@blackcode_sa/metaestetics-api 1.13.5 → 1.13.6

package/src/services/user/user.service.ts

@@ -1,489 +1,489 @@
-import {
-  collection,
-  doc,
-  getDoc,
-  getDocs,
-  query,
-  where,
-  updateDoc,
-  deleteDoc,
-  QueryConstraint,
-  Timestamp,
-  setDoc,
-  serverTimestamp,
-  FieldValue,
-} from 'firebase/firestore';
-import { initializeFirebase } from '../../config/firebase';
-import { User, UserRole, USERS_COLLECTION, CreateUserData } from '../../types';
-import { userSchema } from '../../validations/schemas';
-import { AuthError } from '../../errors/auth.errors';
-import { USER_ERRORS } from '../../errors/user.errors';
-import { AUTH_ERRORS } from '../../errors/auth.errors';
-import { z } from 'zod';
-import { BaseService } from '../base.service';
-import { PatientService } from '../patient/patient.service';
-import { ClinicAdminService } from '../clinic/clinic-admin.service';
-import { PatientProfile, PATIENTS_COLLECTION } from '../../types/patient';
-import { User as FirebaseUser } from 'firebase/auth';
-import { Auth } from 'firebase/auth';
-import { PractitionerService } from '../practitioner/practitioner.service';
-import { CertificationLevel } from '../../backoffice/types/static/certification.types';
-import { Firestore } from 'firebase/firestore';
-import { FirebaseApp } from 'firebase/app';
-
-export class UserService extends BaseService {
-  private patientService: PatientService;
-  private clinicAdminService: ClinicAdminService;
-  private practitionerService: PractitionerService;
-
-  constructor(
-    db: Firestore,
-    auth: Auth,
-    app: FirebaseApp,
-    patientService?: PatientService,
-    clinicAdminService?: ClinicAdminService,
-    practitionerService?: PractitionerService,
-  ) {
-    super(db, auth, app);
-
-    // Kreiramo servise samo ako nisu prosleđeni
-    if (!patientService) {
-      patientService = new PatientService(db, auth, app);
-    }
-    if (!clinicAdminService) {
-      clinicAdminService = new ClinicAdminService(db, auth, app);
-    }
-    if (!practitionerService) {
-      practitionerService = new PractitionerService(db, auth, app);
-    }
-
-    this.patientService = patientService;
-    this.clinicAdminService = clinicAdminService;
-    this.practitionerService = practitionerService;
-  }
-
-  private getPatientService(): PatientService {
-    return this.patientService;
-  }
-
-  private getClinicAdminService(): ClinicAdminService {
-    return this.clinicAdminService;
-  }
-
-  private getPractitionerService(): PractitionerService {
-    return this.practitionerService;
-  }
-
-  /**
-   * Kreira novog korisnika na osnovu Firebase korisnika
-   */
-  async createUser(
-    firebaseUser: FirebaseUser,
-    roles: UserRole[] = [UserRole.PATIENT],
-    options?: {
-      clinicAdminData?: {
-        isGroupOwner: boolean;
-        groupToken?: string;
-        groupId?: string;
-      };
-      patientInviteToken?: string;
-      skipProfileCreation?: boolean;
-    },
-  ): Promise<User> {
-    const userData: CreateUserData = {
-      uid: firebaseUser.uid,
-      email: firebaseUser.email,
-      roles: roles.length > 0 ? roles : [UserRole.PATIENT],
-      isAnonymous: firebaseUser.isAnonymous,
-      createdAt: serverTimestamp(),
-      updatedAt: serverTimestamp(),
-      lastLoginAt: serverTimestamp(),
-    };
-
-    // Kreiramo osnovnog korisnika
-    await setDoc(doc(this.db, USERS_COLLECTION, userData.uid), userData);
-
-    // Kreiramo odgovarajuće profile na osnovu rola
-    if (options?.skipProfileCreation) {
-      return this.getUserById(userData.uid);
-    }
-
-    const profiles = await this.createProfilesForRoles(userData.uid, roles, options);
-
-    // Ažuriramo korisnika sa referencama na profile
-    await updateDoc(doc(this.db, USERS_COLLECTION, userData.uid), profiles);
-
-    return this.getUserById(userData.uid);
-  }
-
-  /**
-   * Dohvata ili kreira korisnika na osnovu Firebase korisnika
-   */
-  async getOrCreateUser(firebaseUser: FirebaseUser, initialRole?: UserRole): Promise<User> {
-    try {
-      const existingUser = await this.getUserById(firebaseUser.uid);
-      await this.updateUserLoginTimestamp(firebaseUser.uid);
-      return existingUser;
-    } catch (error) {
-      return this.createUser(firebaseUser, [initialRole || UserRole.PATIENT]);
-    }
-  }
-
-  /**
-   * Kreira profile za odgovarajuće role
-   */
-  private async createProfilesForRoles(
-    userId: string,
-    roles: UserRole[],
-    options?: {
-      clinicAdminData?: {
-        isGroupOwner: boolean;
-        groupToken?: string;
-        groupId?: string;
-      };
-      patientInviteToken?: string;
-      skipProfileCreation?: boolean;
-    },
-  ): Promise<{
-    patientProfile?: string;
-    practitionerProfile?: string;
-    adminProfile?: string;
-  }> {
-    const profiles: {
-      patientProfile?: string;
-      practitionerProfile?: string;
-      adminProfile?: string;
-    } = {};
-
-    for (const role of roles) {
-      switch (role) {
-        case UserRole.PATIENT:
-          // If a token is provided, claim the existing manual profile
-          if (options?.patientInviteToken) {
-            const patientService = this.getPatientService();
-            const token = await patientService.validatePatientToken(options.patientInviteToken);
-
-            if (!token) {
-              throw new Error('Invalid or expired patient invitation token.');
-            }
-
-            // Get the patient profile
-            const patientProfile = await patientService.getPatientProfile(token.patientId);
-            if (!patientProfile || !patientProfile.isManual) {
-              throw new Error('Patient profile not found or has already been claimed.');
-            }
-
-            // Check if user already has a patient profile
-            if ((await this.getUserById(userId)).patientProfile || patientProfile.userRef) {
-              throw new Error('User already has a patient profile.');
-            }
-
-            // Claim sensitive info first (this adds userRef to sensitive info)
-            const sensitiveInfo = await patientService.claimPatientSensitiveInfo(
-              patientProfile.id,
-              userId,
-            );
-
-            // Construct full display name
-            const fullDisplayName = sensitiveInfo
-              ? `${sensitiveInfo.firstName} ${sensitiveInfo.lastName}`
-              : patientProfile.displayName;
-
-            // Update patient profile: link userRef, set isManual to false, and update displayName
-            await patientService.updatePatientProfile(patientProfile.id, {
-              userRef: userId,
-              isManual: false,
-              isVerified: true,
-              displayName: fullDisplayName,
-            });
-
-            // Mark the token as used
-            await patientService.markPatientTokenAsUsed(token.id, token.patientId, userId);
-
-            profiles.patientProfile = patientProfile.id;
-            break;
-          }
-
-          const patientProfile = await this.getPatientService().createPatientProfile({
-            userRef: userId,
-            displayName: 'Patient', // Default displayName, može se kasnije promeniti
-            expoTokens: [],
-            gamification: {
-              level: 1,
-              points: 0,
-            },
-            isActive: true,
-            isVerified: false,
-            isManual: false, // Explicitly set to false for standard signups
-          });
-          profiles.patientProfile = patientProfile.id;
-          break;
-        case UserRole.CLINIC_ADMIN:
-          // Skip profile creation if explicitly requested
-          // This is used when we know the profile will be created elsewhere (e.g. in signUpClinicAdmin)
-          if (options?.skipProfileCreation) {
-            break;
-          }
-
-          // Ako imamo token, verifikujemo ga i dodajemo admina u postojeću grupu
-          if (options?.clinicAdminData?.groupToken && options?.clinicAdminData?.groupId) {
-            const isValid = await this.getClinicAdminService()
-              .getClinicGroupService()
-              .verifyAndUseAdminToken(
-                options.clinicAdminData.groupId,
-                options.clinicAdminData.groupToken,
-                userId,
-              );
-
-            if (!isValid) {
-              throw new Error('Invalid admin token');
-            }
-          }
-
-          const clinicAdminProfile = await this.getClinicAdminService().createClinicAdmin({
-            userRef: userId,
-            clinicGroupId: options?.clinicAdminData?.groupId || '',
-            isGroupOwner: options?.clinicAdminData?.isGroupOwner || false,
-            clinicsManaged: [],
-            contactInfo: {
-              firstName: '',
-              lastName: '',
-              title: 'Clinic Administrator',
-              email: '',
-              phoneNumber: '',
-            },
-            roleTitle: 'Clinic Administrator',
-            isActive: true,
-          });
-          profiles.adminProfile = clinicAdminProfile.id;
-          break;
-        case UserRole.PRACTITIONER:
-          const practitionerProfile = await this.getPractitionerService().createPractitioner({
-            userRef: userId,
-            basicInfo: {
-              firstName: '',
-              lastName: '',
-              email: '',
-              phoneNumber: '',
-              title: '',
-              dateOfBirth: Timestamp.now(),
-              gender: 'other',
-              languages: ['Serbian'],
-            },
-            certification: {
-              level: CertificationLevel.AESTHETICIAN,
-              specialties: [],
-              licenseNumber: '',
-              issuingAuthority: '',
-              issueDate: Timestamp.now(),
-              verificationStatus: 'pending',
-            },
-            isActive: true,
-            isVerified: false,
-          });
-          profiles.practitionerProfile = practitionerProfile.id;
-          break;
-      }
-    }
-
-    return profiles;
-  }
-
-  /**
-   * Dohvata korisnika po ID-u
-   */
-  async getUserById(uid: string): Promise<User> {
-    const userDoc = await getDoc(doc(this.db, USERS_COLLECTION, uid));
-
-    if (!userDoc.exists()) {
-      throw USER_ERRORS.NOT_FOUND;
-    }
-
-    const userData = userDoc.data();
-    return userSchema.parse(userData) as User;
-  }
-
-  /**
-   * Dohvata korisnika po email-u
-   */
-  async getUserByEmail(email: string): Promise<User | null> {
-    const usersRef = collection(this.db, USERS_COLLECTION);
-    const q = query(usersRef, where('email', '==', email));
-    const querySnapshot = await getDocs(q);
-
-    if (querySnapshot.empty) return null;
-
-    const userData = querySnapshot.docs[0].data();
-    return userSchema.parse(userData) as User;
-  }
-
-  async getUsersByRole(role: UserRole): Promise<User[]> {
-    const constraints: QueryConstraint[] = [where('roles', 'array-contains', role)];
-    const q = query(collection(this.db, USERS_COLLECTION), ...constraints);
-    const querySnapshot = await getDocs(q);
-
-    const users = querySnapshot.docs.map(doc => doc.data());
-    return users.map(userData => userSchema.parse(userData) as User);
-  }
-
-  /**
-   * Ažurira timestamp poslednjeg logovanja
-   */
-  async updateUserLoginTimestamp(uid: string): Promise<User> {
-    const userRef = doc(this.db, USERS_COLLECTION, uid);
-    const userDoc = await getDoc(userRef);
-
-    if (!userDoc.exists()) {
-      throw AUTH_ERRORS.USER_NOT_FOUND;
-    }
-
-    await updateDoc(userRef, {
-      lastLoginAt: serverTimestamp(),
-      updatedAt: serverTimestamp(),
-    });
-
-    return this.getUserById(uid);
-  }
-
-  async upgradeAnonymousUser(uid: string, email: string): Promise<User> {
-    const userRef = doc(this.db, USERS_COLLECTION, uid);
-    const userDoc = await getDoc(userRef);
-
-    if (!userDoc.exists()) {
-      throw USER_ERRORS.NOT_FOUND;
-    }
-
-    await updateDoc(userRef, {
-      email: email,
-      isAnonymous: false,
-      updatedAt: serverTimestamp(),
-    });
-
-    return this.getUserById(uid);
-  }
-
-  async updateUser(uid: string, updates: Partial<Omit<User, 'uid'>>): Promise<User> {
-    const userRef = doc(this.db, USERS_COLLECTION, uid);
-    const userDoc = await getDoc(userRef);
-
-    if (!userDoc.exists()) {
-      throw USER_ERRORS.NOT_FOUND;
-    }
-
-    try {
-      const currentUser = userDoc.data() as User;
-      const updatedUser = {
-        ...currentUser,
-        ...updates,
-        updatedAt: serverTimestamp(),
-      };
-
-      // Validate the complete updated user object
-      userSchema.parse(updatedUser);
-
-      // Update only the specified fields plus updatedAt
-      await updateDoc(userRef, {
-        ...updates,
-        updatedAt: serverTimestamp(),
-      });
-
-      return this.getUserById(uid);
-    } catch (error) {
-      if (error instanceof z.ZodError) {
-        throw USER_ERRORS.VALIDATION_ERROR;
-      }
-      throw error;
-    }
-  }
-
-  /**
-   * Dodaje novu rolu korisniku
-   */
-  async addRole(
-    uid: string,
-    role: UserRole,
-    options?: {
-      clinicAdminData?: {
-        isGroupOwner: boolean;
-        groupToken?: string;
-        groupId?: string;
-      };
-    },
-  ): Promise<void> {
-    const user = await this.getUserById(uid);
-    if (user.roles.includes(role)) return;
-
-    const profiles = await this.createProfilesForRoles(uid, [role], options);
-
-    await updateDoc(doc(this.db, USERS_COLLECTION, uid), {
-      roles: [...user.roles, role],
-      ...profiles,
-      updatedAt: serverTimestamp(),
-    });
-  }
-
-  /**
-   * Uklanja rolu korisniku i briše odgovarajući profil
-   */
-  async removeRoleAndProfile(uid: string, role: UserRole): Promise<void> {
-    const user = await this.getUserById(uid);
-    if (!user.roles.includes(role)) return;
-
-    // Prvo brišemo profil
-    switch (role) {
-      case UserRole.PATIENT:
-        if (user.patientProfile) {
-          await this.getPatientService().deletePatientProfile(user.patientProfile);
-        }
-        break;
-      case UserRole.CLINIC_ADMIN:
-        if (user.adminProfile) {
-          await this.getClinicAdminService().deleteClinicAdmin(user.adminProfile);
-        }
-        break;
-      case UserRole.PRACTITIONER:
-        if (user.practitionerProfile) {
-          await this.getPractitionerService().deletePractitioner(user.practitionerProfile);
-        }
-        break;
-      // Dodati ostale role po potrebi
-    }
-
-    // Zatim uklanjamo rolu
-    await updateDoc(doc(this.db, USERS_COLLECTION, uid), {
-      roles: user.roles.filter(r => r !== role),
-      updatedAt: serverTimestamp(),
-    });
-  }
-
-  // Delete operations
-  async deleteUser(uid: string): Promise<void> {
-    const userRef = doc(this.db, USERS_COLLECTION, uid);
-    const userDoc = await getDoc(userRef);
-
-    if (!userDoc.exists()) {
-      throw USER_ERRORS.NOT_FOUND;
-    }
-
-    const userData = userDoc.data() as User;
-
-    try {
-      // Delete all associated profiles
-      if (userData.patientProfile) {
-        await this.getPatientService().deletePatientProfile(userData.patientProfile);
-      }
-
-      if (userData.practitionerProfile) {
-        await this.getPractitionerService().deletePractitioner(userData.practitionerProfile);
-      }
-
-      if (userData.adminProfile) {
-        await this.getClinicAdminService().deleteClinicAdmin(userData.adminProfile);
-      }
-
-      await deleteDoc(userRef);
-    } catch (error) {
-      throw error;
-    }
-  }
-}
+import {
+  collection,
+  doc,
+  getDoc,
+  getDocs,
+  query,
+  where,
+  updateDoc,
+  deleteDoc,
+  QueryConstraint,
+  Timestamp,
+  setDoc,
+  serverTimestamp,
+  FieldValue,
+} from 'firebase/firestore';
+import { initializeFirebase } from '../../config/firebase';
+import { User, UserRole, USERS_COLLECTION, CreateUserData } from '../../types';
+import { userSchema } from '../../validations/schemas';
+import { AuthError } from '../../errors/auth.errors';
+import { USER_ERRORS } from '../../errors/user.errors';
+import { AUTH_ERRORS } from '../../errors/auth.errors';
+import { z } from 'zod';
+import { BaseService } from '../base.service';
+import { PatientService } from '../patient/patient.service';
+import { ClinicAdminService } from '../clinic/clinic-admin.service';
+import { PatientProfile, PATIENTS_COLLECTION } from '../../types/patient';
+import { User as FirebaseUser } from 'firebase/auth';
+import { Auth } from 'firebase/auth';
+import { PractitionerService } from '../practitioner/practitioner.service';
+import { CertificationLevel } from '../../backoffice/types/static/certification.types';
+import { Firestore } from 'firebase/firestore';
+import { FirebaseApp } from 'firebase/app';
+
+export class UserService extends BaseService {
+  private patientService: PatientService;
+  private clinicAdminService: ClinicAdminService;
+  private practitionerService: PractitionerService;
+
+  constructor(
+    db: Firestore,
+    auth: Auth,
+    app: FirebaseApp,
+    patientService?: PatientService,
+    clinicAdminService?: ClinicAdminService,
+    practitionerService?: PractitionerService,
+  ) {
+    super(db, auth, app);
+
+    // Kreiramo servise samo ako nisu prosleđeni
+    if (!patientService) {
+      patientService = new PatientService(db, auth, app);
+    }
+    if (!clinicAdminService) {
+      clinicAdminService = new ClinicAdminService(db, auth, app);
+    }
+    if (!practitionerService) {
+      practitionerService = new PractitionerService(db, auth, app);
+    }
+
+    this.patientService = patientService;
+    this.clinicAdminService = clinicAdminService;
+    this.practitionerService = practitionerService;
+  }
+
+  private getPatientService(): PatientService {
+    return this.patientService;
+  }
+
+  private getClinicAdminService(): ClinicAdminService {
+    return this.clinicAdminService;
+  }
+
+  private getPractitionerService(): PractitionerService {
+    return this.practitionerService;
+  }
+
+  /**
+   * Kreira novog korisnika na osnovu Firebase korisnika
+   */
+  async createUser(
+    firebaseUser: FirebaseUser,
+    roles: UserRole[] = [UserRole.PATIENT],
+    options?: {
+      clinicAdminData?: {
+        isGroupOwner: boolean;
+        groupToken?: string;
+        groupId?: string;
+      };
+      patientInviteToken?: string;
+      skipProfileCreation?: boolean;
+    },
+  ): Promise<User> {
+    const userData: CreateUserData = {
+      uid: firebaseUser.uid,
+      email: firebaseUser.email,
+      roles: roles.length > 0 ? roles : [UserRole.PATIENT],
+      isAnonymous: firebaseUser.isAnonymous,
+      createdAt: serverTimestamp(),
+      updatedAt: serverTimestamp(),
+      lastLoginAt: serverTimestamp(),
+    };
+
+    // Kreiramo osnovnog korisnika
+    await setDoc(doc(this.db, USERS_COLLECTION, userData.uid), userData);
+
+    // Kreiramo odgovarajuće profile na osnovu rola
+    if (options?.skipProfileCreation) {
+      return this.getUserById(userData.uid);
+    }
+
+    const profiles = await this.createProfilesForRoles(userData.uid, roles, options);
+
+    // Ažuriramo korisnika sa referencama na profile
+    await updateDoc(doc(this.db, USERS_COLLECTION, userData.uid), profiles);
+
+    return this.getUserById(userData.uid);
+  }
+
+  /**
+   * Dohvata ili kreira korisnika na osnovu Firebase korisnika
+   */
+  async getOrCreateUser(firebaseUser: FirebaseUser, initialRole?: UserRole): Promise<User> {
+    try {
+      const existingUser = await this.getUserById(firebaseUser.uid);
+      await this.updateUserLoginTimestamp(firebaseUser.uid);
+      return existingUser;
+    } catch (error) {
+      return this.createUser(firebaseUser, [initialRole || UserRole.PATIENT]);
+    }
+  }
+
+  /**
+   * Kreira profile za odgovarajuće role
+   */
+  private async createProfilesForRoles(
+    userId: string,
+    roles: UserRole[],
+    options?: {
+      clinicAdminData?: {
+        isGroupOwner: boolean;
+        groupToken?: string;
+        groupId?: string;
+      };
+      patientInviteToken?: string;
+      skipProfileCreation?: boolean;
+    },
+  ): Promise<{
+    patientProfile?: string;
+    practitionerProfile?: string;
+    adminProfile?: string;
+  }> {
+    const profiles: {
+      patientProfile?: string;
+      practitionerProfile?: string;
+      adminProfile?: string;
+    } = {};
+
+    for (const role of roles) {
+      switch (role) {
+        case UserRole.PATIENT:
+          // If a token is provided, claim the existing manual profile
+          if (options?.patientInviteToken) {
+            const patientService = this.getPatientService();
+            const token = await patientService.validatePatientToken(options.patientInviteToken);
+
+            if (!token) {
+              throw new Error('Invalid or expired patient invitation token.');
+            }
+
+            // Get the patient profile
+            const patientProfile = await patientService.getPatientProfile(token.patientId);
+            if (!patientProfile || !patientProfile.isManual) {
+              throw new Error('Patient profile not found or has already been claimed.');
+            }
+
+            // Check if user already has a patient profile
+            if ((await this.getUserById(userId)).patientProfile || patientProfile.userRef) {
+              throw new Error('User already has a patient profile.');
+            }
+
+            // Claim sensitive info first (this adds userRef to sensitive info)
+            const sensitiveInfo = await patientService.claimPatientSensitiveInfo(
+              patientProfile.id,
+              userId,
+            );
+
+            // Construct full display name
+            const fullDisplayName = sensitiveInfo
+              ? `${sensitiveInfo.firstName} ${sensitiveInfo.lastName}`
+              : patientProfile.displayName;
+
+            // Update patient profile: link userRef, set isManual to false, and update displayName
+            await patientService.updatePatientProfile(patientProfile.id, {
+              userRef: userId,
+              isManual: false,
+              isVerified: true,
+              displayName: fullDisplayName,
+            });
+
+            // Mark the token as used
+            await patientService.markPatientTokenAsUsed(token.id, token.patientId, userId);
+
+            profiles.patientProfile = patientProfile.id;
+            break;
+          }
+
+          const patientProfile = await this.getPatientService().createPatientProfile({
+            userRef: userId,
+            displayName: 'Patient', // Default displayName, može se kasnije promeniti
+            expoTokens: [],
+            gamification: {
+              level: 1,
+              points: 0,
+            },
+            isActive: true,
+            isVerified: false,
+            isManual: false, // Explicitly set to false for standard signups
+          });
+          profiles.patientProfile = patientProfile.id;
+          break;
+        case UserRole.CLINIC_ADMIN:
+          // Skip profile creation if explicitly requested
+          // This is used when we know the profile will be created elsewhere (e.g. in signUpClinicAdmin)
+          if (options?.skipProfileCreation) {
+            break;
+          }
+
+          // Ako imamo token, verifikujemo ga i dodajemo admina u postojeću grupu
+          if (options?.clinicAdminData?.groupToken && options?.clinicAdminData?.groupId) {
+            const isValid = await this.getClinicAdminService()
+              .getClinicGroupService()
+              .verifyAndUseAdminToken(
+                options.clinicAdminData.groupId,
+                options.clinicAdminData.groupToken,
+                userId,
+              );
+
+            if (!isValid) {
+              throw new Error('Invalid admin token');
+            }
+          }
+
+          const clinicAdminProfile = await this.getClinicAdminService().createClinicAdmin({
+            userRef: userId,
+            clinicGroupId: options?.clinicAdminData?.groupId || '',
+            isGroupOwner: options?.clinicAdminData?.isGroupOwner || false,
+            clinicsManaged: [],
+            contactInfo: {
+              firstName: '',
+              lastName: '',
+              title: 'Clinic Administrator',
+              email: '',
+              phoneNumber: '',
+            },
+            roleTitle: 'Clinic Administrator',
+            isActive: true,
+          });
+          profiles.adminProfile = clinicAdminProfile.id;
+          break;
+        case UserRole.PRACTITIONER:
+          const practitionerProfile = await this.getPractitionerService().createPractitioner({
+            userRef: userId,
+            basicInfo: {
+              firstName: '',
+              lastName: '',
+              email: '',
+              phoneNumber: '',
+              title: '',
+              dateOfBirth: Timestamp.now(),
+              gender: 'other',
+              languages: ['Serbian'],
+            },
+            certification: {
+              level: CertificationLevel.AESTHETICIAN,
+              specialties: [],
+              licenseNumber: '',
+              issuingAuthority: '',
+              issueDate: Timestamp.now(),
+              verificationStatus: 'pending',
+            },
+            isActive: true,
+            isVerified: false,
+          });
+          profiles.practitionerProfile = practitionerProfile.id;
+          break;
+      }
+    }
+
+    return profiles;
+  }
+
+  /**
+   * Dohvata korisnika po ID-u
+   */
+  async getUserById(uid: string): Promise<User> {
+    const userDoc = await getDoc(doc(this.db, USERS_COLLECTION, uid));
+
+    if (!userDoc.exists()) {
+      throw USER_ERRORS.NOT_FOUND;
+    }
+
+    const userData = userDoc.data();
+    return userSchema.parse(userData) as User;
+  }
+
+  /**
+   * Dohvata korisnika po email-u
+   */
+  async getUserByEmail(email: string): Promise<User | null> {
+    const usersRef = collection(this.db, USERS_COLLECTION);
+    const q = query(usersRef, where('email', '==', email));
+    const querySnapshot = await getDocs(q);
+
+    if (querySnapshot.empty) return null;
+
+    const userData = querySnapshot.docs[0].data();
+    return userSchema.parse(userData) as User;
+  }
+
+  async getUsersByRole(role: UserRole): Promise<User[]> {
+    const constraints: QueryConstraint[] = [where('roles', 'array-contains', role)];
+    const q = query(collection(this.db, USERS_COLLECTION), ...constraints);
+    const querySnapshot = await getDocs(q);
+
+    const users = querySnapshot.docs.map(doc => doc.data());
+    return users.map(userData => userSchema.parse(userData) as User);
+  }
+
+  /**
+   * Ažurira timestamp poslednjeg logovanja
+   */
+  async updateUserLoginTimestamp(uid: string): Promise<User> {
+    const userRef = doc(this.db, USERS_COLLECTION, uid);
+    const userDoc = await getDoc(userRef);
+
+    if (!userDoc.exists()) {
+      throw AUTH_ERRORS.USER_NOT_FOUND;
+    }
+
+    await updateDoc(userRef, {
+      lastLoginAt: serverTimestamp(),
+      updatedAt: serverTimestamp(),
+    });
+
+    return this.getUserById(uid);
+  }
+
+  async upgradeAnonymousUser(uid: string, email: string): Promise<User> {
+    const userRef = doc(this.db, USERS_COLLECTION, uid);
+    const userDoc = await getDoc(userRef);
+
+    if (!userDoc.exists()) {
+      throw USER_ERRORS.NOT_FOUND;
+    }
+
+    await updateDoc(userRef, {
+      email: email,
+      isAnonymous: false,
+      updatedAt: serverTimestamp(),
+    });
+
+    return this.getUserById(uid);
+  }
+
+  async updateUser(uid: string, updates: Partial<Omit<User, 'uid'>>): Promise<User> {
+    const userRef = doc(this.db, USERS_COLLECTION, uid);
+    const userDoc = await getDoc(userRef);
+
+    if (!userDoc.exists()) {
+      throw USER_ERRORS.NOT_FOUND;
+    }
+
+    try {
+      const currentUser = userDoc.data() as User;
+      const updatedUser = {
+        ...currentUser,
+        ...updates,
+        updatedAt: serverTimestamp(),
+      };
+
+      // Validate the complete updated user object
+      userSchema.parse(updatedUser);
+
+      // Update only the specified fields plus updatedAt
+      await updateDoc(userRef, {
+        ...updates,
+        updatedAt: serverTimestamp(),
+      });
+
+      return this.getUserById(uid);
+    } catch (error) {
+      if (error instanceof z.ZodError) {
+        throw USER_ERRORS.VALIDATION_ERROR;
+      }
+      throw error;
+    }
+  }
+
+  /**
+   * Dodaje novu rolu korisniku
+   */
+  async addRole(
+    uid: string,
+    role: UserRole,
+    options?: {
+      clinicAdminData?: {
+        isGroupOwner: boolean;
+        groupToken?: string;
+        groupId?: string;
+      };
+    },
+  ): Promise<void> {
+    const user = await this.getUserById(uid);
+    if (user.roles.includes(role)) return;
+
+    const profiles = await this.createProfilesForRoles(uid, [role], options);
+
+    await updateDoc(doc(this.db, USERS_COLLECTION, uid), {
+      roles: [...user.roles, role],
+      ...profiles,
+      updatedAt: serverTimestamp(),
+    });
+  }
+
+  /**
+   * Uklanja rolu korisniku i briše odgovarajući profil
+   */
+  async removeRoleAndProfile(uid: string, role: UserRole): Promise<void> {
+    const user = await this.getUserById(uid);
+    if (!user.roles.includes(role)) return;
+
+    // Prvo brišemo profil
+    switch (role) {
+      case UserRole.PATIENT:
+        if (user.patientProfile) {
+          await this.getPatientService().deletePatientProfile(user.patientProfile);
+        }
+        break;
+      case UserRole.CLINIC_ADMIN:
+        if (user.adminProfile) {
+          await this.getClinicAdminService().deleteClinicAdmin(user.adminProfile);
+        }
+        break;
+      case UserRole.PRACTITIONER:
+        if (user.practitionerProfile) {
+          await this.getPractitionerService().deletePractitioner(user.practitionerProfile);
+        }
+        break;
+      // Dodati ostale role po potrebi
+    }
+
+    // Zatim uklanjamo rolu
+    await updateDoc(doc(this.db, USERS_COLLECTION, uid), {
+      roles: user.roles.filter(r => r !== role),
+      updatedAt: serverTimestamp(),
+    });
+  }
+
+  // Delete operations
+  async deleteUser(uid: string): Promise<void> {
+    const userRef = doc(this.db, USERS_COLLECTION, uid);
+    const userDoc = await getDoc(userRef);
+
+    if (!userDoc.exists()) {
+      throw USER_ERRORS.NOT_FOUND;
+    }
+
+    const userData = userDoc.data() as User;
+
+    try {
+      // Delete all associated profiles
+      if (userData.patientProfile) {
+        await this.getPatientService().deletePatientProfile(userData.patientProfile);
+      }
+
+      if (userData.practitionerProfile) {
+        await this.getPractitionerService().deletePractitioner(userData.practitionerProfile);
+      }
+
+      if (userData.adminProfile) {
+        await this.getClinicAdminService().deleteClinicAdmin(userData.adminProfile);
+      }
+
+      await deleteDoc(userRef);
+    } catch (error) {
+      throw error;
+    }
+  }
+}