@blackcode_sa/metaestetics-api 1.12.27 → 1.12.28

package/src/services/patient/utils/sensitive.utils.ts

@@ -1,31 +1,21 @@
-import {
-  getDoc,
-  updateDoc,
-  setDoc,
-  serverTimestamp,
-  Firestore,
-} from "firebase/firestore";
+import { getDoc, updateDoc, setDoc, serverTimestamp, Firestore } from 'firebase/firestore';
 import {
   PatientSensitiveInfo,
   CreatePatientSensitiveInfoData,
   UpdatePatientSensitiveInfoData,
-} from "../../../types/patient";
-import { UserRole } from "../../../types";
-import { createPatientSensitiveInfoSchema } from "../../../validations/patient.schema";
-import { z } from "zod";
+} from '../../../types/patient';
+import { UserRole } from '../../../types';
+import { createPatientSensitiveInfoSchema } from '../../../validations/patient.schema';
+import { z } from 'zod';
 import {
   getSensitiveInfoDocRef,
   initSensitiveInfoDocIfNotExists,
   getPatientDocRef,
-} from "./docs.utils";
-import {
-  MediaService,
-  MediaAccessLevel,
-  MediaResource,
-} from "../../media/media.service";
-import { AuthError } from "../../../errors/auth.errors";
-import { getPractitionerProfileByUserRef } from "./practitioner.utils";
-import { getClinicAdminByUserRef } from "../../clinic/utils/admin.utils";
+} from './docs.utils';
+import { MediaService, MediaAccessLevel, MediaResource } from '../../media/media.service';
+import { AuthError } from '../../../errors/auth.errors';
+import { getPractitionerProfileByUserRef } from './practitioner.utils';
+import { getClinicAdminByUserRef } from '../../clinic/utils/admin.utils';
 
 /**
  * Checks if the requester has permission to access/modify sensitive info.
@@ -35,11 +25,11 @@ const checkSensitiveAccessUtil = async (
   db: Firestore,
   patientId: string,
   requesterId: string,
-  requesterRoles: UserRole[]
+  requesterRoles: UserRole[],
 ): Promise<void> => {
   const patientDoc = await getDoc(getPatientDocRef(db, patientId));
   if (!patientDoc.exists()) {
-    throw new Error("Patient profile not found");
+    throw new Error('Patient profile not found');
   }
   const patientData = patientDoc.data() as any; // Cast to any to access properties
 
@@ -50,14 +40,8 @@ const checkSensitiveAccessUtil = async (
 
   // 2. Requester is an associated practitioner
   if (requesterRoles.includes(UserRole.PRACTITIONER)) {
-    const practitionerProfile = await getPractitionerProfileByUserRef(
-      db,
-      requesterId
-    );
-    if (
-      practitionerProfile &&
-      patientData.doctorIds?.includes(practitionerProfile.id)
-    ) {
+    const practitionerProfile = await getPractitionerProfileByUserRef(db, requesterId);
+    if (practitionerProfile && patientData.doctorIds?.includes(practitionerProfile.id)) {
       return;
     }
   }
@@ -66,8 +50,8 @@ const checkSensitiveAccessUtil = async (
   if (requesterRoles.includes(UserRole.CLINIC_ADMIN)) {
     const adminProfile = await getClinicAdminByUserRef(db, requesterId);
     if (adminProfile && adminProfile.clinicsManaged) {
-      const hasAccess = adminProfile.clinicsManaged.some((managedClinicId) =>
-        patientData.clinicIds?.includes(managedClinicId)
+      const hasAccess = adminProfile.clinicsManaged.some(managedClinicId =>
+        patientData.clinicIds?.includes(managedClinicId),
       );
       if (hasAccess) {
         return;
@@ -76,9 +60,9 @@ const checkSensitiveAccessUtil = async (
   }
 
   throw new AuthError(
-    "Unauthorized access to sensitive information.",
-    "AUTH/UNAUTHORIZED_ACCESS",
-    403
+    'Unauthorized access to sensitive information.',
+    'AUTH/UNAUTHORIZED_ACCESS',
+    403,
   );
 };
 
@@ -92,14 +76,14 @@ const checkSensitiveAccessUtil = async (
 const handlePhotoUrlUpload = async (
   photoUrl: MediaResource | undefined | null,
   patientId: string,
-  mediaService: MediaService
+  mediaService: MediaService,
 ): Promise<string | null> => {
   if (!photoUrl) {
     return null;
   }
 
   // If it's already a URL string, return it as is
-  if (typeof photoUrl === "string") {
+  if (typeof photoUrl === 'string') {
     return photoUrl;
   }
 
@@ -109,8 +93,8 @@ const handlePhotoUrlUpload = async (
       photoUrl,
       patientId, // Using patientId as ownerId
       MediaAccessLevel.PRIVATE, // Sensitive info should be private
-      "patient_sensitive_photos",
-      photoUrl instanceof File ? photoUrl.name : `sensitive_photo_${patientId}`
+      'patient_sensitive_photos',
+      photoUrl instanceof File ? photoUrl.name : `sensitive_photo_${patientId}`,
     );
     return mediaMetadata.url;
   }
@@ -124,25 +108,18 @@ export const createSensitiveInfoUtil = async (
   data: CreatePatientSensitiveInfoData,
   requesterId: string,
   requesterRoles: UserRole[],
-  mediaService?: MediaService
+  mediaService?: MediaService,
 ): Promise<PatientSensitiveInfo> => {
   try {
     // Security check
-    await checkSensitiveAccessUtil(
-      db,
-      data.patientId,
-      requesterId,
-      requesterRoles
-    );
+    await checkSensitiveAccessUtil(db, data.patientId, requesterId, requesterRoles);
 
     const validatedData = createPatientSensitiveInfoSchema.parse(data);
 
     // Proveriti da li dokument već postoji
-    const sensitiveDoc = await getDoc(
-      getSensitiveInfoDocRef(db, data.patientId)
-    );
+    const sensitiveDoc = await getDoc(getSensitiveInfoDocRef(db, data.patientId));
     if (sensitiveDoc.exists()) {
-      throw new Error("Sensitive information already exists for this patient");
+      throw new Error('Sensitive information already exists for this patient');
     }
 
     // Process photoUrl if it's a MediaResource and mediaService is provided
@@ -151,9 +128,9 @@ export const createSensitiveInfoUtil = async (
       processedPhotoUrl = await handlePhotoUrlUpload(
         validatedData.photoUrl,
         data.patientId,
-        mediaService
+        mediaService,
       );
-    } else if (typeof validatedData.photoUrl === "string") {
+    } else if (typeof validatedData.photoUrl === 'string') {
       processedPhotoUrl = validatedData.photoUrl;
     }
 
@@ -168,13 +145,13 @@ export const createSensitiveInfoUtil = async (
 
     const createdDoc = await getDoc(getSensitiveInfoDocRef(db, data.patientId));
     if (!createdDoc.exists()) {
-      throw new Error("Failed to create sensitive information");
+      throw new Error('Failed to create sensitive information');
     }
 
     return createdDoc.data() as PatientSensitiveInfo;
   } catch (error) {
     if (error instanceof z.ZodError) {
-      throw new Error("Invalid sensitive info data: " + error.message);
+      throw new Error('Invalid sensitive info data: ' + error.message);
     }
     throw error;
   }
@@ -184,7 +161,7 @@ export const getSensitiveInfoUtil = async (
   db: Firestore,
   patientId: string,
   requesterId: string,
-  requesterRoles: UserRole[]
+  requesterRoles: UserRole[],
 ): Promise<PatientSensitiveInfo | null> => {
   // Security check
   await checkSensitiveAccessUtil(db, patientId, requesterId, requesterRoles);
@@ -193,9 +170,7 @@ export const getSensitiveInfoUtil = async (
   await initSensitiveInfoDocIfNotExists(db, patientId, requesterId);
 
   const sensitiveDoc = await getDoc(getSensitiveInfoDocRef(db, patientId));
-  return sensitiveDoc.exists()
-    ? (sensitiveDoc.data() as PatientSensitiveInfo)
-    : null;
+  return sensitiveDoc.exists() ? (sensitiveDoc.data() as PatientSensitiveInfo) : null;
 };
 
 export const updateSensitiveInfoUtil = async (
@@ -204,7 +179,7 @@ export const updateSensitiveInfoUtil = async (
   data: UpdatePatientSensitiveInfoData,
   requesterId: string,
   requesterRoles: UserRole[],
-  mediaService?: MediaService
+  mediaService?: MediaService,
 ): Promise<PatientSensitiveInfo> => {
   // Security check
   await checkSensitiveAccessUtil(db, patientId, requesterId, requesterRoles);
@@ -216,16 +191,12 @@ export const updateSensitiveInfoUtil = async (
   let processedPhotoUrl: string | null | undefined = undefined;
   if (data.photoUrl !== undefined) {
     if (mediaService) {
-      processedPhotoUrl = await handlePhotoUrlUpload(
-        data.photoUrl,
-        patientId,
-        mediaService
-      );
-    } else if (typeof data.photoUrl === "string" || data.photoUrl === null) {
+      processedPhotoUrl = await handlePhotoUrlUpload(data.photoUrl, patientId, mediaService);
+    } else if (typeof data.photoUrl === 'string' || data.photoUrl === null) {
       processedPhotoUrl = data.photoUrl;
     } else {
       // If photoUrl is a File/Blob but no mediaService provided, throw error
-      throw new Error("MediaService required to process photo upload");
+      throw new Error('MediaService required to process photo upload');
     }
   }
 
@@ -239,7 +210,50 @@ export const updateSensitiveInfoUtil = async (
 
   const updatedDoc = await getDoc(getSensitiveInfoDocRef(db, patientId));
   if (!updatedDoc.exists()) {
-    throw new Error("Failed to retrieve updated sensitive information");
+    throw new Error('Failed to retrieve updated sensitive information');
+  }
+
+  return updatedDoc.data() as PatientSensitiveInfo;
+};
+
+export const claimPatientSensitiveInfoUtil = async (
+  db: Firestore,
+  patientId: string,
+  userId: string,
+): Promise<PatientSensitiveInfo> => {
+  const patientDoc = await getDoc(getPatientDocRef(db, patientId));
+  if (!patientDoc.exists()) {
+    throw new Error('Patient profile not found');
+  }
+
+  const patientData = patientDoc.data() as any;
+
+  if (!patientData.isManual) {
+    throw new Error('Only manually created patient profiles can be claimed');
+  }
+
+  if (patientData.userRef) {
+    throw new Error('Patient profile has already been claimed');
+  }
+
+  const sensitiveDoc = await getDoc(getSensitiveInfoDocRef(db, patientId));
+  if (!sensitiveDoc.exists()) {
+    throw new Error('Patient sensitive information not found');
+  }
+
+  const sensitiveData = sensitiveDoc.data() as PatientSensitiveInfo;
+  if (sensitiveData.userRef) {
+    throw new Error('Patient sensitive information has already been claimed');
+  }
+
+  await updateDoc(getSensitiveInfoDocRef(db, patientId), {
+    userRef: userId,
+    updatedAt: serverTimestamp(),
+  });
+
+  const updatedDoc = await getDoc(getSensitiveInfoDocRef(db, patientId));
+  if (!updatedDoc.exists()) {
+    throw new Error('Failed to retrieve updated sensitive information');
   }
 
   return updatedDoc.data() as PatientSensitiveInfo;

package/src/services/user/user.service.ts

@@ -178,16 +178,22 @@ export class UserService extends BaseService {
               throw new Error('User already has a patient profile.');
             }
 
-            // Claim the profile: link userRef, set isManual to false, and update displayName
-            // Get sensitive info to construct full display name
-            const sensitiveInfo = await patientService.getSensitiveInfo(patientProfile.id, userId);
+            // Claim sensitive info first (this adds userRef to sensitive info)
+            const sensitiveInfo = await patientService.claimPatientSensitiveInfo(
+              patientProfile.id,
+              userId,
+            );
+
+            // Construct full display name
             const fullDisplayName = sensitiveInfo
               ? `${sensitiveInfo.firstName} ${sensitiveInfo.lastName}`
               : patientProfile.displayName;
 
+            // Update patient profile: link userRef, set isManual to false, and update displayName
             await patientService.updatePatientProfile(patientProfile.id, {
               userRef: userId,
               isManual: false,
+              isVerified: true,
               displayName: fullDisplayName,
             });