@internetderdinge/api 1.229.32 → 1.229.39

package/src/devices/devices.validation.ts

@@ -9,6 +9,7 @@ import {
   zUpdate,
   zDelete,
   zPagination,
+  zTypeFilter,
 } from "../utils/zValidations.js";
 
 extendZodWithOpenApi(z);
@@ -73,9 +74,9 @@ export const getEventsSchema = {
   }),
   query: z
     .object({
-      DateStart: z.string(),
-      DateEnd: z.string(),
-      TypeFilter: z.string().optional(),
+      DateStart: z.string().datetime().optional(),
+      DateEnd: z.string().datetime().optional(),
+      TypeFilter: zTypeFilter,
     })
     .openapi({ description: "Fetch device events in a time range" }),
 };
@@ -112,53 +113,6 @@ export const createDeviceSchema = {
 };
 export const deleteDeviceSchema = zDelete("deviceId");
 export const getDeviceSchema = zGet("deviceId");
-export const ledLightSchema = {
-  params: z.object({
-    deviceId: zObjectId.openapi({ description: "Device ObjectId" }),
-  }),
-  body: z
-    .object({
-      led: z.array(z.tuple([z.number().int(), z.number().int()])),
-      timeout: z.number().int(),
-    })
-    .openapi({
-      description: "LED light configuration for device",
-      example: {
-        led: [
-          [0, 0],
-          [1, 0],
-          [2, 0],
-          [3, 0],
-          [4, 0],
-          [5, 0],
-          [6, 0],
-          [7, 0],
-          [8, 0],
-          [9, 0],
-          [10, 0],
-          [11, 0],
-          [12, 0],
-          [13, 0],
-          [14, 0],
-          [15, 100],
-          [16, 100],
-          [17, 100],
-          [18, 100],
-          [19, 100],
-          [20, 100],
-          [21, 100],
-          [22, 0],
-          [23, 0],
-          [24, 0],
-          [25, 0],
-          [26, 0],
-          [27, 0],
-          [28, 0],
-        ],
-        timeout: 40,
-      },
-    }),
-};
 export const pingDeviceSchema = {
   params: z.object({
     deviceId: zObjectIdFor("deviceId").openapi({
@@ -215,16 +169,28 @@ export const registerDeviceSchema = {
 
 export const queryDevicesSchema = {
   ...zPagination,
-  query: zPagination.query.extend({
-    patient: zObjectIdFor("patient").optional(),
-    organization: zObjectIdFor("organization").optional(),
-  }),
+  query: zPagination.query
+    .extend({
+      patient: zObjectIdFor("patient").optional().openapi({
+        description:
+          "Patient ObjectId. Required if organization is not provided.",
+      }),
+      organization: zObjectIdFor("organization").optional().openapi({
+        description:
+          "Organization ObjectId. Required if patient is not provided.",
+      }),
+    })
+    .refine((data) => data.patient || data.organization, {
+      message: "Either patient or organization is required",
+    }),
 };
+
 export const subscriptionSchema = {
   params: z.object({
     deviceId: zObjectId.openapi({ description: "Device ObjectId" }),
   }),
 };
+
 export const uploadSingleImageFromWebsiteSchema = {};
 export const updateDeviceSchema = {
   ...zUpdate("deviceId"),

package/src/email/email.service.ts

@@ -54,11 +54,15 @@ const actionButton = ({
 </table>`;
 };
 
-interface SendEmailParams {
+export interface SendEmailParams {
   title?: string;
   body?: string;
   url?: string;
   domain?: string;
+  appBaseUrl?: string;
+  productName?: string;
+  companyName?: string;
+  accountUrl?: string;
   image?: string;
   email: string;
   actionButtonText?: string;
@@ -69,7 +73,11 @@ export const sendEmail = async ({
   title = "Kein Titel",
   body = "Kein Inhalt",
   url = "",
-  domain = "memo",
+  domain = "web",
+  appBaseUrl = `https://${domain}.wirewire.de`,
+  productName = domain,
+  companyName = "The Wire UG",
+  accountUrl = `${appBaseUrl}/account`,
   image,
   email,
   actionButtonText,
@@ -560,8 +568,8 @@ export const sendEmail = async ({
           <table class="email-content" width="100%" cellpadding="0" cellspacing="0" role="presentation">
             <tr>
               <td class="email-masthead">
-                <a href="https://${domain}.wirewire.de" class="f-fallback email-masthead_name">
-                 ${domain === "memo" ? "ANABOX smart" : "paperlesspaper"}
+                <a href="${appBaseUrl}" class="f-fallback email-masthead_name">
+                 ${productName}
               </a>
               </td>
             </tr>
@@ -580,7 +588,7 @@ export const sendEmail = async ({
                         ${actionButton({
                           link: urlStartsWithHttp(url)
                             ? url
-                            : `http://${domain}.wirewire.de${url}`,
+                            : `${appBaseUrl}${url}`,
                           text: actionButtonTextWithLanguage,
                         })}
                       </div>
@@ -595,8 +603,8 @@ export const sendEmail = async ({
                   <tr>
                     <td class="content-cell" align="center">
                       <p class="f-fallback sub align-center">
-                        ${domain === "web" ? "The Wire UG" : "wirewire GmbH"}
-                        <a href="http://${domain}.wirewire.de/account">Account</a>
+                        ${companyName}
+                        <a href="${accountUrl}">Account</a>
 
                         ${config.env !== "production" ? `<br/><br/>Environment: ${config.env}` : ""}
                       </p>

package/src/index.ts

@@ -13,12 +13,16 @@ export {
 export { initI18n } from "../src/i18n/i18n";
 export { default as i18n } from "../src/i18n/i18n";
 export { default as usersRoute } from "../src/users/users.route";
+export * from "../src/users/users.route";
 export { default as usersService } from "../src/users/users.service";
+export * from "../src/users/users.service";
+export * from "../src/users/users.validation";
 export { default as accountsRoute } from "../src/accounts/accounts.route";
 export { default as adminSearchRoute } from "../src/admin/adminSearch.route";
 export { default as accountsService } from "../src/accounts/accounts.service";
 export { auth0 } from "../src/accounts/auth0.service";
 export { default as organizationsRoute } from "../src/organizations/organizations.route";
+export * from "../src/organizations/organizations.controller";
 export { default as organizationsService } from "../src/organizations/organizations.service";
 export { default as Organization } from "../src/organizations/organizations.model";
 export { default as devicesRoute } from "../src/devices/devices.route";
@@ -37,11 +41,11 @@ export {
   shadowAlarmGet,
   shadowAlarmUpdate,
 } from "../src/iotdevice/iotdevice.service";
-export { default as pdfRoute } from "../src/pdf/pdf.route";
 export { default as tokensRoute } from "../src/tokens/tokens.route";
 export * from "../src/tokens/tokens.service";
 export { default as Token } from "../src/tokens/tokens.model";
 export { User } from "../src/users/users.model";
+export * from "../src/users/users.model";
 export { isAdmin, validateAdmin } from "../src/middlewares/validateAdmin";
 export { sendEmail } from "../src/email/email.service";
 export { default as catchAsync } from "../src/utils/catchAsync";

package/src/iotdevice/iotdevice.route.ts

@@ -62,6 +62,7 @@ export const iotdeviceRouteSpecs: RouteSpec[] = [
     requestSchema: getEventsSchema,
     responseSchema: eventResponseSchema.array(),
     handler: getEvents,
+    privateDocs: true,
     summary: "Get events for a device",
     description: "Fetches event records for the specified device by its ID.",
   },
@@ -147,9 +148,10 @@ export const iotdeviceRouteSpecs: RouteSpec[] = [
     requestSchema: apiStatusRequestSchema,
     responseSchema: apiStatusSchema,
     handler: getApiStatus,
+    privateDocs: true,
     summary: "Get API status by kind",
     description:
-      "Retrieves the IoT API status information for a given status kind to monitor system health or performance. Can be accessed without authentication for monitoring purposes.",
+      "Retrieves the IoT API status information for a given status kind to monitor system health or performance. Can be accessed without authentication for uptime monitoring purposes.",
   },
   {
     method: "get",

package/src/iotdevice/iotdevice.service.ts

@@ -39,12 +39,17 @@ const iotDataClient = new IoTDataPlaneClient({
  */
 export const getEvents = async (params: {
   DeviceId: string;
-  DateStart: string;
-  DateEnd: string;
+  DateStart?: string;
+  DateEnd?: string;
   TypeFilter?: string;
   createdAt?: string;
 }): Promise<any> => {
   const accessToken = await getAuth0Token();
+  // Keep the requested start date, but never query events before the device existed.
+  const dateStart =
+    params.createdAt && new Date(params.DateStart) < new Date(params.createdAt)
+      ? params.createdAt
+      : params.DateStart;
   try {
     const response: AxiosResponse = await axios.get(
       `${process.env.IOT_API_URL}getevent`,
@@ -52,11 +57,7 @@ export const getEvents = async (params: {
         headers: { Authorization: `Bearer ${accessToken}` },
         params: {
           DeviceId: params.DeviceId,
-          DateStart: !params.createdAt
-            ? params.DateStart
-            : params.DateStart < params.createdAt
-              ? params.DateStart
-              : params.createdAt,
+          DateStart: dateStart,
           DateEnd: params.DateEnd,
           TypeFilter: params.TypeFilter,
         },

package/src/iotdevice/iotdevice.validation.ts

@@ -1,7 +1,7 @@
 import { extendZodWithOpenApi } from '@asteasolutions/zod-to-openapi';
 import { z } from 'zod';
 import { objectId } from '../validations/custom.validation';
-import { zGet, zObjectId, zPagination } from '../utils/zValidations';
+import { zGet, zObjectId, zPagination, zTypeFilter } from '../utils/zValidations';
 
 extendZodWithOpenApi(z);
 
@@ -31,9 +31,17 @@ export const getEventsSchema = {
     deviceId: zObjectId.openapi({ description: 'Device ObjectId' }),
   }),
   query: z.object({
-    DateStart: z.string().openapi({ description: 'Start date (ISO‐string)', example: '2025-05-01T00:00:00Z' }),
-    DateEnd: z.string().openapi({ description: 'End date (ISO‐string)', example: '2025-05-31T23:59:59Z' }),
-    TypeFilter: z.string().openapi({ description: 'Optional type filter', example: '' }).optional().default(''),
+    DateStart: z
+      .string()
+      .datetime()
+      .openapi({ description: 'Start date (ISO‐string)', example: '2025-05-01T00:00:00Z' })
+      .optional(),
+    DateEnd: z
+      .string()
+      .datetime()
+      .openapi({ description: 'End date (ISO‐string)', example: '2025-05-31T23:59:59Z' })
+      .optional(),
+    TypeFilter: zTypeFilter.default(''),
   }),
 };
 export const updateEntrySchema = {};

package/src/middlewares/validateAdminOrSupport.ts

@@ -0,0 +1,34 @@
+import httpStatus from "http-status";
+import ApiError from "../utils/ApiError";
+import type { Request, Response, NextFunction } from "express";
+
+const ROLES_CLAIM = "https://memo.wirewire.de/roles";
+
+const isAdminOrSupport = (user: Record<string, any> | undefined): boolean => {
+  if (!user) return false;
+
+  const roles = user[ROLES_CLAIM];
+
+  return Array.isArray(roles)
+    ? roles.includes("admin") || roles.includes("support")
+    : false;
+};
+
+const validateAdminOrSupport = async (
+  req: Request,
+  res: Response,
+  next: NextFunction,
+): Promise<void> => {
+  if (isAdminOrSupport(req.auth)) {
+    next();
+  } else {
+    next(
+      new ApiError(
+        httpStatus.FORBIDDEN,
+        "User is not part of the admin or support group (validateAdminOrSupport)",
+      ),
+    );
+  }
+};
+
+export { isAdminOrSupport, validateAdminOrSupport };

package/src/organizations/organizations.controller.ts

@@ -12,18 +12,49 @@ import { filterOptions } from "../utils/filterOptions.js";
 
 const ObjectId = mongoose.Types.ObjectId;
 
+export type CreateOrganizationOwnerUserParams = {
+  organization: any;
+  owner: string;
+  request: Request;
+};
+
+export type CreateOrganizationOwnerUserHook = (
+  params: CreateOrganizationOwnerUserParams,
+) => Record<string, any>;
+
+let createOrganizationOwnerUserHook: CreateOrganizationOwnerUserHook | null =
+  null;
+
+export const setCreateOrganizationOwnerUserHook = (
+  hook?: CreateOrganizationOwnerUserHook,
+): void => {
+  createOrganizationOwnerUserHook = hook ?? null;
+};
+
+const createOrganizationOwnerUserBody = (
+  params: CreateOrganizationOwnerUserParams,
+) => ({
+  organization: params.organization._id,
+  owner: params.owner,
+  role: "admin",
+  status: "accept",
+  ...(createOrganizationOwnerUserHook
+    ? createOrganizationOwnerUserHook(params)
+    : {}),
+});
+
 export const createOrganization = catchAsync(
   async (req: Request, res: Response): Promise<void> => {
     const organization = await organizationsService.createOrganization(
       req.body,
     );
-    const user = await usersService.createUser({
-      organization: organization._id,
-      owner: res.req.auth.sub,
-      role: "admin",
-      category: "relative",
-      status: "accept",
-    });
+    const user = await usersService.createUser(
+      createOrganizationOwnerUserBody({
+        organization,
+        owner: res.req.auth.sub,
+        request: req,
+      }),
+    );
     res.status(httpStatus.CREATED).send(organization);
   },
 );

package/src/organizations/organizations.route.ts

@@ -92,7 +92,9 @@ export const organizationsRouteSpecs: RouteSpec[] = [
     responseSchema: organizationResponseSchema,
     handler: updateOrganization,
     summary: "Update an organization by ID",
-    description: "Updates the details of a specific organization by its ID.",
+    privateDocs: true,
+    description:
+      "LEGACY: Updates the details of a specific organization by its ID.",
   },
   {
     method: "delete",

package/src/users/users.model.ts

@@ -14,7 +14,6 @@ export interface IUser {
   inviteCode?: string;
   email?: string;
   role: (typeof roles)[number];
-  category: string;
   status?: string;
   meta?: Record<string, any>;
 }
@@ -27,7 +26,7 @@ export interface IUserModel extends Model<IUserDocument> {
   isEmailTaken(email: string, excludeUserId?: Types.ObjectId): Promise<boolean>;
 }
 
-const userSchema = new Schema<IUserDocument, IUserModel>(
+export const userSchema = new Schema<IUserDocument, IUserModel>(
   {
     name: { type: String, trim: true },
     avatar: { type: String },
@@ -37,7 +36,6 @@ const userSchema = new Schema<IUserDocument, IUserModel>(
     inviteCode: { type: String },
     email: { type: String },
     role: { type: String, default: "patient" /* , enum: Object.keys(roles) */ },
-    category: { type: String, default: "patient" },
     status: { type: String },
     meta: { type: Schema.Types.Mixed },
   },
@@ -59,6 +57,12 @@ userSchema.virtual("organizationData", {
 userSchema.plugin(toJSON);
 userSchema.plugin(paginate);
 
+export const extendUserSchema = (
+  definition: Parameters<typeof userSchema.add>[0],
+): void => {
+  userSchema.add(definition);
+};
+
 /**
  * Check if email is taken
  * @param {string} email - The user's email

package/src/users/users.route.ts

@@ -45,7 +45,6 @@ export const userRouteSpecs: RouteSpec[] = [
     handler: userController.createUser,
     summary: "Create a new user",
     description: "Creates a new user within the current organization.",
-    memoOnly: true,
   },
   {
     method: "get",
@@ -137,7 +136,9 @@ export const userRouteSpecs: RouteSpec[] = [
     responseSchema: updateUserResponseSchema,
     handler: userController.updateUser,
     summary: "Update a user by ID",
-    description: "Replaces a user’s full record with the provided data.",
+    privateDocs: true,
+    description:
+      "LEGACY: Replaces a user’s full record with the provided data. (Replaced by PATCH /:userId)",
   },
   {
     method: "patch",

package/src/users/users.service.ts

@@ -7,6 +7,7 @@ import ApiError from "../utils/ApiError.js";
 import auth0Service from "../accounts/auth0.service";
 import organizationsService from "../organizations/organizations.service";
 import { sendEmail } from "../email/email.service";
+import type { SendEmailParams } from "../email/email.service";
 import i18n from "../i18n/i18n";
 
 export type UpdateTimesByIdHook = (
@@ -21,6 +22,27 @@ export const setUpdateTimesByIdHook = (hook?: UpdateTimesByIdHook): void => {
   updateTimesByIdHook = hook ?? null;
 };
 
+export type BuildInviteEmailParams = {
+  auth: { sub: string };
+  user: IUserDocument;
+  inviteCode: string;
+  email: string;
+  organization: any;
+  lng: string;
+};
+
+export type BuildInviteEmailHook = (
+  params: BuildInviteEmailParams,
+) => Partial<SendEmailParams>;
+
+let buildInviteEmailHook: BuildInviteEmailHook | null = null;
+
+export const setBuildInviteEmailHook = (
+  hook?: BuildInviteEmailHook,
+): void => {
+  buildInviteEmailHook = hook ?? null;
+};
+
 /**
  * Create a new user
  */
@@ -100,14 +122,13 @@ export const getByIdWithAuth0 = async (id: string): Promise<any | null> => {
   return json;
 };
 
-/**
- * Get all users in a given category (and optional organization)
- */
-export const getUsersByCategory = async (
-  category: string,
+export const getUsersByAppField = async (
+  appName: string,
+  fieldName: string,
+  value: unknown,
   organization?: string,
 ): Promise<IUserDocument[]> => {
-  const filter: any = { category };
+  const filter: any = { [`apps.${appName}.${fieldName}`]: value };
   if (organization) filter.organization = organization;
   return User.find(filter);
 };
@@ -182,21 +203,35 @@ export const sendInviteEmail = async (params: {
   const auth0User = await auth0Service.getUserById(auth.sub);
   const lng = auth0User.data?.app_metadata?.language as string | "en";
 
-  const title = `${i18n.t("Invite to ", { lng })}${
-    organization.kind === "private-wirewire" ? "paperlesspaper" : "ANABOX smart"
-  }`;
   const body = i18n.t(
     "You have been invited to join the group. Click on the link to accept the invitation.",
     { lng },
   );
-
-  await sendEmail({
-    title,
+  const baseEmail: SendEmailParams = {
+    title: `${i18n.t("Invite to ", { lng })}${
+      organization?.name || "Application"
+    }`,
     body,
     url: `/${user.organization}/invite/${inviteCode}`,
     actionButtonText: "Accept invite",
-    domain: organization.kind === "private-wirewire" ? "web" : "memo",
+    domain: "web",
+    productName: organization?.name || "Application",
     email,
+    lng,
+  };
+
+  await sendEmail({
+    ...baseEmail,
+    ...(buildInviteEmailHook
+      ? buildInviteEmailHook({
+          auth,
+          user,
+          inviteCode,
+          email,
+          organization,
+          lng,
+        })
+      : {}),
   });
 };
 
@@ -384,7 +419,7 @@ export default {
   createCurrentUser,
   getById,
   getByIdWithAuth0,
-  getUsersByCategory,
+  getUsersByAppField,
   getUsersByOrganization,
   getUsersByOrganizationAndId,
   getUsersByOwner,
@@ -407,6 +442,7 @@ export default {
   populateAuth0User,
   populateAuth0Users,
   setUpdateTimesByIdHook,
+  setBuildInviteEmailHook,
 };
 
 export type UserService = typeof import("./users.service");