Feat/doctor patient permissions (#53)

* Viewable Patients view

* Simple table added for index view

* Controller for viewable patients CRD methods

* Patients admin permissions can be admin from views

app/controllers/viewable_patients_controller.rb

@@ -0,0 +1,52 @@
+# Patient Viewable Patients Controller controlls or actions regarding Patient Medical records
+
+class ViewablePatientsController < ApplicationController
+  before_action :check_patient
+
+  def index
+    @viewable_patients = current_doctor.shared_patients
+  end
+
+  def new
+    @viewable_patient = ViewablePatient.new
+    @patients = patients
+    @doctors = doctors
+  end
+
+  def create
+    @viewable_patient = ViewablePatient.new(viewable_patient_params)
+    if @viewable_patient.save
+      flash[:success] = 'Permiso registrado exitosamente'
+      redirect_to viewable_patients_path
+    else
+      flash.now[:error] = 'Hubo un error con el registro,
+                           verifica los campos del formulario'
+      render :new
+    end
+  end
+
+  def destroy
+    @viewable_patient = ViewablePatient.find(params[:id])
+    @viewable_patient.destroy
+    flash[:destroy] = 'Permiso eliminado exitosamente'
+    redirect_to viewable_patients_path
+  end
+
+  private
+
+  def viewable_patient_params
+    params.require(:viewable_patient).permit(:doctor_id, :patient_id)
+  end
+
+  def check_patient
+    redirect_to root_path unless current_patient.nil?
+  end
+
+  def patients
+    current_doctor.patients.map { |p| ["#{p.first_name.titleize} #{p.last_name.titleize}", p.id] }
+  end
+
+  def doctors
+    Doctor.where.not(id: current_doctor.id).map { |d| ["#{d.first_name.titleize} #{d.last_name.titleize}", d.id] }
+  end
+end

app/models/doctor.rb

@@ -19,4 +19,8 @@ def viewable_patients
   def has_patient patient
     return viewable_patients.include?patient
   end
+
+  def shared_patients
+    ViewablePatient.all.map { |permit| permit if permit.patient.doctor == self }.compact
+  end
 end

app/views/shared/_doctors_menu.html.erb

@@ -10,6 +10,9 @@
       <li class="nav-item">
         <%= link_to "Pacientes", doctors_path, :class => 'nav-link'  %>
       </li>
+      <li class="nav-item">
+        <%= link_to "Permisos", viewable_patients_path, :class => 'nav-link'  %>
+      </li>
     </ul>
   </div>
   <div class="navbar-collapse collapse w-100 order-3 dual-collapse2">

app/views/viewable_patients/_form.html.erb

@@ -0,0 +1,31 @@
+<% if viewable_patient.persisted? %>
+  <h2>Editar información</h2>
+<% else %>
+  <h2>Añadir un permiso</h2>
+<% end %>
+
+<div class="d-flex w-100 h-100 justify-content-center">
+  <div class="w-50 h-50">
+    <%= form_for(viewable_patient) do |f| %>
+      <div class="form-row mb-4">
+        <div class="form-group col-md-6">
+          <h4>Paciente</h4>
+          <%= f.select :patient_id, @patients, {}, {class: "form-control"} %>
+        </div>
+        <div class="form-group col-md-6">
+          <h4>Doctor</h4>
+          <%= f.select :doctor_id, @doctors, {}, {class: "form-control"} %>
+        </div>
+      </div>
+
+      <div class="form-row">
+        <div class="form-group col-md-6">
+            <p class="text-muted text-justify">Al crear el permiso, el doctor podrá administrar toda la información del paciente seleccionado.</p>
+          </div>
+        <div class="form-group col-md-6">
+          <%= f.submit "Registrar", class: 'btn btn-primary' %>
+        </div>
+      </div>
+    <% end %>
+  </div>
+</div>

app/views/viewable_patients/index.html.erb

@@ -0,0 +1,35 @@
+<h2>Pacientes que actualmente comparte con otros médicos</h2>
+
+<div class="w-100">
+  <div class="d-flex w-100 justify-content-center">
+    <div class="d-flex flex-row-reverse mb-2 w-75">
+      <%= link_to "Añadir Permiso", new_viewable_patient_path, class: 'btn badge-pill btn-outline-primary mr-4' %>
+    </div>
+  </div>
+  <% if @viewable_patients.empty? %>
+    <h3 class="d-flex w-100 justify-content-center text-muted">No tienes pacientes compartidos con otros médicos</h3>
+  <% else %>
+  <div class="d-flex w-100 justify-content-center">
+    <table class="table table-striped w-75">
+      <thead>
+        <tr>
+          <th scope="col">Nombre</th>
+          <th scope="col">Apellido</th>
+          <th scope="col">Doctor Autorizado</th>
+          <th scope="col">Acciones</th>
+        </tr>
+      </thead>
+      <tbody>
+          <% @viewable_patients.each do |vp| %>
+          <tr>
+            <td><%= vp.patient.first_name.titleize %></td>
+            <td><%= vp.patient.last_name.titleize %></td>
+            <td><%= "Dr. #{vp.doctor.first_name.titleize} #{vp.doctor.last_name.titleize}" %></td>
+            <td><%= button_to "Eliminar", vp, method: :delete, data: { confirm: '¿Estás seguro que quieres eliminar el permiso? El doctor autorizado ya no podrá acceder a la información de este paciente' }, class: 'btn btn-danger' %></td>
+          </tr>
+          <% end %>
+      </tbody>
+    </table>
+  </div>
+  <% end %>
+</div>

app/views/viewable_patients/new.html.erb

@@ -0,0 +1 @@
+<%= render "form", viewable_patient: @viewable_patient %>

config/routes.rb

@@ -1,11 +1,12 @@
 Rails.application.routes.draw do
-   get '/medical', to: 'medical#index'
-   patch '/medical', to: 'medical#update'
+  get '/medical', to: 'medical#index'
+  patch '/medical', to: 'medical#update'
   devise_for :doctors, path: 'doctors', controllers: { sessions: "doctors/sessions" }
   devise_for :patients, path: 'patients', controllers: { sessions: "patients/sessions" }, skip: [:registrations]
 
   resources :doctors
   resources :patients
   resources :patient_medicals
+  resources :viewable_patients
   root to: "home#index"
 end