Lightemerald/hsp-gdh
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
6071d1180b4a32026f42473b894db152b354e551
hsp-gdh/routes/hospitals.js
gringoelpepito 6071d1180b Adding services routes
2024-04-14 19:53:16 +00:00

230 lines
9.5 KiB
JavaScript
Raw Blame History

import express from 'express';
import { error } from '../modules/logManager';
import { pool } from '../modules/databaseManager';
import { verifyToken } from '../modules/tokenManager';
import { checkPermissions, checkBanned } from '../modules/permissionManager';
import { respondWithStatus, respondWithStatusJSON } from '../modules/requestHandler';
const router = express.Router();
router.get('/', verifyToken, checkBanned, checkPermissions('hospital', 1), async (req, res) => {
try {
const [rows] = await pool.execute('SELECT * FROM hospitals WHERE 1');
if (rows.length === 0) return await respondWithStatus(res, 404, 'Hospitals not found');
return await respondWithStatusJSON(res, 200, rows);
}
catch (err) {
error(err);
return await respondWithStatus(res, 500, 'An error has occured');
}
});
router.post('/', verifyToken, checkBanned, checkPermissions('hospital', 2), async (req, res) => {
const { company_id, name, code, country, region, city, address } = req.body;
if ([ company_id, name, code, country, region, city, address ].every(Boolean)) {
try {
const [result] = await pool.execute(
'INSERT INTO hospitals (company_id, name, code, country, region, city, address) VALUES (?, ?, ?, ?, ?, ?, ?)',
[ company_id, name, code, country, region, city, address ],
);
if (result.affectedRows === 0) return await respondWithStatus(res, 500, 'Error storing hospital');
return await respondWithStatus(res, 200, 'Hospital created successfully');
}
catch (err) {
error(err);
return await respondWithStatus(res, 500, 'An error has occured');
}
}
else {
return await respondWithStatus(res, 400, 'Missing fields');
}
});
router.get('/:hospitalId', verifyToken, checkBanned, checkPermissions('hospital', 1), async (req, res) => {
try {
const [rows] = await pool.execute('SELECT * FROM hospitals WHERE id = ? LIMIT 1', [req.params.hospitalId]);
if (rows.length === 0) return await respondWithStatus(res, 404, 'Hospitals not found');
return await respondWithStatusJSON(res, 200, rows[0]);
}
catch (err) {
error(err);
return await respondWithStatus(res, 500, 'An error has occured');
}
});
router.patch('/:hospitalId', verifyToken, checkBanned, checkPermissions('hospital', 2), async (req, res) => {
try {
const { type, value } = req.body;
const [rows] = await pool.execute('SELECT * FROM hospitals WHERE id = ? LIMIT 1', [req.params.hospitalId]);
if (rows.length === 0) return await respondWithStatus(res, 404, 'Hospital not found');
const fields = rows.map(row => Object.keys(row));
if (fields[0].includes(type)) {
const [result] = await pool.execute(`UPDATE hospitals SET ${type} = ? WHERE id = ?`, [value, req.params.hospitalId]);
if (result.affectedRows === 0) return await respondWithStatus(res, 500, 'Error updating hospital');
return await respondWithStatus(res, 200, 'Hospital updated successfully');
}
else {
return await respondWithStatus(res, 400, 'Invalid type');
}
}
catch (err) {
error(err);
return await respondWithStatus(res, 500, 'An error has occured');
}
});
router.put('/:hospitalId', verifyToken, checkBanned, checkPermissions('hospital', 2), async (req, res) => {
const id = req.params.hospitalId;
const { company_id, name, code, country, region, city, address } = req.body;
if ([company_id, name, code, country, region, city, address].every(Boolean)) {
try {
const [rows] = await pool.execute('SELECT * FROM hospitals WHERE id = ? LIMIT 1', [id]);
if (rows.length === 0) {
return await respondWithStatus(res, 404, 'Hospital not found');
}
const [result] = await pool.execute(
'UPDATE hospitals SET company_id = ?, name = ?, code = ?, country = ?, region = ?, city = ?, address = ? WHERE id = ?',
[company_id, name, code, country, region, city, address, id],
);
if (result.affectedRows === 0) {
return await respondWithStatus(res, 500, 'Error updating hospital');
}
return await respondWithStatus(res, 200, 'Hospital updated successfully');
}
catch (err) {
error(err);
return await respondWithStatus(res, 500, 'An error has occured');
}
}
else {
return await respondWithStatus(res, 400, 'Missing fields');
}
});
router.delete('/:hospitalId', verifyToken, checkBanned, checkPermissions('hospital', 4), async (req, res) => {
try {
const [rows] = await pool.execute('SELECT * FROM hospitals WHERE id = ? LIMIT 1', [req.params.hospitalId]);
if (rows.length === 0) return await respondWithStatus(res, 404, 'Hospital not found');
const [result] = await pool.execute('DELETE FROM hospitals WHERE id = ?', [req.params.hospitalId]);
if (result.affectedRows === 0) return await respondWithStatus(res, 500, 'Error removing hospital');
return await respondWithStatus(res, 200, 'Hospital deleted successfully');
}
catch (err) {
error(err);
return await respondWithStatus(res, 500, 'An error has occured');
}
});
// Doctor endpoints
router.get('/:hospitalId/doctors', verifyToken, checkBanned, checkPermissions('doctor', 1), async (req, res) => {
try {
const [rows] = await pool.execute('SELECT doctors.* FROM hospital_doctors JOIN doctors ON hospital_doctors.doctor_id = doctors.id WHERE hospital_doctors.hospital_id = ?', [req.params.hospitalId]);
if (rows.length === 0) return await respondWithStatus(res, 404, 'Doctors not found');
return await respondWithStatusJSON(res, 200, rows);
}
catch (err) {
error(err);
return await respondWithStatus(res, 500, 'An error has occured');
}
});
router.post('/:hospitalId/doctors', verifyToken, checkBanned, checkPermissions('doctor', 2), async (req, res) => {
const { doctor_id } = req.body;
if ([doctor_id].every(Boolean)) {
try {
const [result] = await pool.execute('INSERT INTO hospital_doctors (hospital_id, doctor_id) VALUES (?, ?)', [req.params.hospitalId, doctor_id]);
if (result.affectedRows === 0) return await respondWithStatus(res, 500, 'Error storing doctor');
return await respondWithStatus(res, 200, 'Doctor added to hospital successfully');
}
catch (err) {
error(err);
return await respondWithStatus(res, 500, 'An error has occured');
}
}
else {
return await respondWithStatus(res, 400, 'Missing fields');
}
});
router.delete('/:hospitalId/doctors/:doctorId', verifyToken, checkBanned, checkPermissions('doctor', 4), async (req, res) => {
try {
const { hospitalId, doctorId } = req.params;
const [result] = await pool.execute('DELETE FROM hospital_doctors WHERE hospital_id = ? AND doctor_id = ?', [hospitalId, doctorId]);
if (result.affectedRows === 0) return await respondWithStatus(res, 500, 'Error removing doctor');
return await respondWithStatus(res, 200, 'Doctor removed from hospital successfully');
}
catch (err) {
error(err);
return await respondWithStatus(res, 500, 'An error has occured');
}
});
// Service endpoints
router.get('/:hospitalId/services', verifyToken, checkBanned, checkPermissions('service', 1), async (req, res) => {
try {
const [rows] = await pool.execute(
'SELECT services.* FROM hospital_doctors JOIN doctors ON hospital_doctors.doctor_id = doctors.id JOIN doctor_services ON doctors.id = doctor_services.doctor_id JOIN services ON doctor_services.service_id = services.id WHERE hospital_doctors.hospital_id = ?',
[req.params.hospitalId],
);
if (rows.length === 0) return await respondWithStatus(res, 404, 'Services not found');
return await respondWithStatusJSON(res, 200, rows);
}
catch (err) {
error(err);
return await respondWithStatus(res, 500, 'An error has occured');
}
});
// Room endpoints
router.get('/:hospitalId/rooms', verifyToken, checkBanned, checkPermissions('room', 1), async (req, res) => {
try {
const [rows] = await pool.execute('SELECT * FROM rooms WHERE hospital_id = ?', [req.params.hospitalId]);
if (rows.length === 0) return await respondWithStatus(res, 404, 'Rooms not found');
return await respondWithStatusJSON(res, 200, rows);
}
catch (err) {
error(err);
return await respondWithStatus(res, 500, 'An error has occured');
}
});
router.post('/:hospitalId/rooms', verifyToken, checkBanned, checkPermissions('room', 2), async (req, res) => {
const { name, code, floor, room_number, room_type } = req.body;
if ([name, code, floor, room_number, room_type].every(Boolean)) {
try {
if (!['General Ward', 'Private', 'Intensive Care Unit', 'Labor and Delivery', 'Operating', 'Recovery', 'Isolation', 'Emergency', 'Imaging', 'Procedure', 'Physical Therapy', 'Consultation'].includes(room_type)) return await respondWithStatus(res, 400, 'Invalid room type');
const [result] = await pool.execute(
'INSERT INTO rooms (hospital_id, name, code, floor, room_number, room_type) VALUES (?, ?, ?, ?, ?, ?)',
[req.params.hospitalId, name, code, floor, room_number, room_type],
);
if (result.affectedRows === 0) return await respondWithStatus(res, 500, 'Error storing room');
return await respondWithStatus(res, 200, 'Room created successfully');
}
catch (err) {
error(err);
return await respondWithStatus(res, 500, 'An error has occured');
}
}
else {
return await respondWithStatus(res, 400, 'Missing fields');
}
});
router.delete('/:hospitalId/rooms/:roomId', verifyToken, checkBanned, checkPermissions('room', 4), async (req, res) => {
try {
const [result] = await pool.execute('DELETE FROM rooms WHERE hospital_id = ? AND id = ?', [req.params.hospitalId, req.params.roomId]);
if (result.affectedRows === 0) return await respondWithStatus(res, 500, 'Error removing room');
return await respondWithStatus(res, 200, 'Room removed from hospital successfully');
}
catch (err) {
error(err);
return await respondWithStatus(res, 500, 'An error has occured');
}
});
export default router;
Reference in New Issue View Git Blame Copy Permalink