObjectId.isValid(org) && { org: new import_mongodb44.ObjectId(org) },
@@ -18553,7 +18561,7 @@ function useVisitorTransactionService() {
         } else {
           const payload = {
             name: value.name || "",
-            contact: value.contact,
+            contact: value.contact ?? "",
             nric,
             type: value.type,
             companyName: value.company ? [value.company] : [],
@@ -20802,13 +20810,38 @@ function usePatrolRouteRepo() {
       throw error;
     }
   }
+  async function getById(_id, session) {
+    try {
+      _id = new import_mongodb60.ObjectId(_id);
+    } catch (error) {
+      throw new import_node_server_utils113.BadRequestError("Invalid patrol log ID format.");
+    }
+    const cacheKey = (0, import_node_server_utils113.makeCacheKey)(namespace_collection, { _id });
+    const cachedData = await getCache(cacheKey);
+    if (cachedData) {
+      import_node_server_utils113.logger.info(`Cache hit for key: ${cacheKey}`);
+      return cachedData;
+    }
+    try {
+      const data = await collection.findOne({ _id }, { session });
+      setCache(cacheKey, data, 15 * 60).then(() => {
+        import_node_server_utils113.logger.info(`Cache set for key: ${cacheKey}`);
+      }).catch((err) => {
+        import_node_server_utils113.logger.error(`Failed to set cache for key: ${cacheKey}`, err);
+      });
+      return data;
+    } catch (error) {
+      throw error;
+    }
+  }
   return {
     createTextIndex,
     add,
     getAll,
     updateById,
     deleteById,
-    getScheduledRoute
+    getScheduledRoute,
+    getById
   };
 }
 
@@ -20821,7 +20854,8 @@ function usePatrolRouteController() {
     getAll: _getAll,
     updateById: _updateById,
     deleteById: _deleteById,
-    getScheduledRoute: _getScheduledRoute
+    getScheduledRoute: _getScheduledRoute,
+    getById: _getById
   } = usePatrolRouteRepo();
   async function add(req, res, next) {
     const data = { ...req.body };
@@ -20989,12 +21023,34 @@ function usePatrolRouteController() {
       return;
     }
   }
+  async function getById(req, res, next) {
+    const id = req.params.id;
+    const validation = import_joi64.default.object({
+      id: import_joi64.default.string().hex().required()
+    });
+    const { error } = validation.validate({ id });
+    if (error) {
+      next(new import_node_server_utils114.BadRequestError(error.message));
+      return;
+    }
+    try {
+      const routes = await _getById(id);
+      res.json({
+        message: "Successfully retrieved patrol routes.",
+        data: routes
+      });
+      return;
+    } catch (error2) {
+      next(error2);
+    }
+  }
   return {
     add,
     getAll,
     updateById,
     deleteById,
-    getScheduledRoute
+    getScheduledRoute,
+    getById
   };
 }
 
@@ -21244,6 +21300,30 @@ function usePatrolLogRepo() {
       throw error;
     }
   }
+  async function getById(_id, session) {
+    try {
+      _id = new import_mongodb62.ObjectId(_id);
+    } catch (error) {
+      throw new import_node_server_utils116.BadRequestError("Invalid patrol log ID format.");
+    }
+    const cacheKey = (0, import_node_server_utils116.makeCacheKey)(namespace_collection, { _id });
+    const cachedData = await getCache(cacheKey);
+    if (cachedData) {
+      import_node_server_utils116.logger.info(`Cache hit for key: ${cacheKey}`);
+      return cachedData;
+    }
+    try {
+      const data = await collection.findOne({ _id }, { session });
+      setCache(cacheKey, data, 15 * 60).then(() => {
+        import_node_server_utils116.logger.info(`Cache set for key: ${cacheKey}`);
+      }).catch((err) => {
+        import_node_server_utils116.logger.error(`Failed to set cache for key: ${cacheKey}`, err);
+      });
+      return data;
+    } catch (error) {
+      throw error;
+    }
+  }
   function delCachedData() {
     delNamespace().then(() => {
       import_node_server_utils116.logger.log({
@@ -21263,7 +21343,8 @@ function usePatrolLogRepo() {
     add,
     getAll,
     updateById,
-    deleteById
+    deleteById,
+    getById
   };
 }
 
@@ -21335,7 +21416,8 @@ function usePatrolLogController() {
   const {
     getAll: _getAll,
     updateById: _updateById,
-    deleteById: _deleteById
+    deleteById: _deleteById,
+    getById: _getById
   } = usePatrolLogRepo();
   const { add: _add } = usePatrolLogService();
   async function add(req, res, next) {
@@ -21447,7 +21529,28 @@ function usePatrolLogController() {
       return;
     }
   }
-  return { add, getAll, updateById, deleteById };
+  async function getById(req, res, next) {
+    const id = req.params.id;
+    const validation = import_joi66.default.object({
+      id: import_joi66.default.string().hex().required()
+    });
+    const { error } = validation.validate({ id });
+    if (error) {
+      next(new import_node_server_utils118.BadRequestError(error.message));
+      return;
+    }
+    try {
+      const logs = await _getById(id);
+      res.json({
+        message: "Successfully retrieved patrol log.",
+        data: logs
+      });
+      return;
+    } catch (error2) {
+      next(error2);
+    }
+  }
+  return { add, getAll, updateById, deleteById, getById };
 }
 
 // src/models/site-facility.model.ts
@@ -23526,16 +23629,26 @@ function useDocumentManagementRepo() {
     site = ""
   }) {
     page = page > 0 ? page - 1 : 0;
+    try {
+      site = new import_mongodb70.ObjectId(site);
+    } catch (error) {
+      throw new import_node_server_utils128.BadRequestError("Invalid site ID format.");
+    }
     sort = Object.keys(sort).length > 0 ? sort : { _id: -1 };
     const cacheOptions = {
       page,
       limit,
       status,
+      site: site?.toString(),
       sort: JSON.stringify(sort)
     };
     const query = {
       ...status ? { $and: [{ status }, { status: { $ne: "deleted" } }] } : { status: { $ne: "deleted" } }
     };
+    if (site) {
+      query.site = site;
+      cacheOptions.site = site;
+    }
     if (search) {
       query.$or = [
         { name: { $regex: search, $options: "i" } },
@@ -23940,7 +24053,7 @@ function useDocumentManagementController() {
   }
   async function deleteDocumentById(req, res, next) {
     const validation = import_joi74.default.string().hex().required();
-    const _id = req.params.id;
+    const _id = req.query.id;
     const { error } = validation.validate(_id);
     if (error) {
       import_node_server_utils130.logger.log({ level: "error", message: error.message });
@@ -27148,11 +27261,11 @@ var EAccessCardTypes = /* @__PURE__ */ ((EAccessCardTypes2) => {
   EAccessCardTypes2["QR"] = "QRCODE";
   return EAccessCardTypes2;
 })(EAccessCardTypes || {});
-var EAccessCardUserTypes = /* @__PURE__ */ ((EAccessCardUserTypes4) => {
-  EAccessCardUserTypes4["RESIDENT"] = "Resident/Tenant";
-  EAccessCardUserTypes4["CONTRACTOR"] = "Contractor";
-  EAccessCardUserTypes4["VISITOR"] = "Visitor";
-  return EAccessCardUserTypes4;
+var EAccessCardUserTypes = /* @__PURE__ */ ((EAccessCardUserTypes3) => {
+  EAccessCardUserTypes3["RESIDENT"] = "Resident/Tenant";
+  EAccessCardUserTypes3["CONTRACTOR"] = "Contractor";
+  EAccessCardUserTypes3["VISITOR"] = "Visitor";
+  return EAccessCardUserTypes3;
 })(EAccessCardUserTypes || {});
 var AccessTypeProps = /* @__PURE__ */ ((AccessTypeProps2) => {
   AccessTypeProps2["NORMAL"] = "Normal";
@@ -27249,6 +27362,114 @@ var MAccessCard = class {
 // src/repositories/access-management.repo.ts
 var import_node_server_utils149 = require("@7365admin1/node-server-utils");
 var import_mongodb83 = require("mongodb");
+
+// src/utils/access-management.ts
+var import_fs2 = __toESM(require("fs"));
+var import_path = __toESM(require("path"));
+var import_axios = __toESM(require("axios"));
+var import_crypto = __toESM(require("crypto"));
+var ALGORITHM = "aes-256-gcm";
+var SECRET_KEY = import_crypto.default.createSecretKey(
+  new Uint8Array(import_crypto.default.createHash("sha256").update("acm-secret-key").digest())
+);
+function decryptAcmUrl(encryptedText) {
+  const [ivB64, authTagB64, encryptedB64] = encryptedText.split(":");
+  const iv = Buffer.from(ivB64, "base64");
+  const authTag = Buffer.from(authTagB64, "base64");
+  const encrypted = Buffer.from(encryptedB64, "base64");
+  const decipher = import_crypto.default.createDecipheriv(
+    ALGORITHM,
+    SECRET_KEY,
+    new Uint8Array(iv)
+  );
+  decipher.setAuthTag(new Uint8Array(authTag));
+  const decrypted = Buffer.concat([
+    decipher.update(encrypted),
+    decipher.final()
+  ]);
+  return decrypted.toString("utf8");
+}
+var minifyXml = (xml) => {
+  return xml.replace(/>\s+</g, "><").replace(/\n/g, "").replace(/\r/g, "").replace(/\t/g, "").trim();
+};
+var readTemplate = (name, params) => {
+  const template = import_fs2.default.readFileSync(
+    import_path.default.join(__dirname, `../src/public/xml-templates/${name}.xml`),
+    "utf-8"
+  );
+  if (!params)
+    return minifyXml(template);
+  const replacedTemplate = Object.entries(params).reduce(
+    (acc, [key, value]) => acc.replace(`{{${key}}}`, value),
+    template
+  );
+  return minifyXml(replacedTemplate);
+};
+async function sendCommand(command, url) {
+  try {
+    const decrypt = decryptAcmUrl(url);
+    const response = await import_axios.default.post(decrypt, {
+      command
+    });
+    if (response.status === 200 || response.status === 201)
+      return response.data;
+  } catch (error) {
+    return Promise.reject(error);
+  }
+}
+var formatDoorAccessLevels = (data) => {
+  const doorAccessLevels = data.RESULT.TRACKID.SUB_RESULT.ACCESS_LEVEL;
+  return doorAccessLevels.map((door) => {
+    return {
+      name: door._.trim(),
+      // Remove any leading/trailing spaces
+      no: door.$.NO
+      // Extract the number
+    };
+  });
+};
+var formatLiftAccessLevels = (data, search) => {
+  const liftAccessLevels = data.RESULT.TRACKID.SUB_RESULT.LIFT_ACCESS_LEVEL;
+  const result = liftAccessLevels.map((level) => {
+    return {
+      name: level._.trim(),
+      no: level.$.NO
+    };
+  });
+  if (search) {
+    return result.filter(
+      (item) => item.name.toLowerCase().includes(search.toLowerCase())
+    );
+  }
+  return result;
+};
+var formatAccessGroup = (data, search) => {
+  const accessGroup = data.RESULT.TRACKID.SUB_RESULT.ACCESS_GROUP;
+  const result = accessGroup.map((ag) => {
+    return {
+      no: ag._.trim(),
+      name: ag.$.NAME
+    };
+  });
+  if (search) {
+    return result.filter(
+      (item) => item.name.toLowerCase().includes(search.toLowerCase())
+    );
+  }
+  return result;
+};
+var formatEntryPassDate = (date) => {
+  if (!date)
+    return null;
+  const newDate = new Date(date);
+  const year = newDate.getFullYear();
+  const month = String(newDate.getMonth() + 1).padStart(2, "0");
+  const day = String(newDate.getDate()).padStart(2, "0");
+  return `${year}${month}${day}`;
+};
+
+// src/repositories/access-management.repo.ts
+var import_xml2js = require("xml2js");
 function UseAccessManagementRepo() {
   function collection() {
     const db = import_node_server_utils149.useAtlas.getDb();
@@ -27999,120 +28220,314 @@ function UseAccessManagementRepo() {
       throw new Error(error.message);
     }
   }
-  return {
-    createIndexes,
-    createIndexForEntrypass,
-    addPhysicalCardRepo,
-    addNonPhysicalCardRepo,
-    accessManagementSettingsRepo,
-    allAccessCardsCountsRepo,
-    availableAccessCardsRepo,
-    userTypeAccessCardsRepo,
-    assignedAccessCardsRepo
-  };
-}
-
-// src/controllers/access-management.controller.ts
-var import_joi85 = __toESM(require("joi"));
-
-// src/utils/access-management.ts
-var import_fs2 = __toESM(require("fs"));
-var import_path = __toESM(require("path"));
-var import_axios = __toESM(require("axios"));
-var import_crypto = __toESM(require("crypto"));
-var ALGORITHM = "aes-256-gcm";
-var SECRET_KEY = import_crypto.default.createSecretKey(
-  new Uint8Array(import_crypto.default.createHash("sha256").update("acm-secret-key").digest())
-);
-function decryptAcmUrl(encryptedText) {
-  const [ivB64, authTagB64, encryptedB64] = encryptedText.split(":");
-  const iv = Buffer.from(ivB64, "base64");
-  const authTag = Buffer.from(authTagB64, "base64");
-  const encrypted = Buffer.from(encryptedB64, "base64");
-  const decipher = import_crypto.default.createDecipheriv(
-    ALGORITHM,
-    SECRET_KEY,
-    new Uint8Array(iv)
-  );
-  decipher.setAuthTag(new Uint8Array(authTag));
-  const decrypted = Buffer.concat([
-    decipher.update(encrypted),
-    decipher.final()
-  ]);
-  return decrypted.toString("utf8");
-}
-var minifyXml = (xml) => {
-  return xml.replace(/>\s+</g, "><").replace(/\n/g, "").replace(/\r/g, "").replace(/\t/g, "").trim();
-};
-var readTemplate = (name, params) => {
-  const template = import_fs2.default.readFileSync(
-    import_path.default.join(__dirname, `../src/public/xml-templates/${name}.xml`),
-    "utf-8"
-  );
-  if (!params)
-    return minifyXml(template);
-  const replacedTemplate = Object.entries(params).reduce(
-    (acc, [key, value]) => acc.replace(`{{${key}}}`, value),
-    template
-  );
-  return minifyXml(replacedTemplate);
-};
-async function sendCommand(command, url) {
-  try {
-    const decrypt = decryptAcmUrl(url);
-    const response = await import_axios.default.post(decrypt, {
-      command
-    });
-    if (response.status === 200 || response.status === 201)
-      return response.data;
-  } catch (error) {
-    return Promise.reject(error);
+  async function acknowlegdeCardRepo(params) {
+    const session = import_node_server_utils149.useAtlas.getClient()?.startSession();
+    try {
+      session?.startTransaction();
+      const { userId, cardId, site } = params;
+      const allUserId = await Promise.all(userId.map(async (id) => new import_mongodb83.ObjectId(id)));
+      const allCardId = await Promise.all(cardId.map(async (id) => new import_mongodb83.ObjectId(id)));
+      const siteId = new import_mongodb83.ObjectId(site);
+      const result = await collection().updateMany(
+        {
+          $or: [
+            {
+              _id: { $in: allCardId },
+              site: siteId
+            },
+            {
+              userId: { $in: allUserId },
+              site: siteId,
+              isActivated: false,
+              replacementStatus: "Issuance"
+            }
+          ]
+        },
+        { $set: { replacementStatus: "Complete" } },
+        { session }
+      );
+      await session?.commitTransaction();
+      return result;
+    } catch (error) {
+      await session?.abortTransaction();
+      throw new Error(error.message);
+    } finally {
+      await session?.endSession();
+    }
   }
-}
-var formatDoorAccessLevels = (data) => {
-  const doorAccessLevels = data.RESULT.TRACKID.SUB_RESULT.ACCESS_LEVEL;
-  return doorAccessLevels.map((door) => {
-    return {
-      name: door._.trim(),
-      // Remove any leading/trailing spaces
-      no: door.$.NO
-      // Extract the number
-    };
-  });
-};
-var formatLiftAccessLevels = (data, search) => {
-  const liftAccessLevels = data.RESULT.TRACKID.SUB_RESULT.LIFT_ACCESS_LEVEL;
-  const result = liftAccessLevels.map((level) => {
-    return {
-      name: level._.trim(),
-      no: level.$.NO
-    };
-  });
-  if (search) {
-    return result.filter(
-      (item) => item.name.toLowerCase().includes(search.toLowerCase())
-    );
+  async function accessandLiftCardsRepo(params) {
+    try {
+      const { accessLevel, liftAccessLevel, site, userType, type } = params;
+      const siteId = new import_mongodb83.ObjectId(site);
+      const query = {
+        site: { $in: [siteId] },
+        userType,
+        type,
+        userId: null,
+        assignedUnit: null,
+        accessLevel,
+        liftAccessLevel,
+        isActivated: true
+      };
+      const result = await collection().aggregate([
+        {
+          $match: query
+        },
+        {
+          $facet: {
+            counts: [{ $count: "count" }]
+          }
+        }
+      ], { allowDiskUse: true }).toArray();
+      return result;
+    } catch (error) {
+      throw new Error(error.message);
+    }
   }
-  return result;
-};
-var formatAccessGroup = (data, search) => {
-  const accessGroup = data.RESULT.TRACKID.SUB_RESULT.ACCESS_GROUP;
-  const result = accessGroup.map((ag) => {
-    return {
-      no: ag._.trim(),
-      name: ag.$.NAME
-    };
-  });
-  if (search) {
-    return result.filter(
-      (item) => item.name.toLowerCase().includes(search.toLowerCase())
-    );
+  async function replaceCardRepo(params) {
+    const session = import_node_server_utils149.useAtlas.getClient()?.startSession();
+    try {
+      session?.startTransaction();
+      const siteId = new import_mongodb83.ObjectId(params.site);
+      const userId = new import_mongodb83.ObjectId(params.userId);
+      const cardId = new import_mongodb83.ObjectId(params.cardId);
+      const quantity = 1;
+      const cardCredentials = await collection().findOneAndUpdate(
+        { _id: cardId },
+        { $set: { replacementStatus: "Issuance" } },
+        { returnDocument: "after" }
+      );
+      const unit = [cardCredentials?.assignedUnit];
+      const date = /* @__PURE__ */ new Date();
+      const endDate = new Date(date.setFullYear(date.getFullYear() + 10));
+      const res = await collection().aggregate([{ $sort: { cardNo: -1 } }, { $limit: 2 }]).toArray();
+      const prevCard = res && res?.[1]?.cardNo || "-1";
+      const currentCard = res && res?.[0]?.cardNo || "0";
+      let availableCardNo = [];
+      let num = parseInt(prevCard, 10) + 1;
+      while (availableCardNo.length < (unit.length > 0 ? unit.length : quantity)) {
+        if (num === parseInt(currentCard, 10)) {
+          num++;
+        }
+        availableCardNo.push(num);
+        num++;
+      }
+      const cardNumbers = availableCardNo.map((no) => no.toString().padStart(10, "0"));
+      const accessCards = [];
+      const convertedUnits = unit.map((obj) => new import_mongodb83.ObjectId(obj));
+      for (let j = 0; j < (unit.length > 0 ? unit.length : quantity); j++) {
+        accessCards.push(
+          new MAccessCard({
+            userId,
+            site: siteId,
+            type: cardCredentials?.type,
+            accessLevel: cardCredentials?.accessLevel,
+            accessGroup: cardCredentials?.accessGroup,
+            accessType: cardCredentials?.accessType,
+            cardNo: cardNumbers[j],
+            pin: "123456",
+            qrData: "092222",
+            startDate: /* @__PURE__ */ new Date(),
+            endDate,
+            isActivated: true,
+            isAntiPassBack: false,
+            isLiftCard: cardCredentials?.isLiftCard ? true : false,
+            liftAccessLevel: cardCredentials?.liftAccessLevel,
+            userType: cardCredentials?.userType,
+            doorName: cardCredentials?.doorName,
+            liftName: cardCredentials?.liftName,
+            assignedUnit: convertedUnits[j],
+            replacementStatus: "Issuance",
+            createdAt: /* @__PURE__ */ new Date(),
+            updatedAt: /* @__PURE__ */ new Date()
+          })
+        );
+      }
+      const commands = accessCards.map((item, index) => {
+        let ag = null;
+        if (item.accessGroup !== void 0) {
+          if (item.accessGroup?.length > 0) {
+            ag = item.accessGroup.map((g) => `<GROUP_NAME>${g}</GROUP_NAME>`).join("\n  ");
+          }
+        }
+        const command = {
+          commandId1: index * 2 + 1,
+          commandId2: index * 2 + 2,
+          staffName: `STAFF-${item._id.toString().slice(-10)}`,
+          staffNo1: `STAFF-${item._id.toString().slice(-10)}`,
+          staffNo2: `STAFF-${item._id.toString().slice(-10)}`,
+          dateOfJoin: formatEntryPassDate(item.startDate),
+          accessLevel: item.accessLevel ?? "0",
+          cardNo: item.cardNo,
+          pin: typeof item.pin === "string" && item.pin.trim() !== "" ? item.pin : "123456",
+          startDate: formatEntryPassDate(item.startDate),
+          endDate: formatEntryPassDate(item.endDate),
+          cardType: 0,
+          isActivated: item.isActivated ? 1 : 0,
+          isAntiPassBack: item.isAntiPassBack ? 1 : 0,
+          isLiftCard: item.isLiftCard ? 1 : 0,
+          isLiftActivate: item.isLiftCard ? 1 : 0,
+          liftAccessLevel: item.liftAccessLevel || 1,
+          liftAccessStartDate: formatEntryPassDate(item.liftAccessStartDate) || "19770510",
+          liftAccessEndDate: formatEntryPassDate(item.liftAccessEndDate) || "19770510",
+          accessGroup: ag
+        };
+        return readTemplate(`${item.accessLevel !== null ? "add-card" : "add-card-lift"}`, { ...command });
+      }).flat();
+      const response = await sendCommand(commands.join("").toString(), params.acm_url);
+      const result = await (0, import_xml2js.parseStringPromise)(response, { explicitArray: false });
+      if (result && result.RESULT.$.STCODE !== "0") {
+        throw new Error("Command failed, server error.");
+      }
+      const card = await collection().insertMany(accessCards);
+      await session?.commitTransaction();
+      return card;
+    } catch (error) {
+      await session?.abortTransaction();
+      throw new Error(error.message);
+    } finally {
+      await session?.endSession();
+    }
   }
-  return result;
-};
+  async function updateNFCStatusRepo(params) {
+    const session = import_node_server_utils149.useAtlas.getClient()?.startSession();
+    try {
+      session?.startTransaction();
+      const results = [];
+      for (let nfc of params.nfcList) {
+        nfc._id = new import_mongodb83.ObjectId(nfc._id);
+        const card = await collection().findOne({ _id: nfc._id }, { session });
+        if (card) {
+          const updateFields = {
+            status: nfc.status,
+            vmsRemarks: nfc?.vmsRemarks,
+            userId: null,
+            updatedAt: nfc?.updatedAt ?? /* @__PURE__ */ new Date()
+          };
+          if (nfc.status !== "Returned") {
+            updateFields.isActivated = false;
+          } else {
+            updateFields.isActivated = true;
+          }
+          const res = await collection().updateOne({ _id: card._id }, { $set: updateFields }, { session });
+          results.push({ nfcId: nfc._id, modifiedCount: res.modifiedCount });
+        }
+      }
+      await session?.commitTransaction();
+      return results;
+    } catch (error) {
+      await session?.abortTransaction();
+      throw new Error(error.message);
+    } finally {
+      await session?.endSession();
+    }
+  }
+  async function doorAndLiftDropdownRepo(params) {
+    try {
+      const { site, type, userType } = params;
+      const id = new import_mongodb83.ObjectId(site);
+      const res = collection().aggregate([
+        {
+          $match: {
+            site: { $in: [id] },
+            type,
+            userType,
+            isActivated: true,
+            assignedUnit: null,
+            userId: null,
+            $or: [
+              { $and: [{ doorName: { $ne: null } }, { doorName: { $ne: "" } }, { accessLevel: { $ne: null } }] },
+              { $and: [{ liftName: { $ne: null } }, { liftName: { $ne: "" } }, { liftAccessLevel: { $ne: null } }] }
+            ]
+          }
+        },
+        {
+          $facet: {
+            totalCount: [{ $count: "count" }],
+            accessData: [
+              {
+                $group: {
+                  _id: null,
+                  accessLevels: {
+                    $addToSet: {
+                      $cond: [
+                        { $and: [{ $ne: ["$doorName", null] }, { $ne: ["$doorName", ""] }, { $ne: ["$accessLevel", null] }] },
+                        { name: "$doorName", no: "$accessLevel" },
+                        "$$REMOVE"
+                      ]
+                    }
+                  },
+                  liftAccessLevels: {
+                    $addToSet: {
+                      $cond: [
+                        { $and: [{ $ne: ["$liftName", null] }, { $ne: ["$liftName", ""] }, { $ne: ["$liftAccessLevel", null] }] },
+                        { name: "$liftName", no: "$liftAccessLevel" },
+                        "$$REMOVE"
+                      ]
+                    }
+                  }
+                }
+              },
+              {
+                $project: {
+                  _id: 0,
+                  accessLevels: 1,
+                  liftAccessLevels: 1
+                }
+              }
+            ]
+          }
+        }
+      ]).toArray();
+      return res;
+    } catch (error) {
+      throw new Error(error.message);
+    }
+  }
+  async function cardReplacementRepo(params) {
+    const session = import_node_server_utils149.useAtlas.getClient()?.startSession();
+    try {
+      const { cardId, remarks } = params;
+      const id = new import_mongodb83.ObjectId(cardId);
+      session?.startTransaction();
+      const card = await collection().findOneAndUpdate(
+        { _id: id },
+        { $set: { remarks, replacementStatus: "Pending", requestDate: /* @__PURE__ */ new Date(), isActivated: false } },
+        { returnDocument: "after", session }
+      );
+      await session?.commitTransaction();
+      return card;
+    } catch (error) {
+      await session?.abortTransaction();
+      throw new Error(error.message);
+    } finally {
+      await session?.endSession();
+    }
+  }
+  return {
+    createIndexes,
+    createIndexForEntrypass,
+    addPhysicalCardRepo,
+    addNonPhysicalCardRepo,
+    accessManagementSettingsRepo,
+    allAccessCardsCountsRepo,
+    availableAccessCardsRepo,
+    userTypeAccessCardsRepo,
+    assignedAccessCardsRepo,
+    acknowlegdeCardRepo,
+    accessandLiftCardsRepo,
+    replaceCardRepo,
+    updateNFCStatusRepo,
+    doorAndLiftDropdownRepo,
+    cardReplacementRepo
+  };
+}
+
+// src/controllers/access-management.controller.ts
+var import_joi85 = __toESM(require("joi"));
 
 // src/services/access-management.service.ts
-var import_xml2js = require("xml2js");
+var import_xml2js2 = require("xml2js");
 var import_node_server_utils150 = require("@7365admin1/node-server-utils");
 var namespace = "cache:acm";
 function useAccessManagementSvc() {
@@ -28123,7 +28538,13 @@ function useAccessManagementSvc() {
     allAccessCardsCountsRepo,
     availableAccessCardsRepo,
     userTypeAccessCardsRepo,
-    assignedAccessCardsRepo
+    assignedAccessCardsRepo,
+    acknowlegdeCardRepo,
+    accessandLiftCardsRepo,
+    replaceCardRepo,
+    updateNFCStatusRepo,
+    doorAndLiftDropdownRepo,
+    cardReplacementRepo
   } = UseAccessManagementRepo();
   const addPhysicalCardSvc = async (payload) => {
     try {
@@ -28165,7 +28586,7 @@ function useAccessManagementSvc() {
       }
       const command = readTemplate("door-levels");
       const response = await sendCommand(command, params.acm_url);
-      const res = await (0, import_xml2js.parseStringPromise)(response, { explicitArray: false });
+      const res = await (0, import_xml2js2.parseStringPromise)(response, { explicitArray: false });
       const format = await formatDoorAccessLevels(res);
       await setCache({ key, data: format, ttlSeconds: 60, redis });
       redis.lrem(listKey, 0, key).then(() => redis.lpush(listKey, key)).then(() => redis.ltrim(listKey, 0, 9)).catch(console.error);
@@ -28188,7 +28609,7 @@ function useAccessManagementSvc() {
       }
       const command = readTemplate("lift-levels");
       const response = await sendCommand(command, params.acm_url);
-      const res = await (0, import_xml2js.parseStringPromise)(response, { explicitArray: false });
+      const res = await (0, import_xml2js2.parseStringPromise)(response, { explicitArray: false });
       const format = await formatLiftAccessLevels(res);
       await setCache({ key, data: format, ttlSeconds: 60, redis });
       redis.lrem(listKey, 0, key).then(() => redis.lpush(listKey, key)).then(() => redis.ltrim(listKey, 0, 9)).catch(console.error);
@@ -28199,10 +28620,22 @@ function useAccessManagementSvc() {
   };
   const accessGroupsSvc = async (params) => {
     try {
+      const key = `${namespace}:${params.user}:access-groups`;
+      const listKey = `${namespace}:${params.user}:list`;
+      const { redis } = (0, import_node_server_utils150.useCache)(key);
+      const cachedData = await getCache({ key, redis });
+      if (cachedData) {
+        console.log("\u26A1 Cache hit:", key);
+        redis.expire(key, 60).catch(console.error);
+        redis.lrem(listKey, 0, key).then(() => redis.lpush(listKey, key)).then(() => redis.ltrim(listKey, 0, 9)).catch(console.error);
+        return cachedData;
+      }
       const command = readTemplate("access-group");
       const response = await sendCommand(command, params.acm_url);
-      const res = await (0, import_xml2js.parseStringPromise)(response, { explicitArray: false });
+      const res = await (0, import_xml2js2.parseStringPromise)(response, { explicitArray: false });
       const format = await formatAccessGroup(res);
+      await setCache({ key, data: format, ttlSeconds: 60, redis });
+      redis.lrem(listKey, 0, key).then(() => redis.lpush(listKey, key)).then(() => redis.ltrim(listKey, 0, 9)).catch(console.error);
       return format;
     } catch (err) {
       throw new Error(err.message);
@@ -28248,6 +28681,54 @@ function useAccessManagementSvc() {
       throw new Error(err.message);
     }
   };
+  const acknowlegdeCardSvc = async (params) => {
+    try {
+      const response = await acknowlegdeCardRepo({ ...params });
+      return response;
+    } catch (err) {
+      throw new Error(err.message);
+    }
+  };
+  const accessandLiftCardsSvc = async (params) => {
+    try {
+      const response = await accessandLiftCardsRepo({ ...params });
+      return response;
+    } catch (err) {
+      throw new Error(err.message);
+    }
+  };
+  const replaceCardSvc = async (params) => {
+    try {
+      const response = await replaceCardRepo({ ...params });
+      return response;
+    } catch (err) {
+      throw new Error(err.message);
+    }
+  };
+  const updateNFCStatusSvc = async (params) => {
+    try {
+      const response = await updateNFCStatusRepo({ ...params });
+      return response;
+    } catch (err) {
+      throw new Error(err.message);
+    }
+  };
+  const doorAndLiftDropdownSvc = async (params) => {
+    try {
+      const response = await doorAndLiftDropdownRepo({ ...params });
+      return response;
+    } catch (err) {
+      throw new Error(err.message);
+    }
+  };
+  const cardReplacementSvc = async (params) => {
+    try {
+      const response = await cardReplacementRepo({ ...params });
+      return response;
+    } catch (err) {
+      throw new Error(err.message);
+    }
+  };
   return {
     addPhysicalCardSvc,
     addNonPhysicalCardSvc,
@@ -28258,7 +28739,13 @@ function useAccessManagementSvc() {
     allAccessCardsCountsSvc,
     availableAccessCardsSvc,
     userTypeAccessCardsSvc,
-    assignedAccessCardsSvc
+    assignedAccessCardsSvc,
+    acknowlegdeCardSvc,
+    accessandLiftCardsSvc,
+    replaceCardSvc,
+    updateNFCStatusSvc,
+    doorAndLiftDropdownSvc,
+    cardReplacementSvc
   };
 }
 
@@ -28274,7 +28761,13 @@ function useAccessManagementController() {
     allAccessCardsCountsSvc,
     availableAccessCardsSvc,
     userTypeAccessCardsSvc,
-    assignedAccessCardsSvc
+    assignedAccessCardsSvc,
+    acknowlegdeCardSvc,
+    accessandLiftCardsSvc,
+    replaceCardSvc,
+    updateNFCStatusSvc,
+    doorAndLiftDropdownSvc,
+    cardReplacementSvc
   } = useAccessManagementSvc();
   const addPhysicalCard = async (req, res) => {
     try {
@@ -28346,7 +28839,7 @@ function useAccessManagementController() {
         accessGroup: import_joi85.default.array().items(import_joi85.default.string().required()).required(),
         userType: import_joi85.default.string().required(),
         doorName: import_joi85.default.string().required(),
-        liftName: import_joi85.default.string().required(),
+        liftName: import_joi85.default.string().optional().allow("", null),
         unit: import_joi85.default.array().items(import_joi85.default.string()).optional().allow(null),
         startDate: import_joi85.default.date().required(),
         endDate: import_joi85.default.date().required(),
@@ -28437,10 +28930,11 @@ function useAccessManagementController() {
   const accessGroups = async (req, res) => {
     try {
       const { acm_url } = req.query;
+      const user = req.cookies?.sid;
       if (!acm_url || typeof acm_url !== "string") {
         throw new Error("Access Control URL is required");
       }
-      const result = await accessGroupsSvc({ acm_url });
+      const result = await accessGroupsSvc({ acm_url, user });
       return res.status(200).json({ message: "Success", data: result });
     } catch (error) {
       return res.status(400).json({
@@ -28555,6 +29049,144 @@ function useAccessManagementController() {
       });
     }
   };
+  const acknowlegdeCard = async (req, res) => {
+    try {
+      const { userId, site, cardId } = req.body;
+      const schema2 = import_joi85.default.object({
+        userId: import_joi85.default.array().items(import_joi85.default.string().hex()).required(),
+        cardId: import_joi85.default.array().items(import_joi85.default.string().hex()).required(),
+        site: import_joi85.default.string().hex().required()
+      });
+      const { error } = schema2.validate({ userId, cardId, site });
+      if (error) {
+        return res.status(400).json({ message: error.message });
+      }
+      const result = await acknowlegdeCardSvc({ userId, cardId, site });
+      return res.status(200).json({ message: "Success", data: result });
+    } catch (error) {
+      return res.status(500).json({
+        data: null,
+        message: error.message
+      });
+    }
+  };
+  const accessandLiftCards = async (req, res) => {
+    try {
+      const {
+        accessLevel = null,
+        liftAccessLevel = null,
+        site,
+        userType,
+        type
+      } = req.query;
+      const schema2 = import_joi85.default.object({
+        accessLevel: import_joi85.default.string().optional().allow("", null),
+        liftAccessLevel: import_joi85.default.string().optional().allow("", null),
+        site: import_joi85.default.string().hex().required(),
+        userType: import_joi85.default.string().valid(...Object.values(EAccessCardUserTypes)).required(),
+        type: import_joi85.default.string().valid(...Object.values(EAccessCardTypes)).required()
+      });
+      const { error } = schema2.validate({ accessLevel, liftAccessLevel, site, userType, type });
+      if (error) {
+        return res.status(400).json({ message: error.message });
+      }
+      const result = await accessandLiftCardsSvc({ accessLevel, liftAccessLevel, site, userType, type });
+      return res.status(200).json({ message: "Success", data: result });
+    } catch (error) {
+      return res.status(500).json({
+        data: null,
+        message: error.message
+      });
+    }
+  };
+  const replaceCard = async (req, res) => {
+    try {
+      const { userId, cardId, site, acm_url } = req.body;
+      const schema2 = import_joi85.default.object({
+        userId: import_joi85.default.string().required(),
+        cardId: import_joi85.default.string().required(),
+        site: import_joi85.default.string().required(),
+        acm_url: import_joi85.default.string().required()
+      });
+      const { error } = schema2.validate({ userId, cardId, site, acm_url });
+      if (error) {
+        return res.status(400).json({ message: error.message });
+      }
+      const result = await replaceCardSvc({ userId, cardId, site, acm_url });
+      return res.status(200).json({ message: "Success", data: result });
+    } catch (error) {
+      return res.status(500).json({
+        data: null,
+        message: error.message
+      });
+    }
+  };
+  const updateNFCStatus = async (req, res) => {
+    try {
+      const { nfcList = [], visitorId } = req.body;
+      const schema2 = import_joi85.default.object({
+        nfcList: import_joi85.default.array().items({
+          _id: import_joi85.default.string().hex().length(24).required(),
+          status: import_joi85.default.string().required(),
+          vmsRemarks: import_joi85.default.string().allow(null, "").optional(),
+          updatedAt: import_joi85.default.date().optional().allow(null, "")
+        }),
+        visitorId: import_joi85.default.string().optional().allow(null, "")
+      });
+      const { error } = schema2.validate({ nfcList, visitorId });
+      if (error) {
+        return res.status(400).json({ message: error.message });
+      }
+      const result = await updateNFCStatusSvc({ nfcList, visitorId });
+      return res.status(200).json({ message: "Success", data: result });
+    } catch (error) {
+      return res.status(500).json({
+        data: null,
+        message: error.message
+      });
+    }
+  };
+  const doorAndLiftDropdown = async (req, res) => {
+    try {
+      const { site, type, userType } = req.query;
+      const schema2 = import_joi85.default.object({
+        site: import_joi85.default.string().hex().required(),
+        type: import_joi85.default.string().required(),
+        userType: import_joi85.default.string().required()
+      });
+      const { error } = schema2.validate({ site, type, userType });
+      if (error) {
+        return res.status(400).json({ message: error.message });
+      }
+      const result = await doorAndLiftDropdownSvc({ site, type, userType });
+      return res.status(200).json({ message: "Success", data: result });
+    } catch (error) {
+      return res.status(500).json({
+        data: null,
+        message: error.message
+      });
+    }
+  };
+  const cardReplacement = async (req, res) => {
+    try {
+      const { cardId, remarks } = req.body;
+      const schema2 = import_joi85.default.object({
+        cardId: import_joi85.default.string().required(),
+        remarks: import_joi85.default.string().optional().allow("", null)
+      });
+      const { error } = schema2.validate({ cardId, remarks });
+      if (error) {
+        return res.status(400).json({ message: error.message });
+      }
+      const result = await cardReplacementSvc({ cardId, remarks });
+      return res.status(200).json({ message: "Success", data: result });
+    } catch (error) {
+      return res.status(500).json({
+        data: null,
+        message: error.message
+      });
+    }
+  };
   return {
     addPhysicalCard,
     addNonPhysicalCard,
@@ -28565,7 +29197,13 @@ function useAccessManagementController() {
     allAccessCardsCounts,
     availableAccessCards,
     userTypeAccessCards,
-    assignedAccessCards
+    assignedAccessCards,
+    acknowlegdeCard,
+    accessandLiftCards,
+    replaceCard,
+    updateNFCStatus,
+    doorAndLiftDropdown,
+    cardReplacement
   };
 }
 
@@ -34135,16 +34773,26 @@ function useOnlineFormRepo() {
     site = ""
   }) {
     page = page > 0 ? page - 1 : 0;
+    try {
+      site = new import_mongodb103.ObjectId(site);
+    } catch (error) {
+      throw new import_node_server_utils184.BadRequestError("Invalid site ID format.");
+    }
     sort = Object.keys(sort).length > 0 ? sort : { _id: -1 };
     const cacheOptions = {
       page,
       limit,
       status,
+      site: site?.toString(),
       sort: JSON.stringify(sort)
     };
     const query = {
       ...status ? { $and: [{ status }, { status: { $ne: "deleted" } }] } : { status: { $ne: "deleted" } }
     };
+    if (site) {
+      query.site = site;
+      cacheOptions.site = site;
+    }
     if (search) {
       query.$or = [{ name: { $regex: search, $options: "i" } }];
       cacheOptions.search = search;
@@ -34488,7 +35136,7 @@ function useOnlineFormController() {
   }
   async function deleteOnlineFormById(req, res, next) {
     const validation = import_joi106.default.string().hex().required();
-    const _id = req.params.id;
+    const _id = req.query.id;
     const { error } = validation.validate(_id);
     if (error) {
       import_node_server_utils185.logger.log({ level: "error", message: error.message });