npm - @blackcode_sa/metaestetics-api - Versions diffs - 1.12.55 → 1.12.57 - Mend

@blackcode_sa/metaestetics-api 1.12.55 → 1.12.57

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (9) hide show

package/dist/admin/index.js +15 -3
package/dist/admin/index.mjs +15 -3
package/dist/index.js +7 -1
package/dist/index.mjs +7 -1
package/package.json +1 -1
package/src/admin/free-consultation/free-consultation-utils.admin.ts +15 -3
package/src/errors/auth.errors.ts +5 -0
package/src/services/auth/auth.service.ts +3 -1
package/src/services/auth/auth.v2.service.ts +3 -1

package/dist/admin/index.js CHANGED Viewed

@@ -7932,9 +7932,21 @@ async function createFreeConsultationInfrastructure(db) {
     contraindications: [],
     // No contraindications for consultation
     benefits: [
-      "IMPROVED_PATIENT_UNDERSTANDING",
-      "BETTER_TREATMENT_PLANNING",
-      "ENHANCED_PATIENT_CONFIDENCE"
+      {
+        id: "IMPROVED_PATIENT_UNDERSTANDING",
+        name: "Improved Patient Understanding",
+        description: "Helps patients better understand their treatment options and expected outcomes"
+      },
+      {
+        id: "BETTER_TREATMENT_PLANNING",
+        name: "Better Treatment Planning",
+        description: "Enables more effective treatment planning based on patient needs and goals"
+      },
+      {
+        id: "ENHANCED_PATIENT_CONFIDENCE",
+        name: "Enhanced Patient Confidence",
+        description: "Builds patient confidence through clear communication and professional guidance"
+      }
     ],
     certificationRequirement: {
       minimumLevel: "aesthetician" /* AESTHETICIAN */,

package/dist/admin/index.mjs CHANGED Viewed

@@ -7870,9 +7870,21 @@ async function createFreeConsultationInfrastructure(db) {
     contraindications: [],
     // No contraindications for consultation
     benefits: [
-      "IMPROVED_PATIENT_UNDERSTANDING",
-      "BETTER_TREATMENT_PLANNING",
-      "ENHANCED_PATIENT_CONFIDENCE"
+      {
+        id: "IMPROVED_PATIENT_UNDERSTANDING",
+        name: "Improved Patient Understanding",
+        description: "Helps patients better understand their treatment options and expected outcomes"
+      },
+      {
+        id: "BETTER_TREATMENT_PLANNING",
+        name: "Better Treatment Planning",
+        description: "Enables more effective treatment planning based on patient needs and goals"
+      },
+      {
+        id: "ENHANCED_PATIENT_CONFIDENCE",
+        name: "Enhanced Patient Confidence",
+        description: "Builds patient confidence through clear communication and professional guidance"
+      }
     ],
     certificationRequirement: {
       minimumLevel: "aesthetician" /* AESTHETICIAN */,

package/dist/index.js CHANGED Viewed

@@ -3846,6 +3846,11 @@ var AUTH_ERRORS = {
     "AUTH/INVALID_ROLE",
     400
   ),
+  UNAUTHORIZED_ROLE: new AuthError(
+    "You do not have permission to access the clinic application. This account is registered as a patient. Please use the mobile app to access your patient account.",
+    "AUTH/UNAUTHORIZED_ROLE",
+    403
+  ),
   // Authentication errors
   NOT_AUTHENTICATED: new AuthError(
     "User is not authenticated",
@@ -11596,7 +11601,8 @@ var AuthService = class extends BaseService {
       const user = await this.userService.getOrCreateUser(firebaseUser);
       if (!((_a = user.roles) == null ? void 0 : _a.includes("clinic_admin" /* CLINIC_ADMIN */))) {
         console.error("[AUTH] User is not a clinic admin:", user.uid);
-        throw AUTH_ERRORS.INVALID_ROLE;
+        await this.auth.signOut();
+        throw AUTH_ERRORS.UNAUTHORIZED_ROLE;
       }
       if (!user.adminProfile) {
         console.error("[AUTH] User has no admin profile:", user.uid);

package/dist/index.mjs CHANGED Viewed

@@ -3764,6 +3764,11 @@ var AUTH_ERRORS = {
     "AUTH/INVALID_ROLE",
     400
   ),
+  UNAUTHORIZED_ROLE: new AuthError(
+    "You do not have permission to access the clinic application. This account is registered as a patient. Please use the mobile app to access your patient account.",
+    "AUTH/UNAUTHORIZED_ROLE",
+    403
+  ),
   // Authentication errors
   NOT_AUTHENTICATED: new AuthError(
     "User is not authenticated",
@@ -11695,7 +11700,8 @@ var AuthService = class extends BaseService {
       const user = await this.userService.getOrCreateUser(firebaseUser);
       if (!((_a = user.roles) == null ? void 0 : _a.includes("clinic_admin" /* CLINIC_ADMIN */))) {
         console.error("[AUTH] User is not a clinic admin:", user.uid);
-        throw AUTH_ERRORS.INVALID_ROLE;
+        await this.auth.signOut();
+        throw AUTH_ERRORS.UNAUTHORIZED_ROLE;
       }
       if (!user.adminProfile) {
         console.error("[AUTH] User has no admin profile:", user.uid);

package/package.json CHANGED Viewed

@@ -1,7 +1,7 @@
 {
   "name": "@blackcode_sa/metaestetics-api",
   "private": false,
-  "version": "1.12.55",
+  "version": "1.12.57",
   "description": "Firebase authentication service with anonymous upgrade support",
   "main": "dist/index.js",
   "module": "dist/index.mjs",

package/src/admin/free-consultation/free-consultation-utils.admin.ts CHANGED Viewed

@@ -110,9 +110,21 @@ async function createFreeConsultationInfrastructure(db: admin.firestore.Firestor
     blockingConditions: [], // No blocking conditions for consultation
     contraindications: [], // No contraindications for consultation
     benefits: [
-      'IMPROVED_PATIENT_UNDERSTANDING',
-      'BETTER_TREATMENT_PLANNING',
-      'ENHANCED_PATIENT_CONFIDENCE',
+      {
+        id: 'IMPROVED_PATIENT_UNDERSTANDING',
+        name: 'Improved Patient Understanding',
+        description: 'Helps patients better understand their treatment options and expected outcomes',
+      },
+      {
+        id: 'BETTER_TREATMENT_PLANNING',
+        name: 'Better Treatment Planning',
+        description: 'Enables more effective treatment planning based on patient needs and goals',
+      },
+      {
+        id: 'ENHANCED_PATIENT_CONFIDENCE',
+        name: 'Enhanced Patient Confidence',
+        description: 'Builds patient confidence through clear communication and professional guidance',
+      },
     ],
     certificationRequirement: {
       minimumLevel: CertificationLevel.AESTHETICIAN,

package/src/errors/auth.errors.ts CHANGED Viewed

@@ -26,6 +26,11 @@ export const AUTH_ERRORS = {
     "AUTH/INVALID_ROLE",
     400
   ),
+  UNAUTHORIZED_ROLE: new AuthError(
+    "You do not have permission to access the clinic application. This account is registered as a patient. Please use the mobile app to access your patient account.",
+    "AUTH/UNAUTHORIZED_ROLE",
+    403
+  ),
   // Authentication errors
   NOT_AUTHENTICATED: new AuthError(

package/src/services/auth/auth.service.ts CHANGED Viewed

@@ -480,7 +480,9 @@ export class AuthService extends BaseService {
       // Check if user has clinic_admin role
       if (!user.roles?.includes(UserRole.CLINIC_ADMIN)) {
         console.error('[AUTH] User is not a clinic admin:', user.uid);
-        throw AUTH_ERRORS.INVALID_ROLE;
+        // Sign out the user immediately for security
+        await this.auth.signOut();
+        throw AUTH_ERRORS.UNAUTHORIZED_ROLE;
       }
       // Check and get admin profile

package/src/services/auth/auth.v2.service.ts CHANGED Viewed

@@ -314,7 +314,9 @@ export class AuthServiceV2 extends BaseService {
       // Check if user has clinic_admin role
       if (!user.roles?.includes(UserRole.CLINIC_ADMIN)) {
         console.error("[AUTH] User is not a clinic admin:", user.uid);
-        throw AUTH_ERRORS.INVALID_ROLE;
+        // Sign out the user immediately for security
+        await this.auth.signOut();
+        throw AUTH_ERRORS.UNAUTHORIZED_ROLE;
       }
       // Check and get admin profile