documents and views

src/controllers/documentsController.js

@@ -447,3 +447,54 @@ exports.deleteDocument = async (req, res) => {
         res.status(500).json({ error: 'Internal server error' });
     }
 };
+
+// Update document views
+exports.updateDocumentViews = async (req, res) => {
+    try {
+        const { id } = req.params;
+        const { views } = req.body;
+
+        if (!id) {
+            return res.status(400).json({ error: 'Document ID is required' });
+        }
+
+        // Fetch the document to validate ownership
+        const documentQuery = 'SELECT * FROM documents WHERE id = ?';
+        const documentResult = await db.query(documentQuery, [id]);
+
+        if (documentResult.length === 0) {
+            return res.status(404).json({ error: 'Document not found' });
+        }
+
+        const document = documentResult[0];
+
+        // Authorization check (reuse delete logic)
+        if (!['Admin', 'Superadmin', 8, 7].includes(req.user.role)) {
+            return res.status(403).json({ error: 'You are not authorized to update document views' });
+        }
+
+        if (req.user.hospital_id !== document.hospital_id) {
+            return res.status(403).json({ error: 'You are not authorized to update documents for this hospital' });
+        }
+
+        // Update views (set to provided value or increment by 1 if not provided)
+        let updateQuery, updateParams;
+        if (typeof views === 'number') {
+            updateQuery = 'UPDATE documents SET views = ? WHERE id = ?';
+            updateParams = [views, id];
+        } else {
+            updateQuery = 'UPDATE documents SET views = views + 1 WHERE id = ?';
+            updateParams = [id];
+        }
+        const result = await db.query(updateQuery, updateParams);
+
+        if (result.affectedRows === 0) {
+            return res.status(404).json({ message: 'Document not found or no changes made' });
+        }
+
+        res.status(200).json({ message: 'Document views updated successfully!' });
+    } catch (error) {
+        console.error('Error updating document views:', error.message);
+        res.status(500).json({ error: 'Internal server error' });
+    }
+};

src/migrations/migrations/20240610120000_add_views_to_documents.js

@@ -0,0 +1,19 @@
+const db = require('../../config/database');
+
+module.exports = {
+  async up() {
+    // Add 'views' column as BIGINT, default 0
+    await db.query(`
+      ALTER TABLE documents
+      ADD COLUMN views BIGINT DEFAULT 0
+    `);
+  },
+
+  async down() {
+    // Remove 'views' column
+    await db.query(`
+      ALTER TABLE documents
+      DROP COLUMN views
+    `);
+  }
+}; 

src/routes/documents.js

@@ -58,6 +58,13 @@ router.put(
     documentController.updateDocumentStatus
 );
 
+router.put(
+    '/update-views/:id',
+    authMiddleware.authenticateToken,
+    roleMiddleware.authorizeRoles(['Superadmin', 'Admin',8,7]),
+    documentController.updateDocumentViews
+);
+
 router.delete(
     '/delete/:id',
     authMiddleware.authenticateToken,