Spaces:
Running
Running
File size: 2,498 Bytes
f78b36a | 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 | import {
Controller,
Get,
Post,
Put,
Delete,
Body,
UseGuards,
Request,
HttpCode,
HttpStatus,
} from "@nestjs/common";
import { UserProfileService } from "./user-profile.service";
import { CreateUserProfileDto } from "./dto/create-user-profile.dto";
import { UpdateUserProfileDto } from "./dto/update-user-profile.dto";
import { JwtAuthGuard } from "../auth/guards/jwt-auth.guard";
/**
* User Profile Controller
*
* ENDPOINTS:
* - POST /user-profile - Create profile (authenticated)
* - GET /user-profile - Get own profile (authenticated)
* - PUT /user-profile - Update profile (authenticated)
* - DELETE /user-profile - Delete profile (authenticated)
*
* CLINICAL SAFETY:
* - All endpoints require authentication
* - Users can only access their own profile
* - No PII collected (age range, not DOB)
* - No free-text medical history
* - Enumerated conditions only
*/
@Controller("user-profile")
@UseGuards(JwtAuthGuard)
export class UserProfileController {
constructor(private readonly userProfileService: UserProfileService) {}
/**
* Create user profile
*
* @param req - Request with authenticated user
* @param createUserProfileDto - Profile data
* @returns Created profile
*/
@Post()
@HttpCode(HttpStatus.CREATED)
async create(
@Request() req: any,
@Body() createUserProfileDto: CreateUserProfileDto
) {
const userId = req.user.id;
return this.userProfileService.create(userId, createUserProfileDto);
}
/**
* Get own user profile
*
* @param req - Request with authenticated user
* @returns User profile
*/
@Get()
@HttpCode(HttpStatus.OK)
async getProfile(@Request() req: any) {
const userId = req.user.id;
return this.userProfileService.findByUserId(userId);
}
/**
* Update user profile
*
* @param req - Request with authenticated user
* @param updateUserProfileDto - Updated profile data
* @returns Updated profile
*/
@Put()
@HttpCode(HttpStatus.OK)
async update(
@Request() req: any,
@Body() updateUserProfileDto: UpdateUserProfileDto
) {
const userId = req.user.id;
return this.userProfileService.update(userId, updateUserProfileDto);
}
/**
* Delete user profile
*
* @param req - Request with authenticated user
* @returns Success message
*/
@Delete()
@HttpCode(HttpStatus.OK)
async delete(@Request() req: any) {
const userId = req.user.id;
return this.userProfileService.delete(userId);
}
}
|