Add Full Medication Information Call - Fix Vulns (#29)

* Add Full Medication Information Call - Fix Vulns * Update .gitignore * Delete api/package-lock.json * Delete web/package-lock.json * Push package-locks * Update * Update * Update api-deploy-nonprod.yml * Missed a ' * Update pipelines
2026-01-23 00:33:18 -05:00 · 2026-01-23 00:33:18 -05:00 · 2a87dd5954
commit 2a87dd5954
parent 4f66a0169b
15 changed files with 109 additions and 5228 deletions
--- a/.github/workflows/api-deploy-nonprod.yml
+++ b/.github/workflows/api-deploy-nonprod.yml
@ -90,5 +90,5 @@ jobs:
    steps:
      - name: Deploy to Coolify
        run: |
-          curl -X --request GET '${{ secrets.COOLIFY_WEBHOOK_API }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
+          curl '${{ secrets.COOLIFY_WEBHOOK_API }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
    
--- a/.github/workflows/api-deploy-prod.yml
+++ b/.github/workflows/api-deploy-prod.yml
@ -90,5 +90,5 @@ jobs:
    steps:
      - name: Deploy to Coolify
        run: |
-          curl --request GET '${{ secrets.COOLIFY_WEBHOOK_API }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
+          curl '${{ secrets.COOLIFY_WEBHOOK_API }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
    
--- a/.github/workflows/web-deploy-nonprod.yml
+++ b/.github/workflows/web-deploy-nonprod.yml
@ -90,5 +90,5 @@ jobs:
    steps:
      - name: Deploy to Coolify
        run: |
-          curl --request GET '${{ secrets.COOLIFY_WEBHOOK_WEB }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
+          curl '${{ secrets.COOLIFY_WEBHOOK_WEB }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
    
--- a/.github/workflows/web-deploy-prod.yml
+++ b/.github/workflows/web-deploy-prod.yml
@ -90,5 +90,5 @@ jobs:
    steps:
      - name: Deploy to Coolify
        run: |
-          curl --request GET '${{ secrets.COOLIFY_WEBHOOK_WEB }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
+          curl '${{ secrets.COOLIFY_WEBHOOK_WEB }}' --header 'Authorization: Bearer ${{ secrets.COOLIFY_TOKEN }}'
    
--- a/.gitignore
+++ b/.gitignore
@ -23,4 +23,7 @@ dist-ssr
 *.ntvs*
 *.njsproj
 *.sln
-*.sw?
+*.sw?
+
+api/package-lock.json
+web/package-lock.json
--- a/api/Dockerfile
+++ b/api/Dockerfile
@ -4,7 +4,7 @@ WORKDIR /app

 COPY ./package*.json ./

-RUN npm ci
+RUN npm cache clean --force && npm install --no-audit --no-fund

 COPY . ./

--- a/api/package-lock.json
+++ b/api/package-lock.json
--- a/api/package.json
+++ b/api/package.json
@ -12,7 +12,8 @@
    "cors": "^2.8.5",
    "dotenv": "^16.5.0",
    "express": "^5.2.0",
-    "pg": "^8.17.1"
+    "pg": "^8.17.1",
+    "yup": "^1.7.1"
  },
  "devDependencies": {
    "nodemon": "^3.1.10"
--- a/api/services/medications/index.js
+++ b/api/services/medications/index.js
@ -1,5 +1,6 @@
 import express from 'express';
 import { databaseServices } from '../index.js';
+import { fullMedicationInformationSchema } from '../validations/medications.js';

 export const medicationRouter = express.Router();

@ -27,4 +28,19 @@ medicationRouter.get('/base/', async (req, res) => {
  } finally {
    res.send(data);
  }
+});
+
+medicationRouter.post('/full/', async (req, res) => {
+  let data;
+  const body = req?.body;
+  try {
+    await fullMedicationInformationSchema.validate(body);
+    data = await databaseServices.getFullMedicationInformation(body?.drugId);
+    res.status(200);
+  } catch (err) {
+    data = { Error: err?.message };
+    res.status(500);
+  } finally {
+    res.send(data);
+  }
 });
--- a/api/services/operations/helpers/medications.js
+++ b/api/services/operations/helpers/medications.js
@ -64,5 +64,66 @@ export const medicationHelpers = {
        const fullMedList = Object.values(medMap);
        
        return fullMedList;
+    },
+    getFullMedicationInformation: async (drugId) => {
+        const [medInformation, medRoutes] = await Promise.all([
+            paramyxRunQuery(
+                `select
+                    m.id,
+                    m.generic,
+                    m.trade,
+                    m.system,
+                    mi.class,
+                    mi.indications,
+                    mi.contraindications,
+                    mi.precautions,
+                    mi.adverse,
+                    mi.onset,
+                    mi.duration,
+                    mi.tip,
+                    mi.action
+                from medications m inner join medication_information mi on m.id = mi.id where m.id = $1;`,
+                [drugId]
+            ),
+            paramyxRunQuery(`select * from medication_routes mr where medication_id = $1;`, [drugId])
+        ]);
+
+        const fullMedicationInformation = {
+            ...medInformation
+        };
+
+        medRoutes?.forEach((row) => {
+            if (row?.is_adult) {
+                fullMedicationInformation.adult = {
+                    totalMax: row.total_max,
+                    iv: row.intravenous,
+                    io: row.intraosseous,
+                    im: row.intramuscular,
+                    in: row.intranasal,
+                    po: row.oral,
+                    sl: row.sublingual,
+                    pr: row.rectal,
+                    neb: row.nebulizer,
+                    et: row.endotracheal,
+                    sga: row.supraglottic
+                }
+            } else {
+                fullMedicationInformation.pediatric = {
+                    totalMax: row.total_max,
+                    iv: row.intravenous,
+                    io: row.intraosseous,
+                    im: row.intramuscular,
+                    in: row.intranasal,
+                    po: row.oral,
+                    sl: row.sublingual,
+                    pr: row.rectal,
+                    neb: row.nebulizer,
+                    et: row.endotracheal,
+                    sga: row.supraglottic
+                }
+            }
+        });
+
+        return fullMedicationInformation;
    }
 };
--- a/api/services/operations/medications.js
+++ b/api/services/operations/medications.js
@ -21,7 +21,18 @@ const getBaseMedications = async () => {
  }
 }

+const getFullMedicationInformation = async (drugId) => {
+  try {
+    const dataResp = medicationHelpers.getFullMedicationInformation(drugId);
+    return dataResp;
+  } catch (err) {
+    console.log('GET FULL MEDICATION INFORMATION ERROR: ', err);
+    throw err;
+  }
+}
+
 export const medicationOperations = {
  getMedications,
-  getBaseMedications
+  getBaseMedications,
+  getFullMedicationInformation
 }
--- a/api/services/validations/medications.js
+++ b/api/services/validations/medications.js
@ -0,0 +1,5 @@
+import * as Yup from 'yup';
+
+export const fullMedicationInformationSchema = Yup.object().shape({
+   drugId: Yup.string().required("drugId is required"),
+});
--- a/package-lock.json
+++ b/package-lock.json
@ -809,9 +809,9 @@
      "license": "MIT"
    },
    "node_modules/lodash": {
-      "version": "4.17.21",
-      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.21.tgz",
-      "integrity": "sha512-v2kDEe57lecTulaDIuNTPy3Ry4gLGJ6Z1O3vE1krgXZNrsQ+LFTGHVxVjcXPs17LhbZVGedAJv8XZ1tvj5FvSg==",
+      "version": "4.17.23",
+      "resolved": "https://registry.npmjs.org/lodash/-/lodash-4.17.23.tgz",
+      "integrity": "sha512-LgVTMpQtIopCi79SJeDiP0TfWi5CNEc/L/aRdTh3yIvmZXTnheWpKjSZhnvMl8iXbC1tFg9gdHHDMLoV7CnG+w==",
      "dev": true,
      "license": "MIT"
    },
--- a/web/Dockerfile
+++ b/web/Dockerfile
@ -4,7 +4,7 @@ WORKDIR /app

 COPY ./package*.json ./

-RUN npm ci
+RUN npm cache clean --force && npm install --no-audit --no-fund

 COPY . ./

--- a/web/package-lock.json
+++ b/web/package-lock.json