ack role, ws syntax

2025-08-04 09:30:40 +05:30 · 2025-08-04 09:30:40 +05:30 · e000aac57b
commit e000aac57b
parent b9e4e84968
1 changed files with 45 additions and 0 deletions
--- a/src/services/secondaryWebsocket.js
+++ b/src/services/secondaryWebsocket.js
@ -418,6 +418,51 @@ wss.on("connection", (ws) => {
        }


+        if (data.event === "get-signup-notifications") {
+    if (!data.token) {
+        emitEvent("get-signup-notifications", { error: "Token missing" }, ws.userId);
+        return;
+    }
+
+    try {
+        const decoded = jwt.verify(data.token, process.env.JWT_ACCESS_TOKEN_SECRET);
+        const allowedRoles = ['Admin', 'Superadmin', 8, 7];
+
+        // Role-based access check
+        if (!allowedRoles.includes(decoded.role)) {
+            emitEvent("get-signup-notifications", { error: "You are not authorized!" }, decoded.id);
+            return;
+        }
+
+        // Fetch hospital_code from hospitals table
+        const result = await db.query(
+            "SELECT hospital_code FROM hospitals WHERE id = ?",
+            [decoded.id]
+        );
+
+        if (!result || result.length === 0 || !result[0].hospital_code) {
+            emitEvent("get-signup-notifications", { error: "Hospital code not found" }, decoded.id);
+            return;
+        }
+
+        const hospital_code = result[0].hospital_code;
+
+        // Fetch notifications of new signups
+        const notifications = await db.query(
+            "SELECT * FROM hospitals WHERE hospital_code = ? AND checked = 0",
+            [hospital_code]
+        );
+
+        emitEvent("get-signup-notifications", {
+            message: "Notifications fetched successfully.",
+            notifications
+        }, decoded.id);
+
+    } catch (error) {
+        emitEvent("get-signup-notifications", { error: error.message }, ws.userId);
+    }
+}
+