updates

Author: pyramation

packages/clinical/__tests__/basic.test.ts

@@ -1,29 +1,157 @@
-import { getConnections, PgTestClient } from 'pgsql-test';
+import { getConnections, PgTestClient, seed } from 'pgsql-test';
 
-let db: PgTestClient;
 let pg: PgTestClient;
+let db: PgTestClient;
 let teardown: () => Promise<void>;
 
+let aliceId: string;
+let bobId: string;
+
 beforeAll(async () => {
-  ({ pg, db, teardown } = await getConnections());
+  ({ pg, db, teardown } = await getConnections({}, [seed.pgpm()]));
+
+  await pg.query(`GRANT authenticated TO app_user`);
+
+  const patients = await pg.query(`
+    INSERT INTO patients.patients (first_name, last_name, date_of_birth)
+    VALUES ('Alice', 'Anderson', '1980-01-01'),
+           ('Bob',   'Brown',    '1985-05-05')
+    RETURNING id
+  `);
+  aliceId = patients.rows[0].id;
+  bobId = patients.rows[1].id;
 });
 
 afterAll(async () => {
   await teardown();
 });
 
 beforeEach(async () => {
+  await pg.beforeEach();
   await db.beforeEach();
 });
 
 afterEach(async () => {
   await db.afterEach();
+  await pg.afterEach();
 });
 
-describe('first test', () => {
-  it('should pass', async () => {
-    const result = await pg.query('SELECT 1 as num');
-    expect(result.rows[0].num).toBe(1);
+function asPatient(userId: string) {
+  db.setContext({
+    role: 'authenticated',
+    'app.role': 'patient',
+    'app.user_id': userId,
+  });
+}
+
+function asClinician() {
+  db.setContext({
+    role: 'authenticated',
+    'app.role': 'clinician',
+    'app.user_id': '',
+  });
+}
+
+describe('conditions RLS', () => {
+  it('Alice sees only her own conditions', async () => {
+    asClinician();
+    await db.query(
+      `INSERT INTO clinical.conditions (patient_id, description, status)
+       VALUES ($1, 'Hypertension', 'active'),
+              ($2, 'Type 2 Diabetes', 'active')`,
+      [aliceId, bobId],
+    );
+
+    asPatient(aliceId);
+    const r = await db.query(`SELECT description FROM clinical.conditions`);
+    expect(r.rows).toHaveLength(1);
+    expect(r.rows[0].description).toBe('Hypertension');
+  });
+
+  it('Clinician-only writes: patient cannot add a condition to themselves', async () => {
+    asPatient(aliceId);
+    const point = 'patient_condition_denied';
+    await db.savepoint(point);
+    await expect(
+      db.query(
+        `INSERT INTO clinical.conditions (patient_id, description)
+         VALUES ($1, 'Self-diagnosed fake condition')`,
+        [aliceId],
+      ),
+    ).rejects.toThrow(/row-level security/i);
+    await db.rollback(point);
   });
 });
 
+describe('allergies RLS', () => {
+  it("Alice can record her own allergies but cannot see Bob's", async () => {
+    asPatient(aliceId);
+    await db.query(
+      `INSERT INTO clinical.allergies (patient_id, allergen, severity)
+       VALUES ($1, 'Penicillin', 'severe')`,
+      [aliceId],
+    );
+
+    asClinician();
+    await db.query(
+      `INSERT INTO clinical.allergies (patient_id, allergen, severity)
+       VALUES ($1, 'Shellfish', 'moderate')`,
+      [bobId],
+    );
+
+    asPatient(aliceId);
+    const r = await db.query(`SELECT allergen FROM clinical.allergies`);
+    expect(r.rows).toHaveLength(1);
+    expect(r.rows[0].allergen).toBe('Penicillin');
+  });
+
+  it('Alice CANNOT add an allergy for Bob (WITH CHECK enforces row ownership)', async () => {
+    asPatient(aliceId);
+    const point = 'cross_patient_allergy';
+    await db.savepoint(point);
+    await expect(
+      db.query(
+        `INSERT INTO clinical.allergies (patient_id, allergen, severity)
+         VALUES ($1, 'Sneaky injection on Bob', 'moderate')`,
+        [bobId],
+      ),
+    ).rejects.toThrow(/row-level security/i);
+    await db.rollback(point);
+  });
+});
+
+describe('vitals RLS', () => {
+  it('Clinicians record vitals; patients read their own only', async () => {
+    asClinician();
+    await db.query(
+      `INSERT INTO clinical.vitals (patient_id, heart_rate_bpm, systolic_bp, diastolic_bp, temperature_c)
+       VALUES ($1, 72, 120, 80, 36.7),
+              ($2, 88, 145, 92, 37.1)`,
+      [aliceId, bobId],
+    );
+
+    asPatient(aliceId);
+    const aliceView = await db.query(`SELECT heart_rate_bpm FROM clinical.vitals`);
+    expect(aliceView.rows).toHaveLength(1);
+    expect(aliceView.rows[0].heart_rate_bpm).toBe(72);
+
+    asPatient(bobId);
+    const bobView = await db.query(`SELECT heart_rate_bpm FROM clinical.vitals`);
+    expect(bobView.rows).toHaveLength(1);
+    expect(bobView.rows[0].heart_rate_bpm).toBe(88);
+  });
+
+  it('Patients cannot record their own vitals', async () => {
+    asPatient(aliceId);
+    const point = 'patient_vitals_denied';
+    await db.savepoint(point);
+    await expect(
+      db.query(
+        `INSERT INTO clinical.vitals (patient_id, heart_rate_bpm)
+         VALUES ($1, 200)`,
+        [aliceId],
+      ),
+    ).rejects.toThrow(/row-level security/i);
+    await db.rollback(point);
+  });
+});

packages/clinical/clinical.control

@@ -2,6 +2,6 @@
 comment = 'clinical extension'
 default_version = '0.0.1'
 module_pathname = '$libdir/clinical'
-requires = 'plpgsql'
+requires = 'plpgsql,scheduling'
 relocatable = false
 superuser = false

packages/clinical/deploy/schemas/clinical.sql

@@ -0,0 +1,4 @@
+-- Deploy schemas/clinical to pg
+
+CREATE SCHEMA clinical;
+GRANT USAGE ON SCHEMA clinical TO authenticated;

packages/clinical/deploy/schemas/clinical/policies/allergies_rls.sql

@@ -0,0 +1,23 @@
+-- Deploy schemas/clinical/policies/allergies_rls to pg
+-- requires: schemas/clinical/tables/allergies
+
+ALTER TABLE clinical.allergies ENABLE ROW LEVEL SECURITY;
+ALTER TABLE clinical.allergies FORCE ROW LEVEL SECURITY;
+
+CREATE POLICY allergies_select ON clinical.allergies
+  FOR SELECT TO authenticated
+  USING (
+    app.is_clinician_or_admin()
+    OR patient_id = app.current_user_id()
+  );
+
+CREATE POLICY allergies_modify ON clinical.allergies
+  FOR ALL TO authenticated
+  USING (
+    app.is_clinician_or_admin()
+    OR patient_id = app.current_user_id()
+  )
+  WITH CHECK (
+    app.is_clinician_or_admin()
+    OR patient_id = app.current_user_id()
+  );

packages/clinical/deploy/schemas/clinical/policies/conditions_rls.sql

@@ -0,0 +1,17 @@
+-- Deploy schemas/clinical/policies/conditions_rls to pg
+-- requires: schemas/clinical/tables/conditions
+
+ALTER TABLE clinical.conditions ENABLE ROW LEVEL SECURITY;
+ALTER TABLE clinical.conditions FORCE ROW LEVEL SECURITY;
+
+CREATE POLICY conditions_select ON clinical.conditions
+  FOR SELECT TO authenticated
+  USING (
+    app.is_clinician_or_admin()
+    OR patient_id = app.current_user_id()
+  );
+
+CREATE POLICY conditions_modify ON clinical.conditions
+  FOR ALL TO authenticated
+  USING (app.is_clinician_or_admin())
+  WITH CHECK (app.is_clinician_or_admin());

packages/clinical/deploy/schemas/clinical/policies/vitals_rls.sql

@@ -0,0 +1,17 @@
+-- Deploy schemas/clinical/policies/vitals_rls to pg
+-- requires: schemas/clinical/tables/vitals
+
+ALTER TABLE clinical.vitals ENABLE ROW LEVEL SECURITY;
+ALTER TABLE clinical.vitals FORCE ROW LEVEL SECURITY;
+
+CREATE POLICY vitals_select ON clinical.vitals
+  FOR SELECT TO authenticated
+  USING (
+    app.is_clinician_or_admin()
+    OR patient_id = app.current_user_id()
+  );
+
+CREATE POLICY vitals_modify ON clinical.vitals
+  FOR ALL TO authenticated
+  USING (app.is_clinician_or_admin())
+  WITH CHECK (app.is_clinician_or_admin());

packages/clinical/deploy/schemas/clinical/tables/allergies.sql

@@ -0,0 +1,18 @@
+-- Deploy schemas/clinical/tables/allergies to pg
+-- requires: schemas/clinical
+
+CREATE TABLE clinical.allergies (
+  id uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+  patient_id uuid NOT NULL REFERENCES patients.patients(id) ON DELETE CASCADE,
+  encounter_id uuid REFERENCES scheduling.encounters(id) ON DELETE SET NULL,
+  allergen text NOT NULL,
+  reaction text,
+  severity text NOT NULL DEFAULT 'moderate'
+    CHECK (severity IN ('mild', 'moderate', 'severe', 'life_threatening')),
+  recorded_on date NOT NULL DEFAULT current_date,
+  created_at timestamptz NOT NULL DEFAULT now()
+);
+
+CREATE INDEX allergies_patient_id_idx ON clinical.allergies (patient_id);
+
+GRANT SELECT, INSERT, UPDATE, DELETE ON clinical.allergies TO authenticated;

packages/clinical/deploy/schemas/clinical/tables/conditions.sql

@@ -0,0 +1,20 @@
+-- Deploy schemas/clinical/tables/conditions to pg
+-- requires: schemas/clinical
+
+CREATE TABLE clinical.conditions (
+  id uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+  patient_id uuid NOT NULL REFERENCES patients.patients(id) ON DELETE CASCADE,
+  encounter_id uuid REFERENCES scheduling.encounters(id) ON DELETE SET NULL,
+  icd10_code text,
+  description text NOT NULL,
+  onset_date date,
+  resolved_date date,
+  status text NOT NULL DEFAULT 'active'
+    CHECK (status IN ('active', 'resolved', 'inactive', 'suspected')),
+  severity text CHECK (severity IN ('mild', 'moderate', 'severe')),
+  created_at timestamptz NOT NULL DEFAULT now()
+);
+
+CREATE INDEX conditions_patient_id_idx ON clinical.conditions (patient_id);
+
+GRANT SELECT, INSERT, UPDATE, DELETE ON clinical.conditions TO authenticated;

packages/clinical/deploy/schemas/clinical/tables/vitals.sql

@@ -0,0 +1,22 @@
+-- Deploy schemas/clinical/tables/vitals to pg
+-- requires: schemas/clinical
+
+CREATE TABLE clinical.vitals (
+  id uuid PRIMARY KEY DEFAULT gen_random_uuid(),
+  patient_id uuid NOT NULL REFERENCES patients.patients(id) ON DELETE CASCADE,
+  encounter_id uuid REFERENCES scheduling.encounters(id) ON DELETE SET NULL,
+  recorded_at timestamptz NOT NULL DEFAULT now(),
+  heart_rate_bpm int CHECK (heart_rate_bpm > 0 AND heart_rate_bpm < 350),
+  systolic_bp int CHECK (systolic_bp > 0 AND systolic_bp < 300),
+  diastolic_bp int CHECK (diastolic_bp > 0 AND diastolic_bp < 200),
+  respiratory_rate int CHECK (respiratory_rate > 0 AND respiratory_rate < 100),
+  temperature_c numeric(4,1) CHECK (temperature_c > 25 AND temperature_c < 50),
+  oxygen_saturation int CHECK (oxygen_saturation BETWEEN 0 AND 100),
+  weight_kg numeric(6,2) CHECK (weight_kg > 0),
+  height_cm numeric(5,1) CHECK (height_cm > 0),
+  created_at timestamptz NOT NULL DEFAULT now()
+);
+
+CREATE INDEX vitals_patient_id_idx ON clinical.vitals (patient_id, recorded_at DESC);
+
+GRANT SELECT, INSERT, UPDATE, DELETE ON clinical.vitals TO authenticated;

packages/clinical/pgpm.plan

@@ -1,3 +1,11 @@
 %syntax-version=1.0.0
 %project=clinical
-%uri=clinical
+%uri=clinical
+
+schemas/clinical 2026-04-23T05:27:15Z constructive <constructive@5b0c196eeb62> # add schemas/clinical
+schemas/clinical/tables/conditions [schemas/clinical] 2026-04-23T05:27:15Z constructive <constructive@5b0c196eeb62> # add schemas/clinical/tables/conditions
+schemas/clinical/tables/allergies [schemas/clinical] 2026-04-23T05:27:15Z constructive <constructive@5b0c196eeb62> # add schemas/clinical/tables/allergies
+schemas/clinical/tables/vitals [schemas/clinical] 2026-04-23T05:27:15Z constructive <constructive@5b0c196eeb62> # add schemas/clinical/tables/vitals
+schemas/clinical/policies/conditions_rls [schemas/clinical/tables/conditions] 2026-04-23T05:27:16Z constructive <constructive@5b0c196eeb62> # add schemas/clinical/policies/conditions_rls
+schemas/clinical/policies/allergies_rls [schemas/clinical/tables/allergies] 2026-04-23T05:27:16Z constructive <constructive@5b0c196eeb62> # add schemas/clinical/policies/allergies_rls
+schemas/clinical/policies/vitals_rls [schemas/clinical/tables/vitals] 2026-04-23T05:27:16Z constructive <constructive@5b0c196eeb62> # add schemas/clinical/policies/vitals_rls