@internetderdinge/api 1.224.2

package/src/users/users.controller.ts

@@ -0,0 +1,234 @@
+import httpStatus from "http-status";
+import pick from "../utils/pick.js";
+import ApiError from "../utils/ApiError.js";
+import crypto from "crypto";
+import catchAsync from "../utils/catchAsync.js";
+import * as userService from "./users.service.js";
+import * as devicesService from "../devices/devices.service";
+// import userImageUpload from '../files/upload.service';
+import auth0Service from "../accounts/auth0.service";
+import { sendEmail } from "../email/email.service";
+import type { Request, Response } from "express";
+
+type AuthRequest<P = any, B = any, Q = any> = Request<P, any, B, Q> & {
+  auth: { sub: string };
+};
+
+export const createUser = catchAsync(
+  async (req: AuthRequest<{}, any, {}>, res: Response) => {
+    const { body } = req;
+    if (body.email) {
+      const auth0user = await auth0Service.getUserIdByEmail(body.email);
+      body.status = "invited";
+      body.inviteCode = crypto.randomBytes(48).toString("base64url");
+
+      if (auth0user.data[0]) {
+        const userFound = await userService.getUserByOwner(
+          auth0user.data[0].user_id,
+          body.organization,
+        );
+        if (userFound) {
+          throw new ApiError(
+            httpStatus.CONFLICT,
+            "User already added in organization",
+          );
+        }
+      }
+    }
+
+    const user = await userService.createUser(body);
+
+    if (body.email) {
+      await userService.sendInviteEmail({
+        user,
+        email: body.email,
+        inviteCode: body.inviteCode!,
+        auth: req.auth,
+      });
+    }
+
+    res.status(httpStatus.CREATED).send(user);
+  },
+);
+
+export const createCurrentUser = catchAsync(
+  async (req: AuthRequest, res: Response) => {
+    const user = await userService.createUser({ owner: req.auth.sub });
+    res.status(httpStatus.CREATED).send(user);
+  },
+);
+
+export const sendVerificationEmail = catchAsync(
+  async (req: AuthRequest, res: Response) => {
+    const result = await auth0Service.sendVerificationEmail(req.auth.sub);
+    res
+      .status(httpStatus.OK)
+      .send({ message: "Verification email sent", status: result?.status });
+  },
+);
+
+export const getUsers = catchAsync(async (req: Request, res: Response) => {
+  // console.log('getUsers', req.query);
+  const filter = pick(req.query, ["name", "role"]);
+  const options = pick(req.query, ["sortBy", "limit", "page"]);
+  options.fuzzySearch = req.query.search
+    ? {
+        search: req.query.search,
+        index: "users",
+        fields: ["meta.firstName", "meta.lastName"],
+      }
+    : undefined;
+  const result = await userService.queryUsers(
+    { ...filter, organization: req.query.organization },
+    options,
+  );
+  // console.log('getUsers result', req.currentUser);
+  if (
+    req.currentUser?.role &&
+    req.currentUser.role === "onlyself" &&
+    result?.results
+  ) {
+    // If the user is onlyself, restrict the results to their own user document
+    result.results = result.results.filter(
+      (user) => user.owner === req.auth.sub,
+    );
+  }
+  res.send(result);
+});
+
+export const getCurrentUser = catchAsync(
+  async (
+    req: AuthRequest<{}, any, { organization?: string }>,
+    res: Response,
+  ) => {
+    const result = await userService.getUserByOwner(
+      req.auth.sub,
+      req.query.organization,
+    );
+    res.send(result);
+  },
+);
+
+export const getUserImage = catchAsync(async (_req: Request, res: Response) => {
+  try {
+    // await userImageUpload.getPhoto(req.query.file, res);
+  } catch (error: any) {
+    res.status(500).json(`Failed to receive image file: ${error.message}`);
+  }
+});
+
+export const updateUserImage = catchAsync(
+  async (_req: Request, _res: Response) => {
+    // placeholder for image upload
+  },
+);
+
+export const getUser = catchAsync(
+  async (req: Request<{ userId: string }>, res: Response) => {
+    const user = await userService.getByIdWithAuth0(req.params.userId);
+    if (!user) {
+      throw new ApiError(
+        httpStatus.NOT_FOUND,
+        `User not found ID: ${req.params.userId}`,
+      );
+    }
+    res.send(user);
+  },
+);
+
+export const updateUser = catchAsync(
+  async (
+    req: Request<{ userId: string }, any, any, any> & { auth: any },
+    res: Response,
+  ) => {
+    const authReq = req as AuthRequest<{ userId: string }, any, any>;
+    const user = await userService.updateUserById(
+      authReq.params.userId,
+      authReq.body,
+      authReq.auth,
+    );
+    res.send(user);
+  },
+);
+
+export const deleteUser = catchAsync(
+  async (req: Request<{ userId: string }>, res: Response) => {
+    const devices = await devicesService.getDeviceByUserId(req.params.userId);
+    if (devices) {
+      throw new ApiError(
+        httpStatus.NOT_FOUND,
+        "User still has devices assigned",
+      );
+    }
+    const user = await userService.deleteUserById(req.params.userId);
+    res.send(user);
+  },
+);
+
+export const getInvite = catchAsync(
+  async (
+    req: Request<{ inviteCode: string }> & { auth: any },
+    res: Response,
+  ) => {
+    // console.log('getInvite', req.params.inviteCode);
+    const authReq = req as AuthRequest<{ inviteCode: string }>;
+    const user = await userService.getInvite({
+      inviteCode: authReq.params.inviteCode,
+    });
+    if (!user) {
+      throw new ApiError(
+        httpStatus.NOT_FOUND,
+        `User not found token: ${authReq.params.inviteCode}`,
+      );
+    }
+    const already = await userService.getUserByOwner(
+      authReq.auth.sub,
+      user.organization,
+    );
+    if (already) {
+      throw new ApiError(httpStatus.CONFLICT, "User already in organization");
+    }
+    res.send(user);
+  },
+);
+
+export const updateInvite = catchAsync(
+  async (req: AuthRequest<{}, any, any>, res: Response) => {
+    const user = await userService.updateInvite({
+      owner: req.auth.sub,
+      ...req.body,
+    });
+    if (!user) {
+      throw new ApiError(httpStatus.NOT_FOUND, "User not found");
+    }
+    res.send(user);
+  },
+);
+
+export const organizationUpdate = catchAsync(
+  async (req: Request<any, any, any>, res: Response) => {
+    const user = await userService.organizationUpdate(req.body);
+    res.send(user);
+  },
+);
+
+export const organizationRemove = catchAsync(
+  async (req: Request<any, any, any>, res: Response) => {
+    const user = await userService.organizationRemove(req.body);
+    res.send(user);
+  },
+);
+
+export const cleanup = catchAsync(async (_req: Request, res: Response) => {
+  const all = await userService.queryAllCalendars();
+  const filtered = all.filter((e) => e.organizationData === null);
+  const ids = filtered.map((e) => e._id);
+  const deleted = await userService.deleteMany(ids);
+  res.send({
+    deleted,
+    ids,
+    filteredCount: filtered.length,
+    totalCount: all.length,
+    filtered,
+  });
+});

package/src/users/users.model.ts

@@ -0,0 +1,89 @@
+import mongoose, { Schema, Document, Model, Types } from "mongoose";
+import validator from "validator";
+import { toJSON, paginate } from "../models/plugins/index.js";
+import { roles } from "../config/roles.js";
+
+export interface IUser {
+  name?: string;
+  avatar?: string;
+  timezone: string;
+  owner?: string;
+  organization?: Types.ObjectId;
+  inviteCode?: string;
+  email?: string;
+  role: keyof typeof roles;
+  category: string;
+  status?: string;
+  meta?: Record<string, any>;
+}
+
+export interface IUserDocument extends IUser, Document {
+  isPasswordMatch(password: string): Promise<boolean>;
+}
+
+export interface IUserModel extends Model<IUserDocument> {
+  isEmailTaken(email: string, excludeUserId?: Types.ObjectId): Promise<boolean>;
+}
+
+const userSchema = new Schema<IUserDocument, IUserModel>(
+  {
+    name: { type: String, trim: true },
+    avatar: { type: String },
+    timezone: { type: String, default: "Europe/Berlin" },
+    owner: { type: String },
+    organization: { type: Schema.Types.ObjectId, ref: "User", immutable: true },
+    inviteCode: { type: String },
+    email: { type: String },
+    role: { type: String, default: "patient" /* , enum: Object.keys(roles) */ },
+    category: { type: String, default: "patient" },
+    status: { type: String },
+    meta: { type: Schema.Types.Mixed },
+  },
+  {
+    timestamps: true,
+    toObject: { virtuals: true },
+    toJSON: { virtuals: true },
+  },
+);
+
+userSchema.virtual("organizationData", {
+  ref: "Organization",
+  localField: "organization",
+  foreignField: "_id",
+  justOne: true,
+});
+
+// plugins
+userSchema.plugin(toJSON);
+userSchema.plugin(paginate);
+
+/**
+ * Check if email is taken
+ * @param {string} email - The user's email
+ * @param {ObjectId} [excludeUserId] - The id of the user to be excluded
+ * @returns {Promise<boolean>}
+ */
+userSchema.statics.isEmailTaken = async function (
+  email: string,
+  excludeUserId?: Types.ObjectId,
+): Promise<boolean> {
+  const user = await this.findOne({ email, _id: { $ne: excludeUserId } });
+  return !!user;
+};
+
+/**
+ * Check if password matches the user's password
+ * @param {string} password
+ * @returns {Promise<boolean>}
+ */
+userSchema.methods.isPasswordMatch = async function (
+  password: string,
+): Promise<boolean> {
+  // TODO: implement with bcrypt
+  return false;
+};
+
+export const User = mongoose.model<IUserDocument, IUserModel>(
+  "User",
+  userSchema,
+);

package/src/users/users.route.ts

@@ -0,0 +1,171 @@
+import { Router } from "express";
+import buildRouterAndDocs from "../utils/buildRouterAndDocs.js";
+import auth from "../middlewares/auth.js";
+import validateZod from "../middlewares/validateZod.js";
+import validateCurrentUser from "../middlewares/validateCurrentUser.js";
+import {
+  validateQueryOrganization,
+  validateBodyOrganization,
+  validateUser,
+} from "../middlewares/validateOrganization.js";
+import { validateAdmin } from "../middlewares/validateAdmin.js";
+import {
+  createCurrentUserSchema,
+  createUserSchema,
+  deleteUserSchema,
+  updateUserSchema,
+  getUserSchema,
+  getCurrentUserSchema,
+  queryUsersSchema,
+  updateInviteSchema,
+  validateGetInviteSchema,
+  sendVerificationEmailValidationSchema,
+} from "./users.validation.js";
+import * as userController from "./users.controller.js";
+import type { RouteSpec } from "../types/routeSpec";
+import {
+  createUserResponseSchema,
+  getUsersResponseSchema,
+  updateUserResponseSchema,
+  deleteUserResponseSchema,
+} from "./users.schemas.js";
+import {
+  validateParamsUser,
+  validateQueryUser,
+} from "../middlewares/validateUser.js";
+import { request } from "https";
+
+export const userRouteSpecs: RouteSpec[] = [
+  {
+    method: "post",
+    path: "/",
+    validate: [auth("manageUsers"), validateBodyOrganization],
+    requestSchema: createUserSchema,
+    responseSchema: createUserResponseSchema,
+    handler: userController.createUser,
+    summary: "Create a new user",
+    description: "Creates a new user within the current organization.",
+    memoOnly: true,
+  },
+  {
+    method: "get",
+    path: "/",
+    validate: [auth("getUsers"), validateQueryOrganization],
+    requestSchema: queryUsersSchema,
+    responseSchema: getUsersResponseSchema,
+    handler: userController.getUsers,
+    summary: "Get a list of users",
+    description:
+      "Retrieves a paginated list of all users in the current organization.",
+  },
+  {
+    method: "get",
+    path: "/cleanup",
+    validate: [auth("cleanup"), validateAdmin],
+    handler: userController.cleanup,
+    summary: "Cleanup user data",
+    description: "Performs cleanup of stale or orphaned user records.",
+  },
+  {
+    method: "post",
+    path: "/current/send-verification-email",
+    validate: [auth("manageUsers")],
+    requestSchema: sendVerificationEmailValidationSchema,
+    responseSchema: getUsersResponseSchema,
+    handler: userController.sendVerificationEmail,
+    summary: "Send verification email to the current user",
+    description:
+      "Sends a new verification email to the authenticated user’s address.",
+    privateDocs: true,
+  },
+  {
+    method: "get",
+    path: "/current",
+    validate: [auth("getUsers"), validateQueryOrganization],
+    requestSchema: getCurrentUserSchema,
+    handler: userController.getCurrentUser,
+    summary: "Get the current user",
+    description: "Fetches details about the currently authenticated user.",
+  },
+  {
+    method: "post",
+    path: "/current",
+    validate: [auth("manageUsers")],
+    requestSchema: createCurrentUserSchema,
+    responseSchema: createUserResponseSchema,
+    handler: userController.createCurrentUser,
+    privateDocs: true,
+    summary: "Create the current user",
+    description: "Creates or initializes a profile for the authenticated user.",
+  },
+  {
+    method: "get",
+    path: "/invite/:inviteCode",
+    validate: [auth("getUsers")],
+    requestSchema: validateGetInviteSchema,
+    responseSchema: getUsersResponseSchema,
+    handler: userController.getInvite,
+    privateDocs: true,
+    summary: "Get invite details by code",
+    description: "Retrieves information about a pending invite using its code.",
+    privateDocs: true,
+  },
+  {
+    method: "post",
+    path: "/invite",
+    validate: [auth("getUsers")],
+    requestSchema: updateInviteSchema,
+    handler: userController.updateInvite,
+    privateDocs: true,
+    summary: "Update invite details",
+    description: "Modifies the details or status of an existing invite.",
+  },
+  {
+    method: "get",
+    path: "/:userId",
+    validate: [auth("getUsers"), validateParamsUser],
+    requestSchema: getUserSchema,
+    responseSchema: getUsersResponseSchema,
+    handler: userController.getUser,
+    summary: "Get a user by ID",
+    description: "Fetches a single user’s details by their unique ID.",
+  },
+  {
+    method: "post",
+    path: "/:userId",
+    validate: [auth("manageUsers"), validateParamsUser],
+    requestSchema: updateUserSchema,
+    responseSchema: updateUserResponseSchema,
+    handler: userController.updateUser,
+    summary: "Update a user by ID",
+    description: "Replaces a user’s full record with the provided data.",
+    memoOnly: true,
+  },
+  {
+    method: "patch",
+    path: "/:userId",
+    validate: [auth("manageUsers"), validateParamsUser],
+    requestSchema: updateUserSchema,
+    responseSchema: updateUserResponseSchema,
+    handler: userController.updateUser,
+    summary: "Partially update a user by ID",
+    description: "Applies partial updates to a user’s record by ID.",
+    memoOnly: true,
+  },
+  {
+    method: "delete",
+    path: "/:userId",
+    validate: [auth("manageUsers"), validateParamsUser],
+    requestSchema: deleteUserSchema,
+    responseSchema: deleteUserResponseSchema,
+    handler: userController.deleteUser,
+    summary: "Delete a user by ID",
+    description: "Removes a user from the system by their unique ID.",
+  },
+];
+
+const router: Router = Router();
+
+buildRouterAndDocs(router, userRouteSpecs, "/users", ["Users"]);
+
+export default router;

package/src/users/users.schemas.ts

@@ -0,0 +1,79 @@
+import { z } from 'zod';
+import { extendZodWithOpenApi } from '@asteasolutions/zod-to-openapi';
+extendZodWithOpenApi(z);
+
+export const createUserResponseSchema = z.object({
+  id: z.string(),
+  name: z.string(),
+  email: z.string(),
+});
+
+export const getUsersResponseSchema = z.array(
+  z.object({
+    id: z.string(),
+    name: z.string(),
+    email: z.string(),
+  })
+);
+
+export const updateUserSchema = z.object({
+  name: z.string().optional(),
+  email: z.string().email().optional(),
+});
+
+export const updateUserResponseSchema = z.object({
+  id: z.string(),
+  name: z.string(),
+  email: z.string(),
+});
+
+export const deleteUserResponseSchema = z.object({
+  success: z.boolean(),
+});
+
+export const updateTimesByIdResponseSchema = z
+  .array(
+    z.object({
+      rrule: z
+        .object({
+          freq: z.string().optional().openapi({ example: 'DAILY', description: 'Recurrence frequency' }),
+          byweekday: z
+            .array(z.number())
+            .openapi({ example: [0, 1, 2, 6, 3], description: 'Days of week to repeat (0=Sunday)' }),
+          exclude: z.array(z.string()).openapi({ example: ['2024-03-28T10:45:00.000Z'], description: 'Dates to skip' }),
+        })
+        .openapi({ description: 'Recurrence rule object' }),
+      medication: z.string().optional().openapi({ example: '6152c5f3902e7f91374d9f75', description: 'Medication ObjectId' }),
+      patient: z.string().openapi({ example: '614fb1d709dd9f6de85d6374', description: 'Patient ObjectId' }),
+      date: z.string().openapi({ example: '2024-03-25T00:30:00.000Z', description: 'Scheduled date/time (ISO)' }),
+      timeCategory: z.string().openapi({ example: 'noon', description: 'Time category (e.g. morning, noon)' }),
+      amount: z.number().openapi({ example: 1, description: 'Dosage amount' }),
+      emptyStomach: z.boolean().openapi({ example: false, description: 'Whether to take on empty stomach' }),
+      instruction: z.string().optional().openapi({ example: '', description: 'Additional instructions' }),
+      unit: z.string().optional().openapi({ example: 'St', description: 'Dosage unit' }),
+      bake: z.boolean().openapi({ example: false, description: 'Baking flag (if applicable)' }),
+      id: z.string().openapi({ example: '660079fd11fdc2dd935e43af', description: 'Entry identifier' }),
+    })
+  )
+  .openapi({
+    example: [
+      {
+        rrule: {
+          freq: 'DAILY',
+          byweekday: [0, 1, 2, 6, 3],
+          exclude: ['2024-03-28T10:45:00.000Z'],
+        },
+        patient: '614fb1d709dd9f6de85d6374',
+        date: '2024-03-25T00:30:00.000Z',
+        timeCategory: 'noon',
+        amount: 1,
+        emptyStomach: false,
+        instruction: '',
+        unit: 'St',
+        bake: false,
+        id: '660079fd11fdc2dd935e43af',
+      },
+      // ...other items
+    ],
+    description: 'Array of updated time entries by ID',
+  });