jws-backend/src/controllers/03-employee-checkup-controller.ts

import {
  Body,
  Controller,
  Delete,
  Get,
  Path,
  Post,
  Put,
  Request,
  Route,
  Security,
  Tags,
} from "tsoa";
import { RequestWithUser } from "../interfaces/user";
import prisma from "../db";
import HttpStatus from "../interfaces/http-status";
import HttpError from "../interfaces/http-error";

const MANAGE_ROLES = ["system", "head_of_admin", "admin", "branch_manager", "head_of_sale", "sale"];

type EmployeeCheckupPayload = {
  checkupType?: string | null;
  checkupResult?: string | null;

  provinceId?: string | null;

  hospitalName?: string | null;
  remark?: string | null;
  medicalBenefitScheme?: string | null;
  insuranceCompany?: string | null;
  coverageStartDate?: Date | null;
  coverageExpireDate?: Date | null;
};

@Route("api/v1/employee/{employeeId}/checkup")
@Tags("Employee Checkup")
export class EmployeeCheckupController extends Controller {
  @Get()
  @Security("keycloak")
  async list(@Path() employeeId: string) {
    return prisma.employeeCheckup.findMany({
      include: {
        createdBy: true,
        updatedBy: true,
      },
      orderBy: { createdAt: "asc" },
      where: { employeeId },
    });
  }

  @Get("{checkupId}")
  @Security("keycloak")
  async getById(@Path() employeeId: string, @Path() checkupId: string) {
    const record = await prisma.employeeCheckup.findFirst({
      include: {
        createdBy: true,
        updatedBy: true,
      },
      where: { id: checkupId, employeeId },
    });
    if (!record) {
      throw new HttpError(
        HttpStatus.NOT_FOUND,
        "Employee checkup cannot be found.",
        "employeeCheckupNotFound",
      );
    }
    return record;
  }

  @Post()
  @Security("keycloak", MANAGE_ROLES)
  async create(
    @Request() req: RequestWithUser,
    @Path() employeeId: string,
    @Body() body: EmployeeCheckupPayload,
  ) {
    if (body.provinceId || employeeId) {
      const [province, employee] = await prisma.$transaction([
        prisma.province.findFirst({ where: { id: body.provinceId || undefined } }),
        prisma.employee.findFirst({ where: { id: employeeId } }),
      ]);
      if (body.provinceId && !province)
        throw new HttpError(
          HttpStatus.BAD_REQUEST,
          "Province cannot be found.",
          "provinceNotFound",
        );
      if (!employee)
        throw new HttpError(
          HttpStatus.BAD_REQUEST,
          "Employee cannot be found.",
          "employeeNotFound",
        );
    }

    const { provinceId, ...rest } = body;

    const record = await prisma.employeeCheckup.create({
      include: { province: true, createdBy: true, updatedBy: true },
      data: {
        ...rest,
        province: { connect: provinceId ? { id: provinceId } : undefined },
        employee: { connect: { id: employeeId } },
        createdBy: { connect: { id: req.user.sub } },
        updatedBy: { connect: { id: req.user.sub } },
      },
    });

    this.setStatus(HttpStatus.CREATED);

    return record;
  }

  @Put("{checkupId}")
  @Security("keycloak", MANAGE_ROLES)
  async editById(
    @Request() req: RequestWithUser,
    @Path() employeeId: string,
    @Path() checkupId: string,
    @Body() body: EmployeeCheckupPayload,
  ) {
    if (body.provinceId || employeeId) {
      const [province, employee] = await prisma.$transaction([
        prisma.province.findFirst({ where: { id: body.provinceId || undefined } }),
        prisma.employee.findFirst({ where: { id: employeeId } }),
      ]);
      if (body.provinceId && !province)
        throw new HttpError(
          HttpStatus.BAD_REQUEST,
          "Province cannot be found.",
          "provinceNotFound",
        );
      if (!employee)
        throw new HttpError(
          HttpStatus.BAD_REQUEST,
          "Employee cannot be found.",
          "employeeNotFound",
        );
    }

    const { provinceId, ...rest } = body;

    if (
      !(await prisma.employeeCheckup.findUnique({
        include: { createdBy: true, updatedBy: true },
        where: { id: checkupId, employeeId },
      }))
    ) {
      throw new HttpError(
        HttpStatus.NOT_FOUND,
        "Employee checkup cannot be found.",
        "employeeCheckupNotFound",
      );
    }

    const record = await prisma.employeeCheckup.update({
      include: { province: true, createdBy: true, updatedBy: true },
      where: { id: checkupId, employeeId },
      data: {
        ...rest,
        province: { connect: provinceId ? { id: provinceId } : undefined },
        updatedBy: { connect: { id: req.user.sub } },
      },
    });

    this.setStatus(HttpStatus.CREATED);

    return record;
  }

  @Delete("{checkupId}")
  @Security("keycloak", MANAGE_ROLES)
  async deleteById(@Path() employeeId: string, @Path() checkupId: string) {
    const record = await prisma.employeeCheckup.findFirst({ where: { id: checkupId, employeeId } });

    if (!record) {
      throw new HttpError(
        HttpStatus.NOT_FOUND,
        "Employee checkup cannot be found.",
        "employeeCheckupNotFound",
      );
    }

    return await prisma.employeeCheckup.delete({
      include: { createdBy: true, updatedBy: true },
      where: { id: checkupId, employeeId },
    });
  }
}