Spaces:
Running
Running
| import { | |
| Controller, | |
| Get, | |
| Post, | |
| Put, | |
| Delete, | |
| Body, | |
| UseGuards, | |
| Request, | |
| HttpCode, | |
| HttpStatus, | |
| } from "@nestjs/common"; | |
| import { UserProfileService } from "./user-profile.service"; | |
| import { CreateUserProfileDto } from "./dto/create-user-profile.dto"; | |
| import { UpdateUserProfileDto } from "./dto/update-user-profile.dto"; | |
| import { JwtAuthGuard } from "../auth/guards/jwt-auth.guard"; | |
| /** | |
| * User Profile Controller | |
| * | |
| * ENDPOINTS: | |
| * - POST /user-profile - Create profile (authenticated) | |
| * - GET /user-profile - Get own profile (authenticated) | |
| * - PUT /user-profile - Update profile (authenticated) | |
| * - DELETE /user-profile - Delete profile (authenticated) | |
| * | |
| * CLINICAL SAFETY: | |
| * - All endpoints require authentication | |
| * - Users can only access their own profile | |
| * - No PII collected (age range, not DOB) | |
| * - No free-text medical history | |
| * - Enumerated conditions only | |
| */ | |
| ("user-profile") | |
| (JwtAuthGuard) | |
| export class UserProfileController { | |
| constructor(private readonly userProfileService: UserProfileService) {} | |
| /** | |
| * Create user profile | |
| * | |
| * @param req - Request with authenticated user | |
| * @param createUserProfileDto - Profile data | |
| * @returns Created profile | |
| */ | |
| () | |
| (HttpStatus.CREATED) | |
| async create( | |
| () req: any, | |
| () createUserProfileDto: CreateUserProfileDto | |
| ) { | |
| const userId = req.user.id; | |
| return this.userProfileService.create(userId, createUserProfileDto); | |
| } | |
| /** | |
| * Get own user profile | |
| * | |
| * @param req - Request with authenticated user | |
| * @returns User profile | |
| */ | |
| () | |
| (HttpStatus.OK) | |
| async getProfile(() req: any) { | |
| const userId = req.user.id; | |
| return this.userProfileService.findByUserId(userId); | |
| } | |
| /** | |
| * Update user profile | |
| * | |
| * @param req - Request with authenticated user | |
| * @param updateUserProfileDto - Updated profile data | |
| * @returns Updated profile | |
| */ | |
| () | |
| (HttpStatus.OK) | |
| async update( | |
| () req: any, | |
| () updateUserProfileDto: UpdateUserProfileDto | |
| ) { | |
| const userId = req.user.id; | |
| return this.userProfileService.update(userId, updateUserProfileDto); | |
| } | |
| /** | |
| * Delete user profile | |
| * | |
| * @param req - Request with authenticated user | |
| * @returns Success message | |
| */ | |
| () | |
| (HttpStatus.OK) | |
| async delete(() req: any) { | |
| const userId = req.user.id; | |
| return this.userProfileService.delete(userId); | |
| } | |
| } | |