@primocaredentgroup/elettromedicali 0.1.0

package/src/component/userProfiles.ts

@@ -0,0 +1,745 @@
+import { v } from 'convex/values';
+import { query, mutation } from './_generated/server';
+import { paginationOptsValidator } from 'convex/server';
+
+export const getUserProfile = query({
+  args: { auth0Id: v.string() },
+  handler: async (ctx, args) => {
+    const profile = await ctx.db
+      .query('user_profiles')
+      .withIndex('by_auth0Id', (q) => q.eq('auth0Id', args.auth0Id))
+      .first();
+
+    return profile;
+  },
+});
+
+export const getCurrentUserProfile = query({
+  args: { auth0Id: v.string() },
+  handler: async (ctx, args) => {
+    const realProfile = await ctx.db
+      .query('user_profiles')
+      .withIndex('by_auth0Id', (q) => q.eq('auth0Id', args.auth0Id))
+      .first();
+
+    if (!realProfile) {
+      return null;
+    }
+
+    if (realProfile.isActive === false) {
+      return {
+        ...realProfile,
+        role: null,
+        isDisabled: true,
+        isImpersonating: false,
+      };
+    }
+
+    const realRole = realProfile.roleId ? await ctx.db.get(realProfile.roleId) : null;
+    const isAdmin = realRole?.name === 'admin';
+
+    if (isAdmin && realProfile.impersonatingUserId) {
+      const impersonatedProfile = await ctx.db.get(realProfile.impersonatingUserId);
+      
+      if (impersonatedProfile) {
+        const impersonatedRole = impersonatedProfile.roleId 
+          ? await ctx.db.get(impersonatedProfile.roleId) 
+          : null;
+
+        return {
+          ...impersonatedProfile,
+          role: impersonatedRole?.name,
+          isImpersonating: true,
+          realAdminId: realProfile._id,
+          realAdminName: realProfile.name || realProfile.email,
+          realAdminEmail: realProfile.email,
+          isDisabled: false,
+        };
+      }
+    }
+
+    return {
+      ...realProfile,
+      role: realRole?.name,
+      isImpersonating: false,
+      isDisabled: false,
+    };
+  },
+});
+
+function isPlaceholderAuth0Id(auth0Id: string): boolean {
+  return auth0Id.startsWith('placeholder_') || 
+         auth0Id.startsWith('manual_') || 
+         !auth0Id.includes('|');
+}
+
+export const upsertUserProfile = mutation({
+  args: {
+    auth0Id: v.string(),
+    email: v.string(),
+    name: v.optional(v.string()),
+    roleName: v.optional(v.string()),
+    clinicId: v.optional(v.id('clinics')),
+    supplierId: v.optional(v.id('suppliers')),
+  },
+  handler: async (ctx, args) => {
+    let existing = await ctx.db
+      .query('user_profiles')
+      .withIndex('by_auth0Id', (q) => q.eq('auth0Id', args.auth0Id))
+      .first();
+
+    let shouldUpdateAuth0Id = false;
+    if (!existing) {
+      const existingByEmail = await ctx.db
+        .query('user_profiles')
+        .withIndex('by_email', (q) => q.eq('email', args.email))
+        .first();
+      
+      if (existingByEmail && isPlaceholderAuth0Id(existingByEmail.auth0Id)) {
+        existing = existingByEmail;
+        shouldUpdateAuth0Id = true;
+        console.log(`🔄 Found pre-created user with email ${args.email}, updating auth0Id from placeholder to real Auth0 ID`);
+      }
+    }
+
+    let roleId = existing?.roleId;
+    if (args.roleName || !roleId) {
+      const roleName = args.roleName || 'user';
+      let role = await ctx.db
+        .query('roles')
+        .withIndex('by_name', (q) => q.eq('name', roleName))
+        .first();
+      
+      if (!role) {
+        const newRoleId = await ctx.db.insert('roles', {
+          name: roleName,
+          description: roleName === 'admin' ? 'Administrator with full access' : 
+                      roleName === 'user' ? 'Standard user with limited access' :
+                      roleName === 'supplier' ? 'Supplier with access to assigned tickets' :
+                      `${roleName} role`,
+          createdAt: Date.now(),
+        });
+        role = await ctx.db.get(newRoleId);
+      }
+      
+      if (role) {
+        roleId = role._id;
+      }
+    }
+
+    if (existing) {
+      const updateData: any = {
+        email: args.email,
+        name: args.name,
+        ...(args.clinicId && { clinicId: args.clinicId }),
+        ...(args.supplierId && { supplierId: args.supplierId }),
+      };
+      
+      if (shouldUpdateAuth0Id) {
+        updateData.auth0Id = args.auth0Id;
+        console.log(`✅ Updated auth0Id for user ${args.email}`);
+      }
+      
+      if (roleId) {
+        updateData.roleId = roleId;
+      }
+      await ctx.db.patch(existing._id, updateData);
+      return existing._id;
+    } else {
+      const newProfile: any = {
+        auth0Id: args.auth0Id,
+        email: args.email,
+        name: args.name,
+        ...(args.clinicId && { clinicId: args.clinicId }),
+        ...(args.supplierId && { supplierId: args.supplierId }),
+      };
+      if (roleId) {
+        newProfile.roleId = roleId;
+      }
+      const profileId = await ctx.db.insert('user_profiles', newProfile);
+      return profileId;
+    }
+  },
+});
+
+export const updateUserRole = mutation({
+  args: {
+    userId: v.id('user_profiles'),
+    roleName: v.string(),
+    clinicId: v.optional(v.id('clinics')),
+    supplierId: v.optional(v.id('suppliers')),
+  },
+  handler: async (ctx, args) => {
+    const newRole = await ctx.db
+      .query('roles')
+      .withIndex('by_name', (q) => q.eq('name', args.roleName))
+      .first();
+
+    if (!newRole) {
+      throw new Error(`Role ${args.roleName} not found`);
+    }
+
+    await ctx.db.patch(args.userId, {
+      roleId: newRole._id,
+      ...(args.clinicId !== undefined && { clinicId: args.clinicId }),
+      ...(args.supplierId !== undefined && { supplierId: args.supplierId }),
+    });
+
+    return args.userId;
+  },
+});
+
+export const updateUserSupplier = mutation({
+  args: {
+    userId: v.id('user_profiles'),
+    supplierId: v.id('suppliers'),
+  },
+  handler: async (ctx, args) => {
+    await ctx.db.patch(args.userId, {
+      supplierId: args.supplierId,
+    });
+
+    return args.userId;
+  },
+});
+
+export const listUsers = query({
+  args: {
+    limit: v.optional(v.number()),
+  },
+  handler: async (ctx, args) => {
+    const maxResults = args.limit || 500;
+    const users = await ctx.db.query('user_profiles').order('desc').take(maxResults);
+    
+    const usersWithRoles = await Promise.all(
+      users.map(async (user) => {
+        const role = user.roleId ? await ctx.db.get(user.roleId) : null;
+        return {
+          ...user,
+          role: role?.name || user.role,
+        };
+      })
+    );
+
+    return usersWithRoles;
+  },
+});
+
+export const listUsersPaginated = query({
+  args: {
+    paginationOpts: paginationOptsValidator,
+    roleId: v.optional(v.id('roles')),
+    isActive: v.optional(v.boolean()),
+    searchTerm: v.optional(v.string()),
+  },
+  handler: async (ctx, args) => {
+    let baseQuery;
+    
+    if (args.roleId) {
+      baseQuery = ctx.db
+        .query('user_profiles')
+        .withIndex('by_roleId', (q: any) => q.eq('roleId', args.roleId));
+    } else if (args.isActive !== undefined) {
+      baseQuery = ctx.db
+        .query('user_profiles')
+        .withIndex('by_isActive', (q: any) => q.eq('isActive', args.isActive));
+    } else {
+      baseQuery = ctx.db.query('user_profiles');
+    }
+
+    let filteredQuery = baseQuery.order('desc');
+    
+    if (args.isActive !== undefined && args.roleId) {
+      filteredQuery = filteredQuery.filter((q: any) => q.eq(q.field('isActive'), args.isActive));
+    }
+
+    const result = await filteredQuery.paginate(args.paginationOpts);
+
+    let filteredPage = result.page;
+    
+    if (args.searchTerm) {
+      const search = args.searchTerm.toLowerCase();
+      filteredPage = filteredPage.filter((user: any) => 
+        user.name?.toLowerCase().includes(search) ||
+        user.email?.toLowerCase().includes(search)
+      );
+    }
+
+    const roleIds = [...new Set(filteredPage.map((u: any) => u.roleId).filter(Boolean))];
+    const roles = await Promise.all(roleIds.map(id => ctx.db.get(id)));
+    const roleMap = new Map(roles.filter(Boolean).map((r: any) => [r._id.toString(), r.name]));
+
+    const minimalPage = filteredPage.map((user: any) => ({
+      _id: user._id,
+      auth0Id: user.auth0Id,
+      email: user.email,
+      name: user.name,
+      roleId: user.roleId,
+      role: roleMap.get(user.roleId?.toString()) || user.role || 'user',
+      isActive: user.isActive,
+      clinicId: user.clinicId,
+      supplierId: user.supplierId,
+      createdAt: user.createdAt || user._creationTime,
+    }));
+
+    return {
+      page: minimalPage,
+      isDone: result.isDone,
+      continueCursor: result.continueCursor,
+    };
+  },
+});
+
+export const getUsersCount = query({
+  args: {
+    roleId: v.optional(v.id('roles')),
+    isActive: v.optional(v.boolean()),
+  },
+  handler: async (ctx, args) => {
+    let query;
+    
+    if (args.roleId) {
+      query = ctx.db.query('user_profiles')
+        .withIndex('by_roleId', (q: any) => q.eq('roleId', args.roleId));
+    } else if (args.isActive !== undefined) {
+      query = ctx.db.query('user_profiles')
+        .withIndex('by_isActive', (q: any) => q.eq('isActive', args.isActive));
+    } else {
+      query = ctx.db.query('user_profiles');
+    }
+
+    if (args.isActive !== undefined && args.roleId) {
+      query = query.filter((q: any) => q.eq(q.field('isActive'), args.isActive));
+    }
+
+    const users = await query.take(1000);
+    return { total: users.length };
+  },
+});
+
+export const savePrimoUPToken = mutation({
+  args: {
+    auth0Id: v.string(),
+    token: v.string(),
+    expiresAt: v.optional(v.number()),
+    refreshToken: v.optional(v.string()),
+  },
+  handler: async (ctx, args) => {
+    const existingTokens = await ctx.db
+      .query('primoup_tokens')
+      .withIndex('by_userId', (q) => q.eq('userId', args.auth0Id))
+      .collect();
+
+    for (const token of existingTokens) {
+      await ctx.db.patch(token._id, { isActive: false });
+    }
+
+    await ctx.db.insert('primoup_tokens', {
+      userId: args.auth0Id,
+      token: args.token,
+      refreshToken: args.refreshToken,
+      expiresAt: args.expiresAt,
+      createdAt: Date.now(),
+      isActive: true,
+    });
+
+    await ctx.db.insert('primoup_access_logs', {
+      userId: args.auth0Id,
+      action: 'login',
+      success: true,
+      timestamp: Date.now(),
+    });
+
+    return { success: true };
+  },
+});
+
+export const getPrimoUPToken = query({
+  args: { auth0Id: v.string() },
+  handler: async (ctx, args) => {
+    const activeToken = await ctx.db
+      .query('primoup_tokens')
+      .withIndex('by_userId_active', (q) =>
+        q.eq('userId', args.auth0Id).eq('isActive', true)
+      )
+      .first();
+
+    if (!activeToken) {
+      return null;
+    }
+
+    if (activeToken.expiresAt && activeToken.expiresAt < Date.now()) {
+      return {
+        token: null,
+        expired: true,
+        refreshToken: activeToken.refreshToken,
+      };
+    }
+
+    return {
+      token: activeToken.token,
+      expired: false,
+      expiresAt: activeToken.expiresAt,
+      tokenId: activeToken._id,
+    };
+  },
+});
+
+export const logPrimoUPAccess = mutation({
+  args: {
+    auth0Id: v.string(),
+    action: v.string(),
+    endpoint: v.optional(v.string()),
+    success: v.boolean(),
+    errorMessage: v.optional(v.string()),
+    metadata: v.optional(v.any()),
+  },
+  handler: async (ctx, args) => {
+    await ctx.db.insert('primoup_access_logs', {
+      userId: args.auth0Id,
+      action: args.action,
+      endpoint: args.endpoint,
+      success: args.success,
+      errorMessage: args.errorMessage,
+      timestamp: Date.now(),
+      metadata: args.metadata,
+    });
+
+    return { success: true };
+  },
+});
+
+export const getPrimoUPAccessLogs = query({
+  args: {
+    auth0Id: v.string(),
+    isAdmin: v.optional(v.boolean()),
+    userId: v.optional(v.string()),
+    limit: v.optional(v.number()),
+  },
+  handler: async (ctx, args) => {
+    const targetUserId = args.isAdmin && args.userId ? args.userId : args.auth0Id;
+
+    const logs = await ctx.db
+      .query('primoup_access_logs')
+      .withIndex('by_userId_timestamp', (q) => q.eq('userId', targetUserId))
+      .order('desc')
+      .take(args.limit || 50);
+
+    return logs;
+  },
+});
+
+export const updateUserRoleByEmail = mutation({
+  args: {
+    email: v.string(),
+    roleName: v.string(),
+  },
+  handler: async (ctx, args) => {
+    const user = await ctx.db
+      .query('user_profiles')
+      .filter((q) => q.eq(q.field('email'), args.email))
+      .first();
+
+    if (!user) {
+      throw new Error(`User with email ${args.email} not found`);
+    }
+
+    const role = await ctx.db
+      .query('roles')
+      .withIndex('by_name', (q) => q.eq('name', args.roleName))
+      .first();
+
+    if (!role) {
+      throw new Error(`Role ${args.roleName} not found`);
+    }
+
+    await ctx.db.patch(user._id, {
+      roleId: role._id,
+    });
+
+    return {
+      success: true,
+      userId: user._id,
+      email: user.email,
+      newRole: args.roleName,
+    };
+  },
+});
+
+export const saveUserClinics = mutation({
+  args: {
+    auth0Id: v.string(),
+    primoupClinics: v.array(v.any()),
+  },
+  handler: async (ctx, args) => {
+    const profile = await ctx.db
+      .query('user_profiles')
+      .withIndex('by_auth0Id', (q) => q.eq('auth0Id', args.auth0Id))
+      .first();
+
+    if (!profile) {
+      throw new Error('User profile not found');
+    }
+
+    const optimizedClinics = args.primoupClinics.map((clinic: any) => ({
+      id: clinic.id,
+      name: clinic.name,
+      role: clinic.role ? { id: clinic.role.id, name: clinic.role.name, slug: clinic.role.slug } : undefined,
+    }));
+
+    const selectedClinicId = profile.selectedClinicId || (optimizedClinics.length > 0 ? optimizedClinics[0].id : undefined);
+
+    await ctx.db.patch(profile._id, {
+      primoupClinics: optimizedClinics,
+      selectedClinicId,
+    });
+
+    return profile._id;
+  },
+});
+
+export const updateSelectedClinic = mutation({
+  args: {
+    auth0Id: v.string(),
+    clinicId: v.number(),
+  },
+  handler: async (ctx, args) => {
+    const profile = await ctx.db
+      .query('user_profiles')
+      .withIndex('by_auth0Id', (q) => q.eq('auth0Id', args.auth0Id))
+      .first();
+
+    if (!profile) {
+      throw new Error('User profile not found');
+    }
+
+    if (profile.primoupClinics) {
+      const hasClinic = profile.primoupClinics.some((clinic: any) => clinic.id === args.clinicId);
+      if (!hasClinic) {
+        throw new Error('Clinic not found in user clinics');
+      }
+    }
+
+    const clinic = await ctx.db
+      .query('clinics')
+      .withIndex('by_primoupId', (q) => q.eq('primoupId', args.clinicId.toString()))
+      .first();
+
+    if (!clinic) {
+      console.warn(`⚠️ Clinic NOT FOUND in Convex with primoupId: ${args.clinicId}`);
+      const newCounter = (profile.clinicChangeCounter || 0) + 1;
+      await ctx.db.patch(profile._id, {
+        selectedClinicId: args.clinicId,
+        clinicId: undefined,
+        clinicChangeCounter: newCounter,
+      });
+      return profile._id;
+    }
+    
+    const newCounter = (profile.clinicChangeCounter || 0) + 1;
+    
+    await ctx.db.patch(profile._id, {
+      selectedClinicId: args.clinicId,
+      clinicId: clinic._id,
+      clinicChangeCounter: newCounter,
+    });
+    
+    return profile._id;
+  },
+});
+
+export const startImpersonation = mutation({
+  args: {
+    auth0Id: v.string(),
+    targetUserId: v.id('user_profiles'),
+  },
+  handler: async (ctx, args) => {
+    const currentUser = await ctx.db
+      .query('user_profiles')
+      .withIndex('by_auth0Id', (q) => q.eq('auth0Id', args.auth0Id))
+      .first();
+
+    if (!currentUser) {
+      throw new Error('User profile not found');
+    }
+
+    const currentRole = currentUser.roleId ? await ctx.db.get(currentUser.roleId) : null;
+    if (!currentRole || currentRole.name !== 'admin') {
+      throw new Error('Solo gli amministratori possono impersonare altri utenti');
+    }
+
+    const targetUser = await ctx.db.get(args.targetUserId);
+    if (!targetUser) {
+      throw new Error('Utente target non trovato');
+    }
+
+    if (targetUser._id === currentUser._id) {
+      throw new Error('Non puoi impersonare te stesso');
+    }
+
+    await ctx.db.patch(currentUser._id, {
+      impersonatingUserId: args.targetUserId,
+    });
+
+    return {
+      success: true,
+      impersonatedUser: {
+        id: targetUser._id,
+        name: targetUser.name,
+        email: targetUser.email,
+      },
+    };
+  },
+});
+
+export const stopImpersonation = mutation({
+  args: { auth0Id: v.string() },
+  handler: async (ctx, args) => {
+    const currentUser = await ctx.db
+      .query('user_profiles')
+      .withIndex('by_auth0Id', (q) => q.eq('auth0Id', args.auth0Id))
+      .first();
+
+    if (!currentUser) {
+      throw new Error('User profile not found');
+    }
+
+    const currentRole = currentUser.roleId ? await ctx.db.get(currentUser.roleId) : null;
+    if (!currentRole || currentRole.name !== 'admin') {
+      throw new Error('Solo gli amministratori possono terminare l\'impersonazione');
+    }
+
+    await ctx.db.patch(currentUser._id, {
+      impersonatingUserId: undefined,
+    });
+
+    return { success: true };
+  },
+});
+
+export const updateUserProfile = mutation({
+  args: {
+    userId: v.id('user_profiles'),
+    name: v.optional(v.string()),
+    email: v.optional(v.string()),
+    roleName: v.optional(v.string()),
+    clinicId: v.optional(v.id('clinics')),
+    supplierId: v.optional(v.id('suppliers')),
+  },
+  handler: async (ctx, args) => {
+    const targetUser = await ctx.db.get(args.userId);
+    if (!targetUser) {
+      throw new Error('Target user not found');
+    }
+
+    const updateData: Record<string, any> = {};
+
+    if (args.name !== undefined) {
+      updateData.name = args.name;
+    }
+
+    if (args.email !== undefined) {
+      const existingUser = await ctx.db
+        .query('user_profiles')
+        .withIndex('by_email', (q) => q.eq('email', args.email!))
+        .first();
+      
+      if (existingUser && existingUser._id !== args.userId) {
+        throw new Error('Email già in uso da un altro utente');
+      }
+      updateData.email = args.email;
+    }
+
+    if (args.roleName !== undefined) {
+      const newRole = await ctx.db
+        .query('roles')
+        .withIndex('by_name', (q) => q.eq('name', args.roleName!))
+        .first();
+      
+      if (!newRole) {
+        throw new Error(`Ruolo ${args.roleName} non trovato`);
+      }
+      updateData.roleId = newRole._id;
+    }
+
+    if (args.clinicId !== undefined) {
+      updateData.clinicId = args.clinicId;
+    }
+
+    if (args.supplierId !== undefined) {
+      updateData.supplierId = args.supplierId;
+    }
+
+    if (Object.keys(updateData).length > 0) {
+      await ctx.db.patch(args.userId, updateData);
+    }
+
+    return args.userId;
+  },
+});
+
+export const disableUser = mutation({
+  args: {
+    userId: v.id('user_profiles'),
+    callerUserId: v.optional(v.id('user_profiles')),
+  },
+  handler: async (ctx, args) => {
+    if (args.callerUserId && args.userId === args.callerUserId) {
+      throw new Error('Non puoi disabilitare te stesso');
+    }
+
+    const targetUser = await ctx.db.get(args.userId);
+    if (!targetUser) {
+      throw new Error('Utente non trovato');
+    }
+
+    await ctx.db.patch(args.userId, {
+      isActive: false,
+    });
+
+    return { success: true, userId: args.userId };
+  },
+});
+
+export const enableUser = mutation({
+  args: {
+    userId: v.id('user_profiles'),
+  },
+  handler: async (ctx, args) => {
+    const targetUser = await ctx.db.get(args.userId);
+    if (!targetUser) {
+      throw new Error('Utente non trovato');
+    }
+
+    await ctx.db.patch(args.userId, {
+      isActive: true,
+    });
+
+    return { success: true, userId: args.userId };
+  },
+});
+
+export const getRealAdminProfile = query({
+  args: { auth0Id: v.string() },
+  handler: async (ctx, args) => {
+    const profile = await ctx.db
+      .query('user_profiles')
+      .withIndex('by_auth0Id', (q) => q.eq('auth0Id', args.auth0Id))
+      .first();
+
+    if (!profile) {
+      return null;
+    }
+
+    const role = profile.roleId ? await ctx.db.get(profile.roleId) : null;
+    
+    return {
+      _id: profile._id,
+      name: profile.name,
+      email: profile.email,
+      role: role?.name,
+      isImpersonating: !!profile.impersonatingUserId,
+      impersonatingUserId: profile.impersonatingUserId,
+    };
+  },
+});