Merge pull request #38 from Code-the-Dream-School/MedControllerErrorHandling

Med controller error handling

Author: up2code3

src/controllers/medicationController.js

@@ -1,85 +1,145 @@
 const Medication = require("../models/Medication");
 const User = require("../models/UserModel");
+const DispenseLog = require("../models/DispenseLog");
 const { StatusCodes } = require("http-status-codes");
 const { NotFoundError } = require("../errors");
 
-// Fetch all medications
-const getMedications = async (req, res) => {
-  const medications = await Medication.find();
-  res.status(StatusCodes.OK).json({ success: true, data: medications });
-  console.log("Fetch All Medications");
+const getMedications = async (req, res, next) => {
+  try {
+    const medications = await Medication.find();
+    res.status(StatusCodes.OK).json({ success: true, data: medications });
+  } catch (error) {
+    next(error);
+  }
 };
 
-// Fetch a Single medication
-const getMedication = async (req, res) => {
-  const { id } = req.params;
-  const medication = await Medication.findById(id);
-  if (!medication) {
-    throw new NotFoundError(`No medication found with id: ${id}`);
+const getMedication = async (req, res, next) => {
+  try {
+    const { id } = req.params;
+    const medication = await Medication.findById(id);
+    if (!medication) {
+      throw new NotFoundError(`No medication found with id: ${id}`);
+    }
+    res.status(StatusCodes.OK).json({ success: true, data: medication });
+  } catch (error) {
+    next(error);
   }
-  res.status(StatusCodes.OK).json({ success: true, data: medication });
-  console.log("Fetch Single Medication");
 };
 
-// Create a medication
-const createMedication = async (req, res) => {
+const createMedication = async (req, res, next) => {
   try {
-    const userId = req.user.id; // Get the user ID from the request
-
-    // Fetch the user's name using the userId
+    const userId = req.user.id;
     const user = await User.findById(userId);
     if (!user) {
       return res
-        .status(404)
+        .status(StatusCodes.NOT_FOUND)
         .json({ success: false, message: "User not found" });
     }
 
-    // Assign the user's Name, Id, and Store to the created med
     const medicationData = {
       ...req.body,
-      loggedBy: user.name, //Assign the user's name
-      createdBy: user.id, // Assign the user's Id
-      store: user.store, // Assign the user's store
+      createdBy: user.id,
     };
-
-    // Create a new medication record with the user's name
     const medication = await Medication.create(medicationData);
-
     res.status(StatusCodes.CREATED).json({ success: true, data: medication });
-    console.log("Create Medication");
   } catch (error) {
-    res
-      .status(StatusCodes.INTERNAL_SERVER_ERROR)
-      .json({ success: false, error: error.message });
-    console.error("Error creating medication:", error);
+    next(error);
+  }
+};
+
+const dispenseMedication = async (req, res, next) => {
+  try {
+    const { medicationId, quantity } = req.body;
+    const medication = await Medication.findById(medicationId).populate({
+      path: "createdBy",
+      select: "store",
+    });
+
+    if (!medication) {
+      return res
+        .status(StatusCodes.NOT_FOUND)
+        .json({ success: false, message: "Medication not Found" });
+    }
+
+    if (medication.createdBy.store !== req.user.store) {
+      return res.status(StatusCodes.FORBIDDEN).json({
+        success: false,
+        message:
+          "You are not authorized to dispense medication from this store.",
+      });
+    }
+
+    if (medication.quantity < quantity) {
+      return res.status(StatusCodes.BAD_REQUEST).json({
+        success: false,
+        message: "Insufficient stock available",
+      });
+    }
+
+    medication.quantity -= quantity;
+    await medication.save();
+
+    const log = await DispenseLog.create({
+      medicationId,
+      userId: req.user.id,
+      quantity,
+      dispenseDate: new Date(),
+    });
+
+    const populatedLog = await log.populate([
+      { path: "medicationId", select: "name ndc lot" },
+      { path: "userId", select: "name store" },
+    ]);
+
+    res.status(StatusCodes.OK).json({
+      success: true,
+      message: "Medication dispensed successfully",
+      log: populatedLog,
+    });
+  } catch (error) {
+    next(error);
+  }
+};
+
+const getDispenseLogs = async (req, res, next) => {
+  try {
+    const logs = await DispenseLog.find();
+    res.status(StatusCodes.OK).json({ success: true, data: logs });
+  } catch (error) {
+    next(error);
   }
 };
 
-// Update an existing medication
-const updateMedication = async (req, res) => {
-  const { id } = req.params;
-  const medication = await Medication.findByIdAndUpdate(id, req.body, {
-    new: true,
-    runValidators: true,
-  });
-  if (!medication) {
-    throw new NotFoundError(`No medication found with id: ${id}`);
+const updateMedication = async (req, res, next) => {
+  try {
+    const { id } = req.params;
+    const medication = await Medication.findByIdAndUpdate(id, req.body, {
+      new: true,
+      runValidators: true,
+    });
+    if (!medication) {
+      throw new NotFoundError(`No medication found with id: ${id}`);
+    }
+    res.status(StatusCodes.OK).json({ success: true, data: medication });
+  } catch (error) {
+    next(error);
   }
-  res.status(StatusCodes.OK).json({ success: true, data: medication });
-  console.log("Changes a medication");
 };
 
-// Delete a medication
-const deleteMedication = async (req, res) => {
-  const { id } = req.params;
-  const medication = await Medication.findByIdAndDelete(id);
-  if (!medication) {
-    throw new NotFoundError(`No medication found with id: ${id}`);
+const deleteMedication = async (req, res, next) => {
+  try {
+    const { id } = req.params;
+    const medication = await Medication.findByIdAndDelete(id);
+    if (!medication) {
+      throw new NotFoundError(`No medication found with id: ${id}`);
+    }
+    res.status(StatusCodes.OK).json({
+      success: true,
+      message: "Medication deleted successfully",
+    });
+  } catch (error) {
+    next(error);
   }
-  res
-    .status(StatusCodes.OK)
-    .json({ success: true, message: "Medication deleted successfully" });
-  console.log("Delete Medication");
 };
 
 module.exports = {
@@ -88,4 +148,6 @@ module.exports = {
   createMedication,
   updateMedication,
   deleteMedication,
+  dispenseMedication,
+  getDispenseLogs,
 };

src/middleware/authMiddleware.js

@@ -1,6 +1,7 @@
 const jwt = require("jsonwebtoken");
+const User = require("../models/UserModel"); // Adjust the path to your User model
 
-const authenticate = (req, res, next) => {
+const authenticate = async (req, res, next) => {
   const authHeader = req.header("Authorization");
 
   // Check if the Authorization header is present
@@ -11,14 +12,23 @@ const authenticate = (req, res, next) => {
     });
   }
 
-  const token = authHeader.split(" ")[1]; // take token from header
+  const token = authHeader.split(" ")[1]; // Extract token from header
 
   try {
     // Verify token
     const decoded = jwt.verify(token, process.env.JWT_SECRET);
 
-    // Attach the user data (from token) to the request object
-    req.user = { id: decoded.id, role: decoded.role };
+    // Fetch the full user details, including `store`
+    const user = await User.findById(decoded.id);
+    if (!user) {
+      return res.status(404).json({
+        success: false,
+        message: "User not found.",
+      });
+    }
+
+    // Attach the full user object to the request
+    req.user = { id: user.id, role: user.role, store: user.store };
     next();
   } catch (err) {
     return res.status(401).json({

src/models/DispenseLog.js

@@ -0,0 +1,29 @@
+const mongoose = require("mongoose");
+
+const dispenseLogSchema = new mongoose.Schema(
+  {
+    medicationId: {
+      type: mongoose.Schema.Types.ObjectId,
+      ref: "Medication",
+      required: true,
+    },
+    userId: {
+      type: mongoose.Schema.Types.ObjectId,
+      ref: "User",
+      required: true,
+    },
+    quantity: {
+      type: Number,
+      required: true,
+      min: [1, "Dispensed Quantity must be at least 1"],
+    },
+    dispenseDate: {
+      type: Date,
+      default: Date.now,
+      required: true,
+    },
+  },
+  { timestamps: true },
+);
+
+module.exports = mongoose.model("DispenseLog", dispenseLogSchema);

src/models/Medication.js

@@ -36,17 +36,8 @@ const medicationSchema = new mongoose.Schema(
       required: [true, "Please provide NDC Number"],
       unique: true,
     },
-    store: {
-      type: String,
-      ref: "User",
-      required: [true, "Please provide Store Name"],
-    },
-    loggedBy: {
-      type: String,
-      ref: "User",
-    },
     createdBy: {
-      type: String,
+      type: mongoose.Schema.Types.ObjectId,
       ref: "User",
       required: [true, "Please provide the creator's user ID"],
     },

src/routes/medicationRoutes.js

@@ -1,6 +1,5 @@
 const express = require("express");
 const authenticate = require("../middleware/authMiddleware");
-
 const roleMiddleware = require("../middleware/roleMiddleware");
 
 const {
@@ -9,6 +8,8 @@ const {
   createMedication,
   updateMedication,
   deleteMedication,
+  dispenseMedication,
+  getDispenseLogs,
 } = require("../controllers/medicationController");
 
 const router = express.Router();
@@ -54,4 +55,20 @@ router.delete(
   deleteMedication,
 );
 
+// POST /inventory/dispense Dispense medication
+router.post(
+  "/dispense",
+  authenticate,
+  roleMiddleware(["admin", "clerk", "inventoryManager"]),
+  dispenseMedication,
+);
+
+// Dispense Log Stats
+router.get(
+  "/dispense-logs",
+  authenticate,
+  roleMiddleware(["admin", "clerk", "inventoryManager"]),
+  getDispenseLogs,
+);
+
 module.exports = router;