@blackcode_sa/metaestetics-api 1.7.45 → 1.8.0

package/src/services/patient/patient.service.ts

@@ -37,6 +37,7 @@ import {
   SearchPatientsParams,
   RequesterInfo,
   PatientProfileForDoctor,
+  CreateManualPatientData,
 } from "../../types/patient";
 import { Auth } from "firebase/auth";
 import { Firestore } from "firebase/firestore";
@@ -55,22 +56,13 @@ import {
   updatePatientProfileByUserRefUtil,
   searchPatientsUtil,
   getAllPatientsUtil,
-} from "./utils/profile.utils";
-
-import {
   updatePatientLocationUtil,
   createLocationInfoUtil,
   getLocationInfoUtil,
   updateLocationInfoUtil,
-} from "./utils/location.utils";
-
-import {
   createSensitiveInfoUtil,
   getSensitiveInfoUtil,
   updateSensitiveInfoUtil,
-} from "./utils/sensitive.utils";
-
-import {
   createMedicalInfoUtil,
   getMedicalInfoUtil,
   updateVitalStatsUtil,
@@ -86,27 +78,28 @@ import {
   addMedicationUtil,
   updateMedicationUtil,
   removeMedicationUtil,
-} from "./utils/medical.utils";
-
-import {
   getPatientDocRef,
   getSensitiveInfoDocRef,
   getLocationInfoDocRef,
   getMedicalInfoDocRef,
-} from "./utils/docs.utils";
-
-import {
   addDoctorUtil,
   removeDoctorUtil,
   addClinicUtil,
   removeClinicUtil,
-} from "./utils/medical-stuff.utils";
-
-import {
   getPatientsByPractitionerUtil,
   getPatientsByPractitionerWithDetailsUtil,
-} from "./utils/practitioner.utils";
-import { getPatientsByClinicUtil } from "./utils/clinic.utils";
+  getPatientsByClinicUtil,
+  createPatientTokenUtil,
+  validatePatientTokenUtil,
+  markPatientTokenAsUsedUtil,
+  getActiveInviteTokensByClinicUtil,
+  getActiveInviteTokensByPatientUtil,
+} from "./utils";
+
+import {
+  CreatePatientTokenData,
+  PatientToken,
+} from "../../types/patient/token.types";
 
 export class PatientService extends BaseService {
   private mediaService: MediaService;
@@ -127,6 +120,111 @@ export class PatientService extends BaseService {
     return getPatientProfileUtil(this.db, patientId);
   }
 
+  /**
+   * Manually creates a new patient profile, typically initiated by a clinic admin.
+   * This creates a patient record that is not initially linked to an authenticated user.
+   *
+   * @param {CreateManualPatientData} data - The data for the new patient.
+   * @param {RequesterInfo} requester - Information about the user creating the patient (must be a clinic admin).
+   * @returns {Promise<PatientProfile>} The newly created patient profile.
+   * @throws {Error} If the requester is not a valid clinic admin.
+   */
+  async createManualPatient(
+    data: CreateManualPatientData,
+    requester: RequesterInfo
+  ): Promise<PatientProfile> {
+    console.log(
+      `[PatientService.createManualPatient] Attempting to create manual patient by requester:`,
+      requester
+    );
+
+    // Security Check: Ensure the requester is a clinic admin
+    if (
+      requester.role !== "clinic_admin" ||
+      !requester.associatedClinicId ||
+      requester.associatedClinicId !== data.clinicId
+    ) {
+      throw new Error(
+        "Unauthorized: Requester must be a clinic admin and can only add patients to their own clinic."
+      );
+    }
+
+    const patientId = this.generateId();
+    const batch = writeBatch(this.db);
+    const now = Timestamp.now();
+
+    // 1. Create Patient Profile
+    const patientProfileRef = getPatientDocRef(this.db, patientId);
+    const newProfile: PatientProfile = {
+      id: patientId,
+      displayName: `${data.firstName} ${data.lastName.charAt(0)}.`,
+      expoTokens: [],
+      gamification: { level: 1, points: 0 },
+      isActive: true,
+      isVerified: false, // Manual profiles are not verified by default
+      isManual: true,
+      doctors: [],
+      clinics: [
+        {
+          clinicId: data.clinicId,
+          assignedAt: now,
+          assignedBy: requester.id,
+          isActive: true,
+          notes: data.notes,
+        },
+      ],
+      doctorIds: [],
+      clinicIds: [data.clinicId],
+      createdAt: now,
+      updatedAt: now,
+      phoneNumber: data.phoneNumber,
+      dateOfBirth: data.dateOfBirth,
+    };
+    batch.set(patientProfileRef, newProfile);
+
+    // 2. Create Patient Sensitive Info
+    const sensitiveInfoRef = getSensitiveInfoDocRef(this.db, patientId);
+    const newSensitiveInfo: Omit<PatientSensitiveInfo, "photoUrl"> = {
+      patientId,
+      firstName: data.firstName,
+      lastName: data.lastName,
+      dateOfBirth: data.dateOfBirth,
+      gender: data.gender,
+      email: data.email,
+      phoneNumber: data.phoneNumber,
+      addressData: data.addressData,
+      emergencyContacts: [],
+      createdAt: now,
+      updatedAt: now,
+    };
+    batch.set(sensitiveInfoRef, newSensitiveInfo);
+
+    // 3. Create Patient Medical Info
+    const medicalInfoRef = getMedicalInfoDocRef(this.db, patientId);
+    const newMedicalInfo: PatientMedicalInfo = {
+      patientId,
+      vitalStats: {},
+      blockingConditions: [],
+      contraindications: [],
+      allergies: [],
+      currentMedications: [],
+      emergencyNotes: "",
+      lastUpdated: now,
+      updatedBy: requester.id, // The admin who created the record
+      verifiedAt: undefined,
+      verifiedBy: undefined,
+    };
+    batch.set(medicalInfoRef, newMedicalInfo);
+
+    await batch.commit();
+
+    console.log(
+      `[PatientService.createManualPatient] Successfully created manual patient with ID: ${patientId}`
+    );
+
+    return newProfile;
+  }
+
   async getPatientProfileByUserRef(
     userRef: string
   ): Promise<PatientProfile | null> {
@@ -188,10 +286,16 @@ export class PatientService extends BaseService {
     data: CreatePatientSensitiveInfoData,
     requesterUserId: string
   ): Promise<PatientSensitiveInfo> {
+    const currentUser = await this.getCurrentUser();
+    if (currentUser.uid !== requesterUserId) {
+      throw new Error("Requester does not match authenticated user.");
+    }
+
     return createSensitiveInfoUtil(
       this.db,
       data,
       requesterUserId,
+      currentUser.roles,
       this.mediaService
     );
   }
@@ -200,7 +304,17 @@ export class PatientService extends BaseService {
     patientId: string,
     requesterUserId: string
   ): Promise<PatientSensitiveInfo | null> {
-    return getSensitiveInfoUtil(this.db, patientId, requesterUserId);
+    const currentUser = await this.getCurrentUser();
+    if (currentUser.uid !== requesterUserId) {
+      // Allow for read-only access if authorized, but for now we check identity
+      // This could be expanded later based on practitioner/admin roles
+    }
+    return getSensitiveInfoUtil(
+      this.db,
+      patientId,
+      requesterUserId,
+      currentUser.roles
+    );
   }
 
   async getSensitiveInfoByUserRef(
@@ -209,6 +323,7 @@ export class PatientService extends BaseService {
   ): Promise<PatientSensitiveInfo | null> {
     const profile = await this.getPatientProfileByUserRef(userRef);
     if (!profile) return null;
+    // We pass requesterUserId which is the UID of the one asking.
     return this.getSensitiveInfo(profile.id, requesterUserId);
   }
 
@@ -217,11 +332,16 @@ export class PatientService extends BaseService {
     data: UpdatePatientSensitiveInfoData,
     requesterUserId: string
   ): Promise<PatientSensitiveInfo> {
+    const currentUser = await this.getCurrentUser();
+    if (currentUser.uid !== requesterUserId) {
+      throw new Error("Requester does not match authenticated user.");
+    }
     return updateSensitiveInfoUtil(
       this.db,
       patientId,
       data,
       requesterUserId,
+      currentUser.roles,
       this.mediaService
     );
   }
@@ -263,13 +383,25 @@ export class PatientService extends BaseService {
     data: UpdateVitalStatsData
   ): Promise<void> {
     const currentUser = await this.getCurrentUser();
-    await updateVitalStatsUtil(this.db, patientId, data, currentUser.uid);
+    await updateVitalStatsUtil(
+      this.db,
+      patientId,
+      data,
+      currentUser.uid,
+      currentUser.roles
+    );
   }
 
   // Metode za rad sa alergijama
   async addAllergy(patientId: string, data: AddAllergyData): Promise<void> {
     const currentUser = await this.getCurrentUser();
-    await addAllergyUtil(this.db, patientId, data, currentUser.uid);
+    await addAllergyUtil(
+      this.db,
+      patientId,
+      data,
+      currentUser.uid,
+      currentUser.roles
+    );
   }
 
   async updateAllergy(
@@ -277,12 +409,24 @@ export class PatientService extends BaseService {
     data: UpdateAllergyData
   ): Promise<void> {
     const currentUser = await this.getCurrentUser();
-    await updateAllergyUtil(this.db, patientId, data, currentUser.uid);
+    await updateAllergyUtil(
+      this.db,
+      patientId,
+      data,
+      currentUser.uid,
+      currentUser.roles
+    );
   }
 
   async removeAllergy(patientId: string, allergyIndex: number): Promise<void> {
     const currentUser = await this.getCurrentUser();
-    await removeAllergyUtil(this.db, patientId, allergyIndex, currentUser.uid);
+    await removeAllergyUtil(
+      this.db,
+      patientId,
+      allergyIndex,
+      currentUser.uid,
+      currentUser.roles
+    );
   }
 
   // Metode za rad sa blocking conditions
@@ -291,7 +435,13 @@ export class PatientService extends BaseService {
     data: AddBlockingConditionData
   ): Promise<void> {
     const currentUser = await this.getCurrentUser();
-    await addBlockingConditionUtil(this.db, patientId, data, currentUser.uid);
+    await addBlockingConditionUtil(
+      this.db,
+      patientId,
+      data,
+      currentUser.uid,
+      currentUser.roles
+    );
   }
 
   async updateBlockingCondition(
@@ -303,7 +453,8 @@ export class PatientService extends BaseService {
       this.db,
       patientId,
       data,
-      currentUser.uid
+      currentUser.uid,
+      currentUser.roles
     );
   }
 
@@ -316,7 +467,8 @@ export class PatientService extends BaseService {
       this.db,
       patientId,
       conditionIndex,
-      currentUser.uid
+      currentUser.uid,
+      currentUser.roles
     );
   }
 
@@ -326,7 +478,13 @@ export class PatientService extends BaseService {
     data: AddContraindicationData
   ): Promise<void> {
     const currentUser = await this.getCurrentUser();
-    await addContraindicationUtil(this.db, patientId, data, currentUser.uid);
+    await addContraindicationUtil(
+      this.db,
+      patientId,
+      data,
+      currentUser.uid,
+      currentUser.roles
+    );
   }
 
   async updateContraindication(
@@ -334,7 +492,13 @@ export class PatientService extends BaseService {
     data: UpdateContraindicationData
   ): Promise<void> {
     const currentUser = await this.getCurrentUser();
-    await updateContraindicationUtil(this.db, patientId, data, currentUser.uid);
+    await updateContraindicationUtil(
+      this.db,
+      patientId,
+      data,
+      currentUser.uid,
+      currentUser.roles
+    );
   }
 
   async removeContraindication(
@@ -346,7 +510,8 @@ export class PatientService extends BaseService {
       this.db,
       patientId,
       contraindicationIndex,
-      currentUser.uid
+      currentUser.uid,
+      currentUser.roles
     );
   }
 
@@ -356,7 +521,13 @@ export class PatientService extends BaseService {
     data: AddMedicationData
   ): Promise<void> {
     const currentUser = await this.getCurrentUser();
-    await addMedicationUtil(this.db, patientId, data, currentUser.uid);
+    await addMedicationUtil(
+      this.db,
+      patientId,
+      data,
+      currentUser.uid,
+      currentUser.roles
+    );
   }
 
   async updateMedication(
@@ -364,7 +535,13 @@ export class PatientService extends BaseService {
     data: UpdateMedicationData
   ): Promise<void> {
     const currentUser = await this.getCurrentUser();
-    await updateMedicationUtil(this.db, patientId, data, currentUser.uid);
+    await updateMedicationUtil(
+      this.db,
+      patientId,
+      data,
+      currentUser.uid,
+      currentUser.roles
+    );
   }
 
   async removeMedication(
@@ -376,7 +553,8 @@ export class PatientService extends BaseService {
       this.db,
       patientId,
       medicationIndex,
-      currentUser.uid
+      currentUser.uid,
+      currentUser.roles
     );
   }
 
@@ -746,4 +924,81 @@ export class PatientService extends BaseService {
     );
     return getPatientsByClinicUtil(this.db, clinicId, options);
   }
+
+  /**
+   * Creates a token for inviting a patient to claim their profile.
+   *
+   * @param {CreatePatientTokenData} data - Data for creating the token.
+   * @param {string} createdBy - ID of the admin user creating the token.
+   * @returns {Promise<PatientToken>} The created token.
+   */
+  async createPatientToken(
+    data: CreatePatientTokenData,
+    createdBy: string
+  ): Promise<PatientToken> {
+    // We assume the 'createdBy' user is validated to be a clinic admin
+    // in the calling context (e.g., a cloud function or API endpoint).
+    return createPatientTokenUtil(
+      this.db,
+      data,
+      createdBy,
+      () => this.generateId() // Pass the ID generation function
+    );
+  }
+
+  /**
+   * Validates a patient invitation token.
+   *
+   * @param {string} tokenString - The token string to validate.
+   * @returns {Promise<PatientToken | null>} The token if found and valid, otherwise null.
+   */
+  async validatePatientToken(
+    tokenString: string
+  ): Promise<PatientToken | null> {
+    return validatePatientTokenUtil(this.db, tokenString);
+  }
+
+  /**
+   * Marks a patient invitation token as used.
+   *
+   * @param {string} tokenId - The ID of the token to mark as used.
+   * @param {string} patientId - The ID of the patient associated with the token.
+   * @param {string} userId - The ID of the user who is using the token.
+   * @returns {Promise<void>}
+   */
+  async markPatientTokenAsUsed(
+    tokenId: string,
+    patientId: string,
+    userId: string
+  ): Promise<void> {
+    return markPatientTokenAsUsedUtil(this.db, tokenId, patientId, userId);
+  }
+
+  /**
+   * Retrieves all active invitation tokens for a specific clinic.
+   * NOTE: This should be protected and only exposed to authorized clinic admins.
+   *
+   * @param {string} clinicId - The ID of the clinic.
+   * @returns {Promise<PatientToken[]>} An array of active tokens for the clinic.
+   */
+  async getActiveInviteTokensByClinic(
+    clinicId: string
+  ): Promise<PatientToken[]> {
+    return getActiveInviteTokensByClinicUtil(this.db, clinicId);
+  }
+
+  /**
+   * Retrieves all active invitation tokens for a specific patient.
+   * NOTE: This should be protected and only exposed to authorized clinic admins.
+   *
+   * @param {string} patientId - The ID of the patient.
+   * @returns {Promise<PatientToken[]>} An array of active tokens for the patient.
+   */
+  async getActiveInviteTokensByPatient(
+    patientId: string
+  ): Promise<PatientToken[]> {
+    // Security check should be done in the calling context to ensure
+    // the admin has permission to view this patient's tokens.
+    return getActiveInviteTokensByPatientUtil(this.db, patientId);
+  }
 }

package/src/services/patient/utils/index.ts

@@ -0,0 +1,9 @@
+export * from "./clinic.utils";
+export * from "./docs.utils";
+export * from "./location.utils";
+export * from "./medical-stuff.utils";
+export * from "./medical.utils";
+export * from "./practitioner.utils";
+export * from "./profile.utils";
+export * from "./sensitive.utils";
+export * from "./token.utils";