"use strict"; /** * IncidenteController - Controller de incidentes HSE * * Endpoints REST para gestión de incidentes de seguridad. * Workflow: abierto -> en_investigacion -> cerrado * * @module HSE */ Object.defineProperty(exports, "__esModule", { value: true }); exports.createIncidenteController = createIncidenteController; const express_1 = require("express"); const incidente_service_1 = require("../services/incidente.service"); const auth_middleware_1 = require("../../auth/middleware/auth.middleware"); const auth_service_1 = require("../../auth/services/auth.service"); const incidente_entity_1 = require("../entities/incidente.entity"); const incidente_involucrado_entity_1 = require("../entities/incidente-involucrado.entity"); const incidente_accion_entity_1 = require("../entities/incidente-accion.entity"); const user_entity_1 = require("../../core/entities/user.entity"); const tenant_entity_1 = require("../../core/entities/tenant.entity"); const refresh_token_entity_1 = require("../../auth/entities/refresh-token.entity"); /** * Crear router de incidentes */ function createIncidenteController(dataSource) { const router = (0, express_1.Router)(); // Repositorios const incidenteRepository = dataSource.getRepository(incidente_entity_1.Incidente); const involucradoRepository = dataSource.getRepository(incidente_involucrado_entity_1.IncidenteInvolucrado); const accionRepository = dataSource.getRepository(incidente_accion_entity_1.IncidenteAccion); const userRepository = dataSource.getRepository(user_entity_1.User); const tenantRepository = dataSource.getRepository(tenant_entity_1.Tenant); const refreshTokenRepository = dataSource.getRepository(refresh_token_entity_1.RefreshToken); // Servicios const incidenteService = new incidente_service_1.IncidenteService(incidenteRepository, involucradoRepository, accionRepository); const authService = new auth_service_1.AuthService(userRepository, tenantRepository, refreshTokenRepository); const authMiddleware = new auth_middleware_1.AuthMiddleware(authService, dataSource); // Helper para crear contexto de servicio const getContext = (req) => { if (!req.tenantId) { throw new Error('Tenant ID is required'); } return { tenantId: req.tenantId, userId: req.user?.sub, }; }; /** * GET /incidentes * Listar incidentes con filtros */ router.get('/', authMiddleware.authenticate, async (req, res, next) => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const page = parseInt(req.query.page) || 1; const limit = Math.min(parseInt(req.query.limit) || 20, 100); const filters = { fraccionamientoId: req.query.fraccionamientoId, tipo: req.query.tipo, gravedad: req.query.gravedad, estado: req.query.estado, dateFrom: req.query.dateFrom ? new Date(req.query.dateFrom) : undefined, dateTo: req.query.dateTo ? new Date(req.query.dateTo) : undefined, }; const result = await incidenteService.findWithFilters(getContext(req), filters, page, limit); res.status(200).json({ success: true, data: result.data, pagination: result.meta, }); } catch (error) { next(error); } }); /** * GET /incidentes/stats * Obtener estadísticas de incidentes */ router.get('/stats', authMiddleware.authenticate, async (req, res, next) => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const fraccionamientoId = req.query.fraccionamientoId; const stats = await incidenteService.getStats(getContext(req), fraccionamientoId); res.status(200).json({ success: true, data: stats }); } catch (error) { next(error); } }); /** * GET /incidentes/:id * Obtener incidente con detalles completos */ router.get('/:id', authMiddleware.authenticate, async (req, res, next) => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const incidente = await incidenteService.findWithDetails(getContext(req), req.params.id); if (!incidente) { res.status(404).json({ error: 'Not Found', message: 'Incident not found' }); return; } res.status(200).json({ success: true, data: incidente }); } catch (error) { next(error); } }); /** * POST /incidentes * Crear incidente */ router.post('/', authMiddleware.authenticate, authMiddleware.authorize('admin', 'engineer', 'resident'), async (req, res, next) => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const dto = req.body; if (!dto.fechaHora || !dto.fraccionamientoId || !dto.tipo || !dto.gravedad || !dto.descripcion) { res.status(400).json({ error: 'Bad Request', message: 'fechaHora, fraccionamientoId, tipo, gravedad and descripcion are required', }); return; } dto.fechaHora = new Date(dto.fechaHora); const incidente = await incidenteService.create(getContext(req), dto); res.status(201).json({ success: true, data: incidente }); } catch (error) { next(error); } }); /** * PATCH /incidentes/:id * Actualizar incidente */ router.patch('/:id', authMiddleware.authenticate, authMiddleware.authorize('admin', 'engineer', 'resident'), async (req, res, next) => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const dto = req.body; const incidente = await incidenteService.update(getContext(req), req.params.id, dto); if (!incidente) { res.status(404).json({ error: 'Not Found', message: 'Incident not found' }); return; } res.status(200).json({ success: true, data: incidente }); } catch (error) { if (error instanceof Error && error.message.includes('closed')) { res.status(400).json({ error: 'Bad Request', message: error.message }); return; } next(error); } }); /** * POST /incidentes/:id/investigate * Iniciar investigación del incidente */ router.post('/:id/investigate', authMiddleware.authenticate, authMiddleware.authorize('admin', 'engineer', 'director'), async (req, res, next) => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const incidente = await incidenteService.startInvestigation(getContext(req), req.params.id); if (!incidente) { res.status(404).json({ error: 'Not Found', message: 'Incident not found' }); return; } res.status(200).json({ success: true, data: incidente, message: 'Investigation started' }); } catch (error) { if (error instanceof Error && error.message.includes('only start')) { res.status(400).json({ error: 'Bad Request', message: error.message }); return; } next(error); } }); /** * POST /incidentes/:id/close * Cerrar incidente */ router.post('/:id/close', authMiddleware.authenticate, authMiddleware.authorize('admin', 'director'), async (req, res, next) => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const incidente = await incidenteService.closeIncident(getContext(req), req.params.id); if (!incidente) { res.status(404).json({ error: 'Not Found', message: 'Incident not found' }); return; } res.status(200).json({ success: true, data: incidente, message: 'Incident closed' }); } catch (error) { if (error instanceof Error && (error.message.includes('already closed') || error.message.includes('pending actions'))) { res.status(400).json({ error: 'Bad Request', message: error.message }); return; } next(error); } }); /** * POST /incidentes/:id/involucrados * Agregar involucrado al incidente */ router.post('/:id/involucrados', authMiddleware.authenticate, authMiddleware.authorize('admin', 'engineer', 'resident'), async (req, res, next) => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const dto = req.body; if (!dto.employeeId || !dto.rol) { res.status(400).json({ error: 'Bad Request', message: 'employeeId and rol are required' }); return; } const involucrado = await incidenteService.addInvolucrado(getContext(req), req.params.id, dto); res.status(201).json({ success: true, data: involucrado }); } catch (error) { if (error instanceof Error && error.message === 'Incidente not found') { res.status(404).json({ error: 'Not Found', message: error.message }); return; } next(error); } }); /** * DELETE /incidentes/:id/involucrados/:involucradoId * Remover involucrado del incidente */ router.delete('/:id/involucrados/:involucradoId', authMiddleware.authenticate, authMiddleware.authorize('admin', 'engineer'), async (req, res, next) => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const removed = await incidenteService.removeInvolucrado(getContext(req), req.params.id, req.params.involucradoId); if (!removed) { res.status(404).json({ error: 'Not Found', message: 'Involved person not found' }); return; } res.status(200).json({ success: true, message: 'Involved person removed' }); } catch (error) { next(error); } }); /** * POST /incidentes/:id/acciones * Agregar acción correctiva al incidente */ router.post('/:id/acciones', authMiddleware.authenticate, authMiddleware.authorize('admin', 'engineer', 'director'), async (req, res, next) => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const dto = req.body; if (!dto.descripcion || !dto.tipo || !dto.fechaCompromiso) { res.status(400).json({ error: 'Bad Request', message: 'descripcion, tipo and fechaCompromiso are required', }); return; } dto.fechaCompromiso = new Date(dto.fechaCompromiso); const accion = await incidenteService.addAccion(getContext(req), req.params.id, dto); res.status(201).json({ success: true, data: accion }); } catch (error) { if (error instanceof Error) { if (error.message === 'Incidente not found') { res.status(404).json({ error: 'Not Found', message: error.message }); return; } if (error.message.includes('closed')) { res.status(400).json({ error: 'Bad Request', message: error.message }); return; } } next(error); } }); /** * PATCH /incidentes/:id/acciones/:accionId * Actualizar acción correctiva */ router.patch('/:id/acciones/:accionId', authMiddleware.authenticate, authMiddleware.authorize('admin', 'engineer', 'director'), async (req, res, next) => { try { const tenantId = req.tenantId; if (!tenantId) { res.status(400).json({ error: 'Bad Request', message: 'Tenant ID required' }); return; } const dto = req.body; if (dto.fechaCompromiso) { dto.fechaCompromiso = new Date(dto.fechaCompromiso); } const accion = await incidenteService.updateAccion(getContext(req), req.params.id, req.params.accionId, dto); if (!accion) { res.status(404).json({ error: 'Not Found', message: 'Action not found' }); return; } res.status(200).json({ success: true, data: accion }); } catch (error) { next(error); } }); return router; } exports.default = createIncidenteController; //# sourceMappingURL=incidente.controller.js.map