@internetderdinge/api 1.224.2

package/src/users/users.service.ts

@@ -0,0 +1,393 @@
+import httpStatus from "http-status";
+import type { FilterQuery, PaginateOptions } from "mongoose";
+import { User } from "./users.model.js";
+import type { IUser, IUserDocument, IUserModel } from "./users.model.js";
+import ApiError from "../utils/ApiError.js";
+import auth0Service from "../accounts/auth0.service";
+import organizationsService from "../organizations/organizations.service";
+import { sendEmail } from "../email/email.service";
+import i18n from "../i18n/i18n";
+
+export type UpdateTimesByIdHook = (
+  userId: string,
+  updateBody: any,
+  dryRun?: boolean,
+) => Promise<any>;
+
+let updateTimesByIdHook: UpdateTimesByIdHook | null = null;
+
+export const setUpdateTimesByIdHook = (hook?: UpdateTimesByIdHook): void => {
+  updateTimesByIdHook = hook ?? null;
+};
+
+/**
+ * Create a new user
+ */
+export const createUser = async (
+  userBody: Partial<IUser>,
+): Promise<IUserDocument> => {
+  return User.create(userBody);
+};
+
+/**
+ * Create the “current” user (alias of createUser)
+ */
+export const createCurrentUser = async (
+  userBody: Partial<IUser>,
+): Promise<IUserDocument> => {
+  return createUser(userBody);
+};
+
+/**
+ * Populate a single Auth0 user
+ */
+const populateAuth0User = async (
+  user: IUserDocument | null,
+): Promise<any | undefined> => {
+  if (!user) return undefined;
+  const auth0users = await auth0Service.getUsersByIds([user.owner]);
+
+  return auth0users?.data?.find((u) => u.user_id === user.owner);
+};
+
+/**
+ * Populate many Auth0 users
+ */
+const populateAuth0Users = async (data: IUserDocument[]): Promise<any[]> => {
+  const owners = data.map((u) => u.owner);
+  const auth0users = await auth0Service.getUsersByIds(owners);
+  if (!auth0users) return data;
+  return data.map((doc) => ({
+    ...doc.toJSON(),
+    auth0User: auth0users?.data?.find((u) => u.user_id === doc.owner),
+  }));
+};
+
+/**
+ * Query for users with pagination + Auth0 enrichment
+ */
+export const queryUsers = async (
+  filter: FilterQuery<IUser>,
+  options: PaginateOptions,
+): Promise<{
+  results: any[];
+  page: number;
+  totalPages: number;
+  totalResults: number;
+}> => {
+  const result = await (User as IUserModel).paginate(filter, options);
+  result.results = await populateAuth0Users(result.results as IUserDocument[]);
+  return result;
+};
+
+/**
+ * Get user by Mongo _id
+ */
+export const getById = async (id: string): Promise<IUserDocument | null> => {
+  return User.findById(id);
+};
+
+/**
+ * Get user by _id with Auth0 info
+ */
+export const getByIdWithAuth0 = async (id: string): Promise<any | null> => {
+  const user = await getById(id);
+  if (!user) return null;
+  const auth0User = await populateAuth0User(user);
+  const json = user.toJSON();
+  json.auth0User = auth0User;
+  return json;
+};
+
+/**
+ * Get all users in a given category (and optional organization)
+ */
+export const getUsersByCategory = async (
+  category: string,
+  organization?: string,
+): Promise<IUserDocument[]> => {
+  const filter: any = { category };
+  if (organization) filter.organization = organization;
+  return User.find(filter);
+};
+
+/**
+ * Get all users for an organization
+ */
+export const getUsersByOrganization = async (
+  organization: string,
+): Promise<IUserDocument[]> => {
+  return User.find({ organization }).lean();
+};
+
+/**
+ * Get one user by organization + userId
+ */
+export const getUsersByOrganizationAndId = async (
+  organization: string,
+  userId: string,
+): Promise<IUserDocument | null> => {
+  return User.findOne({ organization, _id: userId }).lean();
+};
+
+/**
+ * Get all users for a given owner
+ */
+export const getUsersByOwner = async (
+  owner: string,
+): Promise<IUserDocument[]> => {
+  return User.find({ owner });
+};
+
+/**
+ * Get single user by owner + organization, with Auth0 info
+ */
+export const getUserByOwner = async (
+  owner: string,
+  organization: string,
+): Promise<any | null> => {
+  const user = await User.findOne({ owner, organization });
+  if (!user) return null;
+  const auth0User = await populateAuth0User(user);
+  const json = user.toJSON();
+  json.auth0User = auth0User;
+  return json;
+};
+
+/**
+ * Get user by email
+ */
+export const getUserByEmail = async (
+  email: string,
+): Promise<IUserDocument | null> => {
+  return User.findOne({ email });
+};
+
+/**
+ * Send an invite email
+ */
+export const sendInviteEmail = async (params: {
+  auth: { sub: string };
+  user: IUserDocument;
+  inviteCode: string;
+  email: string;
+}): Promise<void> => {
+  const { auth, user, inviteCode, email } = params;
+  const organization = await organizationsService.getOrganizationById(
+    user.organization,
+  );
+  const auth0User = await auth0Service.getUserById(auth.sub);
+  const lng = auth0User.data?.app_metadata?.language as string | "en";
+
+  const title = `${i18n.t("Invite to ", { lng })}${
+    organization.kind === "private-wirewire" ? "paperlesspaper" : "ANABOX smart"
+  }`;
+  const body = i18n.t(
+    "You have been invited to join the group. Click on the link to accept the invitation.",
+    { lng },
+  );
+
+  await sendEmail({
+    title,
+    body,
+    url: `/${user.organization}/invite/${inviteCode}`,
+    actionButtonText: "Accept invite",
+    domain: organization.kind === "private-wirewire" ? "web" : "memo",
+    email,
+  });
+};
+
+/**
+ * Update a user by ID
+ */
+export const updateUserById = async (
+  userId: string,
+  updateBody: Partial<IUser> & { meta?: Record<string, any> },
+  auth: { sub: string },
+): Promise<IUserDocument> => {
+  const user = await getById(userId);
+
+  if (!user) {
+    throw new ApiError(httpStatus.NOT_FOUND, `User not found: ${userId}`);
+  }
+
+  if (user.status === "invited") {
+    await sendInviteEmail({
+      auth,
+      user,
+      inviteCode: user.inviteCode!,
+      email: updateBody.email!,
+    });
+  }
+  //TODO: restrict fields that can be updated, temporarily excluding role
+  const { role, ...updateBodyRest } = updateBody;
+  const meta = { ...user.meta, ...updateBodyRest.meta };
+  Object.assign(user, { ...updateBodyRest, meta });
+  await user.save();
+  return user;
+};
+
+/**
+ * Delete a user by ID
+ */
+export const deleteUserById = async (
+  userId: string,
+): Promise<IUserDocument> => {
+  const user = await getById(userId);
+  if (!user) {
+    throw new ApiError(httpStatus.NOT_FOUND, `User not found: ${userId}`);
+  }
+  if (user.role === "admin") {
+    const admins = await User.find({
+      organization: user.organization,
+      role: "admin",
+    });
+    if (admins.length < 2) {
+      throw new ApiError(
+        httpStatus.BAD_REQUEST,
+        "At least one admin is required",
+      );
+    }
+  }
+  await user.deleteOne();
+  return user;
+};
+
+/**
+ * (Misnamed) delete a user’s image by ID
+ */
+export const userImageById = async (userId: string): Promise<IUserDocument> => {
+  const user = await getById(userId);
+  if (!user) {
+    throw new ApiError(httpStatus.NOT_FOUND, `User not found: ${userId}`);
+  }
+  await user.deleteOne();
+  return user;
+};
+
+/**
+ * Invite a user to an organization
+ */
+export const organizationInvite = async (
+  body: { organizationId: string; role: string },
+  oldUser: { id: string },
+  status = "invited",
+): Promise<IUserDocument> => {
+  const user = await getById(oldUser.id);
+  if (!user) throw new ApiError(httpStatus.NOT_FOUND, "User not found");
+  if (user.organizations.some((o) => o.id.equals(body.organizationId))) {
+    throw new ApiError(httpStatus.BAD_REQUEST, "Invite already exists");
+  }
+  user.organizations.push({ id: body.organizationId, role: body.role, status });
+  await user.save();
+  return user;
+};
+
+/**
+ * Get an invite by code
+ */
+export const getInvite = async (params: {
+  inviteCode: string;
+}): Promise<IUserDocument | null> => {
+  return User.findOne({
+    inviteCode: params.inviteCode,
+    owner: { $exists: false },
+  }).populate("organizationData");
+};
+
+/**
+ * Accept or decline an invite
+ */
+export const updateInvite = async (params: {
+  inviteCode: string;
+  status: string;
+  owner: string;
+}): Promise<IUserDocument> => {
+  const user = await User.findOne({
+    inviteCode: params.inviteCode,
+    owner: { $exists: false },
+  });
+  if (!user) throw new ApiError(httpStatus.NOT_FOUND, "Invite not found");
+  user.status = params.status;
+  user.owner = params.owner;
+  user.inviteCode = null;
+  await user.save();
+  return user;
+};
+
+/**
+ * Remove a user from an organization
+ */
+export const organizationRemove = async (body: {
+  userId: string;
+  organizationId: string;
+}): Promise<IUserDocument> => {
+  const user = await getById(body.userId);
+  if (!user) throw new ApiError(httpStatus.NOT_FOUND, "User not found");
+  user.organizations = user.organizations.filter(
+    (o) => !o.id.equals(body.organizationId),
+  );
+  await user.save();
+  return user;
+};
+
+/**
+ * Fetch up to 100k users with organization populated
+ */
+export const queryAllCalendars = async (): Promise<IUserDocument[]> => {
+  return User.find({}, null, { limit: 100000 }).populate("organizationData");
+};
+
+/**
+ * Delete many users by ID list
+ */
+export const deleteMany = async (
+  idList: string[],
+): Promise<{ deletedCount?: number }> => {
+  return User.deleteMany({ _id: { $in: idList } });
+};
+
+/**
+ * Update times for a user by ID (hooked from memo-api)
+ */
+export const updateTimesById = async (
+  userId: string,
+  updateBody: any,
+  dryRun = true,
+): Promise<any> => {
+  if (!updateTimesByIdHook) {
+    throw new ApiError(
+      httpStatus.NOT_IMPLEMENTED,
+      "updateTimesById not configured",
+    );
+  }
+  return updateTimesByIdHook(userId, updateBody, dryRun);
+};
+
+export default {
+  createUser,
+  createCurrentUser,
+  getById,
+  getByIdWithAuth0,
+  getUsersByCategory,
+  getUsersByOrganization,
+  getUsersByOrganizationAndId,
+  getUsersByOwner,
+  getUserByEmail,
+  getUserByOwner,
+  sendInviteEmail,
+  updateUserById,
+  updateTimesById,
+  deleteUserById,
+  userImageById,
+  organizationInvite,
+  getInvite,
+  updateInvite,
+  organizationRemove,
+  queryUsers,
+  queryAllCalendars,
+  deleteMany,
+  sendEmail,
+  populateAuth0User,
+  populateAuth0Users,
+};

package/src/users/users.validation.ts

@@ -0,0 +1,166 @@
+import { z } from "zod";
+import { extendZodWithOpenApi } from "@asteasolutions/zod-to-openapi";
+import { objectId, password } from "../validations/custom.validation.js";
+import {
+  zPagination,
+  zGet,
+  zObjectId,
+  zPatchBody,
+  zUpdate,
+  zDelete,
+} from "../utils/zValidations.js";
+
+extendZodWithOpenApi(z);
+
+export const createUserSchema = {
+  body: z.object({
+    meta: z
+      .record(z.any())
+      .optional()
+      .openapi({
+        example: { key: "value" },
+        description: "Additional metadata for the user",
+      }),
+    organization: zObjectId.openapi({
+      description: "Organization ObjectId",
+    }),
+    email: z.string().email().optional().nullable().openapi({
+      example: "user@example.com",
+      description: "User email address",
+    }),
+    timezone: z.string().optional().openapi({
+      example: "Europe/Berlin",
+      description: "IANA timezone string",
+    }),
+    role: z.enum(["user", "admin", "patient", "onlyself"]).optional().openapi({
+      description: "Role assigned to the user",
+    }),
+    category: z
+      .enum(["doctor", "nurse", "patient", "pharmacist", "relative"])
+      .optional()
+      .openapi({
+        description: "Category of the user",
+      }),
+  }),
+};
+
+export const createCurrentUserSchema = createUserSchema;
+
+export const queryUsersSchema = {
+  ...zPagination,
+  query: zPagination.query.extend({
+    organization: zObjectId.optional().openapi({
+      description: "Filter users by organization ObjectId",
+      example: "60c72b2f9b1e8d001c8e4f3a",
+    }),
+  }),
+};
+
+export const getUserSchema = zGet("userId");
+
+export const getCurrentUserSchema = {
+  query: z.object({
+    organization: zObjectId,
+  }),
+};
+
+export const updateUserSchema = {
+  ...zUpdate("userId"),
+  body: zPatchBody({
+    password: z
+      .string()
+      .refine(
+        (val) => {
+          try {
+            password(val);
+            return true;
+          } catch {
+            return false;
+          }
+        },
+        { message: "Invalid password format" },
+      )
+      .optional()
+      .openapi({ description: "New user password" }),
+    name: z.string().optional().openapi({ description: "User full name" }),
+    timezone: z.string().optional().openapi({ description: "IANA timezone" }),
+    avatar: z.string().optional().openapi({ description: "Avatar URL" }),
+    meta: z
+      .record(z.any())
+      .optional()
+      .openapi({ description: "Additional metadata" }),
+    category: z
+      .enum(["doctor", "nurse", "patient", "pharmacist", "relative"])
+      .optional()
+      .openapi({ description: "User category" }),
+    email: z
+      .string()
+      .email()
+      .nullable()
+      .optional()
+      .openapi({ description: "User email address" }),
+    role: z
+      .enum(["user", "admin", "patient", "onlyself"])
+      .optional()
+      .openapi({ description: "User role" }),
+    inviteCode: z.string().optional().openapi({ description: "Invite code" }),
+    organization: zObjectId
+      .optional()
+      .openapi({ description: "Organization ObjectId" }),
+  }),
+};
+
+export const deleteUserSchema = zDelete("userId");
+
+export const organizationInviteSchema = {
+  body: z.object({
+    organizationId: zObjectId.openapi({ description: "Organization ObjectId" }),
+    action: z.string().optional().openapi({ description: "Invite action" }),
+    role: z.string().optional().openapi({ description: "Role on invite" }),
+  }),
+};
+
+export const updateInviteSchema = {
+  body: z.object({
+    organization: zObjectId.openapi({ description: "Organization ObjectId" }),
+    status: z.enum(["accepted"]).openapi({ description: "Invite status" }),
+    inviteCode: z.string().optional().openapi({ description: "Invite code" }),
+  }),
+};
+
+export const organizationRemoveSchema = {
+  body: z.object({
+    userId: zObjectId.openapi({ description: "User ObjectId" }),
+    organizationId: zObjectId.openapi({ description: "Organization ObjectId" }),
+  }),
+};
+
+export const updateTimesByIdSchema = {
+  ...zUpdate("userId"),
+  body: z
+    .object({})
+    .catchall(z.string())
+    .openapi({
+      description: "Arbitrary key/value map of intake times",
+      example: {
+        "intake-morning": "10:00",
+        "intake-noon": "",
+        "intake-afternoon": "",
+        "intake-night": "15:00",
+      },
+    }),
+};
+
+export const updateTimesByIdSchemas = {
+  // if you need a path param, uncomment and adjust:
+  // ...zUpdate('timeId'),
+  ...updateTimesByIdSchema,
+};
+
+export const validateGetInviteSchema = {
+  params: z.object({
+    inviteCode: z.string().openapi({ description: "Invite code to validate" }),
+  }),
+};
+
+export const sendVerificationEmailValidationSchema = {};

package/src/utils/ApiError.ts

@@ -0,0 +1,18 @@
+export class ApiError extends Error {
+  statusCode: number;
+  isOperational: boolean;
+
+  constructor(statusCode: number, message: string, isOperational = true, stack = '', raw: any = null) {
+    super(message);
+    this.statusCode = statusCode;
+    this.isOperational = isOperational;
+    this.raw = raw;
+    if (stack) {
+      this.stack = stack;
+    } else {
+      Error.captureStackTrace(this, this.constructor);
+    }
+  }
+}
+
+export default ApiError;

package/src/utils/buildRouterAndDocs.ts

@@ -0,0 +1,85 @@
+import { registry } from '../utils/registerOpenApi';
+
+import { validateZod } from '../middlewares/validateZod';
+import { bearerAuth, xApiKey } from '../utils/registerOpenApi';
+
+import { extendZodWithOpenApi } from '@asteasolutions/zod-to-openapi';
+import { z } from 'zod';
+
+extendZodWithOpenApi(z);
+
+const roleValidatorNames = ['validateAiRole', 'validateAdmin'];
+function hasRoleValidation(validators: Function[] = []): boolean {
+  return validators.some((fn) => roleValidatorNames.includes(fn.name));
+}
+
+export type RouteSpec = {
+  method: 'post';
+  path: string;
+  requestBody: AnyZodObject;
+  responseSchema?: AnyZodObject;
+  handler: RequestHandler;
+  summary: string;
+};
+
+export default function buildAiRouterAndDocs(router: Router, routeSpecs: any, basePath = '/', tags: string[] = []) {
+  routeSpecs.forEach((spec) => {
+    // mount Express
+
+    if (!spec.validate) {
+      spec.validate = [];
+    }
+
+    if (spec.requestSchema) {
+      spec.validateWithRequestSchema = [validateZod(spec.requestSchema), ...spec.validate];
+    }
+
+    if (spec.validateWithRequestSchema) {
+      router[spec.method](spec.path, ...spec.validateWithRequestSchema, spec.handler);
+    }
+
+    var { body, ...rest } = spec.requestSchema || {};
+
+    if (body) {
+      rest.body = {
+        content: {
+          'application/json': {
+            schema: body,
+          },
+        },
+      };
+    }
+
+    // console.log('spec.requestSchema', body);
+
+    if (spec.responseSchema && !hasRoleValidation(spec.validate) && spec.privateDocs !== true && spec.memoOnly !== true) {
+      // collect all middleware fn names (falls back to '<anonymous>' if unnamed)
+      const middlewareNames = (spec.validate || []).map((fn) => `\`${fn.name}\`` || '<anonymous>');
+
+      registry.registerPath({
+        method: spec.method,
+        path: basePath + spec.path,
+        summary: spec.summary,
+        request: rest,
+
+        // append middleware names to the description
+        description: [spec.description, `\n\nMiddlewares: ${middlewareNames.join(', ')}`].filter(Boolean).join('\n'),
+
+        // (optionally) expose them as a custom extension instead:
+        'x-middlewares': middlewareNames,
+
+        security: [{ [bearerAuth.name]: [] }, { [xApiKey.name]: [] }],
+        responses: {
+          200: {
+            description: 'Object with user data.',
+            content: {
+              'application/json': { schema: spec.responseSchema },
+            },
+          },
+        },
+        tags,
+      });
+    }
+    // else: streaming endpoint, we don’t register it in OpenAPI
+  });
+}

package/src/utils/catchAsync.ts

@@ -0,0 +1,9 @@
+import type { Request, Response, NextFunction } from 'express';
+
+const catchAsync =
+  (fn: (req: Request, res: Response, next: NextFunction) => Promise<any>) =>
+  (req: Request, res: Response, next: NextFunction): void => {
+    Promise.resolve(fn(req, res, next)).catch((err) => next(err));
+  };
+
+export default catchAsync;