@blackcode_sa/metaestetics-api 1.7.47 → 1.8.1

package/src/services/patient/utils/medical.utils.ts

@@ -45,64 +45,25 @@ import { AuthError } from "../../../errors/auth.errors";
 import { UserRole } from "../../../types";
 import { getMedicalInfoDocRef, getPatientDocRef } from "./docs.utils";
 import { getPractitionerProfileByUserRef } from "./practitioner.utils";
+import { getClinicAdminByUserRef } from "../../clinic/utils/admin.utils";
 
 // Pomoćna funkcija za proveru i inicijalizaciju medical info dokumenta
 export const ensureMedicalInfoExists = async (
   db: Firestore,
   patientId: string,
-  userRef: string
+  requesterId: string
 ): Promise<void> => {
-  console.log(
-    `[ensureMedicalInfoExists] Starting for patientId: ${patientId}, userRef: ${userRef}`
-  );
-
-  try {
-    const medicalInfoRef = getMedicalInfoDocRef(db, patientId);
-    console.log(
-      `[ensureMedicalInfoExists] Got document reference: ${medicalInfoRef.path}`
-    );
-
-    const medicalInfoDoc = await getDoc(medicalInfoRef);
-    console.log(
-      `[ensureMedicalInfoExists] Document exists: ${medicalInfoDoc.exists()}`
-    );
-
-    if (!medicalInfoDoc.exists()) {
-      const defaultData = {
-        ...DEFAULT_MEDICAL_INFO,
-        patientId,
-        lastUpdated: serverTimestamp(),
-        updatedBy: userRef,
-      };
-
-      console.log(
-        `[ensureMedicalInfoExists] Creating new document with data:`,
-        JSON.stringify(defaultData, (key, value) =>
-          value &&
-          typeof value === "object" &&
-          value.constructor &&
-          value.constructor.name === "Object"
-            ? "[serverTimestamp]"
-            : value
-        )
-      );
-
-      await setDoc(medicalInfoRef, defaultData);
-      console.log(`[ensureMedicalInfoExists] Document created successfully`);
-
-      // Verify document was created
-      const verifyDoc = await getDoc(medicalInfoRef);
-      console.log(
-        `[ensureMedicalInfoExists] Verification - document exists: ${verifyDoc.exists()}`
-      );
-    } else {
-      console.log(
-        `[ensureMedicalInfoExists] Document already exists, no action taken`
-      );
-    }
-  } catch (error) {
-    console.error(`[ensureMedicalInfoExists] Error:`, error);
-    throw error;
+  const medicalInfoRef = getMedicalInfoDocRef(db, patientId);
+  const medicalInfoDoc = await getDoc(medicalInfoRef);
+
+  if (!medicalInfoDoc.exists()) {
+    const defaultData = {
+      ...DEFAULT_MEDICAL_INFO,
+      patientId,
+      lastUpdated: serverTimestamp(),
+      updatedBy: requesterId, // Koristimo ID onoga ko zahteva akciju
+    };
+    await setDoc(medicalInfoRef, defaultData);
   }
 };
 
@@ -110,48 +71,54 @@ export const ensureMedicalInfoExists = async (
 const checkMedicalAccessUtil = async (
   db: Firestore,
   patientId: string,
-  userRef: string,
-  userRoles: UserRole[]
+  requesterId: string,
+  requesterRoles: UserRole[]
 ): Promise<void> => {
-  // Prvo pronađi profil pacijenta
   const patientDoc = await getDoc(getPatientDocRef(db, patientId));
   if (!patientDoc.exists()) {
     throw new Error("Patient profile not found");
   }
-
   const patientData = patientDoc.data() as PatientProfile;
 
-  // Proveri da li je korisnik vlasnik profila
-  if (patientData.userRef === userRef) return;
+  // 1. Provera da li je pacijent vlasnik profila (ako profil nije manuelan)
+  if (patientData.userRef && patientData.userRef === requesterId) {
+    return;
+  }
 
-  // Ako je doktor, proveri da li je povezan sa pacijentom
-  if (userRoles.includes(UserRole.PRACTITIONER)) {
+  // 2. Provera za doktora
+  if (requesterRoles.includes(UserRole.PRACTITIONER)) {
     const practitionerProfile = await getPractitionerProfileByUserRef(
       db,
-      userRef
+      requesterId
     );
-
-    if (!practitionerProfile) {
-      throw new AuthError(
-        "Practitioner profile not found",
-        "AUTH/UNAUTHORIZED_ACCESS",
-        403
-      );
+    if (
+      practitionerProfile &&
+      patientData.doctorIds?.includes(practitionerProfile.id)
+    ) {
+      return;
     }
+  }
 
-    // Check if practitioner's ID is in the patient's doctorIds array
-    const isAssignedDoctor = patientData.doctorIds?.includes(
-      practitionerProfile.id
-    );
-
-    if (!isAssignedDoctor) {
-      throw new AuthError(
-        "Doktor nije povezan sa pacijentom",
-        "AUTH/UNAUTHORIZED_ACCESS",
-        403
+  // 3. Provera za admina klinike
+  if (requesterRoles.includes(UserRole.CLINIC_ADMIN)) {
+    const adminProfile = await getClinicAdminByUserRef(db, requesterId);
+    if (adminProfile && adminProfile.clinicsManaged) {
+      // Check if any of the admin's managed clinics are in the patient's clinic list
+      const hasAccess = adminProfile.clinicsManaged.some((managedClinicId) =>
+        patientData.clinicIds?.includes(managedClinicId)
       );
+      if (hasAccess) {
+        return;
+      }
     }
   }
+
+  // Ako nijedan uslov nije zadovoljen
+  throw new AuthError(
+    "Unauthorized access to medical information.",
+    "AUTH/UNAUTHORIZED_ACCESS",
+    403
+  );
 };
 
 // Osnovne metode za medicinske informacije
@@ -159,37 +126,35 @@ export const createMedicalInfoUtil = async (
   db: Firestore,
   patientId: string,
   data: CreatePatientMedicalInfoData,
-  userRef: string,
-  userRoles: UserRole[]
+  requesterId: string,
+  requesterRoles: UserRole[]
 ): Promise<void> => {
-  await checkMedicalAccessUtil(db, patientId, userRef, userRoles);
-
+  await checkMedicalAccessUtil(db, patientId, requesterId, requesterRoles);
   const validatedData = createPatientMedicalInfoSchema.parse(data);
 
   await setDoc(getMedicalInfoDocRef(db, patientId), {
     ...validatedData,
     patientId: patientId,
-    lastUpdated: Timestamp.now(),
-    updatedBy: userRef,
+    lastUpdated: serverTimestamp(),
+    updatedBy: requesterId,
   });
 };
 
 export const getMedicalInfoUtil = async (
   db: Firestore,
   patientId: string,
-  userRef: string,
-  userRoles: UserRole[]
+  requesterId: string,
+  requesterRoles: UserRole[]
 ): Promise<PatientMedicalInfo> => {
-  await checkMedicalAccessUtil(db, patientId, userRef, userRoles);
-
+  await checkMedicalAccessUtil(db, patientId, requesterId, requesterRoles);
   const docRef = getMedicalInfoDocRef(db, patientId);
   const snapshot = await getDoc(docRef);
-
   if (!snapshot.exists()) {
-    throw new Error("Medicinske informacije nisu pronađene");
+    // Ako ne postoji, kreiraj prazan dokument
+    await ensureMedicalInfoExists(db, patientId, requesterId);
+    const newSnapshot = await getDoc(docRef);
+    return patientMedicalInfoSchema.parse(newSnapshot.data());
   }
-
-  // The schema will transform raw timestamp objects to Timestamp instances
   return patientMedicalInfoSchema.parse(snapshot.data());
 };
 
@@ -198,15 +163,17 @@ export const updateVitalStatsUtil = async (
   db: Firestore,
   patientId: string,
   data: UpdateVitalStatsData,
-  userRef: string
+  requesterId: string,
+  requesterRoles: UserRole[] // Dodajemo role za proveru pristupa
 ): Promise<void> => {
-  await ensureMedicalInfoExists(db, patientId, userRef);
+  await checkMedicalAccessUtil(db, patientId, requesterId, requesterRoles);
+  await ensureMedicalInfoExists(db, patientId, requesterId);
   const validatedData = updateVitalStatsSchema.parse(data);
 
   await updateDoc(getMedicalInfoDocRef(db, patientId), {
     vitalStats: validatedData,
     lastUpdated: serverTimestamp(),
-    updatedBy: userRef,
+    updatedBy: requesterId,
   });
 };
 
@@ -215,15 +182,16 @@ export const addAllergyUtil = async (
   db: Firestore,
   patientId: string,
   data: AddAllergyData,
-  userRef: string
+  requesterId: string,
+  requesterRoles: UserRole[]
 ): Promise<void> => {
-  await ensureMedicalInfoExists(db, patientId, userRef);
+  await checkMedicalAccessUtil(db, patientId, requesterId, requesterRoles);
+  await ensureMedicalInfoExists(db, patientId, requesterId);
   const validatedData = addAllergySchema.parse(data);
-
   await updateDoc(getMedicalInfoDocRef(db, patientId), {
     allergies: arrayUnion(validatedData),
     lastUpdated: serverTimestamp(),
-    updatedBy: userRef,
+    updatedBy: requesterId,
   });
 };
 
@@ -231,31 +199,27 @@ export const updateAllergyUtil = async (
   db: Firestore,
   patientId: string,
   data: UpdateAllergyData,
-  userRef: string
+  requesterId: string,
+  requesterRoles: UserRole[]
 ): Promise<void> => {
+  await checkMedicalAccessUtil(db, patientId, requesterId, requesterRoles);
   const validatedData = updateAllergySchema.parse(data);
   const { allergyIndex, ...updateData } = validatedData;
-
   const docSnapshot = await getDoc(getMedicalInfoDocRef(db, patientId));
   if (!docSnapshot.exists()) throw new Error("Medical info not found");
-
-  // Parse through schema to ensure proper Timestamp objects
   const medicalInfo = patientMedicalInfoSchema.parse(docSnapshot.data());
-
   if (allergyIndex >= medicalInfo.allergies.length) {
     throw new Error("Invalid allergy index");
   }
-
   const updatedAllergies = [...medicalInfo.allergies];
   updatedAllergies[allergyIndex] = {
     ...updatedAllergies[allergyIndex],
     ...updateData,
   };
-
   await updateDoc(getMedicalInfoDocRef(db, patientId), {
     allergies: updatedAllergies,
     lastUpdated: serverTimestamp(),
-    updatedBy: userRef,
+    updatedBy: requesterId,
   });
 };
 
@@ -263,24 +227,23 @@ export const removeAllergyUtil = async (
   db: Firestore,
   patientId: string,
   allergyIndex: number,
-  userRef: string
+  requesterId: string,
+  requesterRoles: UserRole[]
 ): Promise<void> => {
+  await checkMedicalAccessUtil(db, patientId, requesterId, requesterRoles);
   const doc = await getDoc(getMedicalInfoDocRef(db, patientId));
   if (!doc.exists()) throw new Error("Medical info not found");
-
   const medicalInfo = doc.data() as PatientMedicalInfo;
   if (allergyIndex >= medicalInfo.allergies.length) {
     throw new Error("Invalid allergy index");
   }
-
   const updatedAllergies = medicalInfo.allergies.filter(
     (_, index) => index !== allergyIndex
   );
-
   await updateDoc(getMedicalInfoDocRef(db, patientId), {
     allergies: updatedAllergies,
     lastUpdated: serverTimestamp(),
-    updatedBy: userRef,
+    updatedBy: requesterId,
   });
 };
 
@@ -289,15 +252,16 @@ export const addBlockingConditionUtil = async (
   db: Firestore,
   patientId: string,
   data: AddBlockingConditionData,
-  userRef: string
+  requesterId: string,
+  requesterRoles: UserRole[]
 ): Promise<void> => {
-  await ensureMedicalInfoExists(db, patientId, userRef);
+  await checkMedicalAccessUtil(db, patientId, requesterId, requesterRoles);
+  await ensureMedicalInfoExists(db, patientId, requesterId);
   const validatedData = addBlockingConditionSchema.parse(data);
-
   await updateDoc(getMedicalInfoDocRef(db, patientId), {
     blockingConditions: arrayUnion(validatedData),
     lastUpdated: serverTimestamp(),
-    updatedBy: userRef,
+    updatedBy: requesterId,
   });
 };
 
@@ -305,29 +269,27 @@ export const updateBlockingConditionUtil = async (
   db: Firestore,
   patientId: string,
   data: UpdateBlockingConditionData,
-  userRef: string
+  requesterId: string,
+  requesterRoles: UserRole[]
 ): Promise<void> => {
+  await checkMedicalAccessUtil(db, patientId, requesterId, requesterRoles);
   const validatedData = updateBlockingConditionSchema.parse(data);
   const { conditionIndex, ...updateData } = validatedData;
-
   const doc = await getDoc(getMedicalInfoDocRef(db, patientId));
   if (!doc.exists()) throw new Error("Medical info not found");
-
   const medicalInfo = doc.data() as PatientMedicalInfo;
   if (conditionIndex >= medicalInfo.blockingConditions.length) {
     throw new Error("Invalid blocking condition index");
   }
-
   const updatedConditions = [...medicalInfo.blockingConditions];
   updatedConditions[conditionIndex] = {
     ...updatedConditions[conditionIndex],
     ...updateData,
   };
-
   await updateDoc(getMedicalInfoDocRef(db, patientId), {
     blockingConditions: updatedConditions,
     lastUpdated: serverTimestamp(),
-    updatedBy: userRef,
+    updatedBy: requesterId,
   });
 };
 
@@ -335,24 +297,23 @@ export const removeBlockingConditionUtil = async (
   db: Firestore,
   patientId: string,
   conditionIndex: number,
-  userRef: string
+  requesterId: string,
+  requesterRoles: UserRole[]
 ): Promise<void> => {
+  await checkMedicalAccessUtil(db, patientId, requesterId, requesterRoles);
   const doc = await getDoc(getMedicalInfoDocRef(db, patientId));
   if (!doc.exists()) throw new Error("Medical info not found");
-
   const medicalInfo = doc.data() as PatientMedicalInfo;
   if (conditionIndex >= medicalInfo.blockingConditions.length) {
     throw new Error("Invalid blocking condition index");
   }
-
   const updatedConditions = medicalInfo.blockingConditions.filter(
     (_, index) => index !== conditionIndex
   );
-
   await updateDoc(getMedicalInfoDocRef(db, patientId), {
     blockingConditions: updatedConditions,
     lastUpdated: serverTimestamp(),
-    updatedBy: userRef,
+    updatedBy: requesterId,
   });
 };
 
@@ -361,15 +322,16 @@ export const addContraindicationUtil = async (
   db: Firestore,
   patientId: string,
   data: AddContraindicationData,
-  userRef: string
+  requesterId: string,
+  requesterRoles: UserRole[]
 ): Promise<void> => {
-  await ensureMedicalInfoExists(db, patientId, userRef);
+  await checkMedicalAccessUtil(db, patientId, requesterId, requesterRoles);
+  await ensureMedicalInfoExists(db, patientId, requesterId);
   const validatedData = addContraindicationSchema.parse(data);
-
   await updateDoc(getMedicalInfoDocRef(db, patientId), {
     contraindications: arrayUnion(validatedData),
     lastUpdated: serverTimestamp(),
-    updatedBy: userRef,
+    updatedBy: requesterId,
   });
 };
 
@@ -377,29 +339,27 @@ export const updateContraindicationUtil = async (
   db: Firestore,
   patientId: string,
   data: UpdateContraindicationData,
-  userRef: string
+  requesterId: string,
+  requesterRoles: UserRole[]
 ): Promise<void> => {
+  await checkMedicalAccessUtil(db, patientId, requesterId, requesterRoles);
   const validatedData = updateContraindicationSchema.parse(data);
   const { contraindicationIndex, ...updateData } = validatedData;
-
   const doc = await getDoc(getMedicalInfoDocRef(db, patientId));
   if (!doc.exists()) throw new Error("Medical info not found");
-
   const medicalInfo = doc.data() as PatientMedicalInfo;
   if (contraindicationIndex >= medicalInfo.contraindications.length) {
     throw new Error("Invalid contraindication index");
   }
-
   const updatedContraindications = [...medicalInfo.contraindications];
   updatedContraindications[contraindicationIndex] = {
     ...updatedContraindications[contraindicationIndex],
     ...updateData,
   };
-
   await updateDoc(getMedicalInfoDocRef(db, patientId), {
     contraindications: updatedContraindications,
     lastUpdated: serverTimestamp(),
-    updatedBy: userRef,
+    updatedBy: requesterId,
   });
 };
 
@@ -407,24 +367,23 @@ export const removeContraindicationUtil = async (
   db: Firestore,
   patientId: string,
   contraindicationIndex: number,
-  userRef: string
+  requesterId: string,
+  requesterRoles: UserRole[]
 ): Promise<void> => {
+  await checkMedicalAccessUtil(db, patientId, requesterId, requesterRoles);
   const doc = await getDoc(getMedicalInfoDocRef(db, patientId));
   if (!doc.exists()) throw new Error("Medical info not found");
-
   const medicalInfo = doc.data() as PatientMedicalInfo;
   if (contraindicationIndex >= medicalInfo.contraindications.length) {
     throw new Error("Invalid contraindication index");
   }
-
   const updatedContraindications = medicalInfo.contraindications.filter(
     (_, index) => index !== contraindicationIndex
   );
-
   await updateDoc(getMedicalInfoDocRef(db, patientId), {
     contraindications: updatedContraindications,
     lastUpdated: serverTimestamp(),
-    updatedBy: userRef,
+    updatedBy: requesterId,
   });
 };
 
@@ -433,15 +392,16 @@ export const addMedicationUtil = async (
   db: Firestore,
   patientId: string,
   data: AddMedicationData,
-  userRef: string
+  requesterId: string,
+  requesterRoles: UserRole[]
 ): Promise<void> => {
-  await ensureMedicalInfoExists(db, patientId, userRef);
+  await checkMedicalAccessUtil(db, patientId, requesterId, requesterRoles);
+  await ensureMedicalInfoExists(db, patientId, requesterId);
   const validatedData = addMedicationSchema.parse(data);
-
   await updateDoc(getMedicalInfoDocRef(db, patientId), {
     currentMedications: arrayUnion(validatedData),
     lastUpdated: serverTimestamp(),
-    updatedBy: userRef,
+    updatedBy: requesterId,
   });
 };
 
@@ -449,29 +409,27 @@ export const updateMedicationUtil = async (
   db: Firestore,
   patientId: string,
   data: UpdateMedicationData,
-  userRef: string
+  requesterId: string,
+  requesterRoles: UserRole[]
 ): Promise<void> => {
+  await checkMedicalAccessUtil(db, patientId, requesterId, requesterRoles);
   const validatedData = updateMedicationSchema.parse(data);
   const { medicationIndex, ...updateData } = validatedData;
-
   const doc = await getDoc(getMedicalInfoDocRef(db, patientId));
   if (!doc.exists()) throw new Error("Medical info not found");
-
   const medicalInfo = doc.data() as PatientMedicalInfo;
   if (medicationIndex >= medicalInfo.currentMedications.length) {
     throw new Error("Invalid medication index");
   }
-
   const updatedMedications = [...medicalInfo.currentMedications];
   updatedMedications[medicationIndex] = {
     ...updatedMedications[medicationIndex],
     ...updateData,
   };
-
   await updateDoc(getMedicalInfoDocRef(db, patientId), {
     currentMedications: updatedMedications,
     lastUpdated: serverTimestamp(),
-    updatedBy: userRef,
+    updatedBy: requesterId,
   });
 };
 
@@ -479,23 +437,22 @@ export const removeMedicationUtil = async (
   db: Firestore,
   patientId: string,
   medicationIndex: number,
-  userRef: string
+  requesterId: string,
+  requesterRoles: UserRole[]
 ): Promise<void> => {
+  await checkMedicalAccessUtil(db, patientId, requesterId, requesterRoles);
   const doc = await getDoc(getMedicalInfoDocRef(db, patientId));
   if (!doc.exists()) throw new Error("Medical info not found");
-
   const medicalInfo = doc.data() as PatientMedicalInfo;
   if (medicationIndex >= medicalInfo.currentMedications.length) {
     throw new Error("Invalid medication index");
   }
-
   const updatedMedications = medicalInfo.currentMedications.filter(
     (_, index) => index !== medicationIndex
   );
-
   await updateDoc(getMedicalInfoDocRef(db, patientId), {
     currentMedications: updatedMedications,
     lastUpdated: serverTimestamp(),
-    updatedBy: userRef,
+    updatedBy: requesterId,
   });
 };

package/src/services/patient/utils/profile.utils.ts

@@ -51,6 +51,14 @@ export const createPatientProfileUtil = async (
   try {
     console.log("[createPatientProfileUtil] Starting patient profile creation");
     const validatedData = createPatientProfileSchema.parse(data);
+
+    // This utility is for creating standard profiles, so userRef is required here.
+    if (!validatedData.userRef) {
+      throw new Error(
+        "userRef is required to create a standard patient profile."
+      );
+    }
+
     const patientId = generateId();
     console.log(`[createPatientProfileUtil] Generated patientId: ${patientId}`);
 
@@ -68,6 +76,7 @@ export const createPatientProfileUtil = async (
       },
       isActive: validatedData.isActive,
       isVerified: validatedData.isVerified,
+      isManual: validatedData.isManual,
       doctors: validatedData.doctors || [],
       clinics: validatedData.clinics || [],
       doctorIds: validatedData.doctors?.map((d) => d.userRef) || [],