feat (mcu-order): handle doctor_id on create and update
This commit is contained in:
dpurbosakti
@@ -4,9 +4,12 @@ import (
|
||||
ecore "simrs-vx/internal/domain/base-entities/core"
|
||||
ed "simrs-vx/internal/domain/main-entities/doctor"
|
||||
ee "simrs-vx/internal/domain/main-entities/encounter"
|
||||
"time"
|
||||
|
||||
ercl "simrs-vx/internal/domain/references/clinical"
|
||||
erc "simrs-vx/internal/domain/references/common"
|
||||
"time"
|
||||
|
||||
pa "simrs-vx/pkg/auth-helper"
|
||||
)
|
||||
|
||||
type CreateDto struct {
|
||||
@@ -18,6 +21,8 @@ type CreateDto struct {
|
||||
Number uint8 `json:"number"`
|
||||
Temperature float64 `json:"temperature"`
|
||||
McuUrgencyLevel_Code ercl.McuUrgencyLevelCode `json:"mcuUrgencyLevel_code""`
|
||||
|
||||
pa.AuthInfo
|
||||
}
|
||||
|
||||
type ReadListDto struct {
|
||||
|
||||
@@ -27,3 +27,7 @@ type McuOrder struct {
|
||||
func (d McuOrder) IsCompleted() bool {
|
||||
return d.Status_Code == erc.DSCDone
|
||||
}
|
||||
|
||||
func (d McuOrder) IsSameDoctor(doctor_id *uint) bool {
|
||||
return d.Doctor_Id == doctor_id
|
||||
}
|
||||
|
||||
@@ -10,6 +10,10 @@ import (
|
||||
|
||||
e "simrs-vx/internal/domain/main-entities/mcu-order"
|
||||
u "simrs-vx/internal/use-case/main-use-case/mcu-order"
|
||||
|
||||
pa "simrs-vx/pkg/auth-helper"
|
||||
|
||||
d "github.com/karincake/dodol"
|
||||
)
|
||||
|
||||
type myBase struct{}
|
||||
@@ -21,6 +25,11 @@ func (obj myBase) Create(w http.ResponseWriter, r *http.Request) {
|
||||
if res := rw.ValidateStructByIOR(w, r.Body, &dto); !res {
|
||||
return
|
||||
}
|
||||
authInfo, err := pa.GetAuthInfo(r)
|
||||
if err != nil {
|
||||
rw.WriteJSON(w, http.StatusUnauthorized, d.IS{"message": err.Error()}, nil)
|
||||
}
|
||||
dto.AuthInfo = *authInfo
|
||||
res, err := u.Create(dto)
|
||||
rw.DataResponse(w, res, err)
|
||||
}
|
||||
@@ -53,6 +62,11 @@ func (obj myBase) Update(w http.ResponseWriter, r *http.Request) {
|
||||
if res := rw.ValidateStructByIOR(w, r.Body, &dto); !res {
|
||||
return
|
||||
}
|
||||
authInfo, err := pa.GetAuthInfo(r)
|
||||
if err != nil {
|
||||
rw.WriteJSON(w, http.StatusUnauthorized, d.IS{"message": err.Error()}, nil)
|
||||
}
|
||||
dto.AuthInfo = *authInfo
|
||||
dto.Id = uint(id)
|
||||
res, err := u.Update(dto)
|
||||
rw.DataResponse(w, res, err)
|
||||
|
||||
@@ -6,6 +6,7 @@ import (
|
||||
|
||||
e "simrs-vx/internal/domain/main-entities/mcu-order"
|
||||
|
||||
ud "simrs-vx/internal/use-case/main-use-case/doctor"
|
||||
ue "simrs-vx/internal/use-case/main-use-case/encounter"
|
||||
|
||||
erc "simrs-vx/internal/domain/references/common"
|
||||
@@ -45,6 +46,22 @@ func Create(input e.CreateDto) (*d.Data, error) {
|
||||
return errors.New("encounter is already done")
|
||||
}
|
||||
|
||||
if !input.AuthInfo.IsDoctor() {
|
||||
event.Status = "failed"
|
||||
event.ErrInfo = pl.ErrorInfo{
|
||||
Code: "auth-forbidden",
|
||||
Detail: "user position is not allowed",
|
||||
Raw: errors.New("authentication failed"),
|
||||
}
|
||||
return pl.SetLogError(&event, input)
|
||||
}
|
||||
|
||||
doctor_id, err := ud.GetIdByUserId(&input.AuthInfo.User_Id, &event, tx)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
input.Doctor_Id = doctor_id
|
||||
|
||||
if resData, err := CreateData(input, &event, tx); err != nil {
|
||||
return err
|
||||
} else {
|
||||
@@ -197,6 +214,10 @@ func Update(input e.UpdateDto) (*d.Data, error) {
|
||||
return err
|
||||
}
|
||||
|
||||
if data.IsCompleted() {
|
||||
return errors.New("data already completed")
|
||||
}
|
||||
|
||||
mwRunner := newMiddlewareRunner(&event, tx)
|
||||
mwRunner.setMwType(pu.MWTPre)
|
||||
// Run pre-middleware
|
||||
@@ -204,6 +225,33 @@ func Update(input e.UpdateDto) (*d.Data, error) {
|
||||
return err
|
||||
}
|
||||
|
||||
if !input.AuthInfo.IsDoctor() {
|
||||
event.Status = "failed"
|
||||
event.ErrInfo = pl.ErrorInfo{
|
||||
Code: "auth-forbidden",
|
||||
Detail: "user position is not allowed",
|
||||
Raw: errors.New("authentication failed"),
|
||||
}
|
||||
return pl.SetLogError(&event, input)
|
||||
}
|
||||
|
||||
doctor_id, err := ud.GetIdByUserId(&input.AuthInfo.User_Id, &event, tx)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
if !data.IsSameDoctor(doctor_id) {
|
||||
event.Status = "failed"
|
||||
event.ErrInfo = pl.ErrorInfo{
|
||||
Code: "auth-forbidden",
|
||||
Detail: "doctor is not the same as the data",
|
||||
Raw: errors.New("authentication failed"),
|
||||
}
|
||||
return pl.SetLogError(&event, input)
|
||||
}
|
||||
|
||||
input.Doctor_Id = doctor_id
|
||||
|
||||
if err := UpdateData(input, data, &event, tx); err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
@@ -25,4 +25,5 @@ func setData[T *e.CreateDto | *e.UpdateDto](input T, data *e.McuOrder) {
|
||||
data.Number = inputSrc.Number
|
||||
data.Temperature = inputSrc.Temperature
|
||||
data.McuUrgencyLevel_Code = inputSrc.McuUrgencyLevel_Code
|
||||
data.Doctor_Id = inputSrc.Doctor_Id
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user