@internetderdinge/api 1.229.31 → 1.229.37

package/src/devices/devices.validation.ts

@@ -112,53 +112,6 @@ export const createDeviceSchema = {
 };
 export const deleteDeviceSchema = zDelete("deviceId");
 export const getDeviceSchema = zGet("deviceId");
-export const ledLightSchema = {
-  params: z.object({
-    deviceId: zObjectId.openapi({ description: "Device ObjectId" }),
-  }),
-  body: z
-    .object({
-      led: z.array(z.tuple([z.number().int(), z.number().int()])),
-      timeout: z.number().int(),
-    })
-    .openapi({
-      description: "LED light configuration for device",
-      example: {
-        led: [
-          [0, 0],
-          [1, 0],
-          [2, 0],
-          [3, 0],
-          [4, 0],
-          [5, 0],
-          [6, 0],
-          [7, 0],
-          [8, 0],
-          [9, 0],
-          [10, 0],
-          [11, 0],
-          [12, 0],
-          [13, 0],
-          [14, 0],
-          [15, 100],
-          [16, 100],
-          [17, 100],
-          [18, 100],
-          [19, 100],
-          [20, 100],
-          [21, 100],
-          [22, 0],
-          [23, 0],
-          [24, 0],
-          [25, 0],
-          [26, 0],
-          [27, 0],
-          [28, 0],
-        ],
-        timeout: 40,
-      },
-    }),
-};
 export const pingDeviceSchema = {
   params: z.object({
     deviceId: zObjectIdFor("deviceId").openapi({

package/src/email/email.service.ts

@@ -54,11 +54,15 @@ const actionButton = ({
 </table>`;
 };
 
-interface SendEmailParams {
+export interface SendEmailParams {
   title?: string;
   body?: string;
   url?: string;
   domain?: string;
+  appBaseUrl?: string;
+  productName?: string;
+  companyName?: string;
+  accountUrl?: string;
   image?: string;
   email: string;
   actionButtonText?: string;
@@ -69,7 +73,11 @@ export const sendEmail = async ({
   title = "Kein Titel",
   body = "Kein Inhalt",
   url = "",
-  domain = "memo",
+  domain = "web",
+  appBaseUrl = `https://${domain}.wirewire.de`,
+  productName = domain,
+  companyName = "The Wire UG",
+  accountUrl = `${appBaseUrl}/account`,
   image,
   email,
   actionButtonText,
@@ -560,8 +568,8 @@ export const sendEmail = async ({
           <table class="email-content" width="100%" cellpadding="0" cellspacing="0" role="presentation">
             <tr>
               <td class="email-masthead">
-                <a href="https://${domain}.wirewire.de" class="f-fallback email-masthead_name">
-                 ${domain === "memo" ? "ANABOX smart" : "paperlesspaper"}
+                <a href="${appBaseUrl}" class="f-fallback email-masthead_name">
+                 ${productName}
               </a>
               </td>
             </tr>
@@ -580,7 +588,7 @@ export const sendEmail = async ({
                         ${actionButton({
                           link: urlStartsWithHttp(url)
                             ? url
-                            : `http://${domain}.wirewire.de${url}`,
+                            : `${appBaseUrl}${url}`,
                           text: actionButtonTextWithLanguage,
                         })}
                       </div>
@@ -595,8 +603,8 @@ export const sendEmail = async ({
                   <tr>
                     <td class="content-cell" align="center">
                       <p class="f-fallback sub align-center">
-                        ${domain === "web" ? "The Wire UG" : "wirewire GmbH"}
-                        <a href="http://${domain}.wirewire.de/account">Account</a>
+                        ${companyName}
+                        <a href="${accountUrl}">Account</a>
 
                         ${config.env !== "production" ? `<br/><br/>Environment: ${config.env}` : ""}
                       </p>

package/src/index.ts

@@ -13,12 +13,16 @@ export {
 export { initI18n } from "../src/i18n/i18n";
 export { default as i18n } from "../src/i18n/i18n";
 export { default as usersRoute } from "../src/users/users.route";
+export * from "../src/users/users.route";
 export { default as usersService } from "../src/users/users.service";
+export * from "../src/users/users.service";
+export * from "../src/users/users.validation";
 export { default as accountsRoute } from "../src/accounts/accounts.route";
 export { default as adminSearchRoute } from "../src/admin/adminSearch.route";
 export { default as accountsService } from "../src/accounts/accounts.service";
 export { auth0 } from "../src/accounts/auth0.service";
 export { default as organizationsRoute } from "../src/organizations/organizations.route";
+export * from "../src/organizations/organizations.controller";
 export { default as organizationsService } from "../src/organizations/organizations.service";
 export { default as Organization } from "../src/organizations/organizations.model";
 export { default as devicesRoute } from "../src/devices/devices.route";
@@ -37,11 +41,11 @@ export {
   shadowAlarmGet,
   shadowAlarmUpdate,
 } from "../src/iotdevice/iotdevice.service";
-export { default as pdfRoute } from "../src/pdf/pdf.route";
 export { default as tokensRoute } from "../src/tokens/tokens.route";
 export * from "../src/tokens/tokens.service";
 export { default as Token } from "../src/tokens/tokens.model";
 export { User } from "../src/users/users.model";
+export * from "../src/users/users.model";
 export { isAdmin, validateAdmin } from "../src/middlewares/validateAdmin";
 export { sendEmail } from "../src/email/email.service";
 export { default as catchAsync } from "../src/utils/catchAsync";

package/src/iotdevice/iotdevice.route.ts

@@ -62,6 +62,7 @@ export const iotdeviceRouteSpecs: RouteSpec[] = [
     requestSchema: getEventsSchema,
     responseSchema: eventResponseSchema.array(),
     handler: getEvents,
+    privateDocs: true,
     summary: "Get events for a device",
     description: "Fetches event records for the specified device by its ID.",
   },
@@ -147,9 +148,10 @@ export const iotdeviceRouteSpecs: RouteSpec[] = [
     requestSchema: apiStatusRequestSchema,
     responseSchema: apiStatusSchema,
     handler: getApiStatus,
+    privateDocs: true,
     summary: "Get API status by kind",
     description:
-      "Retrieves the IoT API status information for a given status kind to monitor system health or performance. Can be accessed without authentication for monitoring purposes.",
+      "Retrieves the IoT API status information for a given status kind to monitor system health or performance. Can be accessed without authentication for uptime monitoring purposes.",
   },
   {
     method: "get",

package/src/middlewares/validateAdminOrSupport.ts

@@ -0,0 +1,34 @@
+import httpStatus from "http-status";
+import ApiError from "../utils/ApiError";
+import type { Request, Response, NextFunction } from "express";
+
+const ROLES_CLAIM = "https://memo.wirewire.de/roles";
+
+const isAdminOrSupport = (user: Record<string, any> | undefined): boolean => {
+  if (!user) return false;
+
+  const roles = user[ROLES_CLAIM];
+
+  return Array.isArray(roles)
+    ? roles.includes("admin") || roles.includes("support")
+    : false;
+};
+
+const validateAdminOrSupport = async (
+  req: Request,
+  res: Response,
+  next: NextFunction,
+): Promise<void> => {
+  if (isAdminOrSupport(req.auth)) {
+    next();
+  } else {
+    next(
+      new ApiError(
+        httpStatus.FORBIDDEN,
+        "User is not part of the admin or support group (validateAdminOrSupport)",
+      ),
+    );
+  }
+};
+
+export { isAdminOrSupport, validateAdminOrSupport };

package/src/organizations/organizations.controller.ts

@@ -12,18 +12,49 @@ import { filterOptions } from "../utils/filterOptions.js";
 
 const ObjectId = mongoose.Types.ObjectId;
 
+export type CreateOrganizationOwnerUserParams = {
+  organization: any;
+  owner: string;
+  request: Request;
+};
+
+export type CreateOrganizationOwnerUserHook = (
+  params: CreateOrganizationOwnerUserParams,
+) => Record<string, any>;
+
+let createOrganizationOwnerUserHook: CreateOrganizationOwnerUserHook | null =
+  null;
+
+export const setCreateOrganizationOwnerUserHook = (
+  hook?: CreateOrganizationOwnerUserHook,
+): void => {
+  createOrganizationOwnerUserHook = hook ?? null;
+};
+
+const createOrganizationOwnerUserBody = (
+  params: CreateOrganizationOwnerUserParams,
+) => ({
+  organization: params.organization._id,
+  owner: params.owner,
+  role: "admin",
+  status: "accept",
+  ...(createOrganizationOwnerUserHook
+    ? createOrganizationOwnerUserHook(params)
+    : {}),
+});
+
 export const createOrganization = catchAsync(
   async (req: Request, res: Response): Promise<void> => {
     const organization = await organizationsService.createOrganization(
       req.body,
     );
-    const user = await usersService.createUser({
-      organization: organization._id,
-      owner: res.req.auth.sub,
-      role: "admin",
-      category: "relative",
-      status: "accept",
-    });
+    const user = await usersService.createUser(
+      createOrganizationOwnerUserBody({
+        organization,
+        owner: res.req.auth.sub,
+        request: req,
+      }),
+    );
     res.status(httpStatus.CREATED).send(organization);
   },
 );

package/src/organizations/organizations.route.ts

@@ -92,7 +92,9 @@ export const organizationsRouteSpecs: RouteSpec[] = [
     responseSchema: organizationResponseSchema,
     handler: updateOrganization,
     summary: "Update an organization by ID",
-    description: "Updates the details of a specific organization by its ID.",
+    privateDocs: true,
+    description:
+      "LEGACY: Updates the details of a specific organization by its ID.",
   },
   {
     method: "delete",

package/src/users/users.model.ts

@@ -14,7 +14,6 @@ export interface IUser {
   inviteCode?: string;
   email?: string;
   role: (typeof roles)[number];
-  category: string;
   status?: string;
   meta?: Record<string, any>;
 }
@@ -27,7 +26,7 @@ export interface IUserModel extends Model<IUserDocument> {
   isEmailTaken(email: string, excludeUserId?: Types.ObjectId): Promise<boolean>;
 }
 
-const userSchema = new Schema<IUserDocument, IUserModel>(
+export const userSchema = new Schema<IUserDocument, IUserModel>(
   {
     name: { type: String, trim: true },
     avatar: { type: String },
@@ -37,7 +36,6 @@ const userSchema = new Schema<IUserDocument, IUserModel>(
     inviteCode: { type: String },
     email: { type: String },
     role: { type: String, default: "patient" /* , enum: Object.keys(roles) */ },
-    category: { type: String, default: "patient" },
     status: { type: String },
     meta: { type: Schema.Types.Mixed },
   },
@@ -59,6 +57,12 @@ userSchema.virtual("organizationData", {
 userSchema.plugin(toJSON);
 userSchema.plugin(paginate);
 
+export const extendUserSchema = (
+  definition: Parameters<typeof userSchema.add>[0],
+): void => {
+  userSchema.add(definition);
+};
+
 /**
  * Check if email is taken
  * @param {string} email - The user's email

package/src/users/users.route.ts

@@ -45,7 +45,6 @@ export const userRouteSpecs: RouteSpec[] = [
     handler: userController.createUser,
     summary: "Create a new user",
     description: "Creates a new user within the current organization.",
-    memoOnly: true,
   },
   {
     method: "get",
@@ -137,7 +136,9 @@ export const userRouteSpecs: RouteSpec[] = [
     responseSchema: updateUserResponseSchema,
     handler: userController.updateUser,
     summary: "Update a user by ID",
-    description: "Replaces a user’s full record with the provided data.",
+    privateDocs: true,
+    description:
+      "LEGACY: Replaces a user’s full record with the provided data. (Replaced by PATCH /:userId)",
   },
   {
     method: "patch",

package/src/users/users.service.ts

@@ -7,6 +7,7 @@ import ApiError from "../utils/ApiError.js";
 import auth0Service from "../accounts/auth0.service";
 import organizationsService from "../organizations/organizations.service";
 import { sendEmail } from "../email/email.service";
+import type { SendEmailParams } from "../email/email.service";
 import i18n from "../i18n/i18n";
 
 export type UpdateTimesByIdHook = (
@@ -21,6 +22,27 @@ export const setUpdateTimesByIdHook = (hook?: UpdateTimesByIdHook): void => {
   updateTimesByIdHook = hook ?? null;
 };
 
+export type BuildInviteEmailParams = {
+  auth: { sub: string };
+  user: IUserDocument;
+  inviteCode: string;
+  email: string;
+  organization: any;
+  lng: string;
+};
+
+export type BuildInviteEmailHook = (
+  params: BuildInviteEmailParams,
+) => Partial<SendEmailParams>;
+
+let buildInviteEmailHook: BuildInviteEmailHook | null = null;
+
+export const setBuildInviteEmailHook = (
+  hook?: BuildInviteEmailHook,
+): void => {
+  buildInviteEmailHook = hook ?? null;
+};
+
 /**
  * Create a new user
  */
@@ -100,14 +122,13 @@ export const getByIdWithAuth0 = async (id: string): Promise<any | null> => {
   return json;
 };
 
-/**
- * Get all users in a given category (and optional organization)
- */
-export const getUsersByCategory = async (
-  category: string,
+export const getUsersByAppField = async (
+  appName: string,
+  fieldName: string,
+  value: unknown,
   organization?: string,
 ): Promise<IUserDocument[]> => {
-  const filter: any = { category };
+  const filter: any = { [`apps.${appName}.${fieldName}`]: value };
   if (organization) filter.organization = organization;
   return User.find(filter);
 };
@@ -182,21 +203,35 @@ export const sendInviteEmail = async (params: {
   const auth0User = await auth0Service.getUserById(auth.sub);
   const lng = auth0User.data?.app_metadata?.language as string | "en";
 
-  const title = `${i18n.t("Invite to ", { lng })}${
-    organization.kind === "private-wirewire" ? "paperlesspaper" : "ANABOX smart"
-  }`;
   const body = i18n.t(
     "You have been invited to join the group. Click on the link to accept the invitation.",
     { lng },
   );
-
-  await sendEmail({
-    title,
+  const baseEmail: SendEmailParams = {
+    title: `${i18n.t("Invite to ", { lng })}${
+      organization?.name || "Application"
+    }`,
     body,
     url: `/${user.organization}/invite/${inviteCode}`,
     actionButtonText: "Accept invite",
-    domain: organization.kind === "private-wirewire" ? "web" : "memo",
+    domain: "web",
+    productName: organization?.name || "Application",
     email,
+    lng,
+  };
+
+  await sendEmail({
+    ...baseEmail,
+    ...(buildInviteEmailHook
+      ? buildInviteEmailHook({
+          auth,
+          user,
+          inviteCode,
+          email,
+          organization,
+          lng,
+        })
+      : {}),
   });
 };
 
@@ -384,7 +419,7 @@ export default {
   createCurrentUser,
   getById,
   getByIdWithAuth0,
-  getUsersByCategory,
+  getUsersByAppField,
   getUsersByOrganization,
   getUsersByOrganizationAndId,
   getUsersByOwner,
@@ -407,6 +442,7 @@ export default {
   populateAuth0User,
   populateAuth0Users,
   setUpdateTimesByIdHook,
+  setBuildInviteEmailHook,
 };
 
 export type UserService = typeof import("./users.service");

package/src/users/users.validation.ts

@@ -14,37 +14,39 @@ import {
 
 extendZodWithOpenApi(z);
 
-export const createUserSchema = {
-  body: z.object({
-    meta: z
-      .object({})
-      .passthrough()
-      .optional()
-      .openapi({
-        example: { key: "value" },
-        description: "Additional metadata for the user",
-      }),
-    organization: zObjectId.openapi({
-      description: "Organization ObjectId",
-    }),
-    email: z.string().email().optional().nullable().openapi({
-      example: "user@example.com",
-      description: "User email address",
-    }),
-    timezone: z.string().optional().openapi({
-      example: "Europe/Berlin",
-      description: "IANA timezone string",
-    }),
-    role: z.enum(["user", "admin", "patient", "onlyself"]).optional().openapi({
-      description: "Role assigned to the user",
+export const userAppsSchema = z
+  .record(z.string(), z.unknown())
+  .optional()
+  .openapi({ description: "Application-specific user fields" });
+
+export const createUserBodyShape = {
+  meta: z
+    .object({})
+    .passthrough()
+    .optional()
+    .openapi({
+      example: { key: "value" },
+      description: "Additional metadata for the user",
     }),
-    category: z
-      .enum(["doctor", "nurse", "patient", "pharmacist", "relative"])
-      .optional()
-      .openapi({
-        description: "Category of the user",
-      }),
+  apps: userAppsSchema,
+  organization: zObjectId.openapi({
+    description: "Organization ObjectId",
+  }),
+  email: z.string().email().optional().nullable().openapi({
+    example: "user@example.com",
+    description: "User email address",
+  }),
+  timezone: z.string().optional().openapi({
+    example: "Europe/Berlin",
+    description: "IANA timezone string",
   }),
+  role: z.enum(["user", "admin", "patient", "onlyself"]).optional().openapi({
+    description: "Role assigned to the user",
+  }),
+};
+
+export const createUserSchema = {
+  body: z.object(createUserBodyShape),
 };
 
 export const createCurrentUserSchema = createUserSchema;
@@ -69,39 +71,39 @@ export const getCurrentUserSchema = {
   }),
 };
 
+export const updateUserBodyShape = {
+  name: z.string().optional().openapi({ description: "User full name" }),
+  timezone: z.string().optional().openapi({ description: "IANA timezone" }),
+  avatar: z.string().optional().openapi({ description: "Avatar URL" }),
+  meta: z
+    .object({})
+    .passthrough()
+    .optional()
+    .openapi({ description: "Additional metadata" }),
+  apps: userAppsSchema,
+  email: z
+    .string()
+    .email()
+    .nullable()
+    .optional()
+    .openapi({ description: "User email address" }),
+  role: z
+    .enum(["user", "admin", "patient", "onlyself"])
+    .optional()
+    .openapi({ description: "User role" }),
+  inviteCode: z
+    .string()
+    .nullable()
+    .optional()
+    .openapi({ description: "Invite code" }),
+  organization: zObjectId
+    .optional()
+    .openapi({ description: "Organization ObjectId" }),
+};
+
 export const updateUserSchema = {
   ...zUpdate("userId"),
-  body: zPatchBody({
-    name: z.string().optional().openapi({ description: "User full name" }),
-    timezone: z.string().optional().openapi({ description: "IANA timezone" }),
-    avatar: z.string().optional().openapi({ description: "Avatar URL" }),
-    meta: z
-      .object({})
-      .optional()
-      .openapi({ description: "Additional metadata" }),
-    category: z
-      .enum(["doctor", "nurse", "patient", "pharmacist", "relative"])
-      .optional()
-      .openapi({ description: "User category" }),
-    email: z
-      .string()
-      .email()
-      .nullable()
-      .optional()
-      .openapi({ description: "User email address" }),
-    role: z
-      .enum(["user", "admin", "patient", "onlyself"])
-      .optional()
-      .openapi({ description: "User role" }),
-    inviteCode: z
-      .string()
-      .nullable()
-      .optional()
-      .openapi({ description: "Invite code" }),
-    organization: zObjectId
-      .optional()
-      .openapi({ description: "Organization ObjectId" }),
-  }),
+  body: zPatchBody(updateUserBodyShape),
 };
 
 export const deleteUserSchema = zDelete("userId");

package/src/utils/buildRouterAndDocs.ts

@@ -30,16 +30,25 @@ export type RouteSpec = {
   summary: string;
   description?: string;
   privateDocs?: boolean;
-  memoOnly?: boolean;
+};
+
+export type BuildRouterAndDocsOptions = {
+  routeSpecs?: (specs: RouteSpec[]) => RouteSpec[];
+  includeInDocs?: (spec: RouteSpec) => boolean;
 };
 
 export default function buildAiRouterAndDocs(
   router: Router,
-  routeSpecs: any,
+  routeSpecs: RouteSpec[],
   basePath = "/",
   tags: string[] = [],
+  options: BuildRouterAndDocsOptions = {},
 ) {
-  routeSpecs.forEach((spec) => {
+  const effectiveRouteSpecs = options.routeSpecs
+    ? options.routeSpecs(routeSpecs)
+    : routeSpecs;
+
+  effectiveRouteSpecs.forEach((spec) => {
     const validate = spec.validate || [];
     const routeMiddleware =
       spec.validateWithRequestSchema ||
@@ -68,7 +77,7 @@ export default function buildAiRouterAndDocs(
       spec.responseSchema &&
       !hasRoleValidation(spec.validateWithRequestSchema || validate) &&
       spec.privateDocs !== true &&
-      spec.memoOnly !== true
+      (options.includeInDocs ? options.includeInDocs(spec) : true)
     ) {
       // collect all middleware fn names (falls back to '<anonymous>' if unnamed)
       const middlewareNames = (spec.validateWithRequestSchema || validate).map(
@@ -96,7 +105,7 @@ export default function buildAiRouterAndDocs(
         // (optionally) expose them as a custom extension instead:
         "x-middlewares": middlewareNames,
 
-        security: [{ [bearerAuth.name]: [] }, { [xApiKey.name]: [] }],
+        security: [{ [xApiKey.name]: [] }, { [bearerAuth.name]: [] }],
         responses: {
           200: {
             description: "Object with user data.",

package/dist/src/pdf/pdf.controller.js

@@ -1,24 +0,0 @@
-import httpStatus from "http-status";
-import catchAsync from "../utils/catchAsync.js";
-import pdfService from "./pdf.service.js";
-import ApiError from "../utils/ApiError.js";
-export const generatePdfFromUrl = catchAsync(async (req, res) => {
-    const fileName = "memo-print";
-    const authHeader = req.headers["authorization"];
-    if (!authHeader) {
-        throw new ApiError(httpStatus.UNAUTHORIZED, "Missing Authorization header");
-    }
-    const token = authHeader.split(" ")[1];
-    if (!token) {
-        throw new ApiError(httpStatus.UNAUTHORIZED, "Missing bearer token");
-    }
-    const urlPath = typeof req.query.urlPath === "string" ? req.query.urlPath : undefined;
-    if (!urlPath) {
-        throw new ApiError(httpStatus.BAD_REQUEST, "Missing urlPath query parameter");
-    }
-    const result = await pdfService.generatePdfFromUrl({ urlPath, token });
-    res.status(httpStatus.CREATED).send({ signed: result });
-});
-export default {
-    generatePdfFromUrl,
-};

package/dist/src/pdf/pdf.route.js

@@ -1,22 +0,0 @@
-import { Router } from "express";
-import buildRouterAndDocs from "../utils/buildRouterAndDocs.js";
-import { generatePdfSchema } from "./pdf.validation.js";
-import { pdfResponseSchema } from "./pdf.schemas.js";
-import { generatePdfFromUrl } from "./pdf.controller.js";
-import auth from "../middlewares/auth.js";
-export const pdfRouteSpecs = [
-    {
-        method: "get",
-        path: "/",
-        validate: [auth("manageUsers")],
-        requestSchema: generatePdfSchema,
-        responseSchema: pdfResponseSchema,
-        handler: generatePdfFromUrl,
-        summary: "Generate a PDF from a provided URL",
-        description: "This endpoint allows users to generate a PDF document from a specified URL.",
-        memoOnly: true,
-    },
-];
-const router = Router();
-buildRouterAndDocs(router, pdfRouteSpecs, "/pdf", ["PDF"]);
-export default router;