Update api/routes/patients.py

api/routes/patients.py

@@ -7,7 +7,7 @@ from models.entities import Note
 from datetime import datetime
 from bson import ObjectId
 from bson.errors import InvalidId
-from typing import Optional, List
+from typing import Optional, List, Dict
 from pymongo import UpdateOne
 from pymongo.errors import BulkWriteError
 import json
@@ -41,6 +41,7 @@ async def process_synthea_patient(bundle: dict, file_path: str) -> Optional[dict
     medications = []
     encounters = []
     
+    # Validate bundle structure
     if not isinstance(bundle, dict) or 'entry' not in bundle:
         logger.error(f"Invalid FHIR bundle structure in {file_path}")
         return None
@@ -58,6 +59,7 @@ async def process_synthea_patient(bundle: dict, file_path: str) -> Optional[dict
                 name = resource.get('name', [{}])[0]
                 address = resource.get('address', [{}])[0]
                 
+                # Construct full name and remove numbers
                 raw_full_name = f"{' '.join(name.get('given', ['']))} {name.get('family', '')}".strip()
                 clean_full_name = re.sub(r'\d+', '', raw_full_name).strip()
                 
@@ -147,8 +149,7 @@ async def import_patients(
         logger.warning(f"Unauthorized import attempt by {current_user.get('email')}")
         raise HTTPException(
             status_code=status.HTTP_403_FORBIDDEN,
-            detail="Only administrators and doctors can import data",
-            headers={"WWW-Authenticate": "Bearer"}
+            detail="Only administrators and doctors can import data"
         )
     
     try:
@@ -161,6 +162,7 @@ async def import_patients(
                 detail="Data directory not found"
             )
             
+        # Filter out non-patient files
         files = [
             f for f in glob.glob(str(SYNTHEA_DATA_DIR / "*.json"))
             if not re.search(r'(hospitalInformation|practitionerInformation)\d+\.json$', f)
@@ -182,11 +184,13 @@ async def import_patients(
             try:
                 logger.debug(f"Processing file: {file_path}")
                 
+                # Check file accessibility
                 if not os.path.exists(file_path):
                     logger.error(f"File not found: {file_path}")
                     errors.append(f"File not found: {file_path}")
                     continue
                     
+                # Check file size
                 file_size = os.path.getsize(file_path)
                 if file_size == 0:
                     logger.warning(f"Empty file: {file_path}")
@@ -274,22 +278,13 @@ async def import_patients(
 
 @router.get("/patients", response_model=List[dict])
 async def list_patients(
-    current_user: dict = Depends(get_current_user),
     search: Optional[str] = Query(None),
     min_notes: int = Query(0, ge=0),
     min_conditions: int = Query(0, ge=0),
     limit: int = Query(100, ge=1, le=500),
     skip: int = Query(0, ge=0)
 ):
-    logger.info(f"Listing patients with search: {search}, limit: {limit}, skip: {skip} by {current_user.get('email')}")
-    if current_user.get('role') not in ['admin', 'doctor']:
-        logger.warning(f"Unauthorized patient list access by {current_user.get('email')}")
-        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="Only administrators and doctors can list patients",
-            headers={"WWW-Authenticate": "Bearer"}
-        )
-    
+    logger.info(f"Listing patients with search: {search}, limit: {limit}, skip: {skip}")
     query = {"source": "synthea"}
     
     if search:
@@ -304,6 +299,7 @@ async def list_patients(
     if min_conditions > 0:
         query[f"conditions.{min_conditions-1}"] = {"$exists": True}
     
+    # Removed $slice to return full arrays for the frontend
     projection = {
         "fhir_id": 1,
         "full_name": 1,
@@ -342,27 +338,19 @@ async def list_patients(
                 }
             })
         
-        logger.info(f"Retrieved {len(patients)} patients for {current_user.get('email')}")
+        logger.info(f"Retrieved {len(patients)} patients")
         return patients
         
     except Exception as e:
-        logger.error(f"Failed to list patients for {current_user.get('email')}: {str(e)}")
+        logger.error(f"Failed to list patients: {str(e)}")
         raise HTTPException(
             status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
             detail=f"Failed to retrieve patients: {str(e)}"
         )
 
 @router.get("/patients/{patient_id}", response_model=dict)
-async def get_patient(patient_id: str, current_user: dict = Depends(get_current_user)):
-    logger.info(f"Retrieving patient {patient_id} for {current_user.get('email')}")
-    if current_user.get('role') not in ['admin', 'doctor']:
-        logger.warning(f"Unauthorized patient access by {current_user.get('email')}")
-        raise HTTPException(
-            status_code=status.HTTP_403_FORBIDDEN,
-            detail="Only administrators and doctors can view patient details",
-            headers={"WWW-Authenticate": "Bearer"}
-        )
-    
+async def get_patient(patient_id: str):
+    logger.info(f"Retrieving patient: {patient_id}")
     try:
         patient = await patients_collection.find_one({
             "$or": [
@@ -409,7 +397,7 @@ async def get_patient(patient_id: str, current_user: dict = Depends(get_current_
             }
         }
         
-        logger.info(f"Successfully retrieved patient {patient_id} for {current_user.get('email')}")
+        logger.info(f"Successfully retrieved patient: {patient_id}")
         return response
         
     except ValueError as ve:
@@ -419,7 +407,7 @@ async def get_patient(patient_id: str, current_user: dict = Depends(get_current_
             detail="Invalid patient ID format"
         )
     except Exception as e:
-        logger.error(f"Failed to retrieve patient {patient_id} for {current_user.get('email')}: {str(e)}")
+        logger.error(f"Failed to retrieve patient {patient_id}: {str(e)}")
         raise HTTPException(
             status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
             detail=f"Failed to retrieve patient: {str(e)}"
@@ -436,8 +424,7 @@ async def add_note(
         logger.warning(f"Unauthorized note addition attempt by {current_user.get('email')}")
         raise HTTPException(
             status_code=status.HTTP_403_FORBIDDEN,
-            detail="Only clinicians can add notes",
-            headers={"WWW-Authenticate": "Bearer"}
+            detail="Only clinicians can add notes"
         )
     
     try:
@@ -465,7 +452,7 @@ async def add_note(
                 detail="Patient not found"
             )
         
-        logger.info(f"Note added successfully for patient {patient_id} by {current_user.get('email')}")
+        logger.info(f"Note added successfully for patient {patient_id}")
         return {"status": "success", "message": "Note added"}
         
     except ValueError as ve:
@@ -475,11 +462,11 @@ async def add_note(
             detail="Invalid patient ID format"
         )
     except Exception as e:
-        logger.error(f"Failed to add note for patient {patient_id} by {current_user.get('email')}: {str(e)}")
+        logger.error(f"Failed to add note for patient {patient_id}: {str(e)}")
         raise HTTPException(
             status_code=status.HTTP_500_INTERNAL_SERVER_ERROR,
             detail=f"Failed to add note: {str(e)}"
         )
 
-# Export the router
+# Export the router as 'patients' for api.__init__.py
 patients = router