REC-136: Efectores y cuil paciente

agustin1996ra · agustin1996ra · commit bd9716b91cab · 2025-11-10T11:26:55.000-03:00
diff --git a/src/controllers/auth.controller.ts b/src/controllers/auth.controller.ts
diff --git a/src/controllers/users.controller.ts b/src/controllers/users.controller.ts
@@ -1,28 +1,41 @@
-import { Request, Response } from "express";
+import { Request, Response } from 'express';
 import IUser from '../interfaces/user.interface';
-import User from "../models/user.model";
-class UsersController{
-  public index = async (req: Request, res: Response): Promise<Response> => {
-    try{
-      const users: IUser[] | null = await User.find({},{ 'password':0, 'refreshToken':0, 'authenticationToken':0 }).populate('roles', 'role');
-      return res.status(200).json(users);
-    } catch (e){
-      return res.status(500).json({mensaje:`${e}`});
-    }
-  };
+import User from '../models/user.model';
+class UsersController {
+    public index = async (req: Request, res: Response): Promise<Response> => {
+        try {
+            const users: IUser[] | null = await User.find({},{ password:0, refreshToken:0, authenticationToken:0 }).populate('roles', 'role');
+            return res.status(200).json(users);
+        } catch (e) {
+            return res.status(500).json({ mensaje:`${e}` });
+        }
+    };
 
-  public update = async (req: Request, res: Response): Promise<Response> => {
-    try{
-      if (req.body){
-        const result = await User.findOneAndUpdate({_id: req.body._id}, req.body, { new: true, projection: {'password':0, 'refreshToken':0, 'authenticationToken':0}}).populate('roles', 'role');
-        return res.status(200).json(result);
-      }else{
-        return res.status(400).json({mensaje: "Request body vacío"})
-      }
-    } catch (e){
-      return res.status(500).json({mensaje: `${e}`});
-    }
-  }
+    public show = async (req: Request, res: Response): Promise<Response> => {
+        try {
+            const user: IUser | null = await User.findById(req.params.id, { password:0, refreshToken:0, authenticationToken:0 }).populate('roles', 'role');
+            if (user) {
+                return res.status(200).json(user);
+            } else {
+                return res.status(404).json({ mensaje: 'Usuario no encontrado' });
+            }
+        } catch (e) {
+            return res.status(500).json({ mensaje: `${e}` });
+        }
+    };
+
+    public update = async (req: Request, res: Response): Promise<Response> => {
+        try {
+            if (Object.keys(req.body).length !== 0 && req.body._id) {
+                const result = await User.findOneAndUpdate({ _id: req.body._id }, req.body, { new: true, projection: { password:0, refreshToken:0, authenticationToken:0 } }).populate('roles', 'role');
+                return res.status(200).json(result);
+            } else {
+                return res.status(400).json({ mensaje: 'Request body vacío' });
+            }
+        } catch (e) {
+            return res.status(500).json({ mensaje: `${e}` });
+        }
+    };
 };
 
-export default new UsersController;
+export default new UsersController;
diff --git a/src/interfaces/prescriptionAndes.interface.ts b/src/interfaces/prescriptionAndes.interface.ts
@@ -147,6 +147,7 @@ export default interface IPrescriptionAndes extends Document {
             valor: Number;
             unidad: String;
         };
+        cuil: String;
     };
     createdAt: Date;
     createdBy: {
@@ -164,4 +165,4 @@ export default interface IPrescriptionAndes extends Document {
             nombre: String;
         };
     };
-}
+}
diff --git a/src/interfaces/user.interface.ts b/src/interfaces/user.interface.ts
@@ -14,6 +14,11 @@ export default interface IUser extends Document{
     updatedAt?: Date;
     isActive: Boolean;
     lastLogin?: Date;
+    efectores: [{
+        _id: string;
+        nombre: string;
+        direccion: string;
+    }];
     isValidPassword(thisUser: IUser, password: string): Promise<boolean>;
     idAndes?: string;
 }
diff --git a/src/models/prescriptionAndes.model.ts b/src/models/prescriptionAndes.model.ts
@@ -172,7 +172,8 @@ const prescriptionAndesSchema = new Schema({
         edadReal: {
             valor: Number,
             unidad: String
-        }
+        },
+        cuil: String
     },
     createdAt: Date,
     createdBy: {
diff --git a/src/models/user.model.ts b/src/models/user.model.ts
@@ -1,4 +1,5 @@
 import { Schema, Model, model } from 'mongoose';
+import mongoose from 'mongoose';
 import bcrypt from 'bcryptjs';
 import IUser from '../interfaces/user.interface';
 
@@ -80,7 +81,17 @@ export const userSchema = new Schema({
     idAndes: {
         type: String,
         default: ''
-    }
+    },
+    efectores: [
+        {
+            _id: {
+                type: Schema.Types.ObjectId,
+                default: () => new mongoose.Types.ObjectId()
+            },
+            nombre: String,
+            direccion: String,
+        }
+    ]
 });
 
 // Model
diff --git a/src/routes/private.ts b/src/routes/private.ts
@@ -104,7 +104,8 @@ class PrivateRoutes {
 
     // Users
     this.router.get('/users/index', hasPermissionIn('readAny', 'user'), usersController.index);
-    this.router.post('/users/update', hasPermissionIn('updateAny', 'user'), usersController.update);
+    this.router.get('/users/:id', hasPermissionIn('readAny', 'user'), usersController.show);
+    this.router.patch('/users/update', hasPermissionIn('updateAny', 'user'), usersController.update);
 
     // pharmacy
     // this.router.get(`/pharmacies/`, hasPermissionIn('readAny','patient'), pharmacyController.index);
diff --git a/src/utils/rbac_abac.ts b/src/utils/rbac_abac.ts
@@ -3,89 +3,96 @@ import Role from '../models/role.model';
 
 class AccessControlLoader {
 
-  constructor(private accessControl: AccessControl = new AccessControl()){
-    this.init();
-  }
-
-  public getAccessControl = (): AccessControl => {
-    return this.accessControl;
-  }
-
-  public init = async (): Promise<void> =>{
-    // const roles = await Role.find().populate({path: 'permissions', select: ['resource', 'action', 'attributes']} ).select('role');
-    // await this.asyncForEach(roles, async (role: any) => {
-    //   this.accessControl.grant(role.role);
-    //   await this.asyncForEach(role.permissions, async (permission: any) => {
-    //     console.log('in permissions', permission);
-    //   });
-    // });
-
-    let grantList = [
-      // roles
-      { role: 'owner', resource: 'role', action: 'create:any', attributes: '*, !views' },
-      { role: 'owner', resource: 'role', action: 'read:any', attributes: '*' },
-      { role: 'owner', resource: 'role', action: 'update:any', attributes: '*, !views' },
-      { role: 'owner', resource: 'role', action: 'delete:any', attributes: '*' },
-
-      { role: 'admin', resource: 'user', action: 'update:any', attributes: '*' },
-      { role: 'admin', resource: 'user', action: 'read:any', attributes: '*' },
-      
-      { role: 'auditor', resource: 'user', action: 'read:any', attributes: '*' },
-      { role: 'auditor', resource: 'user', action: 'update:any', attributes: '*' },
-      
-      // prescriptions
-      { role: 'professional', resource: 'prescription', action: 'create:any', attributes: '*, !views' },
-      { role: 'professional', resource: 'prescription', action: 'read:own', attributes: '*' },
-      { role: 'professional', resource: 'prescription', action: 'read:any', attributes: '*' },
-      { role: 'professional', resource: 'prescription', action: 'update:own', attributes: '*' },
-      { role: 'professional', resource: 'prescription', action: 'delete:any', attributes: '*' },
-
-      { role: 'pharmacist', resource: 'prescription', action: 'read:any', attributes: '*' },
-      { role: 'pharmacist', resource: 'prescription', action: 'update:any', attributes: '*, !views' },
-
-      { role: 'owner', resource: 'prescription', action: 'delete:any', attributes: '*' },
-
-      { role: 'auditor', resource: 'prescription', action: 'read:any', attributes: '*' },
-
-      // prescriptions public
-      { role: 'professional-public', resource: 'prescriptionPublic', action: 'create:any', attributes: '*, !views' },
-      { role: 'professional-public', resource: 'prescriptionPublic', action: 'read:own', attributes: '*' },
-      { role: 'professional-public', resource: 'prescriptionPublic', action: 'read:any', attributes: '*' },
-      { role: 'professional-public', resource: 'prescriptionPublic', action: 'update:own', attributes: '*' },
-      { role: 'professional-public', resource: 'prescriptionPublic', action: 'delete:any', attributes: '*' },
-
-      { role: 'pharmacist-public', resource: 'prescriptionPublic', action: 'read:any', attributes: '*' },
-      { role: 'pharmacist-public', resource: 'prescriptionPublic', action: 'update:any', attributes: '*' },
-
-      { role: 'owner', resource: 'prescriptionPublic', action: 'delete:any', attributes: '*' },
-
-      { role: 'auditor', resource: 'prescriptionPublic', action: 'read:any', attributes: '*' },
-
-      // patients
-      { role: 'professional', resource: 'patient', action: 'create:any', attributes: '*, !views' },
-      { role: 'professional', resource: 'patient', action: 'read:own', attributes: '*' },
-      { role: 'pharmacist', resource: 'patient', action: 'read:any', attributes: '*' },
-      { role: 'admin', resource: 'patient', action: 'update:any', attributes: '*' },
-
-      { role: 'owner', resource: 'patient', action: 'delete:any', attributes: '*' },
-
-      // supplies
-      { role: 'professional', resource: 'supplies', action: 'read:any', attributes: '*' },
-      { role: 'pharmacist', resource: 'supplies', action: 'read:any', attributes: '*' },
-      { role: 'admin', resource: 'supplies', action: 'create:any', attributes: '*' },
-      { role: 'admin', resource: 'supplies', action: 'update:any', attributes: '*' },      
-      { role: 'andes', resource: 'andesPrescription', action: 'create:any', attributes: '*' }
-    ];
-    this.accessControl.setGrants(grantList);
-    console.log('grants initialized');
-  }
-
-
-  public asyncForEach = async (array: any[], callback: Function) => {
-    for (let index = 0; index < array.length; index++) {
-      await callback(array[index], index, array);
+    constructor(private accessControl: AccessControl = new AccessControl()) {
+        this.init();
     }
-  }
+
+    public getAccessControl = (): AccessControl => {
+        return this.accessControl;
+    };
+
+    public init = async (): Promise<void> => {
+        // const roles = await Role.find().populate({path: 'permissions', select: ['resource', 'action', 'attributes']} ).select('role');
+        // await this.asyncForEach(roles, async (role: any) => {
+        //   this.accessControl.grant(role.role);
+        //   await this.asyncForEach(role.permissions, async (permission: any) => {
+        //     console.log('in permissions', permission);
+        //   });
+        // });
+
+        let grantList = [
+            // roles
+            { role: 'owner', resource: 'role', action: 'create:any', attributes: '*, !views' },
+            { role: 'owner', resource: 'role', action: 'read:any', attributes: '*' },
+            { role: 'owner', resource: 'role', action: 'update:any', attributes: '*, !views' },
+            { role: 'owner', resource: 'role', action: 'delete:any', attributes: '*' },
+
+            // users
+            { role: 'admin', resource: 'user', action: 'update:any', attributes: '*' },
+            { role: 'admin', resource: 'user', action: 'read:any', attributes: '*' },
+
+            { role: 'auditor', resource: 'user', action: 'read:any', attributes: '*' },
+            { role: 'auditor', resource: 'user', action: 'update:any', attributes: '*' },
+
+            { role: 'professional', resource: 'user', action: 'update:any', attributes: '*' },
+            { role: 'professional', resource: 'user', action: 'read:any', attributes: '*' },
+
+            { role: 'professional-public', resource: 'user', action: 'update:any', attributes: '*' },
+            { role: 'professional-public', resource: 'user', action: 'read:any', attributes: '*' },
+
+            // prescriptions
+            { role: 'professional', resource: 'prescription', action: 'create:any', attributes: '*, !views' },
+            { role: 'professional', resource: 'prescription', action: 'read:own', attributes: '*' },
+            { role: 'professional', resource: 'prescription', action: 'read:any', attributes: '*' },
+            { role: 'professional', resource: 'prescription', action: 'update:own', attributes: '*' },
+            { role: 'professional', resource: 'prescription', action: 'delete:any', attributes: '*' },
+
+            { role: 'pharmacist', resource: 'prescription', action: 'read:any', attributes: '*' },
+            { role: 'pharmacist', resource: 'prescription', action: 'update:any', attributes: '*, !views' },
+
+            { role: 'owner', resource: 'prescription', action: 'delete:any', attributes: '*' },
+
+            { role: 'auditor', resource: 'prescription', action: 'read:any', attributes: '*' },
+
+            // prescriptions public
+            { role: 'professional-public', resource: 'prescriptionPublic', action: 'create:any', attributes: '*, !views' },
+            { role: 'professional-public', resource: 'prescriptionPublic', action: 'read:own', attributes: '*' },
+            { role: 'professional-public', resource: 'prescriptionPublic', action: 'read:any', attributes: '*' },
+            { role: 'professional-public', resource: 'prescriptionPublic', action: 'update:own', attributes: '*' },
+            { role: 'professional-public', resource: 'prescriptionPublic', action: 'delete:any', attributes: '*' },
+
+            { role: 'pharmacist-public', resource: 'prescriptionPublic', action: 'read:any', attributes: '*' },
+            { role: 'pharmacist-public', resource: 'prescriptionPublic', action: 'update:any', attributes: '*' },
+
+            { role: 'owner', resource: 'prescriptionPublic', action: 'delete:any', attributes: '*' },
+
+            { role: 'auditor', resource: 'prescriptionPublic', action: 'read:any', attributes: '*' },
+
+            // patients
+            { role: 'professional', resource: 'patient', action: 'create:any', attributes: '*, !views' },
+            { role: 'professional', resource: 'patient', action: 'read:own', attributes: '*' },
+            { role: 'pharmacist', resource: 'patient', action: 'read:any', attributes: '*' },
+            { role: 'admin', resource: 'patient', action: 'update:any', attributes: '*' },
+
+            { role: 'owner', resource: 'patient', action: 'delete:any', attributes: '*' },
+
+            // supplies
+            { role: 'professional', resource: 'supplies', action: 'read:any', attributes: '*' },
+            { role: 'pharmacist', resource: 'supplies', action: 'read:any', attributes: '*' },
+            { role: 'admin', resource: 'supplies', action: 'create:any', attributes: '*' },
+            { role: 'admin', resource: 'supplies', action: 'update:any', attributes: '*' },
+            { role: 'andes', resource: 'andesPrescription', action: 'create:any', attributes: '*' }
+        ];
+        this.accessControl.setGrants(grantList);
+        console.log('grants initialized');
+    };
+
+
+    public asyncForEach = async (array: any[], callback: Function) => {
+        for (let index = 0; index < array.length; index++) {
+            await callback(array[index], index, array);
+        }
+    };
 
 }
 
