user profile creation

Pranit-DC · Pranit-DC · commit 2f3f0eb02535 · 2026-01-24T15:59:03.000+05:30
diff --git a/src/app/api/admin/profiles/route.ts b/src/app/api/admin/profiles/route.ts
@@ -0,0 +1,234 @@
+import { NextResponse } from 'next/server';
+import { prisma } from '@/lib/prisma';
+import { requirePermission } from '@/lib/authorization';
+import { createAudit } from '@/services/audit.service';
+
+/**
+ * POST /api/admin/profiles
+ * Create a role-specific profile for a user
+ * 
+ * RBAC: admin.users.create
+ * Body: {
+ *   userId: string;
+ *   role: 'DOCTOR' | 'NURSE' | 'PHARMACIST' | 'LAB_TECH' | 'RECEPTIONIST';
+ *   specialization?: string; (DOCTOR only)
+ *   licenseNumber?: string; (DOCTOR, NURSE, PHARMACIST)
+ *   department?: string; (NURSE, LAB_TECH)
+ * }
+ * 
+ * Returns: The created profile object
+ * 
+ * Edge cases handled:
+ * - User not found (404)
+ * - Profile already exists (409)
+ * - Missing required fields for role (400)
+ * - Invalid role (400)
+ * - Duplicate license number (409)
+ */
+export async function POST(req: Request) {
+  try {
+    await requirePermission(req, 'admin.users.create');
+  } catch (err) {
+    return NextResponse.json({ error: 'Forbidden' }, { status: 403 });
+  }
+
+  try {
+    const { userId, role, specialization, licenseNumber, department } = await req.json();
+
+    // Validate required fields
+    if (!userId) {
+      return NextResponse.json({ error: 'userId is required' }, { status: 400 });
+    }
+
+    if (!role) {
+      return NextResponse.json({ error: 'role is required' }, { status: 400 });
+    }
+
+    // Validate role
+    const validRoles = ['DOCTOR', 'NURSE', 'PHARMACIST', 'LAB_TECH', 'RECEPTIONIST'];
+    if (!validRoles.includes(role)) {
+      return NextResponse.json({ error: `Invalid role: ${role}` }, { status: 400 });
+    }
+
+    // Check if user exists
+    const user = await prisma.user.findUnique({
+      where: { id: userId },
+      select: { id: true, email: true, name: true, role: true }
+    });
+
+    if (!user) {
+      return NextResponse.json({ error: 'User not found' }, { status: 404 });
+    }
+
+    // Handle role-specific profile creation
+    let profile: any = null;
+
+    switch (role) {
+      case 'DOCTOR': {
+        // Validate required fields for DOCTOR
+        if (!specialization || !specialization.trim()) {
+          return NextResponse.json({ error: 'specialization is required for DOCTOR' }, { status: 400 });
+        }
+        if (!licenseNumber || !licenseNumber.trim()) {
+          return NextResponse.json({ error: 'licenseNumber is required for DOCTOR' }, { status: 400 });
+        }
+
+        // Check if license number already exists
+        const existingDoctor = await prisma.doctor.findUnique({
+          where: { licenseNumber: licenseNumber.trim() }
+        });
+
+        if (existingDoctor) {
+          return NextResponse.json({ error: 'License number already exists' }, { status: 409 });
+        }
+
+        // Check if doctor profile already exists for this user
+        const existingProfile = await prisma.doctor.findUnique({
+          where: { userId }
+        });
+
+        if (existingProfile) {
+          return NextResponse.json({ error: 'Doctor profile already exists for this user' }, { status: 409 });
+        }
+
+        profile = await prisma.doctor.create({
+          data: {
+            userId,
+            specialization: specialization.trim(),
+            licenseNumber: licenseNumber.trim()
+          }
+        });
+        break;
+      }
+
+      case 'NURSE': {
+        // Validate required fields for NURSE
+        if (!licenseNumber || !licenseNumber.trim()) {
+          return NextResponse.json({ error: 'licenseNumber is required for NURSE' }, { status: 400 });
+        }
+        if (!department || !department.trim()) {
+          return NextResponse.json({ error: 'department is required for NURSE' }, { status: 400 });
+        }
+
+        // Check if license number already exists
+        const existingNurse = await prisma.nurse.findUnique({
+          where: { licenseNumber: licenseNumber.trim() }
+        });
+
+        if (existingNurse) {
+          return NextResponse.json({ error: 'License number already exists' }, { status: 409 });
+        }
+
+        // Check if nurse profile already exists
+        const existingProfile = await prisma.nurse.findUnique({
+          where: { userId }
+        });
+
+        if (existingProfile) {
+          return NextResponse.json({ error: 'Nurse profile already exists for this user' }, { status: 409 });
+        }
+
+        profile = await prisma.nurse.create({
+          data: {
+            userId,
+            licenseNumber: licenseNumber.trim(),
+            department: department.trim()
+          }
+        });
+        break;
+      }
+
+      case 'PHARMACIST': {
+        // Validate required fields for PHARMACIST
+        if (!licenseNumber || !licenseNumber.trim()) {
+          return NextResponse.json({ error: 'licenseNumber is required for PHARMACIST' }, { status: 400 });
+        }
+
+        // Check if license number already exists
+        const existingPharmacist = await prisma.pharmacist.findUnique({
+          where: { licenseNumber: licenseNumber.trim() }
+        });
+
+        if (existingPharmacist) {
+          return NextResponse.json({ error: 'License number already exists' }, { status: 409 });
+        }
+
+        // Check if pharmacist profile already exists
+        const existingProfile = await prisma.pharmacist.findUnique({
+          where: { userId }
+        });
+
+        if (existingProfile) {
+          return NextResponse.json({ error: 'Pharmacist profile already exists for this user' }, { status: 409 });
+        }
+
+        profile = await prisma.pharmacist.create({
+          data: {
+            userId,
+            licenseNumber: licenseNumber.trim()
+          }
+        });
+        break;
+      }
+
+      case 'LAB_TECH': {
+        // Validate required fields for LAB_TECH
+        if (!department || !department.trim()) {
+          return NextResponse.json({ error: 'department is required for LAB_TECH' }, { status: 400 });
+        }
+
+        // Check if lab tech profile already exists
+        const existingProfile = await prisma.labTech.findUnique({
+          where: { userId }
+        });
+
+        if (existingProfile) {
+          return NextResponse.json({ error: 'Lab Tech profile already exists for this user' }, { status: 409 });
+        }
+
+        profile = await prisma.labTech.create({
+          data: {
+            userId,
+            department: department.trim()
+          }
+        });
+        break;
+      }
+
+      case 'RECEPTIONIST': {
+        // Check if receptionist profile already exists
+        const existingProfile = await prisma.receptionist.findUnique({
+          where: { userId }
+        });
+
+        if (existingProfile) {
+          return NextResponse.json({ error: 'Receptionist profile already exists for this user' }, { status: 409 });
+        }
+
+        profile = await prisma.receptionist.create({
+          data: {
+            userId
+          }
+        });
+        break;
+      }
+
+      default:
+        return NextResponse.json({ error: 'Invalid role' }, { status: 400 });
+    }
+
+    // Create audit log
+    await createAudit({
+      actorId: null,
+      action: 'profile.create',
+      resource: `${role}_Profile`,
+      resourceId: profile.id,
+      meta: { userId, role, email: user.email }
+    });
+
+    return NextResponse.json(profile, { status: 201 });
+  } catch (err) {
+    console.error('[Admin POST /profiles] Error:', err);
+    return NextResponse.json({ error: 'Internal server error' }, { status: 500 });
+  }
+}
diff --git a/src/app/api/admin/users/route.ts b/src/app/api/admin/users/route.ts
@@ -23,7 +23,55 @@ export async function POST(req: Request) {
   const { email, password, name, role, roleEntityId } = await req.json();
   if (!email || !password) return NextResponse.json({ error: 'email & password required' }, { status: 400 });
   const hashed = await bcrypt.hash(password, 10);
-  const user = await prisma.user.create({ data: { email, password: hashed, name: name ?? '', role: role ?? 'RECEPTIONIST', roleEntityId } });
-  await createAudit({ actorId: null, action: 'user.create', resource: 'User', resourceId: user.id, meta: { email, role, roleEntityId } });
+  
+  // Determine final role and roleEntityId
+  let finalRole = role;
+  let finalRoleEntityId = roleEntityId;
+
+  // If roleEntityId is provided but role is not, look up the role name
+  if (finalRoleEntityId && !finalRole) {
+    const roleEntity = await prisma.roleEntity.findUnique({ 
+      where: { id: finalRoleEntityId },
+      select: { name: true }
+    });
+    if (roleEntity) {
+      finalRole = roleEntity.name;
+    }
+  }
+
+  // If role is provided but roleEntityId is not, look up the roleEntityId
+  if (!finalRoleEntityId && finalRole) {
+    const roleEntity = await prisma.roleEntity.findUnique({ 
+      where: { name: finalRole },
+      select: { id: true }
+    });
+    if (roleEntity) {
+      finalRoleEntityId = roleEntity.id;
+    }
+  }
+
+  // Default to RECEPTIONIST if no role is specified
+  if (!finalRole) {
+    finalRole = 'RECEPTIONIST';
+  }
+
+  const user = await prisma.user.create({ 
+    data: { 
+      email, 
+      password: hashed, 
+      name: name ?? '', 
+      role: finalRole, 
+      roleEntityId: finalRoleEntityId 
+    } 
+  });
+  
+  await createAudit({ 
+    actorId: null, 
+    action: 'user.create', 
+    resource: 'User', 
+    resourceId: user.id, 
+    meta: { email, role: finalRole, roleEntityId: finalRoleEntityId } 
+  });
+  
   return NextResponse.json({ id: user.id, email: user.email });
 }
diff --git a/src/components/rbac/users-management.tsx b/src/components/rbac/users-management.tsx
