@internetderdinge/api 1.229.32 → 1.229.39

package/dist/src/accounts/accounts.route.js

@@ -12,9 +12,9 @@ export const accountsRouteSpecs = [
         validate: [auth("manageUsers")],
         requestSchema: accountsValidation.currentAccountSchema,
         responseSchema: accountResponseSchema,
-        privateDocs: true,
         handler: accountsController.current,
         summary: "Get the current account",
+        description: "Fetches the details of the currently authenticated account.",
     },
     {
         method: "post",
@@ -56,15 +56,26 @@ export const accountsRouteSpecs = [
         handler: accountsController.avatar,
         summary: "Fetch account avatar",
     },
+    {
+        method: "delete",
+        path: "/current",
+        validate: [auth("manageUsers")],
+        requestSchema: accountsValidation.deleteCurrentSchema,
+        responseSchema: accountResponseSchema,
+        handler: accountsController.deleteCurrent,
+        summary: "Delete the current user's account",
+        description: "Permanently deletes the current user's account. Will not delete associated data. This action is irreversible.",
+    },
     {
         method: "delete",
         path: "/deleteCurrent",
         validate: [auth("manageUsers")],
         requestSchema: accountsValidation.deleteCurrentSchema,
         responseSchema: accountResponseSchema,
-        privateDocs: true,
         handler: accountsController.deleteCurrent,
-        summary: "Delete the current account",
+        summary: "Delete the current user's account",
+        privateDocs: true,
+        description: "LEGACY: Permanently deletes the current user's account. Will not delete associated data. This action is irreversible. (Replaced by DELETE /current)",
     },
     {
         method: "get",
@@ -74,6 +85,7 @@ export const accountsRouteSpecs = [
         responseSchema: accountResponseSchema,
         handler: accountsController.getAccountById,
         summary: "Get an account by ID",
+        description: "Fetches the details of a single account by its ID.",
     },
     {
         method: "post",
@@ -83,7 +95,8 @@ export const accountsRouteSpecs = [
         responseSchema: accountResponseSchema,
         privateDocs: true,
         handler: accountsController.updateEntry,
-        summary: "Create or replace an account by ID",
+        summary: "Update an account by ID",
+        description: "LEGACY: Updates an existing account with a specified ID.",
     },
     {
         method: "patch",
@@ -91,9 +104,9 @@ export const accountsRouteSpecs = [
         validate: [auth("manageUsers"), validateParamsAccount],
         requestSchema: accountsValidation.updateAccountSchema,
         responseSchema: accountResponseSchema,
-        privateDocs: true,
         handler: accountsController.updateEntry,
         summary: "Update fields on an account by ID",
+        description: "Updates specific fields of an existing account identified by its ID.",
     },
 ];
 const router = Router();

package/dist/src/admin/adminSearch.controller.js

@@ -1,12 +1,5 @@
-import httpStatus from "http-status";
-import { ApiError } from "../utils/ApiError.js";
 import catchAsync from "../utils/catchAsync.js";
 import { getAdminDevices, getAdminIotDevices, getAdminStats, searchAdminCollections, } from "./adminSearch.service.js";
-const ADMIN_ROLE_CLAIM = "https://memo.wirewire.de/roles";
-const hasAdminRole = (auth) => {
-    const roles = auth?.[ADMIN_ROLE_CLAIM];
-    return Array.isArray(roles) && roles.includes("admin");
-};
 const readListQuery = (req) => {
     const rawPage = Number(req.query.page);
     const rawPerPage = Number(req.query.perPage);
@@ -20,9 +13,6 @@ const readListQuery = (req) => {
     };
 };
 export const searchAdmin = catchAsync(async (req, res) => {
-    if (!hasAdminRole(req.auth)) {
-        throw new ApiError(httpStatus.FORBIDDEN, "User is not part of the admin group");
-    }
     const search = String(req.query.search || "").trim();
     const rawLimit = Number(req.query.limit);
     const limit = Number.isFinite(rawLimit)
@@ -32,23 +22,14 @@ export const searchAdmin = catchAsync(async (req, res) => {
     res.send(result);
 });
 export const getStats = catchAsync(async (req, res) => {
-    if (!hasAdminRole(req.auth)) {
-        throw new ApiError(httpStatus.FORBIDDEN, "User is not part of the admin group");
-    }
     const result = await getAdminStats();
     res.send(result);
 });
 export const getIotDevices = catchAsync(async (req, res) => {
-    if (!hasAdminRole(req.auth)) {
-        throw new ApiError(httpStatus.FORBIDDEN, "User is not part of the admin group");
-    }
     const result = await getAdminIotDevices(readListQuery(req));
     res.send(result);
 });
 export const getDevices = catchAsync(async (req, res) => {
-    if (!hasAdminRole(req.auth)) {
-        throw new ApiError(httpStatus.FORBIDDEN, "User is not part of the admin group");
-    }
     const result = await getAdminDevices(readListQuery(req));
     res.send(result);
 });

package/dist/src/admin/adminSearch.route.js

@@ -1,7 +1,7 @@
 import { Router } from "express";
 import buildRouterAndDocs from "../utils/buildRouterAndDocs.js";
 import auth from "../middlewares/auth.js";
-import { validateAdmin } from "../middlewares/validateAdmin.js";
+import { validateAdminOrSupport } from "../middlewares/validateAdminOrSupport.js";
 import { getDevices, getIotDevices, getStats, searchAdmin, } from "./adminSearch.controller.js";
 import { adminDevicesSchema, adminIotDevicesSchema, adminSearchSchema, adminStatsSchema, } from "./adminSearch.validation.js";
 import { adminDevicesResponseSchema, adminIotDevicesResponseSchema, adminSearchResponseSchema, adminStatsResponseSchema, } from "./adminSearch.schemas.js";
@@ -9,7 +9,7 @@ export const adminSearchRouteSpecs = [
     {
         method: "get",
         path: "/stats",
-        validate: [auth("getUsers"), validateAdmin],
+        validate: [auth("getUsers"), validateAdminOrSupport],
         requestSchema: adminStatsSchema,
         responseSchema: adminStatsResponseSchema,
         handler: getStats,
@@ -19,7 +19,7 @@ export const adminSearchRouteSpecs = [
     {
         method: "get",
         path: "/search",
-        validate: [auth("getUsers"), validateAdmin],
+        validate: [auth("getUsers"), validateAdminOrSupport],
         requestSchema: adminSearchSchema,
         responseSchema: adminSearchResponseSchema,
         handler: searchAdmin,
@@ -29,7 +29,7 @@ export const adminSearchRouteSpecs = [
     {
         method: "get",
         path: "/iotDevices",
-        validate: [auth("getUsers"), validateAdmin],
+        validate: [auth("getUsers"), validateAdminOrSupport],
         requestSchema: adminIotDevicesSchema,
         responseSchema: adminIotDevicesResponseSchema,
         handler: getIotDevices,
@@ -39,7 +39,7 @@ export const adminSearchRouteSpecs = [
     {
         method: "get",
         path: "/devices",
-        validate: [auth("getUsers"), validateAdmin],
+        validate: [auth("getUsers"), validateAdminOrSupport],
         requestSchema: adminDevicesSchema,
         responseSchema: adminDevicesResponseSchema,
         handler: getDevices,

package/dist/src/devices/devices.controller.js

@@ -107,6 +107,9 @@ const updateEntry = catchAsync(async (req, res) => {
 });
 const getEvents = catchAsync(async (req, res) => {
     const device = await devicesService.getById(req.params.deviceId);
+    if (!device) {
+        throw new ApiError(httpStatus.NOT_FOUND, "Device not found");
+    }
     const events = await iotDevicesService.getEvents({
         ...req.query,
         createdAt: device.createdAt,
@@ -129,14 +132,9 @@ export const resetDevice = catchAsync(async (req, res) => {
     const reset = await iotDevicesService.resetDevice(device.deviceId, req.body);
     res.send({ device, reset });
 });
-const ledLight = catchAsync(async (req, res) => {
-    const device = await devicesService.getByIdWithIoT(req.params.deviceId);
-    const ping = await iotDevicesService.ledLightHint(device.deviceId, req.body);
-    res.send({ device, ping });
-});
 const rebootDevice = catchAsync(async (req, res) => {
     const device = await devicesService.getByIdWithIoT(req.params.deviceId);
     const reboot = await iotDevicesService.rebootDevice(device.deviceId);
     res.send({ device, reboot });
 });
-export { createEntry, getEntries, queryDevicesByUser, getEvents, registerDevice, pingDevice, ledLight, rebootDevice, getEntry, updateEntry, deleteEntry, };
+export { createEntry, getEntries, queryDevicesByUser, getEvents, registerDevice, pingDevice, rebootDevice, getEntry, updateEntry, deleteEntry, };

package/dist/src/devices/devices.route.js

@@ -6,7 +6,7 @@ import { validateQuerySearchUserAndOrganization } from "../middlewares/validateQ
 import { validateDevice } from "../middlewares/validateDevice.js";
 import * as devicesController from "./devices.controller.js";
 import { resetDevice } from "./devices.controller.js";
-import { createDeviceSchema, queryDevicesSchema, getDeviceSchema, updateDeviceSchema, deleteDeviceSchema, getEventsSchema, pingDeviceSchema, registerDeviceSchema, ledLightSchema, rebootDeviceSchema, resetDeviceSchema, } from "./devices.validation.js";
+import { createDeviceSchema, queryDevicesSchema, getDeviceSchema, updateDeviceSchema, deleteDeviceSchema, getEventsSchema, pingDeviceSchema, registerDeviceSchema, rebootDeviceSchema, resetDeviceSchema, } from "./devices.validation.js";
 import { deviceResponseSchema, devicesResponseSchema, eventResponseSchema, genericResponseSchema, resetResponseSchema, } from "./devices.schemas.js";
 import { validateOrganizationDelete, validateOrganizationUpdate, } from "../middlewares/validateAction.js";
 export const devicesRouteSpecs = [
@@ -32,7 +32,7 @@ export const devicesRouteSpecs = [
         responseSchema: devicesResponseSchema,
         handler: devicesController.queryDevicesByUser,
         summary: "Query devices by user",
-        description: "Retrieve a paginated list of devices visible to the authenticated user.",
+        description: "Retrieve a paginated list of devices visible to the authenticated user. Either patient or organization is required.",
     },
     {
         method: "get",
@@ -61,8 +61,19 @@ export const devicesRouteSpecs = [
         requestSchema: updateDeviceSchema,
         responseSchema: deviceResponseSchema,
         handler: devicesController.updateEntry,
+        privateDocs: true,
         summary: "Update a device",
-        description: "Modify the properties of an existing device identified by its ID.",
+        description: "LEGACY: Modify the properties of an existing device identified by its ID.",
+    },
+    {
+        method: "patch",
+        path: "/:deviceId",
+        validate: [auth("manageUsers"), validateDevice, validateOrganizationUpdate],
+        requestSchema: updateDeviceSchema,
+        responseSchema: deviceResponseSchema,
+        handler: devicesController.updateEntry,
+        summary: "Update a device",
+        description: "Updates specific fields of an existing device identified by its ID.",
     },
     {
         method: "delete",
@@ -88,17 +99,6 @@ export const devicesRouteSpecs = [
         summary: "Register a device",
         description: "Associate an existing device with the authenticated organization.",
     },
-    {
-        method: "post",
-        path: "/ledlight/:deviceId",
-        validate: [auth("getUsers"), validateDevice],
-        requestSchema: ledLightSchema,
-        responseSchema: genericResponseSchema,
-        handler: devicesController.ledLight,
-        summary: "Set LED light on device",
-        description: "Turn the device’s LED on or off, or set its color/brightness.",
-        memoOnly: true,
-    },
     {
         method: "get",
         path: "/ping/:deviceId",

package/dist/src/devices/devices.validation.js

@@ -1,6 +1,6 @@
 import { extendZodWithOpenApi } from "@asteasolutions/zod-to-openapi";
 import { z } from "zod";
-import { zGet, zObjectId, zObjectIdFor, zPatchBody, zUpdate, zDelete, zPagination, } from "../utils/zValidations.js";
+import { zGet, zObjectId, zObjectIdFor, zPatchBody, zUpdate, zDelete, zPagination, zTypeFilter, } from "../utils/zValidations.js";
 extendZodWithOpenApi(z);
 export const createEntrySchema = {
     body: z
@@ -58,9 +58,9 @@ export const getEventsSchema = {
     }),
     query: z
         .object({
-        DateStart: z.string(),
-        DateEnd: z.string(),
-        TypeFilter: z.string().optional(),
+        DateStart: z.string().datetime().optional(),
+        DateEnd: z.string().datetime().optional(),
+        TypeFilter: zTypeFilter,
     })
         .openapi({ description: "Fetch device events in a time range" }),
 };
@@ -95,53 +95,6 @@ export const createDeviceSchema = {
 };
 export const deleteDeviceSchema = zDelete("deviceId");
 export const getDeviceSchema = zGet("deviceId");
-export const ledLightSchema = {
-    params: z.object({
-        deviceId: zObjectId.openapi({ description: "Device ObjectId" }),
-    }),
-    body: z
-        .object({
-        led: z.array(z.tuple([z.number().int(), z.number().int()])),
-        timeout: z.number().int(),
-    })
-        .openapi({
-        description: "LED light configuration for device",
-        example: {
-            led: [
-                [0, 0],
-                [1, 0],
-                [2, 0],
-                [3, 0],
-                [4, 0],
-                [5, 0],
-                [6, 0],
-                [7, 0],
-                [8, 0],
-                [9, 0],
-                [10, 0],
-                [11, 0],
-                [12, 0],
-                [13, 0],
-                [14, 0],
-                [15, 100],
-                [16, 100],
-                [17, 100],
-                [18, 100],
-                [19, 100],
-                [20, 100],
-                [21, 100],
-                [22, 0],
-                [23, 0],
-                [24, 0],
-                [25, 0],
-                [26, 0],
-                [27, 0],
-                [28, 0],
-            ],
-            timeout: 40,
-        },
-    }),
-};
 export const pingDeviceSchema = {
     params: z.object({
         deviceId: zObjectIdFor("deviceId").openapi({
@@ -191,9 +144,17 @@ export const registerDeviceSchema = {
 };
 export const queryDevicesSchema = {
     ...zPagination,
-    query: zPagination.query.extend({
-        patient: zObjectIdFor("patient").optional(),
-        organization: zObjectIdFor("organization").optional(),
+    query: zPagination.query
+        .extend({
+        patient: zObjectIdFor("patient").optional().openapi({
+            description: "Patient ObjectId. Required if organization is not provided.",
+        }),
+        organization: zObjectIdFor("organization").optional().openapi({
+            description: "Organization ObjectId. Required if patient is not provided.",
+        }),
+    })
+        .refine((data) => data.patient || data.organization, {
+        message: "Either patient or organization is required",
     }),
 };
 export const subscriptionSchema = {

package/dist/src/email/email.service.js

@@ -34,7 +34,7 @@ const actionButton = ({ link, text, color = "#0076ff", }) => {
   </tr>
 </table>`;
 };
-export const sendEmail = async ({ title = "Kein Titel", body = "Kein Inhalt", url = "", domain = "memo", image, email, actionButtonText, lng, }) => {
+export const sendEmail = async ({ title = "Kein Titel", body = "Kein Inhalt", url = "", domain = "web", appBaseUrl = `https://${domain}.wirewire.de`, productName = domain, companyName = "The Wire UG", accountUrl = `${appBaseUrl}/account`, image, email, actionButtonText, lng, }) => {
     const interactive = "#0076ff";
     const sesClient = new SESv2Client({
         region: "eu-central-1",
@@ -511,8 +511,8 @@ export const sendEmail = async ({ title = "Kein Titel", body = "Kein Inhalt", ur
           <table class="email-content" width="100%" cellpadding="0" cellspacing="0" role="presentation">
             <tr>
               <td class="email-masthead">
-                <a href="https://${domain}.wirewire.de" class="f-fallback email-masthead_name">
-                 ${domain === "memo" ? "ANABOX smart" : "paperlesspaper"}
+                <a href="${appBaseUrl}" class="f-fallback email-masthead_name">
+                 ${productName}
               </a>
               </td>
             </tr>
@@ -531,7 +531,7 @@ export const sendEmail = async ({ title = "Kein Titel", body = "Kein Inhalt", ur
                         ${actionButton({
                             link: urlStartsWithHttp(url)
                                 ? url
-                                : `http://${domain}.wirewire.de${url}`,
+                                : `${appBaseUrl}${url}`,
                             text: actionButtonTextWithLanguage,
                         })}
                       </div>
@@ -546,8 +546,8 @@ export const sendEmail = async ({ title = "Kein Titel", body = "Kein Inhalt", ur
                   <tr>
                     <td class="content-cell" align="center">
                       <p class="f-fallback sub align-center">
-                        ${domain === "web" ? "The Wire UG" : "wirewire GmbH"}
-                        <a href="http://${domain}.wirewire.de/account">Account</a>
+                        ${companyName}
+                        <a href="${accountUrl}">Account</a>
 
                         ${config.env !== "production" ? `<br/><br/>Environment: ${config.env}` : ""}
                       </p>

package/dist/src/index.js

@@ -8,12 +8,16 @@ export { validateDevice, validateDeviceIsInOrganization, validateDeviceOrOrganiz
 export { initI18n } from "../src/i18n/i18n";
 export { default as i18n } from "../src/i18n/i18n";
 export { default as usersRoute } from "../src/users/users.route";
+export * from "../src/users/users.route";
 export { default as usersService } from "../src/users/users.service";
+export * from "../src/users/users.service";
+export * from "../src/users/users.validation";
 export { default as accountsRoute } from "../src/accounts/accounts.route";
 export { default as adminSearchRoute } from "../src/admin/adminSearch.route";
 export { default as accountsService } from "../src/accounts/accounts.service";
 export { auth0 } from "../src/accounts/auth0.service";
 export { default as organizationsRoute } from "../src/organizations/organizations.route";
+export * from "../src/organizations/organizations.controller";
 export { default as organizationsService } from "../src/organizations/organizations.service";
 export { default as Organization } from "../src/organizations/organizations.model";
 export { default as devicesRoute } from "../src/devices/devices.route";
@@ -25,11 +29,11 @@ export { default as devicesNotificationsService } from "../src/devicesNotificati
 export { default as iotDevicesService } from "../src/iotdevice/iotdevice.service";
 export { default as iotdeviceRoute } from "../src/iotdevice/iotdevice.route";
 export { SIMILARITY_THRESHOLD, alarmsDevice, getDeviceStatus, getDeviceStatusList, shadowAlarmGet, shadowAlarmUpdate, } from "../src/iotdevice/iotdevice.service";
-export { default as pdfRoute } from "../src/pdf/pdf.route";
 export { default as tokensRoute } from "../src/tokens/tokens.route";
 export * from "../src/tokens/tokens.service";
 export { default as Token } from "../src/tokens/tokens.model";
 export { User } from "../src/users/users.model";
+export * from "../src/users/users.model";
 export { isAdmin, validateAdmin } from "../src/middlewares/validateAdmin";
 export { sendEmail } from "../src/email/email.service";
 export { default as catchAsync } from "../src/utils/catchAsync";

package/dist/src/iotdevice/iotdevice.route.js

@@ -26,6 +26,7 @@ export const iotdeviceRouteSpecs = [
         requestSchema: getEventsSchema,
         responseSchema: eventResponseSchema.array(),
         handler: getEvents,
+        privateDocs: true,
         summary: "Get events for a device",
         description: "Fetches event records for the specified device by its ID.",
     },
@@ -104,8 +105,9 @@ export const iotdeviceRouteSpecs = [
         requestSchema: apiStatusRequestSchema,
         responseSchema: apiStatusSchema,
         handler: getApiStatus,
+        privateDocs: true,
         summary: "Get API status by kind",
-        description: "Retrieves the IoT API status information for a given status kind to monitor system health or performance. Can be accessed without authentication for monitoring purposes.",
+        description: "Retrieves the IoT API status information for a given status kind to monitor system health or performance. Can be accessed without authentication for uptime monitoring purposes.",
     },
     {
         method: "get",

package/dist/src/iotdevice/iotdevice.service.js

@@ -22,16 +22,16 @@ const iotDataClient = new IoTDataPlaneClient({
  */
 export const getEvents = async (params) => {
     const accessToken = await getAuth0Token();
+    // Keep the requested start date, but never query events before the device existed.
+    const dateStart = params.createdAt && new Date(params.DateStart) < new Date(params.createdAt)
+        ? params.createdAt
+        : params.DateStart;
     try {
         const response = await axios.get(`${process.env.IOT_API_URL}getevent`, {
             headers: { Authorization: `Bearer ${accessToken}` },
             params: {
                 DeviceId: params.DeviceId,
-                DateStart: !params.createdAt
-                    ? params.DateStart
-                    : params.DateStart < params.createdAt
-                        ? params.DateStart
-                        : params.createdAt,
+                DateStart: dateStart,
                 DateEnd: params.DateEnd,
                 TypeFilter: params.TypeFilter,
             },

package/dist/src/iotdevice/iotdevice.validation.js

@@ -1,6 +1,6 @@
 import { extendZodWithOpenApi } from '@asteasolutions/zod-to-openapi';
 import { z } from 'zod';
-import { zObjectId, zPagination } from '../utils/zValidations';
+import { zObjectId, zPagination, zTypeFilter } from '../utils/zValidations';
 extendZodWithOpenApi(z);
 export const getDevice = {
     params: z.object({
@@ -27,9 +27,17 @@ export const getEventsSchema = {
         deviceId: zObjectId.openapi({ description: 'Device ObjectId' }),
     }),
     query: z.object({
-        DateStart: z.string().openapi({ description: 'Start date (ISO‐string)', example: '2025-05-01T00:00:00Z' }),
-        DateEnd: z.string().openapi({ description: 'End date (ISO‐string)', example: '2025-05-31T23:59:59Z' }),
-        TypeFilter: z.string().openapi({ description: 'Optional type filter', example: '' }).optional().default(''),
+        DateStart: z
+            .string()
+            .datetime()
+            .openapi({ description: 'Start date (ISO‐string)', example: '2025-05-01T00:00:00Z' })
+            .optional(),
+        DateEnd: z
+            .string()
+            .datetime()
+            .openapi({ description: 'End date (ISO‐string)', example: '2025-05-31T23:59:59Z' })
+            .optional(),
+        TypeFilter: zTypeFilter.default(''),
     }),
 };
 export const updateEntrySchema = {};

package/dist/src/middlewares/validateAdminOrSupport.js

@@ -0,0 +1,20 @@
+import httpStatus from "http-status";
+import ApiError from "../utils/ApiError";
+const ROLES_CLAIM = "https://memo.wirewire.de/roles";
+const isAdminOrSupport = (user) => {
+    if (!user)
+        return false;
+    const roles = user[ROLES_CLAIM];
+    return Array.isArray(roles)
+        ? roles.includes("admin") || roles.includes("support")
+        : false;
+};
+const validateAdminOrSupport = async (req, res, next) => {
+    if (isAdminOrSupport(req.auth)) {
+        next();
+    }
+    else {
+        next(new ApiError(httpStatus.FORBIDDEN, "User is not part of the admin or support group (validateAdminOrSupport)"));
+    }
+};
+export { isAdminOrSupport, validateAdminOrSupport };

package/dist/src/organizations/organizations.controller.js

@@ -7,15 +7,26 @@ import organizationsService, { deleteOrganizationById, } from "./organizations.s
 import mongoose from "mongoose";
 import { filterOptions } from "../utils/filterOptions.js";
 const ObjectId = mongoose.Types.ObjectId;
+let createOrganizationOwnerUserHook = null;
+export const setCreateOrganizationOwnerUserHook = (hook) => {
+    createOrganizationOwnerUserHook = hook ?? null;
+};
+const createOrganizationOwnerUserBody = (params) => ({
+    organization: params.organization._id,
+    owner: params.owner,
+    role: "admin",
+    status: "accept",
+    ...(createOrganizationOwnerUserHook
+        ? createOrganizationOwnerUserHook(params)
+        : {}),
+});
 export const createOrganization = catchAsync(async (req, res) => {
     const organization = await organizationsService.createOrganization(req.body);
-    const user = await usersService.createUser({
-        organization: organization._id,
+    const user = await usersService.createUser(createOrganizationOwnerUserBody({
+        organization,
         owner: res.req.auth.sub,
-        role: "admin",
-        category: "relative",
-        status: "accept",
-    });
+        request: req,
+    }));
     res.status(httpStatus.CREATED).send(organization);
 });
 export const getOrganizations = catchAsync(async (req, res) => {

package/dist/src/organizations/organizations.route.js

@@ -74,7 +74,8 @@ export const organizationsRouteSpecs = [
         responseSchema: organizationResponseSchema,
         handler: updateOrganization,
         summary: "Update an organization by ID",
-        description: "Updates the details of a specific organization by its ID.",
+        privateDocs: true,
+        description: "LEGACY: Updates the details of a specific organization by its ID.",
     },
     {
         method: "delete",

package/dist/src/users/users.model.js

@@ -1,7 +1,7 @@
 // @ts-nocheck
 import mongoose, { Schema } from "mongoose";
 import { toJSON, paginate } from "../models/plugins/index.js";
-const userSchema = new Schema({
+export const userSchema = new Schema({
     name: { type: String, trim: true },
     avatar: { type: String },
     timezone: { type: String, default: "Europe/Berlin" },
@@ -10,7 +10,6 @@ const userSchema = new Schema({
     inviteCode: { type: String },
     email: { type: String },
     role: { type: String, default: "patient" /* , enum: Object.keys(roles) */ },
-    category: { type: String, default: "patient" },
     status: { type: String },
     meta: { type: Schema.Types.Mixed },
 }, {
@@ -27,6 +26,9 @@ userSchema.virtual("organizationData", {
 // plugins
 userSchema.plugin(toJSON);
 userSchema.plugin(paginate);
+export const extendUserSchema = (definition) => {
+    userSchema.add(definition);
+};
 /**
  * Check if email is taken
  * @param {string} email - The user's email

package/dist/src/users/users.route.js

@@ -17,7 +17,6 @@ export const userRouteSpecs = [
         handler: userController.createUser,
         summary: "Create a new user",
         description: "Creates a new user within the current organization.",
-        memoOnly: true,
     },
     {
         method: "get",
@@ -107,7 +106,8 @@ export const userRouteSpecs = [
         responseSchema: updateUserResponseSchema,
         handler: userController.updateUser,
         summary: "Update a user by ID",
-        description: "Replaces a user’s full record with the provided data.",
+        privateDocs: true,
+        description: "LEGACY: Replaces a user’s full record with the provided data. (Replaced by PATCH /:userId)",
     },
     {
         method: "patch",