Update endpoints.py

endpoints.py

@@ -13,6 +13,7 @@ import io
 from datetime import datetime
 from bson import ObjectId
 import asyncio
+from bson.errors import InvalidId
 
 def create_router(agent, logger, patients_collection, analysis_collection, users_collection):
     router = APIRouter()
@@ -34,10 +35,6 @@ def create_router(agent, logger, patients_collection, analysis_collection, users
     ):
         logger.info(f"Fetching analysis results by {current_user['email']}")
         try:
-            # Get all existing user emails to filter out analyses for deleted users
-            existing_users = await users_collection.find({}, {"email": 1}).to_list(length=None)
-            existing_user_emails = {user["email"] for user in existing_users}
-
             query = {}
             if name:
                 name_regex = re.compile(name, re.IGNORECASE)
@@ -53,12 +50,6 @@ def create_router(agent, logger, patients_collection, analysis_collection, users
                 patient = await patients_collection.find_one({"fhir_id": analysis.get("patient_id")})
                 if not patient:
                     continue  # Skip if patient no longer exists
-
-                # Check if the patient is associated with an existing user
-                patient_owner = await users_collection.find_one({"email": patient.get("created_by")})
-                if not patient_owner or patient_owner["email"] not in existing_user_emails:
-                    continue  # Skip if the patient's owner (user) no longer exists
-
                 analysis["full_name"] = patient.get("full_name", "Unknown")
                 analysis["_id"] = str(analysis["_id"])
                 enriched_results.append(analysis)
@@ -255,45 +246,36 @@ def create_router(agent, logger, patients_collection, analysis_collection, users
                 detail=f"Failed to analyze report: {str(e)}"
             )
 
-    @router.delete("/users/{user_email}")
-    async def delete_user(
-        user_email: str,
+    @router.delete("/patients/{patient_id}")
+    async def delete_patient(
+        patient_id: str,
         current_user: dict = Depends(get_current_user)
     ):
-        logger.info(f"User deletion initiated by {current_user['email']} for user {user_email}")
+        logger.info(f"Patient deletion initiated by {current_user['email']} for patient {patient_id}")
         try:
-            # Check if the current user has permission to delete (e.g., admin or self)
-            if current_user["email"] != user_email and not current_user.get("is_admin", False):
-                raise HTTPException(status_code=403, detail="Not authorized to delete this user")
-
-            # Find the user to delete
-            user_to_delete = await users_collection.find_one({"email": user_email})
-            if not user_to_delete:
-                raise HTTPException(status_code=404, detail="User not found")
-
-            # Find all patients created by this user
-            user_patients = await patients_collection.find({"created_by": user_email}).to_list(length=None)
-            patient_ids = [patient["fhir_id"] for patient in user_patients if "fhir_id" in patient]
+            # Check if the patient exists
+            patient = await patients_collection.find_one({"fhir_id": patient_id})
+            if not patient:
+                raise HTTPException(status_code=404, detail="Patient not found")
 
-            # Delete all analyses associated with these patients
-            if patient_ids:
-                await analysis_collection.delete_many({"patient_id": {"$in": patient_ids}})
-                logger.info(f"Deleted analyses for {len(patient_ids)} patients associated with user {user_email}")
+            # Check if the current user is authorized (e.g., created_by matches or is admin)
+            if patient.get("created_by") != current_user["email"] and not current_user.get("is_admin", False):
+                raise HTTPException(status_code=403, detail="Not authorized to delete this patient")
 
-            # Delete the patients
-            await patients_collection.delete_many({"created_by": user_email})
-            logger.info(f"Deleted {len(patient_ids)} patients associated with user {user_email}")
+            # Delete all analyses associated with this patient
+            await analysis_collection.delete_many({"patient_id": patient_id})
+            logger.info(f"Deleted analyses for patient {patient_id}")
 
-            # Delete the user
-            await users_collection.delete_one({"email": user_email})
-            logger.info(f"User {user_email} deleted successfully")
+            # Delete the patient
+            await patients_collection.delete_one({"fhir_id": patient_id})
+            logger.info(f"Patient {patient_id} deleted successfully")
 
-            return {"status": "success", "message": f"User {user_email} and associated data deleted"}
+            return {"status": "success", "message": f"Patient {patient_id} and associated analyses deleted"}
 
         except HTTPException:
             raise
         except Exception as e:
-            logger.error(f"Error deleting user {user_email}: {str(e)}")
-            raise HTTPException(status_code=500, detail=f"Failed to delete user: {str(e)}")
+            logger.error(f"Error deleting patient {patient_id}: {str(e)}")
+            raise HTTPException(status_code=500, detail=f"Failed to delete patient: {str(e)}")
 
     return router