ealmeida/care-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: add spec-kit and standardize signatures

Browse Source 
- Added GitHub spec-kit for development workflow
- Standardized file signatures to Descomplicar® format
- Updated development configuration

🤖 Generated with [Claude Code](https://claude.ai/code)

Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
Emanuel Almeida
2025-09-12 01:27:29 +01:00
parent 30ad448ed3
commit 4a7b232f68
50 changed files with 513565 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

246
tests/bootstrap.php Normal file
View File

@@ -0,0 +1,246 @@
/**
* Descomplicar® Crescimento Digital
* https://descomplicar.pt
*/
<?php
/**
* PHPUnit bootstrap file for KiviCare API tests.
*
* @package KiviCare_API\Tests
*/
// Define testing environment constants
define( 'KIVICARE_API_TESTS', true );
define( 'WP_USE_THEMES', false );
// Set the timezone to avoid warnings
if ( ! ini_get( 'date.timezone' ) ) {
date_default_timezone_set( 'UTC' );
}
// Determine WordPress test directory
$_tests_dir = getenv( 'WP_TESTS_DIR' );
if ( ! $_tests_dir ) {
$_tests_dir = rtrim( sys_get_temp_dir(), '/\\' ) . '/wordpress-tests-lib';
}
// Check if WordPress test suite exists
if ( ! file_exists( $_tests_dir . '/includes/functions.php' ) ) {
echo "Could not find WordPress test suite at: $_tests_dir\n";
echo "Please install WordPress test suite first:\n";
echo "bash bin/install-wp-tests.sh wordpress_test root '' localhost latest\n";
exit( 1 );
}
// Give access to tests_add_filter() function
require_once $_tests_dir . '/includes/functions.php';
/**
* Manually load the plugin being tested.
*/
function _manually_load_plugin() {
// Load KiviCare plugin if available (mock if not)
$kivicare_plugin_file = WP_PLUGIN_DIR . '/kivicare-clinic-&-patient-management-system/kivicare-clinic-&-patient-management-system.php';
if ( file_exists( $kivicare_plugin_file ) ) {
require $kivicare_plugin_file;
} else {
// Mock KiviCare plugin functionality for testing
require dirname( __FILE__ ) . '/mocks/mock-kivicare.php';
}
// Load our plugin
require dirname( dirname( __FILE__ ) ) . '/src/kivicare-api.php';
// Activate our plugin
activate_plugin( 'kivicare-api/kivicare-api.php' );
}
tests_add_filter( 'muplugins_loaded', '_manually_load_plugin' );
/**
* Setup test database tables.
*/
function _setup_test_tables() {
global $wpdb;
// Create KiviCare test tables
require dirname( __FILE__ ) . '/setup/test-database.php';
KiviCare_API_Test_Database::create_tables();
KiviCare_API_Test_Database::insert_sample_data();
}
tests_add_filter( 'wp_install', '_setup_test_tables' );
// Start up the WP testing environment
require $_tests_dir . '/includes/bootstrap.php';
// Include Yoast PHPUnit Polyfills for compatibility
if ( class_exists( 'Yoast\PHPUnitPolyfills\Autoload' ) ) {
require_once dirname( dirname( __FILE__ ) ) . '/vendor/yoast/phpunit-polyfills/phpunitpolyfills-autoload.php';
}
/**
* Base test case class for KiviCare API tests.
*/
class KiviCare_API_Test_Case extends WP_UnitTestCase {
/**
* Setup before each test.
*/
public function setUp(): void {
parent::setUp();
// Clear any cached data
wp_cache_flush();
// Set up REST server
global $wp_rest_server;
$this->server = $wp_rest_server = new WP_REST_Server;
do_action( 'rest_api_init' );
// Create test user with proper roles
$this->create_test_users();
}
/**
* Teardown after each test.
*/
public function tearDown(): void {
// Clear any cached data
wp_cache_flush();
// Reset REST server
global $wp_rest_server;
$wp_rest_server = null;
parent::tearDown();
}
/**
* Create test users for different roles.
*/
protected function create_test_users() {
// Administrator
$this->admin_user = $this->factory->user->create( array(
'user_login' => 'test_admin',
'user_email' => 'admin@example.com',
'role' => 'administrator',
) );
// Doctor
$this->doctor_user = $this->factory->user->create( array(
'user_login' => 'test_doctor',
'user_email' => 'doctor@example.com',
'role' => 'doctor',
) );
// Patient
$this->patient_user = $this->factory->user->create( array(
'user_login' => 'test_patient',
'user_email' => 'patient@example.com',
'role' => 'patient',
) );
// Receptionist
$this->receptionist_user = $this->factory->user->create( array(
'user_login' => 'test_receptionist',
'user_email' => 'receptionist@example.com',
'role' => 'kivicare_receptionist',
) );
}
/**
* Helper method to make REST API requests.
*
* @param string $endpoint The API endpoint.
* @param string $method HTTP method.
* @param array $data Request data.
* @param int $user_id User ID for authentication.
* @return WP_REST_Response
*/
protected function make_request( $endpoint, $method = 'GET', $data = array(), $user_id = null ) {
$request = new WP_REST_Request( $method, $endpoint );
if ( ! empty( $data ) ) {
$request->set_body_params( $data );
}
if ( $user_id ) {
wp_set_current_user( $user_id );
}
return $this->server->dispatch( $request );
}
/**
* Helper method to create test clinic data.
*
* @return int Clinic ID.
*/
protected function create_test_clinic() {
global $wpdb;
$clinic_data = array(
'name' => 'Test Clinic',
'email' => 'test@clinic.com',
'telephone_no' => '+351912345678',
'address' => 'Test Address',
'city' => 'Lisboa',
'state' => 'Lisboa',
'country' => 'Portugal',
'postal_code' => '1000-001',
'status' => 1,
'clinic_admin_id' => $this->admin_user,
'created_at' => current_time( 'mysql' ),
);
$wpdb->insert( $wpdb->prefix . 'kc_clinics', $clinic_data );
return $wpdb->insert_id;
}
/**
* Helper method to create test appointment.
*
* @param int $clinic_id Clinic ID.
* @param int $doctor_id Doctor user ID.
* @param int $patient_id Patient user ID.
* @return int Appointment ID.
*/
protected function create_test_appointment( $clinic_id, $doctor_id, $patient_id ) {
global $wpdb;
$appointment_data = array(
'appointment_start_date' => gmdate( 'Y-m-d', strtotime( '+1 day' ) ),
'appointment_start_time' => '14:30:00',
'appointment_end_date' => gmdate( 'Y-m-d', strtotime( '+1 day' ) ),
'appointment_end_time' => '15:00:00',
'clinic_id' => $clinic_id,
'doctor_id' => $doctor_id,
'patient_id' => $patient_id,
'status' => 1,
'visit_type' => 'consultation',
'description' => 'Test appointment',
'created_at' => current_time( 'mysql' ),
);
$wpdb->insert( $wpdb->prefix . 'kc_appointments', $appointment_data );
return $wpdb->insert_id;
}
/**
* Assert that response has correct REST API format.
*
* @param WP_REST_Response $response The response object.
* @param int $status Expected status code.
*/
protected function assertRestResponse( $response, $status = 200 ) {
$this->assertInstanceOf( 'WP_REST_Response', $response );
$this->assertEquals( $status, $response->get_status() );
if ( $status >= 400 ) {
$data = $response->get_data();
$this->assertArrayHasKey( 'code', $data );
$this->assertArrayHasKey( 'message', $data );
}
}
}

316
tests/contract/test-appointment-endpoints.php Normal file
View File

@@ -0,0 +1,316 @@
/**
* Descomplicar® Crescimento Digital
* https://descomplicar.pt
*/
<?php
/**
* Contract tests for Appointment endpoints.
*
* These tests define the API contract and MUST FAIL initially (TDD RED phase).
*
* @package KiviCare_API\Tests\Contract
*/
/**
* Appointment endpoints contract tests.
*/
class Test_Appointment_Endpoints_Contract extends KiviCare_API_Test_Case {
/**
* Test GET /wp-json/kivicare/v1/appointments endpoint contract.
*
* @test
*/
public function test_get_appointments_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Appointments GET endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Authenticated doctor
wp_set_current_user( $this->doctor_user );
// ACT: Make GET request to appointments endpoint
$response = $this->make_request( '/wp-json/kivicare/v1/appointments' );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertIsArray( $data );
// Validate pagination structure
if ( ! empty( $data ) ) {
$this->assertArrayHasKey( 'data', $data );
$this->assertArrayHasKey( 'total', $data );
$this->assertArrayHasKey( 'page', $data );
$this->assertArrayHasKey( 'per_page', $data );
// Validate appointment data structure
$appointment = $data['data'][0];
$this->assertAppointmentStructure( $appointment );
}
}
/**
* Test POST /wp-json/kivicare/v1/appointments endpoint contract.
*
* @test
*/
public function test_create_appointment_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Appointments POST endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Valid appointment data
$clinic_id = $this->create_test_clinic();
$appointment_data = array(
'appointment_start_date' => gmdate( 'Y-m-d', strtotime( '+1 day' ) ),
'appointment_start_time' => '14:30:00',
'appointment_end_date' => gmdate( 'Y-m-d', strtotime( '+1 day' ) ),
'appointment_end_time' => '15:00:00',
'doctor_id' => $this->doctor_user,
'patient_id' => $this->patient_user,
'clinic_id' => $clinic_id,
'visit_type' => 'consultation',
'description' => 'Consulta de rotina',
);
// ACT: Make POST request as receptionist
$response = $this->make_request( '/wp-json/kivicare/v1/appointments', 'POST', $appointment_data, $this->receptionist_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 201 );
$data = $response->get_data();
$this->assertAppointmentStructure( $data );
$this->assertEquals( $appointment_data['doctor_id'], $data['doctor_id'] );
$this->assertEquals( $appointment_data['patient_id'], $data['patient_id'] );
$this->assertIsInt( $data['id'] );
$this->assertGreaterThan( 0, $data['id'] );
}
/**
* Test POST /wp-json/kivicare/v1/appointments with scheduling conflict.
*
* @test
*/
public function test_create_appointment_time_conflict() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Appointment time conflict validation not implemented yet - TDD RED phase' );
// ARRANGE: Existing appointment and conflicting data
$clinic_id = $this->create_test_clinic();
$existing_appointment = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$conflicting_data = array(
'appointment_start_date' => gmdate( 'Y-m-d', strtotime( '+1 day' ) ),
'appointment_start_time' => '14:45:00', // Conflicts with existing 14:30-15:00
'appointment_end_date' => gmdate( 'Y-m-d', strtotime( '+1 day' ) ),
'appointment_end_time' => '15:15:00',
'doctor_id' => $this->doctor_user,
'patient_id' => $this->factory->user->create( array( 'role' => 'patient' ) ),
'clinic_id' => $clinic_id,
'visit_type' => 'consultation',
);
// ACT: Make POST request with conflicting time
$response = $this->make_request( '/wp-json/kivicare/v1/appointments', 'POST', $conflicting_data, $this->receptionist_user );
// ASSERT: Time conflict error contract
$this->assertRestResponse( $response, 409 );
$data = $response->get_data();
$this->assertArrayHasKey( 'code', $data );
$this->assertEquals( 'appointment_time_conflict', $data['code'] );
}
/**
* Test GET /wp-json/kivicare/v1/appointments/{id} endpoint contract.
*
* @test
*/
public function test_get_appointment_by_id_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Appointment by ID endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Existing appointment
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
// ACT: Make GET request for specific appointment
$response = $this->make_request( "/wp-json/kivicare/v1/appointments/{$appointment_id}", 'GET', array(), $this->doctor_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertAppointmentStructure( $data );
$this->assertEquals( $appointment_id, $data['id'] );
}
/**
* Test PUT /wp-json/kivicare/v1/appointments/{id} endpoint contract.
*
* @test
*/
public function test_update_appointment_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Appointment PUT endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Existing appointment and update data
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$update_data = array(
'appointment_start_time' => '15:30:00',
'appointment_end_time' => '16:00:00',
'description' => 'Updated appointment description',
);
// ACT: Make PUT request to update appointment
$response = $this->make_request( "/wp-json/kivicare/v1/appointments/{$appointment_id}", 'PUT', $update_data, $this->receptionist_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertAppointmentStructure( $data );
$this->assertEquals( $update_data['appointment_start_time'], $data['appointment_start_time'] );
$this->assertEquals( $update_data['description'], $data['description'] );
}
/**
* Test DELETE /wp-json/kivicare/v1/appointments/{id} endpoint contract.
*
* @test
*/
public function test_delete_appointment_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Appointment DELETE endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Existing appointment
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
// ACT: Make DELETE request
$response = $this->make_request( "/wp-json/kivicare/v1/appointments/{$appointment_id}", 'DELETE', array(), $this->receptionist_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertArrayHasKey( 'deleted', $data );
$this->assertTrue( $data['deleted'] );
$this->assertEquals( $appointment_id, $data['id'] );
}
/**
* Test GET /wp-json/kivicare/v1/appointments/available-slots endpoint contract.
*
* @test
*/
public function test_get_available_slots_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Available slots endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Query parameters for slot availability
$query_params = array(
'doctor_id' => $this->doctor_user,
'date' => gmdate( 'Y-m-d', strtotime( '+1 day' ) ),
'clinic_id' => $this->create_test_clinic(),
);
// ACT: Make GET request for available slots
$response = $this->make_request( '/wp-json/kivicare/v1/appointments/available-slots', 'GET', $query_params );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertIsArray( $data );
$this->assertArrayHasKey( 'date', $data );
$this->assertArrayHasKey( 'doctor_id', $data );
$this->assertArrayHasKey( 'available_slots', $data );
// Validate slot structure
if ( ! empty( $data['available_slots'] ) ) {
$slot = $data['available_slots'][0];
$this->assertArrayHasKey( 'start_time', $slot );
$this->assertArrayHasKey( 'end_time', $slot );
$this->assertArrayHasKey( 'available', $slot );
}
}
/**
* Test appointment filtering and search capabilities.
*
* @test
*/
public function test_appointment_filtering_contract() {
// This test will fail initially as filtering isn't implemented
$this->markTestIncomplete( 'Appointment filtering not implemented yet - TDD RED phase' );
// ARRANGE: Multiple appointments with different attributes
$clinic_id = $this->create_test_clinic();
// ACT: Test date filtering
$filter_params = array(
'start_date' => gmdate( 'Y-m-d' ),
'end_date' => gmdate( 'Y-m-d', strtotime( '+7 days' ) ),
);
$response = $this->make_request( '/wp-json/kivicare/v1/appointments', 'GET', $filter_params, $this->doctor_user );
// ASSERT: Filtered response contract
$this->assertRestResponse( $response, 200 );
// ACT: Test doctor filtering
$filter_params = array( 'doctor_id' => $this->doctor_user );
$response = $this->make_request( '/wp-json/kivicare/v1/appointments', 'GET', $filter_params, $this->admin_user );
// ASSERT: Doctor-filtered response contract
$this->assertRestResponse( $response, 200 );
}
/**
* Helper method to assert appointment data structure.
*
* @param array $appointment Appointment data to validate.
*/
private function assertAppointmentStructure( $appointment ) {
$this->assertIsArray( $appointment );
// Required fields
$expected_fields = array(
'id', 'appointment_start_date', 'appointment_start_time',
'appointment_end_date', 'appointment_end_time', 'doctor_id',
'patient_id', 'clinic_id', 'status', 'visit_type', 'created_at'
);
foreach ( $expected_fields as $field ) {
$this->assertArrayHasKey( $field, $appointment );
}
// Data type validations
$this->assertIsInt( $appointment['id'] );
$this->assertIsInt( $appointment['doctor_id'] );
$this->assertIsInt( $appointment['patient_id'] );
$this->assertIsInt( $appointment['clinic_id'] );
$this->assertIsInt( $appointment['status'] );
// Date/time format validations
$this->assertMatchesRegularExpression( '/^\d{4}-\d{2}-\d{2}$/', $appointment['appointment_start_date'] );
$this->assertMatchesRegularExpression( '/^\d{2}:\d{2}:\d{2}$/', $appointment['appointment_start_time'] );
// Optional fields that might be present
$optional_fields = array( 'description', 'patient', 'doctor', 'clinic' );
// If expanded data is included, validate structure
if ( isset( $appointment['patient'] ) ) {
$this->assertIsArray( $appointment['patient'] );
$this->assertArrayHasKey( 'display_name', $appointment['patient'] );
}
if ( isset( $appointment['doctor'] ) ) {
$this->assertIsArray( $appointment['doctor'] );
$this->assertArrayHasKey( 'display_name', $appointment['doctor'] );
}
}
}

194
tests/contract/test-auth-endpoints.php Normal file
View File

@@ -0,0 +1,194 @@
/**
* Descomplicar® Crescimento Digital
* https://descomplicar.pt
*/
<?php
/**
* Contract tests for Authentication endpoints.
*
* These tests define the API contract and MUST FAIL initially (TDD RED phase).
*
* @package KiviCare_API\Tests\Contract
*/
/**
* Authentication endpoints contract tests.
*/
class Test_Auth_Endpoints_Contract extends KiviCare_API_Test_Case {
/**
* Test POST /wp-json/kivicare/v1/auth/login endpoint contract.
*
* @test
*/
public function test_auth_login_endpoint_contract() {
// ARRANGE: Valid login credentials
$login_data = array(
'username' => 'test_doctor',
'password' => 'password123',
);
// ACT: Make POST request to login endpoint
$response = $this->make_request( '/wp-json/kivicare/v1/auth/login', 'POST', $login_data );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertArrayHasKey( 'token', $data );
$this->assertArrayHasKey( 'user_id', $data );
$this->assertArrayHasKey( 'role', $data );
$this->assertArrayHasKey( 'expires_in', $data );
// Validate token format (JWT)
$this->assertIsString( $data['token'] );
$this->assertMatchesRegularExpression( '/^[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+\.[A-Za-z0-9-_]+$/', $data['token'] );
// Validate user data
$this->assertIsInt( $data['user_id'] );
$this->assertGreaterThan( 0, $data['user_id'] );
$this->assertIsString( $data['role'] );
$this->assertContains( $data['role'], array( 'administrator', 'doctor', 'patient', 'kivicare_receptionist' ) );
}
/**
* Test POST /wp-json/kivicare/v1/auth/login with invalid credentials.
*
* @test
*/
public function test_auth_login_invalid_credentials() {
// ARRANGE: Invalid credentials
$invalid_data = array(
'username' => 'nonexistent_user',
'password' => 'wrong_password',
);
// ACT: Make POST request with invalid data
$response = $this->make_request( '/wp-json/kivicare/v1/auth/login', 'POST', $invalid_data );
// ASSERT: Error response contract
$this->assertRestResponse( $response, 401 );
$data = $response->get_data();
$this->assertArrayHasKey( 'code', $data );
$this->assertArrayHasKey( 'message', $data );
$this->assertEquals( 'invalid_credentials', $data['code'] );
}
/**
* Test POST /wp-json/kivicare/v1/auth/login with missing fields.
*
* @test
*/
public function test_auth_login_missing_fields() {
// ARRANGE: Missing username
$incomplete_data = array(
'password' => 'password123',
);
// ACT: Make POST request with incomplete data
$response = $this->make_request( '/wp-json/kivicare/v1/auth/login', 'POST', $incomplete_data );
// ASSERT: Validation error contract
$this->assertRestResponse( $response, 400 );
$data = $response->get_data();
$this->assertArrayHasKey( 'code', $data );
$this->assertEquals( 'rest_missing_callback_param', $data['code'] );
}
/**
* Test POST /wp-json/kivicare/v1/auth/refresh endpoint contract.
*
* @test
*/
public function test_auth_refresh_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Refresh endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Valid refresh token (will be implemented)
$refresh_data = array(
'refresh_token' => 'valid_refresh_token_here',
);
// ACT: Make POST request to refresh endpoint
$response = $this->make_request( '/wp-json/kivicare/v1/auth/refresh', 'POST', $refresh_data );
// ASSERT: Response contract (will fail until implemented)
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertArrayHasKey( 'token', $data );
$this->assertArrayHasKey( 'expires_in', $data );
}
/**
* Test POST /wp-json/kivicare/v1/auth/logout endpoint contract.
*
* @test
*/
public function test_auth_logout_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Logout endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Authenticated user
wp_set_current_user( $this->doctor_user );
// ACT: Make POST request to logout endpoint
$response = $this->make_request( '/wp-json/kivicare/v1/auth/logout', 'POST' );
// ASSERT: Response contract (will fail until implemented)
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertArrayHasKey( 'message', $data );
$this->assertEquals( 'Logout successful', $data['message'] );
}
/**
* Test authentication middleware with invalid token.
*
* @test
*/
public function test_invalid_token_response_contract() {
// This test will fail initially as JWT authentication isn't implemented
$this->markTestIncomplete( 'JWT authentication not implemented yet - TDD RED phase' );
// ARRANGE: Invalid JWT token
$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer invalid_token_here';
// ACT: Try to access protected endpoint
$response = $this->make_request( '/wp-json/kivicare/v1/patients' );
// ASSERT: Authentication error contract
$this->assertRestResponse( $response, 401 );
$data = $response->get_data();
$this->assertArrayHasKey( 'code', $data );
$this->assertEquals( 'rest_forbidden', $data['code'] );
}
/**
* Test authentication middleware with expired token.
*
* @test
*/
public function test_expired_token_response_contract() {
// This test will fail initially as JWT authentication isn't implemented
$this->markTestIncomplete( 'JWT authentication not implemented yet - TDD RED phase' );
// ARRANGE: Expired JWT token
$_SERVER['HTTP_AUTHORIZATION'] = 'Bearer expired_token_here';
// ACT: Try to access protected endpoint
$response = $this->make_request( '/wp-json/kivicare/v1/patients' );
// ASSERT: Token expiry error contract
$this->assertRestResponse( $response, 401 );
$data = $response->get_data();
$this->assertArrayHasKey( 'code', $data );
$this->assertEquals( 'jwt_auth_token_expired', $data['code'] );
}
}

251
tests/contract/test-clinic-endpoints.php Normal file
View File

@@ -0,0 +1,251 @@
/**
* Descomplicar® Crescimento Digital
* https://descomplicar.pt
*/
<?php
/**
* Contract tests for Clinic endpoints.
*
* These tests define the API contract and MUST FAIL initially (TDD RED phase).
*
* @package KiviCare_API\Tests\Contract
*/
/**
* Clinic endpoints contract tests.
*/
class Test_Clinic_Endpoints_Contract extends KiviCare_API_Test_Case {
/**
* Test GET /wp-json/kivicare/v1/clinics endpoint contract.
*
* @test
*/
public function test_get_clinics_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Clinics GET endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Authenticated administrator
wp_set_current_user( $this->admin_user );
// ACT: Make GET request to clinics endpoint
$response = $this->make_request( '/wp-json/kivicare/v1/clinics' );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertIsArray( $data );
// Validate pagination structure
if ( ! empty( $data ) ) {
$this->assertArrayHasKey( 'data', $data );
$this->assertArrayHasKey( 'total', $data );
$this->assertArrayHasKey( 'page', $data );
$this->assertArrayHasKey( 'per_page', $data );
// Validate clinic data structure
$clinic = $data['data'][0];
$this->assertClinicStructure( $clinic );
}
}
/**
* Test POST /wp-json/kivicare/v1/clinics endpoint contract.
*
* @test
*/
public function test_create_clinic_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Clinics POST endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Valid clinic data
$clinic_data = array(
'name' => 'Nova Clínica',
'email' => 'nova@clinica.com',
'telephone_no' => '+351987654321',
'address' => 'Rua Nova, 456',
'city' => 'Porto',
'state' => 'Porto',
'country' => 'Portugal',
'postal_code' => '4000-001',
'specialties' => 'Cardiology,Neurology',
);
// ACT: Make POST request as administrator
$response = $this->make_request( '/wp-json/kivicare/v1/clinics', 'POST', $clinic_data, $this->admin_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 201 );
$data = $response->get_data();
$this->assertClinicStructure( $data );
$this->assertEquals( $clinic_data['name'], $data['name'] );
$this->assertEquals( $clinic_data['email'], $data['email'] );
$this->assertIsInt( $data['id'] );
$this->assertGreaterThan( 0, $data['id'] );
}
/**
* Test POST /wp-json/kivicare/v1/clinics with invalid data.
*
* @test
*/
public function test_create_clinic_invalid_data() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Clinics POST validation not implemented yet - TDD RED phase' );
// ARRANGE: Invalid clinic data (missing required fields)
$invalid_data = array(
'name' => '', // Empty name should fail
'email' => 'invalid-email', // Invalid email format
);
// ACT: Make POST request with invalid data
$response = $this->make_request( '/wp-json/kivicare/v1/clinics', 'POST', $invalid_data, $this->admin_user );
// ASSERT: Validation error contract
$this->assertRestResponse( $response, 400 );
$data = $response->get_data();
$this->assertArrayHasKey( 'code', $data );
$this->assertEquals( 'rest_invalid_param', $data['code'] );
$this->assertArrayHasKey( 'data', $data );
$this->assertArrayHasKey( 'params', $data['data'] );
}
/**
* Test GET /wp-json/kivicare/v1/clinics/{id} endpoint contract.
*
* @test
*/
public function test_get_clinic_by_id_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Clinic by ID endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Existing clinic
$clinic_id = $this->create_test_clinic();
// ACT: Make GET request for specific clinic
$response = $this->make_request( "/wp-json/kivicare/v1/clinics/{$clinic_id}", 'GET', array(), $this->admin_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertClinicStructure( $data );
$this->assertEquals( $clinic_id, $data['id'] );
}
/**
* Test PUT /wp-json/kivicare/v1/clinics/{id} endpoint contract.
*
* @test
*/
public function test_update_clinic_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Clinic PUT endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Existing clinic and update data
$clinic_id = $this->create_test_clinic();
$update_data = array(
'name' => 'Clínica Atualizada',
'telephone_no' => '+351111222333',
);
// ACT: Make PUT request to update clinic
$response = $this->make_request( "/wp-json/kivicare/v1/clinics/{$clinic_id}", 'PUT', $update_data, $this->admin_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertClinicStructure( $data );
$this->assertEquals( $update_data['name'], $data['name'] );
$this->assertEquals( $update_data['telephone_no'], $data['telephone_no'] );
}
/**
* Test DELETE /wp-json/kivicare/v1/clinics/{id} endpoint contract.
*
* @test
*/
public function test_delete_clinic_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Clinic DELETE endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Existing clinic
$clinic_id = $this->create_test_clinic();
// ACT: Make DELETE request
$response = $this->make_request( "/wp-json/kivicare/v1/clinics/{$clinic_id}", 'DELETE', array(), $this->admin_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertArrayHasKey( 'deleted', $data );
$this->assertTrue( $data['deleted'] );
$this->assertEquals( $clinic_id, $data['id'] );
}
/**
* Test clinic permissions for different user roles.
*
* @test
*/
public function test_clinic_permissions_contract() {
// This test will fail initially as role-based permissions aren't implemented
$this->markTestIncomplete( 'Role-based permissions not implemented yet - TDD RED phase' );
// ARRANGE: Existing clinic
$clinic_id = $this->create_test_clinic();
// ACT & ASSERT: Doctor should not be able to create clinics
$response = $this->make_request( '/wp-json/kivicare/v1/clinics', 'POST', array( 'name' => 'Test' ), $this->doctor_user );
$this->assertRestResponse( $response, 403 );
// ACT & ASSERT: Patient should not be able to access clinics
$response = $this->make_request( '/wp-json/kivicare/v1/clinics', 'GET', array(), $this->patient_user );
$this->assertRestResponse( $response, 403 );
// ACT & ASSERT: Administrator should have full access
$response = $this->make_request( "/wp-json/kivicare/v1/clinics/{$clinic_id}", 'GET', array(), $this->admin_user );
$this->assertRestResponse( $response, 200 );
}
/**
* Helper method to assert clinic data structure.
*
* @param array $clinic Clinic data to validate.
*/
private function assertClinicStructure( $clinic ) {
$this->assertIsArray( $clinic );
// Required fields
$this->assertArrayHasKey( 'id', $clinic );
$this->assertArrayHasKey( 'name', $clinic );
$this->assertArrayHasKey( 'status', $clinic );
// Optional fields that should be present in response
$expected_fields = array(
'email', 'telephone_no', 'address', 'city',
'state', 'country', 'postal_code', 'specialties',
'clinic_admin_id', 'created_at'
);
foreach ( $expected_fields as $field ) {
$this->assertArrayHasKey( $field, $clinic );
}
// Data type validations
$this->assertIsInt( $clinic['id'] );
$this->assertIsString( $clinic['name'] );
$this->assertIsInt( $clinic['status'] );
if ( ! empty( $clinic['email'] ) ) {
$this->assertIsString( $clinic['email'] );
}
}
}

361
tests/contract/test-encounter-endpoints.php Normal file
View File

@@ -0,0 +1,361 @@
/**
* Descomplicar® Crescimento Digital
* https://descomplicar.pt
*/
<?php
/**
* Contract tests for Encounter endpoints.
*
* These tests define the API contract and MUST FAIL initially (TDD RED phase).
*
* @package KiviCare_API\Tests\Contract
*/
/**
* Encounter endpoints contract tests.
*/
class Test_Encounter_Endpoints_Contract extends KiviCare_API_Test_Case {
/**
* Test GET /wp-json/kivicare/v1/encounters endpoint contract.
*
* @test
*/
public function test_get_encounters_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Encounters GET endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Authenticated doctor
wp_set_current_user( $this->doctor_user );
// ACT: Make GET request to encounters endpoint
$response = $this->make_request( '/wp-json/kivicare/v1/encounters' );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertIsArray( $data );
// Validate pagination structure
if ( ! empty( $data ) ) {
$this->assertArrayHasKey( 'data', $data );
$this->assertArrayHasKey( 'total', $data );
$this->assertArrayHasKey( 'page', $data );
$this->assertArrayHasKey( 'per_page', $data );
// Validate encounter data structure
$encounter = $data['data'][0];
$this->assertEncounterStructure( $encounter );
}
}
/**
* Test POST /wp-json/kivicare/v1/encounters endpoint contract.
*
* @test
*/
public function test_create_encounter_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Encounters POST endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Valid encounter data
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_data = array(
'encounter_date' => gmdate( 'Y-m-d' ),
'appointment_id' => $appointment_id,
'patient_id' => $this->patient_user,
'doctor_id' => $this->doctor_user,
'clinic_id' => $clinic_id,
'description' => 'Patient presents with mild fever and fatigue. Diagnosed with common cold.',
'status' => 1,
'chief_complaint' => 'Fever and fatigue',
'diagnosis' => 'Common cold (J00)',
'treatment_plan' => 'Rest, fluids, symptomatic treatment',
);
// ACT: Make POST request as doctor
$response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', $encounter_data, $this->doctor_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 201 );
$data = $response->get_data();
$this->assertEncounterStructure( $data );
$this->assertEquals( $encounter_data['appointment_id'], $data['appointment_id'] );
$this->assertEquals( $encounter_data['patient_id'], $data['patient_id'] );
$this->assertIsInt( $data['id'] );
$this->assertGreaterThan( 0, $data['id'] );
}
/**
* Test POST /wp-json/kivicare/v1/encounters with invalid data.
*
* @test
*/
public function test_create_encounter_invalid_data() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Encounters POST validation not implemented yet - TDD RED phase' );
// ARRANGE: Invalid encounter data
$invalid_data = array(
'encounter_date' => 'invalid-date',
'appointment_id' => 'not_a_number',
'description' => '', // Empty description should fail
);
// ACT: Make POST request with invalid data
$response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', $invalid_data, $this->doctor_user );
// ASSERT: Validation error contract
$this->assertRestResponse( $response, 400 );
$data = $response->get_data();
$this->assertArrayHasKey( 'code', $data );
$this->assertEquals( 'rest_invalid_param', $data['code'] );
}
/**
* Test GET /wp-json/kivicare/v1/encounters/{id} endpoint contract.
*
* @test
*/
public function test_get_encounter_by_id_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Encounter by ID endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Existing encounter
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_id = $this->create_test_encounter( $appointment_id );
// ACT: Make GET request for specific encounter
$response = $this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter_id}", 'GET', array(), $this->doctor_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertEncounterStructure( $data );
$this->assertEquals( $encounter_id, $data['id'] );
}
/**
* Test PUT /wp-json/kivicare/v1/encounters/{id} endpoint contract.
*
* @test
*/
public function test_update_encounter_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Encounter PUT endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Existing encounter and update data
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_id = $this->create_test_encounter( $appointment_id );
$update_data = array(
'description' => 'Updated encounter notes with additional observations.',
'diagnosis' => 'Viral upper respiratory infection (J06.9)',
'treatment_plan' => 'Updated treatment plan with additional recommendations.',
'status' => 1,
);
// ACT: Make PUT request to update encounter
$response = $this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter_id}", 'PUT', $update_data, $this->doctor_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertEncounterStructure( $data );
$this->assertEquals( $update_data['description'], $data['description'] );
$this->assertEquals( $update_data['diagnosis'], $data['diagnosis'] );
}
/**
* Test GET /wp-json/kivicare/v1/encounters/{id}/prescriptions endpoint contract.
*
* @test
*/
public function test_get_encounter_prescriptions_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Encounter prescriptions endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Encounter with prescriptions
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_id = $this->create_test_encounter( $appointment_id );
// ACT: Make GET request for encounter prescriptions
$response = $this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter_id}/prescriptions", 'GET', array(), $this->doctor_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertIsArray( $data );
if ( ! empty( $data ) ) {
$prescription = $data[0];
$this->assertPrescriptionStructure( $prescription );
$this->assertEquals( $encounter_id, $prescription['encounter_id'] );
}
}
/**
* Test medical encounter workflow integration.
*
* @test
*/
public function test_encounter_workflow_contract() {
// This test will fail initially as the workflow isn't implemented
$this->markTestIncomplete( 'Encounter workflow not implemented yet - TDD RED phase' );
// ARRANGE: Complete appointment to encounter workflow
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
// ACT: Create encounter from appointment
$encounter_data = array(
'appointment_id' => $appointment_id,
'description' => 'Patient consultation completed successfully.',
'status' => 1,
);
$response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', $encounter_data, $this->doctor_user );
// ASSERT: Encounter creation triggers appointment status update
$this->assertRestResponse( $response, 201 );
$encounter = $response->get_data();
$this->assertEncounterStructure( $encounter );
// Verify appointment status was updated
$appointment_response = $this->make_request( "/wp-json/kivicare/v1/appointments/{$appointment_id}", 'GET', array(), $this->doctor_user );
$appointment = $appointment_response->get_data();
$this->assertEquals( 'completed', $appointment['status'] );
}
/**
* Test encounter access permissions by role.
*
* @test
*/
public function test_encounter_permissions_contract() {
// This test will fail initially as permissions aren't implemented
$this->markTestIncomplete( 'Encounter permissions not implemented yet - TDD RED phase' );
// ARRANGE: Encounter created by doctor
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_id = $this->create_test_encounter( $appointment_id );
// ACT & ASSERT: Patient should be able to view their encounters (read-only)
$response = $this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter_id}", 'GET', array(), $this->patient_user );
$this->assertRestResponse( $response, 200 );
// ACT & ASSERT: Patient should not be able to modify encounters
$response = $this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter_id}", 'PUT', array( 'description' => 'Hacked' ), $this->patient_user );
$this->assertRestResponse( $response, 403 );
// ACT & ASSERT: Receptionist should not access medical encounters
$response = $this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter_id}", 'GET', array(), $this->receptionist_user );
$this->assertRestResponse( $response, 403 );
}
/**
* Helper method to create test encounter.
*
* @param int $appointment_id Appointment ID.
* @return int Encounter ID.
*/
private function create_test_encounter( $appointment_id ) {
global $wpdb;
$encounter_data = array(
'encounter_date' => gmdate( 'Y-m-d' ),
'clinic_id' => get_option( 'kivicare_api_test_clinic_id', 1 ),
'doctor_id' => $this->doctor_user,
'patient_id' => $this->patient_user,
'appointment_id' => $appointment_id,
'description' => 'Test medical encounter',
'status' => 1,
'added_by' => $this->doctor_user,
'created_at' => current_time( 'mysql' ),
);
$wpdb->insert( $wpdb->prefix . 'kc_patient_encounters', $encounter_data );
return $wpdb->insert_id;
}
/**
* Helper method to assert encounter data structure.
*
* @param array $encounter Encounter data to validate.
*/
private function assertEncounterStructure( $encounter ) {
$this->assertIsArray( $encounter );
// Required fields
$expected_fields = array(
'id', 'encounter_date', 'patient_id', 'doctor_id',
'clinic_id', 'appointment_id', 'description', 'status', 'created_at'
);
foreach ( $expected_fields as $field ) {
$this->assertArrayHasKey( $field, $encounter );
}
// Data type validations
$this->assertIsInt( $encounter['id'] );
$this->assertIsInt( $encounter['patient_id'] );
$this->assertIsInt( $encounter['doctor_id'] );
$this->assertIsInt( $encounter['clinic_id'] );
$this->assertIsInt( $encounter['status'] );
// Date format validation
$this->assertMatchesRegularExpression( '/^\d{4}-\d{2}-\d{2}$/', $encounter['encounter_date'] );
// Optional expanded data
if ( isset( $encounter['patient'] ) ) {
$this->assertIsArray( $encounter['patient'] );
$this->assertArrayHasKey( 'display_name', $encounter['patient'] );
}
if ( isset( $encounter['doctor'] ) ) {
$this->assertIsArray( $encounter['doctor'] );
$this->assertArrayHasKey( 'display_name', $encounter['doctor'] );
}
if ( isset( $encounter['prescriptions'] ) ) {
$this->assertIsArray( $encounter['prescriptions'] );
}
}
/**
* Helper method to assert prescription data structure.
*
* @param array $prescription Prescription data to validate.
*/
private function assertPrescriptionStructure( $prescription ) {
$this->assertIsArray( $prescription );
$expected_fields = array(
'id', 'encounter_id', 'patient_id', 'name',
'frequency', 'duration', 'instruction', 'created_at'
);
foreach ( $expected_fields as $field ) {
$this->assertArrayHasKey( $field, $prescription );
}
$this->assertIsInt( $prescription['id'] );
$this->assertIsInt( $prescription['encounter_id'] );
$this->assertIsInt( $prescription['patient_id'] );
$this->assertIsString( $prescription['name'] );
}
}

328
tests/contract/test-patient-endpoints.php Normal file
View File

@@ -0,0 +1,328 @@
/**
* Descomplicar® Crescimento Digital
* https://descomplicar.pt
*/
<?php
/**
* Contract tests for Patient endpoints.
*
* These tests define the API contract and MUST FAIL initially (TDD RED phase).
*
* @package KiviCare_API\Tests\Contract
*/
/**
* Patient endpoints contract tests.
*/
class Test_Patient_Endpoints_Contract extends KiviCare_API_Test_Case {
/**
* Test GET /wp-json/kivicare/v1/patients endpoint contract.
*
* @test
*/
public function test_get_patients_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Patients GET endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Authenticated doctor
wp_set_current_user( $this->doctor_user );
// ACT: Make GET request to patients endpoint
$response = $this->make_request( '/wp-json/kivicare/v1/patients' );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertIsArray( $data );
// Validate pagination structure
if ( ! empty( $data ) ) {
$this->assertArrayHasKey( 'data', $data );
$this->assertArrayHasKey( 'total', $data );
$this->assertArrayHasKey( 'page', $data );
$this->assertArrayHasKey( 'per_page', $data );
// Validate patient data structure
$patient = $data['data'][0];
$this->assertPatientStructure( $patient );
}
}
/**
* Test POST /wp-json/kivicare/v1/patients endpoint contract.
*
* @test
*/
public function test_create_patient_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Patients POST endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Valid patient data
$patient_data = array(
'display_name' => 'João Silva Santos',
'user_email' => 'joao.santos@example.com',
'clinic_id' => $this->create_test_clinic(),
'first_name' => 'João',
'last_name' => 'Santos',
'phone' => '+351912345678',
'address' => 'Rua das Flores, 123',
'city' => 'Lisboa',
'postal_code' => '1000-001',
'birth_date' => '1985-05-15',
'gender' => 'M',
);
// ACT: Make POST request as doctor
$response = $this->make_request( '/wp-json/kivicare/v1/patients', 'POST', $patient_data, $this->doctor_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 201 );
$data = $response->get_data();
$this->assertPatientStructure( $data );
$this->assertEquals( $patient_data['display_name'], $data['display_name'] );
$this->assertEquals( $patient_data['user_email'], $data['user_email'] );
$this->assertIsInt( $data['id'] );
$this->assertGreaterThan( 0, $data['id'] );
}
/**
* Test POST /wp-json/kivicare/v1/patients with invalid data.
*
* @test
*/
public function test_create_patient_invalid_data() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Patients POST validation not implemented yet - TDD RED phase' );
// ARRANGE: Invalid patient data
$invalid_data = array(
'display_name' => '', // Empty name should fail
'user_email' => 'invalid-email', // Invalid email format
'clinic_id' => 'not_a_number', // Invalid clinic ID
);
// ACT: Make POST request with invalid data
$response = $this->make_request( '/wp-json/kivicare/v1/patients', 'POST', $invalid_data, $this->doctor_user );
// ASSERT: Validation error contract
$this->assertRestResponse( $response, 400 );
$data = $response->get_data();
$this->assertArrayHasKey( 'code', $data );
$this->assertEquals( 'rest_invalid_param', $data['code'] );
$this->assertArrayHasKey( 'data', $data );
$this->assertArrayHasKey( 'params', $data['data'] );
}
/**
* Test GET /wp-json/kivicare/v1/patients/{id} endpoint contract.
*
* @test
*/
public function test_get_patient_by_id_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Patient by ID endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Existing patient
$patient_id = $this->patient_user;
// ACT: Make GET request for specific patient
$response = $this->make_request( "/wp-json/kivicare/v1/patients/{$patient_id}", 'GET', array(), $this->doctor_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertPatientStructure( $data );
$this->assertEquals( $patient_id, $data['id'] );
}
/**
* Test PUT /wp-json/kivicare/v1/patients/{id} endpoint contract.
*
* @test
*/
public function test_update_patient_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Patient PUT endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Existing patient and update data
$patient_id = $this->patient_user;
$update_data = array(
'phone' => '+351987654321',
'address' => 'Nova Morada, 456',
);
// ACT: Make PUT request to update patient
$response = $this->make_request( "/wp-json/kivicare/v1/patients/{$patient_id}", 'PUT', $update_data, $this->doctor_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertPatientStructure( $data );
$this->assertEquals( $update_data['phone'], $data['phone'] );
}
/**
* Test GET /wp-json/kivicare/v1/patients/{id}/encounters endpoint contract.
*
* @test
*/
public function test_get_patient_encounters_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Patient encounters endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Patient with encounters
$patient_id = $this->patient_user;
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $patient_id );
// ACT: Make GET request for patient encounters
$response = $this->make_request( "/wp-json/kivicare/v1/patients/{$patient_id}/encounters", 'GET', array(), $this->doctor_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertIsArray( $data );
if ( ! empty( $data ) ) {
$encounter = $data[0];
$this->assertEncounterStructure( $encounter );
$this->assertEquals( $patient_id, $encounter['patient_id'] );
}
}
/**
* Test GET /wp-json/kivicare/v1/patients/{id}/prescriptions endpoint contract.
*
* @test
*/
public function test_get_patient_prescriptions_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Patient prescriptions endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Patient with prescriptions
$patient_id = $this->patient_user;
// ACT: Make GET request for patient prescriptions
$response = $this->make_request( "/wp-json/kivicare/v1/patients/{$patient_id}/prescriptions", 'GET', array(), $this->doctor_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertIsArray( $data );
if ( ! empty( $data ) ) {
$prescription = $data[0];
$this->assertPrescriptionStructure( $prescription );
$this->assertEquals( $patient_id, $prescription['patient_id'] );
}
}
/**
* Test patient privacy and data access restrictions.
*
* @test
*/
public function test_patient_privacy_contract() {
// This test will fail initially as privacy controls aren't implemented
$this->markTestIncomplete( 'Patient privacy controls not implemented yet - TDD RED phase' );
// ARRANGE: Two different patients
$patient1_id = $this->patient_user;
$patient2_id = $this->factory->user->create( array( 'role' => 'patient' ) );
// ACT & ASSERT: Patient should only see their own data
$response = $this->make_request( "/wp-json/kivicare/v1/patients/{$patient1_id}", 'GET', array(), $patient1_id );
$this->assertRestResponse( $response, 200 );
// ACT & ASSERT: Patient should not see other patient's data
$response = $this->make_request( "/wp-json/kivicare/v1/patients/{$patient2_id}", 'GET', array(), $patient1_id );
$this->assertRestResponse( $response, 403 );
}
/**
* Helper method to assert patient data structure.
*
* @param array $patient Patient data to validate.
*/
private function assertPatientStructure( $patient ) {
$this->assertIsArray( $patient );
// Required fields from wp_users
$this->assertArrayHasKey( 'id', $patient );
$this->assertArrayHasKey( 'display_name', $patient );
$this->assertArrayHasKey( 'user_email', $patient );
// Additional patient fields
$expected_fields = array(
'first_name', 'last_name', 'phone', 'address',
'city', 'postal_code', 'birth_date', 'gender',
'clinic_id', 'registration_date'
);
foreach ( $expected_fields as $field ) {
$this->assertArrayHasKey( $field, $patient );
}
// Data type validations
$this->assertIsInt( $patient['id'] );
$this->assertIsString( $patient['display_name'] );
$this->assertIsString( $patient['user_email'] );
if ( ! empty( $patient['clinic_id'] ) ) {
$this->assertIsInt( $patient['clinic_id'] );
}
}
/**
* Helper method to assert encounter data structure.
*
* @param array $encounter Encounter data to validate.
*/
private function assertEncounterStructure( $encounter ) {
$this->assertIsArray( $encounter );
$expected_fields = array(
'id', 'encounter_date', 'patient_id', 'doctor_id',
'clinic_id', 'appointment_id', 'description', 'status'
);
foreach ( $expected_fields as $field ) {
$this->assertArrayHasKey( $field, $encounter );
}
$this->assertIsInt( $encounter['id'] );
$this->assertIsInt( $encounter['patient_id'] );
$this->assertIsInt( $encounter['doctor_id'] );
}
/**
* Helper method to assert prescription data structure.
*
* @param array $prescription Prescription data to validate.
*/
private function assertPrescriptionStructure( $prescription ) {
$this->assertIsArray( $prescription );
$expected_fields = array(
'id', 'encounter_id', 'patient_id', 'name',
'frequency', 'duration', 'instruction'
);
foreach ( $expected_fields as $field ) {
$this->assertArrayHasKey( $field, $prescription );
}
$this->assertIsInt( $prescription['id'] );
$this->assertIsInt( $prescription['patient_id'] );
$this->assertIsString( $prescription['name'] );
}
}

381
tests/contract/test-prescription-endpoints.php Normal file
View File

@@ -0,0 +1,381 @@
/**
* Descomplicar® Crescimento Digital
* https://descomplicar.pt
*/
<?php
/**
* Contract tests for Prescription endpoints.
*
* These tests define the API contract and MUST FAIL initially (TDD RED phase).
*
* @package KiviCare_API\Tests\Contract
*/
/**
* Prescription endpoints contract tests.
*/
class Test_Prescription_Endpoints_Contract extends KiviCare_API_Test_Case {
/**
* Test POST /wp-json/kivicare/v1/encounters/{id}/prescriptions endpoint contract.
*
* @test
*/
public function test_create_prescription_endpoint_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Prescriptions POST endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Valid prescription data
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_id = $this->create_test_encounter( $appointment_id );
$prescription_data = array(
'name' => 'Paracetamol 500mg',
'frequency' => 'Every 8 hours',
'duration' => '7 days',
'instruction' => 'Take with water after meals. Do not exceed recommended dose.',
'dosage' => '1 tablet',
'quantity' => '21 tablets',
);
// ACT: Make POST request as doctor
$response = $this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter_id}/prescriptions", 'POST', $prescription_data, $this->doctor_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 201 );
$data = $response->get_data();
$this->assertPrescriptionStructure( $data );
$this->assertEquals( $prescription_data['name'], $data['name'] );
$this->assertEquals( $prescription_data['frequency'], $data['frequency'] );
$this->assertEquals( $encounter_id, $data['encounter_id'] );
$this->assertIsInt( $data['id'] );
$this->assertGreaterThan( 0, $data['id'] );
}
/**
* Test POST /wp-json/kivicare/v1/encounters/{id}/prescriptions with invalid data.
*
* @test
*/
public function test_create_prescription_invalid_data() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Prescriptions POST validation not implemented yet - TDD RED phase' );
// ARRANGE: Invalid prescription data
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_id = $this->create_test_encounter( $appointment_id );
$invalid_data = array(
'name' => '', // Empty name should fail
'frequency' => '', // Empty frequency should fail
'duration' => 'invalid duration format',
);
// ACT: Make POST request with invalid data
$response = $this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter_id}/prescriptions", 'POST', $invalid_data, $this->doctor_user );
// ASSERT: Validation error contract
$this->assertRestResponse( $response, 400 );
$data = $response->get_data();
$this->assertArrayHasKey( 'code', $data );
$this->assertEquals( 'rest_invalid_param', $data['code'] );
$this->assertArrayHasKey( 'data', $data );
$this->assertArrayHasKey( 'params', $data['data'] );
}
/**
* Test GET /wp-json/kivicare/v1/prescriptions/{id} endpoint contract.
*
* @test
*/
public function test_get_prescription_by_id_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Prescription by ID endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Existing prescription
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_id = $this->create_test_encounter( $appointment_id );
$prescription_id = $this->create_test_prescription( $encounter_id );
// ACT: Make GET request for specific prescription
$response = $this->make_request( "/wp-json/kivicare/v1/prescriptions/{$prescription_id}", 'GET', array(), $this->doctor_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertPrescriptionStructure( $data );
$this->assertEquals( $prescription_id, $data['id'] );
}
/**
* Test PUT /wp-json/kivicare/v1/prescriptions/{id} endpoint contract.
*
* @test
*/
public function test_update_prescription_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Prescription PUT endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Existing prescription and update data
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_id = $this->create_test_encounter( $appointment_id );
$prescription_id = $this->create_test_prescription( $encounter_id );
$update_data = array(
'frequency' => 'Every 6 hours',
'duration' => '10 days',
'instruction' => 'Updated instructions: Take with food to avoid stomach irritation.',
);
// ACT: Make PUT request to update prescription
$response = $this->make_request( "/wp-json/kivicare/v1/prescriptions/{$prescription_id}", 'PUT', $update_data, $this->doctor_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertPrescriptionStructure( $data );
$this->assertEquals( $update_data['frequency'], $data['frequency'] );
$this->assertEquals( $update_data['duration'], $data['duration'] );
}
/**
* Test DELETE /wp-json/kivicare/v1/prescriptions/{id} endpoint contract.
*
* @test
*/
public function test_delete_prescription_contract() {
// This test will fail initially as the endpoint doesn't exist yet
$this->markTestIncomplete( 'Prescription DELETE endpoint not implemented yet - TDD RED phase' );
// ARRANGE: Existing prescription
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_id = $this->create_test_encounter( $appointment_id );
$prescription_id = $this->create_test_prescription( $encounter_id );
// ACT: Make DELETE request
$response = $this->make_request( "/wp-json/kivicare/v1/prescriptions/{$prescription_id}", 'DELETE', array(), $this->doctor_user );
// ASSERT: Response contract
$this->assertRestResponse( $response, 200 );
$data = $response->get_data();
$this->assertArrayHasKey( 'deleted', $data );
$this->assertTrue( $data['deleted'] );
$this->assertEquals( $prescription_id, $data['id'] );
}
/**
* Test prescription bulk operations contract.
*
* @test
*/
public function test_bulk_prescription_operations_contract() {
// This test will fail initially as bulk operations aren't implemented
$this->markTestIncomplete( 'Bulk prescription operations not implemented yet - TDD RED phase' );
// ARRANGE: Multiple prescriptions for an encounter
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_id = $this->create_test_encounter( $appointment_id );
$bulk_prescriptions = array(
array(
'name' => 'Paracetamol 500mg',
'frequency' => 'Every 8 hours',
'duration' => '7 days',
'instruction' => 'Take with water after meals',
),
array(
'name' => 'Ibuprofen 400mg',
'frequency' => 'Every 12 hours',
'duration' => '5 days',
'instruction' => 'Take with food to prevent stomach upset',
),
);
// ACT: Make bulk POST request
$response = $this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter_id}/prescriptions/bulk", 'POST', array( 'prescriptions' => $bulk_prescriptions ), $this->doctor_user );
// ASSERT: Bulk response contract
$this->assertRestResponse( $response, 201 );
$data = $response->get_data();
$this->assertIsArray( $data );
$this->assertArrayHasKey( 'created', $data );
$this->assertCount( 2, $data['created'] );
foreach ( $data['created'] as $prescription ) {
$this->assertPrescriptionStructure( $prescription );
}
}
/**
* Test prescription permissions by role.
*
* @test
*/
public function test_prescription_permissions_contract() {
// This test will fail initially as permissions aren't implemented
$this->markTestIncomplete( 'Prescription permissions not implemented yet - TDD RED phase' );
// ARRANGE: Prescription created by doctor
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_id = $this->create_test_encounter( $appointment_id );
$prescription_id = $this->create_test_prescription( $encounter_id );
// ACT & ASSERT: Only doctors should be able to create prescriptions
$prescription_data = array(
'name' => 'Test Medicine',
'frequency' => 'Daily',
'duration' => '5 days',
);
$response = $this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter_id}/prescriptions", 'POST', $prescription_data, $this->patient_user );
$this->assertRestResponse( $response, 403 );
$response = $this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter_id}/prescriptions", 'POST', $prescription_data, $this->receptionist_user );
$this->assertRestResponse( $response, 403 );
// ACT & ASSERT: Patients should be able to view their prescriptions (read-only)
$response = $this->make_request( "/wp-json/kivicare/v1/prescriptions/{$prescription_id}", 'GET', array(), $this->patient_user );
$this->assertRestResponse( $response, 200 );
// ACT & ASSERT: Patients should not be able to modify prescriptions
$response = $this->make_request( "/wp-json/kivicare/v1/prescriptions/{$prescription_id}", 'PUT', array( 'frequency' => 'Hacked' ), $this->patient_user );
$this->assertRestResponse( $response, 403 );
}
/**
* Test prescription drug interaction warnings.
*
* @test
*/
public function test_prescription_drug_interactions_contract() {
// This test will fail initially as drug interaction checking isn't implemented
$this->markTestIncomplete( 'Drug interaction checking not implemented yet - TDD RED phase' );
// ARRANGE: Patient with existing prescription
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_id = $this->create_test_encounter( $appointment_id );
// Create first prescription
$first_prescription = array(
'name' => 'Warfarin 5mg',
'frequency' => 'Daily',
'duration' => '30 days',
);
$this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter_id}/prescriptions", 'POST', $first_prescription, $this->doctor_user );
// ACT: Try to add potentially interacting drug
$interacting_prescription = array(
'name' => 'Aspirin 100mg',
'frequency' => 'Daily',
'duration' => '7 days',
);
$response = $this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter_id}/prescriptions", 'POST', $interacting_prescription, $this->doctor_user );
// ASSERT: Should return warning but allow prescription
$this->assertRestResponse( $response, 201 );
$data = $response->get_data();
$this->assertArrayHasKey( 'warnings', $data );
$this->assertArrayHasKey( 'drug_interactions', $data['warnings'] );
}
/**
* Helper method to create test encounter.
*
* @param int $appointment_id Appointment ID.
* @return int Encounter ID.
*/
private function create_test_encounter( $appointment_id ) {
global $wpdb;
$encounter_data = array(
'encounter_date' => gmdate( 'Y-m-d' ),
'clinic_id' => get_option( 'kivicare_api_test_clinic_id', 1 ),
'doctor_id' => $this->doctor_user,
'patient_id' => $this->patient_user,
'appointment_id' => $appointment_id,
'description' => 'Test medical encounter',
'status' => 1,
'added_by' => $this->doctor_user,
'created_at' => current_time( 'mysql' ),
);
$wpdb->insert( $wpdb->prefix . 'kc_patient_encounters', $encounter_data );
return $wpdb->insert_id;
}
/**
* Helper method to create test prescription.
*
* @param int $encounter_id Encounter ID.
* @return int Prescription ID.
*/
private function create_test_prescription( $encounter_id ) {
global $wpdb;
$prescription_data = array(
'encounter_id' => $encounter_id,
'patient_id' => $this->patient_user,
'name' => 'Test Medicine 100mg',
'frequency' => 'Every 8 hours',
'duration' => '7 days',
'instruction' => 'Take with water',
'added_by' => $this->doctor_user,
'created_at' => current_time( 'mysql' ),
);
$wpdb->insert( $wpdb->prefix . 'kc_prescription', $prescription_data );
return $wpdb->insert_id;
}
/**
* Helper method to assert prescription data structure.
*
* @param array $prescription Prescription data to validate.
*/
private function assertPrescriptionStructure( $prescription ) {
$this->assertIsArray( $prescription );
$expected_fields = array(
'id', 'encounter_id', 'patient_id', 'name',
'frequency', 'duration', 'instruction', 'added_by', 'created_at'
);
foreach ( $expected_fields as $field ) {
$this->assertArrayHasKey( $field, $prescription );
}
// Data type validations
$this->assertIsInt( $prescription['id'] );
$this->assertIsInt( $prescription['encounter_id'] );
$this->assertIsInt( $prescription['patient_id'] );
$this->assertIsString( $prescription['name'] );
$this->assertIsString( $prescription['frequency'] );
$this->assertIsString( $prescription['duration'] );
// Optional fields that might be present
if ( isset( $prescription['encounter'] ) ) {
$this->assertIsArray( $prescription['encounter'] );
}
if ( isset( $prescription['patient'] ) ) {
$this->assertIsArray( $prescription['patient'] );
$this->assertArrayHasKey( 'display_name', $prescription['patient'] );
}
}
}

399
tests/integration/test-billing-automation.php Normal file
View File

@@ -0,0 +1,399 @@
/**
* Descomplicar® Crescimento Digital
* https://descomplicar.pt
*/
<?php
/**
* Integration tests for Automatic Billing Generation (User Story 4).
*
* These tests validate complete user stories and MUST FAIL initially (TDD RED phase).
*
* @package KiviCare_API\Tests\Integration
*/
/**
* Billing automation integration tests.
*
* User Story: Automatic billing generation based on encounters and services
*/
class Test_Billing_Automation extends KiviCare_API_Test_Case {
/**
* Test automatic billing generation workflow.
*
* @test
*/
public function test_automatic_billing_generation_workflow() {
// This test will fail initially as billing automation isn't implemented
$this->markTestIncomplete( 'Automatic billing generation not implemented yet - TDD RED phase' );
// ARRANGE: Setup complete billing scenario
$clinic_id = $this->create_test_clinic();
global $wpdb;
// Create services with prices
$service_ids = array();
$services = array(
array( 'name' => 'General Consultation', 'price' => '75.00', 'type' => 'consultation' ),
array( 'name' => 'Blood Pressure Check', 'price' => '15.00', 'type' => 'procedure' ),
array( 'name' => 'Prescription Review', 'price' => '25.00', 'type' => 'consultation' ),
);
foreach ( $services as $service ) {
$wpdb->insert( $wpdb->prefix . 'kc_services', array(
'name' => $service['name'],
'price' => $service['price'],
'type' => $service['type'],
'status' => 1,
'created_at' => current_time( 'mysql' ),
));
$service_ids[] = $wpdb->insert_id;
}
// Map doctor and patient to clinic
$wpdb->insert( $wpdb->prefix . 'kc_doctor_clinic_mappings', array( 'doctor_id' => $this->doctor_user, 'clinic_id' => $clinic_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_patient_clinic_mappings', array( 'patient_id' => $this->patient_user, 'clinic_id' => $clinic_id ) );
// STEP 1: Create appointment with services
$appointment_data = array(
'appointment_start_date' => gmdate( 'Y-m-d', strtotime( '+1 day' ) ),
'appointment_start_time' => '14:30:00',
'appointment_end_date' => gmdate( 'Y-m-d', strtotime( '+1 day' ) ),
'appointment_end_time' => '15:30:00',
'doctor_id' => $this->doctor_user,
'patient_id' => $this->patient_user,
'clinic_id' => $clinic_id,
'visit_type' => 'consultation',
'services' => array( $service_ids[0], $service_ids[1] ), // Consultation + BP Check
);
$appointment_response = $this->make_request( '/wp-json/kivicare/v1/appointments', 'POST', $appointment_data, $this->receptionist_user );
$this->assertRestResponse( $appointment_response, 201 );
$appointment_id = $appointment_response->get_data()['id'];
// Verify service mappings were created
$service_mappings = $wpdb->get_results(
$wpdb->prepare( "SELECT * FROM {$wpdb->prefix}kc_appointment_service_mapping WHERE appointment_id = %d", $appointment_id )
);
$this->assertCount( 2, $service_mappings );
// STEP 2: Doctor creates encounter (this should trigger billing)
$encounter_data = array(
'appointment_id' => $appointment_id,
'description' => 'Patient consultation completed. Blood pressure checked and found to be within normal range.',
'diagnosis' => 'Routine health check - Normal findings',
'treatment_plan' => 'Continue current lifestyle, return in 6 months',
'status' => 1,
);
$encounter_response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', $encounter_data, $this->doctor_user );
$this->assertRestResponse( $encounter_response, 201 );
$encounter_id = $encounter_response->get_data()['id'];
// STEP 3: Verify automatic bill generation
$bill = $wpdb->get_row(
$wpdb->prepare(
"SELECT * FROM {$wpdb->prefix}kc_bills WHERE encounter_id = %d AND appointment_id = %d",
$encounter_id,
$appointment_id
)
);
$this->assertNotNull( $bill, 'Bill should be automatically generated when encounter is created' );
$this->assertEquals( $encounter_id, $bill->encounter_id );
$this->assertEquals( $appointment_id, $bill->appointment_id );
$this->assertEquals( $clinic_id, $bill->clinic_id );
$this->assertEquals( 'unpaid', $bill->payment_status );
// STEP 4: Verify bill amount calculation
$expected_total = 75.00 + 15.00; // Consultation + BP Check
$this->assertEquals( number_format( $expected_total, 2 ), $bill->total_amount );
$this->assertEquals( '0.00', $bill->discount );
$this->assertEquals( number_format( $expected_total, 2 ), $bill->actual_amount );
// STEP 5: Doctor adds additional service during encounter
$additional_service_response = $this->make_request(
"/wp-json/kivicare/v1/encounters/{$encounter_id}/services",
'POST',
array( 'service_id' => $service_ids[2] ), // Prescription Review
$this->doctor_user
);
$this->assertRestResponse( $additional_service_response, 201 );
// STEP 6: Verify bill was automatically updated
$updated_bill = $wpdb->get_row(
$wpdb->prepare( "SELECT * FROM {$wpdb->prefix}kc_bills WHERE id = %d", $bill->id )
);
$new_expected_total = $expected_total + 25.00; // Added Prescription Review
$this->assertEquals( number_format( $new_expected_total, 2 ), $updated_bill->total_amount );
$this->assertEquals( number_format( $new_expected_total, 2 ), $updated_bill->actual_amount );
// STEP 7: Test bill retrieval via API
$bill_response = $this->make_request( "/wp-json/kivicare/v1/bills/{$bill->id}", 'GET', array(), $this->receptionist_user );
$this->assertRestResponse( $bill_response, 200 );
$bill_data = $bill_response->get_data();
$this->assertEquals( $bill->id, $bill_data['id'] );
$this->assertEquals( $encounter_id, $bill_data['encounter_id'] );
$this->assertEquals( number_format( $new_expected_total, 2 ), $bill_data['total_amount'] );
// Verify bill includes service breakdown
$this->assertArrayHasKey( 'services', $bill_data );
$this->assertCount( 3, $bill_data['services'] );
// STEP 8: Test payment processing
$payment_data = array(
'amount' => $bill_data['actual_amount'],
'payment_method' => 'cash',
'notes' => 'Payment received in full',
);
$payment_response = $this->make_request( "/wp-json/kivicare/v1/bills/{$bill->id}/payment", 'POST', $payment_data, $this->receptionist_user );
$this->assertRestResponse( $payment_response, 200 );
// Verify payment status updated
$paid_bill = $wpdb->get_row(
$wpdb->prepare( "SELECT * FROM {$wpdb->prefix}kc_bills WHERE id = %d", $bill->id )
);
$this->assertEquals( 'paid', $paid_bill->payment_status );
}
/**
* Test billing with discounts and insurance.
*
* @test
*/
public function test_billing_with_discounts_and_insurance() {
// This test will fail initially as discount/insurance features aren't implemented
$this->markTestIncomplete( 'Billing discounts and insurance not implemented yet - TDD RED phase' );
// ARRANGE: Setup scenario with discounts
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
// Create encounter
$encounter_response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', array(
'appointment_id' => $appointment_id,
'description' => 'Test encounter for billing with discounts',
), $this->doctor_user );
$encounter_id = $encounter_response->get_data()['id'];
// STEP 1: Apply senior citizen discount (20%)
$discount_data = array(
'type' => 'percentage',
'value' => 20,
'reason' => 'Senior citizen discount',
'applied_by' => $this->doctor_user,
);
$discount_response = $this->make_request( "/wp-json/kivicare/v1/bills/encounter/{$encounter_id}/discount", 'POST', $discount_data, $this->doctor_user );
$this->assertRestResponse( $discount_response, 200 );
// STEP 2: Verify discount was applied to bill
global $wpdb;
$bill = $wpdb->get_row(
$wpdb->prepare( "SELECT * FROM {$wpdb->prefix}kc_bills WHERE encounter_id = %d", $encounter_id )
);
$total_amount = floatval( $bill->total_amount );
$discount_amount = floatval( $bill->discount );
$actual_amount = floatval( $bill->actual_amount );
$this->assertEquals( $total_amount * 0.20, $discount_amount );
$this->assertEquals( $total_amount - $discount_amount, $actual_amount );
// STEP 3: Test insurance claim processing
$insurance_data = array(
'insurance_provider' => 'Medicare',
'policy_number' => 'POL123456789',
'coverage_percentage' => 80,
'claim_amount' => $actual_amount,
);
$insurance_response = $this->make_request( "/wp-json/kivicare/v1/bills/{$bill->id}/insurance", 'POST', $insurance_data, $this->receptionist_user );
$this->assertRestResponse( $insurance_response, 201 );
// Verify insurance claim was created
$claim = $wpdb->get_row(
$wpdb->prepare( "SELECT * FROM {$wpdb->prefix}kc_insurance_claims WHERE bill_id = %d", $bill->id )
);
$this->assertNotNull( $claim );
$this->assertEquals( 'pending', $claim->status );
}
/**
* Test billing error handling and edge cases.
*
* @test
*/
public function test_billing_error_handling() {
// This test will fail initially as error handling isn't implemented
$this->markTestIncomplete( 'Billing error handling not implemented yet - TDD RED phase' );
$clinic_id = $this->create_test_clinic();
// Test error scenarios
$error_tests = array(
// Encounter without appointment
array(
'scenario' => 'Encounter without appointment',
'setup' => function() {
return array(
'description' => 'Test encounter without appointment',
'patient_id' => $this->patient_user,
'clinic_id' => $this->create_test_clinic(),
);
},
'expected_error' => 'missing_appointment',
),
// Appointment without services
array(
'scenario' => 'Appointment without services',
'setup' => function() use ( $clinic_id ) {
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
// Clear any default services
global $wpdb;
$wpdb->delete( $wpdb->prefix . 'kc_appointment_service_mapping', array( 'appointment_id' => $appointment_id ) );
return array(
'appointment_id' => $appointment_id,
'description' => 'Test encounter without services',
);
},
'expected_error' => 'no_billable_services',
),
);
foreach ( $error_tests as $test ) {
$encounter_data = $test['setup']();
$response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', $encounter_data, $this->doctor_user );
// Should either prevent encounter creation or generate appropriate billing warning
if ( $response->get_status() === 201 ) {
// If encounter was created, check for billing warnings
$encounter = $response->get_data();
$this->assertArrayHasKey( 'billing_warnings', $encounter );
} else {
// If encounter was prevented, check error code
$error_data = $response->get_data();
$this->assertEquals( $test['expected_error'], $error_data['code'] );
}
}
}
/**
* Test billing permissions and access control.
*
* @test
*/
public function test_billing_permissions() {
// This test will fail initially as billing permissions aren't implemented
$this->markTestIncomplete( 'Billing permissions not implemented yet - TDD RED phase' );
// ARRANGE: Create bill
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', array(
'appointment_id' => $appointment_id,
'description' => 'Test encounter for billing permissions',
), $this->doctor_user );
$encounter_id = $encounter_response->get_data()['id'];
global $wpdb;
$bill = $wpdb->get_row(
$wpdb->prepare( "SELECT * FROM {$wpdb->prefix}kc_bills WHERE encounter_id = %d", $encounter_id )
);
// Test role-based permissions
$permission_tests = array(
// View bill permissions
array( 'action' => 'GET', 'endpoint' => "/wp-json/kivicare/v1/bills/{$bill->id}", 'user' => $this->admin_user, 'expected' => 200 ),
array( 'action' => 'GET', 'endpoint' => "/wp-json/kivicare/v1/bills/{$bill->id}", 'user' => $this->doctor_user, 'expected' => 200 ),
array( 'action' => 'GET', 'endpoint' => "/wp-json/kivicare/v1/bills/{$bill->id}", 'user' => $this->receptionist_user, 'expected' => 200 ),
array( 'action' => 'GET', 'endpoint' => "/wp-json/kivicare/v1/bills/{$bill->id}", 'user' => $this->patient_user, 'expected' => 200 ), // Own bill
// Payment processing permissions
array( 'action' => 'POST', 'endpoint' => "/wp-json/kivicare/v1/bills/{$bill->id}/payment", 'user' => $this->receptionist_user, 'expected' => 200 ),
array( 'action' => 'POST', 'endpoint' => "/wp-json/kivicare/v1/bills/{$bill->id}/payment", 'user' => $this->admin_user, 'expected' => 200 ),
array( 'action' => 'POST', 'endpoint' => "/wp-json/kivicare/v1/bills/{$bill->id}/payment", 'user' => $this->doctor_user, 'expected' => 403 ), // Doctor cannot process payments
array( 'action' => 'POST', 'endpoint' => "/wp-json/kivicare/v1/bills/{$bill->id}/payment", 'user' => $this->patient_user, 'expected' => 403 ), // Patient cannot process payments
);
foreach ( $permission_tests as $test ) {
$data = ( $test['action'] === 'POST' ) ? array( 'amount' => $bill->actual_amount, 'payment_method' => 'cash' ) : array();
$response = $this->make_request( $test['endpoint'], $test['action'], $data, $test['user'] );
$this->assertRestResponse( $response, $test['expected'] );
}
}
/**
* Test billing reports and analytics.
*
* @test
*/
public function test_billing_reports_and_analytics() {
// This test will fail initially as billing reports aren't implemented
$this->markTestIncomplete( 'Billing reports not implemented yet - TDD RED phase' );
// ARRANGE: Create multiple bills with different statuses
$clinic_id = $this->create_test_clinic();
$bill_scenarios = array(
array( 'amount' => 100.00, 'status' => 'paid', 'date' => '2024-01-15' ),
array( 'amount' => 150.00, 'status' => 'unpaid', 'date' => '2024-01-16' ),
array( 'amount' => 75.00, 'status' => 'paid', 'date' => '2024-01-17' ),
array( 'amount' => 200.00, 'status' => 'partially_paid', 'date' => '2024-01-18' ),
);
foreach ( $bill_scenarios as $scenario ) {
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', array(
'appointment_id' => $appointment_id,
'description' => 'Test encounter for billing reports',
'encounter_date' => $scenario['date'],
), $this->doctor_user );
// Simulate different payment statuses
global $wpdb;
$encounter_id = $encounter_response->get_data()['id'];
$wpdb->update(
$wpdb->prefix . 'kc_bills',
array(
'total_amount' => number_format( $scenario['amount'], 2 ),
'actual_amount' => number_format( $scenario['amount'], 2 ),
'payment_status' => $scenario['status'],
),
array( 'encounter_id' => $encounter_id )
);
}
// ACT: Generate billing reports
$reports_response = $this->make_request( '/wp-json/kivicare/v1/reports/billing', 'GET', array(
'start_date' => '2024-01-01',
'end_date' => '2024-01-31',
'clinic_id' => $clinic_id,
), $this->admin_user );
// ASSERT: Report contains expected data
$this->assertRestResponse( $reports_response, 200 );
$report = $reports_response->get_data();
$this->assertArrayHasKey( 'total_revenue', $report );
$this->assertArrayHasKey( 'outstanding_amount', $report );
$this->assertArrayHasKey( 'payment_summary', $report );
// Verify calculations
$this->assertEquals( 525.00, $report['total_billed'] ); // Sum of all bills
$this->assertEquals( 175.00, $report['total_revenue'] ); // Only paid bills
$this->assertEquals( 350.00, $report['outstanding_amount'] ); // Unpaid + partially paid
}
}

331
tests/integration/test-clinic-data-access.php Normal file
View File

@@ -0,0 +1,331 @@
/**
* Descomplicar® Crescimento Digital
* https://descomplicar.pt
*/
<?php
/**
* Integration tests for Multi-Doctor Clinic Data Access (User Story 3).
*
* These tests validate complete user stories and MUST FAIL initially (TDD RED phase).
*
* @package KiviCare_API\Tests\Integration
*/
/**
* Clinic data access integration tests.
*
* User Story: Multi-doctor clinic data access with proper isolation
*/
class Test_Clinic_Data_Access extends KiviCare_API_Test_Case {
/**
* Test multi-doctor clinic data access workflow.
*
* @test
*/
public function test_multi_doctor_clinic_data_access_workflow() {
// This test will fail initially as clinic isolation isn't implemented
$this->markTestIncomplete( 'Multi-doctor clinic data access not implemented yet - TDD RED phase' );
// ARRANGE: Setup multi-doctor clinic scenario
$clinic1_id = $this->create_test_clinic();
$clinic2_id = $this->create_test_clinic();
// Create additional doctors
$doctor2_id = $this->factory->user->create( array(
'user_login' => 'doctor2',
'user_email' => 'doctor2@clinic.com',
'role' => 'doctor',
) );
$doctor3_id = $this->factory->user->create( array(
'user_login' => 'doctor3',
'user_email' => 'doctor3@clinic.com',
'role' => 'doctor',
) );
global $wpdb;
// Map doctors to clinics
$wpdb->insert( $wpdb->prefix . 'kc_doctor_clinic_mappings', array( 'doctor_id' => $this->doctor_user, 'clinic_id' => $clinic1_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_doctor_clinic_mappings', array( 'doctor_id' => $doctor2_id, 'clinic_id' => $clinic1_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_doctor_clinic_mappings', array( 'doctor_id' => $doctor3_id, 'clinic_id' => $clinic2_id ) );
// Create patients in different clinics
$patient1_id = $this->factory->user->create( array( 'role' => 'patient' ) );
$patient2_id = $this->factory->user->create( array( 'role' => 'patient' ) );
$patient3_id = $this->factory->user->create( array( 'role' => 'patient' ) );
$wpdb->insert( $wpdb->prefix . 'kc_patient_clinic_mappings', array( 'patient_id' => $patient1_id, 'clinic_id' => $clinic1_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_patient_clinic_mappings', array( 'patient_id' => $patient2_id, 'clinic_id' => $clinic1_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_patient_clinic_mappings', array( 'patient_id' => $patient3_id, 'clinic_id' => $clinic2_id ) );
// STEP 1: Doctor 1 creates appointment with Patient 1
$appointment1_id = $this->create_test_appointment( $clinic1_id, $this->doctor_user, $patient1_id );
// Doctor 1 creates encounter
$encounter1_response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', array(
'appointment_id' => $appointment1_id,
'description' => 'First encounter by Doctor 1',
'diagnosis' => 'Common cold',
), $this->doctor_user );
$this->assertRestResponse( $encounter1_response, 201 );
$encounter1_id = $encounter1_response->get_data()['id'];
// STEP 2: Doctor 2 should be able to access same patient data (same clinic)
$patient_access_response = $this->make_request( "/wp-json/kivicare/v1/patients/{$patient1_id}", 'GET', array(), $doctor2_id );
$this->assertRestResponse( $patient_access_response, 200 );
$patient_data = $patient_access_response->get_data();
$this->assertEquals( $patient1_id, $patient_data['id'] );
$this->assertEquals( $clinic1_id, $patient_data['clinic_id'] );
// STEP 3: Doctor 2 should see Doctor 1's encounter for same patient
$encounters_response = $this->make_request( "/wp-json/kivicare/v1/patients/{$patient1_id}/encounters", 'GET', array(), $doctor2_id );
$this->assertRestResponse( $encounters_response, 200 );
$encounters = $encounters_response->get_data();
$this->assertCount( 1, $encounters );
$this->assertEquals( $encounter1_id, $encounters[0]['id'] );
$this->assertEquals( $this->doctor_user, $encounters[0]['doctor_id'] );
// STEP 4: Doctor 2 can add notes to the encounter
$update_response = $this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter1_id}", 'PUT', array(
'description' => 'First encounter by Doctor 1. Additional notes by Doctor 2: Patient responded well to treatment.',
), $doctor2_id );
$this->assertRestResponse( $update_response, 200 );
// STEP 5: Doctor 3 (different clinic) should NOT access Patient 1
$cross_clinic_response = $this->make_request( "/wp-json/kivicare/v1/patients/{$patient1_id}", 'GET', array(), $doctor3_id );
$this->assertRestResponse( $cross_clinic_response, 403 );
$error_data = $cross_clinic_response->get_data();
$this->assertEquals( 'clinic_access_denied', $error_data['code'] );
// STEP 6: Doctor 3 should NOT see encounters from different clinic
$cross_encounters_response = $this->make_request( "/wp-json/kivicare/v1/encounters", 'GET', array( 'patient_id' => $patient1_id ), $doctor3_id );
$this->assertRestResponse( $cross_encounters_response, 403 );
// STEP 7: Verify clinic-filtered patient lists
$clinic1_patients_response = $this->make_request( '/wp-json/kivicare/v1/patients', 'GET', array(), $this->doctor_user );
$this->assertRestResponse( $clinic1_patients_response, 200 );
$clinic1_patients = $clinic1_patients_response->get_data()['data'];
$clinic1_patient_ids = wp_list_pluck( $clinic1_patients, 'id' );
// Should include patients from clinic 1 only
$this->assertContains( $patient1_id, $clinic1_patient_ids );
$this->assertContains( $patient2_id, $clinic1_patient_ids );
$this->assertNotContains( $patient3_id, $clinic1_patient_ids );
// STEP 8: Verify appointment scheduling across doctors in same clinic
$appointment2_id = $this->create_test_appointment( $clinic1_id, $doctor2_id, $patient2_id );
// Doctor 1 should see Doctor 2's appointments in clinic view
$clinic_appointments_response = $this->make_request( '/wp-json/kivicare/v1/appointments', 'GET', array( 'clinic_id' => $clinic1_id ), $this->doctor_user );
$this->assertRestResponse( $clinic_appointments_response, 200 );
$appointments = $clinic_appointments_response->get_data()['data'];
$appointment_ids = wp_list_pluck( $appointments, 'id' );
$this->assertContains( $appointment1_id, $appointment_ids );
$this->assertContains( $appointment2_id, $appointment_ids );
}
/**
* Test clinic admin permissions and data access.
*
* @test
*/
public function test_clinic_admin_data_access() {
// This test will fail initially as clinic admin roles aren't implemented
$this->markTestIncomplete( 'Clinic admin permissions not implemented yet - TDD RED phase' );
// ARRANGE: Setup clinic with admin
$clinic_id = $this->create_test_clinic();
$clinic_admin_id = $this->factory->user->create( array(
'user_login' => 'clinic_admin',
'user_email' => 'admin@clinic.com',
'role' => 'administrator',
) );
global $wpdb;
// Update clinic to have admin
$wpdb->update(
$wpdb->prefix . 'kc_clinics',
array( 'clinic_admin_id' => $clinic_admin_id ),
array( 'id' => $clinic_id )
);
// Map doctor and patients to clinic
$wpdb->insert( $wpdb->prefix . 'kc_doctor_clinic_mappings', array( 'doctor_id' => $this->doctor_user, 'clinic_id' => $clinic_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_patient_clinic_mappings', array( 'patient_id' => $this->patient_user, 'clinic_id' => $clinic_id ) );
// Create appointment and encounter
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', array(
'appointment_id' => $appointment_id,
'description' => 'Test encounter for admin access',
), $this->doctor_user );
$encounter_id = $encounter_response->get_data()['id'];
// ACT & ASSERT: Clinic admin should have full access to clinic data
// Access patient data
$patient_response = $this->make_request( "/wp-json/kivicare/v1/patients/{$this->patient_user}", 'GET', array(), $clinic_admin_id );
$this->assertRestResponse( $patient_response, 200 );
// Access encounter data
$encounter_response = $this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter_id}", 'GET', array(), $clinic_admin_id );
$this->assertRestResponse( $encounter_response, 200 );
// View clinic statistics
$stats_response = $this->make_request( "/wp-json/kivicare/v1/clinics/{$clinic_id}/statistics", 'GET', array(), $clinic_admin_id );
$this->assertRestResponse( $stats_response, 200 );
$stats = $stats_response->get_data();
$this->assertArrayHasKey( 'total_patients', $stats );
$this->assertArrayHasKey( 'total_appointments', $stats );
$this->assertArrayHasKey( 'total_encounters', $stats );
}
/**
* Test data access auditing and logging.
*
* @test
*/
public function test_clinic_data_access_auditing() {
// This test will fail initially as auditing isn't implemented
$this->markTestIncomplete( 'Data access auditing not implemented yet - TDD RED phase' );
// ARRANGE: Setup scenario with different doctors
$clinic_id = $this->create_test_clinic();
$doctor2_id = $this->factory->user->create( array( 'role' => 'doctor' ) );
global $wpdb;
$wpdb->insert( $wpdb->prefix . 'kc_doctor_clinic_mappings', array( 'doctor_id' => $this->doctor_user, 'clinic_id' => $clinic_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_doctor_clinic_mappings', array( 'doctor_id' => $doctor2_id, 'clinic_id' => $clinic_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_patient_clinic_mappings', array( 'patient_id' => $this->patient_user, 'clinic_id' => $clinic_id ) );
// Track audit log entries
$audit_entries = array();
add_action( 'kivicare_api_audit_log', function( $action, $resource_type, $resource_id, $user_id ) use ( &$audit_entries ) {
$audit_entries[] = compact( 'action', 'resource_type', 'resource_id', 'user_id' );
}, 10, 4 );
// ACT: Multiple data access operations
$this->make_request( "/wp-json/kivicare/v1/patients/{$this->patient_user}", 'GET', array(), $this->doctor_user );
$this->make_request( "/wp-json/kivicare/v1/patients/{$this->patient_user}", 'GET', array(), $doctor2_id );
$this->make_request( "/wp-json/kivicare/v1/patients/{$this->patient_user}", 'PUT', array( 'phone' => '+351999888777' ), $this->doctor_user );
// ASSERT: Audit entries were created
$this->assertCount( 3, $audit_entries );
$this->assertEquals( 'read', $audit_entries[0]['action'] );
$this->assertEquals( 'patient', $audit_entries[0]['resource_type'] );
$this->assertEquals( $this->patient_user, $audit_entries[0]['resource_id'] );
$this->assertEquals( $this->doctor_user, $audit_entries[0]['user_id'] );
$this->assertEquals( 'update', $audit_entries[2]['action'] );
}
/**
* Test clinic data isolation and security.
*
* @test
*/
public function test_clinic_data_isolation_security() {
// This test will fail initially as security isolation isn't implemented
$this->markTestIncomplete( 'Clinic data isolation security not implemented yet - TDD RED phase' );
// ARRANGE: Two separate clinics with sensitive data
$clinic1_id = $this->create_test_clinic();
$clinic2_id = $this->create_test_clinic();
$doctor_clinic1 = $this->factory->user->create( array( 'role' => 'doctor' ) );
$doctor_clinic2 = $this->factory->user->create( array( 'role' => 'doctor' ) );
$patient_clinic1 = $this->factory->user->create( array( 'role' => 'patient' ) );
$patient_clinic2 = $this->factory->user->create( array( 'role' => 'patient' ) );
global $wpdb;
// Map to respective clinics
$wpdb->insert( $wpdb->prefix . 'kc_doctor_clinic_mappings', array( 'doctor_id' => $doctor_clinic1, 'clinic_id' => $clinic1_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_doctor_clinic_mappings', array( 'doctor_id' => $doctor_clinic2, 'clinic_id' => $clinic2_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_patient_clinic_mappings', array( 'patient_id' => $patient_clinic1, 'clinic_id' => $clinic1_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_patient_clinic_mappings', array( 'patient_id' => $patient_clinic2, 'clinic_id' => $clinic2_id ) );
// Create sensitive encounters
$appointment1_id = $this->create_test_appointment( $clinic1_id, $doctor_clinic1, $patient_clinic1 );
$appointment2_id = $this->create_test_appointment( $clinic2_id, $doctor_clinic2, $patient_clinic2 );
$sensitive_encounter1 = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', array(
'appointment_id' => $appointment1_id,
'description' => 'CONFIDENTIAL: Mental health consultation - Depression treatment',
'diagnosis' => 'Major Depressive Disorder (F32.9)',
), $doctor_clinic1 );
$sensitive_encounter2 = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', array(
'appointment_id' => $appointment2_id,
'description' => 'CONFIDENTIAL: Substance abuse treatment consultation',
'diagnosis' => 'Alcohol Use Disorder (F10.20)',
), $doctor_clinic2 );
$encounter1_id = $sensitive_encounter1->get_data()['id'];
$encounter2_id = $sensitive_encounter2->get_data()['id'];
// Security test scenarios
$security_tests = array(
// Cross-clinic patient access
array(
'test' => 'Cross-clinic patient access',
'request' => "/wp-json/kivicare/v1/patients/{$patient_clinic2}",
'method' => 'GET',
'user_id' => $doctor_clinic1,
'expected' => 403,
),
// Cross-clinic encounter access
array(
'test' => 'Cross-clinic encounter access',
'request' => "/wp-json/kivicare/v1/encounters/{$encounter2_id}",
'method' => 'GET',
'user_id' => $doctor_clinic1,
'expected' => 403,
),
// Direct database manipulation attempts via API
array(
'test' => 'SQL injection attempt',
'request' => '/wp-json/kivicare/v1/patients',
'method' => 'GET',
'data' => array( 'clinic_id' => "1 OR 1=1; DROP TABLE {$wpdb->prefix}kc_clinics; --" ),
'user_id' => $doctor_clinic1,
'expected' => 400,
),
);
foreach ( $security_tests as $test ) {
$response = $this->make_request(
$test['request'],
$test['method'],
isset( $test['data'] ) ? $test['data'] : array(),
$test['user_id']
);
$this->assertRestResponse( $response, $test['expected'], "Failed security test: {$test['test']}" );
}
// Verify no data leakage in responses
$clinic1_patients_response = $this->make_request( '/wp-json/kivicare/v1/patients', 'GET', array(), $doctor_clinic1 );
$patients = $clinic1_patients_response->get_data()['data'];
foreach ( $patients as $patient ) {
$this->assertEquals( $clinic1_id, $patient['clinic_id'], 'Patient from wrong clinic returned in response' );
}
}
}

355
tests/integration/test-encounter-workflow.php Normal file
View File

@@ -0,0 +1,355 @@
/**
* Descomplicar® Crescimento Digital
* https://descomplicar.pt
*/
<?php
/**
* Integration tests for Encounter Creation Workflow (User Story 2).
*
* These tests validate complete user stories and MUST FAIL initially (TDD RED phase).
*
* @package KiviCare_API\Tests\Integration
*/
/**
* Encounter workflow integration tests.
*
* User Story: Doctor creates encounter with prescriptions
*/
class Test_Encounter_Workflow extends KiviCare_API_Test_Case {
/**
* Test complete encounter creation with prescriptions workflow.
*
* @test
*/
public function test_doctor_creates_encounter_with_prescriptions_workflow() {
// This test will fail initially as the workflow isn't implemented
$this->markTestIncomplete( 'Encounter workflow not implemented yet - TDD RED phase' );
// ARRANGE: Set up complete scenario
wp_set_current_user( $this->doctor_user );
$clinic_id = $this->create_test_clinic();
// Create patient
global $wpdb;
$wpdb->insert( $wpdb->prefix . 'kc_patient_clinic_mappings', array(
'patient_id' => $this->patient_user,
'clinic_id' => $clinic_id,
));
// Create appointment
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
// STEP 1: Doctor creates medical encounter
$encounter_data = array(
'encounter_date' => gmdate( 'Y-m-d' ),
'appointment_id' => $appointment_id,
'patient_id' => $this->patient_user,
'clinic_id' => $clinic_id,
'description' => 'Patient presents with mild fever (38.2°C), headache, and fatigue. Symptoms started 2 days ago. No cough or breathing difficulties. Physical examination reveals slightly elevated temperature, normal lung sounds, mild throat redness.',
'chief_complaint' => 'Fever and headache for 2 days',
'diagnosis' => 'Viral syndrome (R50.9)',
'treatment_plan' => 'Rest, hydration, symptomatic treatment with paracetamol',
'vital_signs' => json_encode(array(
'temperature' => '38.2°C',
'blood_pressure' => '120/80',
'heart_rate' => '85 bpm',
'weight' => '70 kg',
)),
'status' => 1,
);
$response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', $encounter_data, $this->doctor_user );
// ASSERT: Encounter created successfully
$this->assertRestResponse( $response, 201 );
$encounter = $response->get_data();
$this->assertEquals( $encounter_data['appointment_id'], $encounter['appointment_id'] );
$this->assertEquals( $encounter_data['patient_id'], $encounter['patient_id'] );
$encounter_id = $encounter['id'];
// STEP 2: Verify encounter exists in database
$db_encounter = $wpdb->get_row(
$wpdb->prepare(
"SELECT * FROM {$wpdb->prefix}kc_patient_encounters WHERE id = %d",
$encounter_id
)
);
$this->assertNotNull( $db_encounter );
$this->assertEquals( $encounter_data['description'], $db_encounter->description );
// STEP 3: Doctor adds prescriptions to encounter
$prescriptions = array(
array(
'name' => 'Paracetamol 500mg',
'frequency' => 'Every 8 hours as needed',
'duration' => '5 days',
'instruction' => 'Take with water after meals. Do not exceed 4g per day.',
'dosage' => '1-2 tablets',
'quantity' => '15 tablets',
),
array(
'name' => 'Vitamin C 1000mg',
'frequency' => 'Once daily',
'duration' => '7 days',
'instruction' => 'Take with breakfast to boost immune system.',
'dosage' => '1 tablet',
'quantity' => '7 tablets',
),
);
$prescription_ids = array();
foreach ( $prescriptions as $prescription_data ) {
$response = $this->make_request(
"/wp-json/kivicare/v1/encounters/{$encounter_id}/prescriptions",
'POST',
$prescription_data,
$this->doctor_user
);
$this->assertRestResponse( $response, 201 );
$prescription = $response->get_data();
$this->assertEquals( $encounter_id, $prescription['encounter_id'] );
$this->assertEquals( $this->patient_user, $prescription['patient_id'] );
$prescription_ids[] = $prescription['id'];
}
// STEP 4: Verify prescriptions are linked to encounter
$encounter_prescriptions_response = $this->make_request(
"/wp-json/kivicare/v1/encounters/{$encounter_id}/prescriptions",
'GET',
array(),
$this->doctor_user
);
$this->assertRestResponse( $encounter_prescriptions_response, 200 );
$encounter_prescriptions = $encounter_prescriptions_response->get_data();
$this->assertCount( 2, $encounter_prescriptions );
// Verify prescription details
foreach ( $encounter_prescriptions as $i => $prescription ) {
$this->assertEquals( $prescriptions[$i]['name'], $prescription['name'] );
$this->assertEquals( $prescriptions[$i]['frequency'], $prescription['frequency'] );
}
// STEP 5: Verify appointment status was updated to completed
$appointment_response = $this->make_request( "/wp-json/kivicare/v1/appointments/{$appointment_id}", 'GET', array(), $this->doctor_user );
$this->assertRestResponse( $appointment_response, 200 );
$appointment = $appointment_response->get_data();
$this->assertEquals( 'completed', $appointment['status'] );
// STEP 6: Verify automatic bill generation
$bill = $wpdb->get_row(
$wpdb->prepare(
"SELECT * FROM {$wpdb->prefix}kc_bills WHERE encounter_id = %d",
$encounter_id
)
);
$this->assertNotNull( $bill, 'Bill should be automatically generated for encounter' );
$this->assertEquals( $encounter_id, $bill->encounter_id );
$this->assertEquals( $appointment_id, $bill->appointment_id );
$this->assertEquals( 'unpaid', $bill->payment_status );
// STEP 7: Verify patient can view encounter and prescriptions
$patient_encounter_response = $this->make_request( "/wp-json/kivicare/v1/encounters/{$encounter_id}", 'GET', array(), $this->patient_user );
$this->assertRestResponse( $patient_encounter_response, 200 );
$patient_encounter = $patient_encounter_response->get_data();
$this->assertEquals( $encounter_id, $patient_encounter['id'] );
// Sensitive medical details should be filtered for patient view
$this->assertArrayNotHasKey( 'vital_signs', $patient_encounter );
}
/**
* Test encounter creation triggers proper workflow events.
*
* @test
*/
public function test_encounter_creation_workflow_events() {
// This test will fail initially as workflow events aren't implemented
$this->markTestIncomplete( 'Encounter workflow events not implemented yet - TDD RED phase' );
// ARRANGE: Setup scenario
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
// Track WordPress actions/hooks that should fire
$actions_fired = array();
$test_instance = $this;
add_action( 'kivicare_encounter_created', function( $encounter_id, $encounter_data ) use ( &$actions_fired, $test_instance ) {
$actions_fired['encounter_created'] = array( $encounter_id, $encounter_data );
}, 10, 2 );
add_action( 'kivicare_appointment_completed', function( $appointment_id ) use ( &$actions_fired, $test_instance ) {
$actions_fired['appointment_completed'] = $appointment_id;
} );
add_action( 'kivicare_bill_generated', function( $bill_id, $encounter_id ) use ( &$actions_fired, $test_instance ) {
$actions_fired['bill_generated'] = array( $bill_id, $encounter_id );
}, 10, 2 );
// ACT: Create encounter
$encounter_data = array(
'appointment_id' => $appointment_id,
'description' => 'Test encounter for workflow events',
'status' => 1,
);
$response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', $encounter_data, $this->doctor_user );
$this->assertRestResponse( $response, 201 );
// ASSERT: All workflow events were triggered
$this->assertArrayHasKey( 'encounter_created', $actions_fired );
$this->assertArrayHasKey( 'appointment_completed', $actions_fired );
$this->assertArrayHasKey( 'bill_generated', $actions_fired );
}
/**
* Test encounter data integrity and validation.
*
* @test
*/
public function test_encounter_data_integrity() {
// This test will fail initially as validation isn't implemented
$this->markTestIncomplete( 'Encounter data validation not implemented yet - TDD RED phase' );
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
// Test various validation scenarios
$validation_tests = array(
// Missing required fields
array(
'data' => array( 'description' => 'Test encounter' ),
'status' => 400,
'code' => 'rest_missing_callback_param',
),
// Invalid appointment ID
array(
'data' => array( 'appointment_id' => 99999, 'description' => 'Test' ),
'status' => 400,
'code' => 'invalid_appointment',
),
// Encounter for completed appointment
array(
'setup' => function() use ( $appointment_id ) {
global $wpdb;
$wpdb->update(
$wpdb->prefix . 'kc_appointments',
array( 'status' => 0 ), // Mark as completed
array( 'id' => $appointment_id )
);
},
'data' => array( 'appointment_id' => $appointment_id, 'description' => 'Test' ),
'status' => 409,
'code' => 'appointment_already_completed',
),
);
foreach ( $validation_tests as $test ) {
if ( isset( $test['setup'] ) ) {
$test['setup']();
}
$response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', $test['data'], $this->doctor_user );
$this->assertRestResponse( $response, $test['status'] );
if ( isset( $test['code'] ) ) {
$error_data = $response->get_data();
$this->assertEquals( $test['code'], $error_data['code'] );
}
}
}
/**
* Test prescription validation and drug interaction checks.
*
* @test
*/
public function test_prescription_validation_workflow() {
// This test will fail initially as prescription validation isn't implemented
$this->markTestIncomplete( 'Prescription validation not implemented yet - TDD RED phase' );
// ARRANGE: Create encounter
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', array(
'appointment_id' => $appointment_id,
'description' => 'Test encounter for prescription validation',
), $this->doctor_user );
$encounter_id = $encounter_response->get_data()['id'];
// Test prescription validation
$prescription_tests = array(
// Valid prescription
array(
'data' => array( 'name' => 'Paracetamol 500mg', 'frequency' => 'Every 8h', 'duration' => '7 days' ),
'status' => 201,
),
// Missing medication name
array(
'data' => array( 'frequency' => 'Every 8h', 'duration' => '7 days' ),
'status' => 400,
),
// Invalid duration format
array(
'data' => array( 'name' => 'Test Med', 'frequency' => 'Daily', 'duration' => 'forever' ),
'status' => 400,
),
);
foreach ( $prescription_tests as $test ) {
$response = $this->make_request(
"/wp-json/kivicare/v1/encounters/{$encounter_id}/prescriptions",
'POST',
$test['data'],
$this->doctor_user
);
$this->assertRestResponse( $response, $test['status'] );
}
}
/**
* Test encounter permissions and access control.
*
* @test
*/
public function test_encounter_permissions_workflow() {
// This test will fail initially as permissions aren't implemented
$this->markTestIncomplete( 'Encounter permissions not implemented yet - TDD RED phase' );
// ARRANGE: Create encounter
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_data = array(
'appointment_id' => $appointment_id,
'description' => 'Test encounter for permissions',
);
// Test role-based permissions
$permission_tests = array(
array( 'user_id' => $this->doctor_user, 'expected_status' => 201 ), // Doctor can create
array( 'user_id' => $this->admin_user, 'expected_status' => 201 ), // Admin can create
array( 'user_id' => $this->patient_user, 'expected_status' => 403 ), // Patient cannot create
array( 'user_id' => $this->receptionist_user, 'expected_status' => 403 ), // Receptionist cannot create
);
foreach ( $permission_tests as $i => $test ) {
// Create unique appointment for each test
$test_appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$test_data = $encounter_data;
$test_data['appointment_id'] = $test_appointment_id;
$response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', $test_data, $test['user_id'] );
$this->assertRestResponse( $response, $test['expected_status'] );
}
}
}

280
tests/integration/test-patient-creation-workflow.php Normal file
View File

@@ -0,0 +1,280 @@
/**
* Descomplicar® Crescimento Digital
* https://descomplicar.pt
*/
<?php
/**
* Integration tests for Patient Creation Workflow (User Story 1).
*
* These tests validate complete user stories and MUST FAIL initially (TDD RED phase).
*
* @package KiviCare_API\Tests\Integration
*/
/**
* Patient creation workflow integration tests.
*
* User Story: Doctor creates patient record
*/
class Test_Patient_Creation_Workflow extends KiviCare_API_Test_Case {
/**
* Test complete patient creation workflow.
*
* @test
*/
public function test_doctor_creates_patient_record_workflow() {
// This test will fail initially as the workflow isn't implemented
$this->markTestIncomplete( 'Patient creation workflow not implemented yet - TDD RED phase' );
// ARRANGE: Doctor authentication and clinic setup
wp_set_current_user( $this->doctor_user );
$clinic_id = $this->create_test_clinic();
// Map doctor to clinic
global $wpdb;
$wpdb->insert(
$wpdb->prefix . 'kc_doctor_clinic_mappings',
array(
'doctor_id' => $this->doctor_user,
'clinic_id' => $clinic_id,
'created_at' => current_time( 'mysql' ),
)
);
// STEP 1: Doctor creates new patient via API
$patient_data = array(
'display_name' => 'João Silva Santos',
'user_email' => 'joao.santos@example.com',
'first_name' => 'João',
'last_name' => 'Santos',
'clinic_id' => $clinic_id,
'phone' => '+351912345678',
'address' => 'Rua das Flores, 123',
'city' => 'Lisboa',
'postal_code' => '1000-001',
'birth_date' => '1985-05-15',
'gender' => 'M',
);
$response = $this->make_request( '/wp-json/kivicare/v1/patients', 'POST', $patient_data, $this->doctor_user );
// ASSERT: Patient created successfully
$this->assertRestResponse( $response, 201 );
$patient = $response->get_data();
$this->assertEquals( $patient_data['display_name'], $patient['display_name'] );
$this->assertEquals( $patient_data['user_email'], $patient['user_email'] );
$patient_id = $patient['id'];
// STEP 2: Verify patient exists in WordPress users table
$wp_user = get_user_by( 'id', $patient_id );
$this->assertInstanceOf( 'WP_User', $wp_user );
$this->assertEquals( $patient_data['user_email'], $wp_user->user_email );
$this->assertEquals( $patient_data['display_name'], $wp_user->display_name );
$this->assertTrue( in_array( 'patient', $wp_user->roles, true ) );
// STEP 3: Verify patient-clinic mapping was created
$mapping = $wpdb->get_row(
$wpdb->prepare(
"SELECT * FROM {$wpdb->prefix}kc_patient_clinic_mappings WHERE patient_id = %d AND clinic_id = %d",
$patient_id,
$clinic_id
)
);
$this->assertNotNull( $mapping );
$this->assertEquals( $patient_id, $mapping->patient_id );
$this->assertEquals( $clinic_id, $mapping->clinic_id );
// STEP 4: Verify patient metadata was stored correctly
$phone = get_user_meta( $patient_id, 'phone', true );
$address = get_user_meta( $patient_id, 'address', true );
$birth_date = get_user_meta( $patient_id, 'birth_date', true );
$this->assertEquals( $patient_data['phone'], $phone );
$this->assertEquals( $patient_data['address'], $address );
$this->assertEquals( $patient_data['birth_date'], $birth_date );
// STEP 5: Verify doctor can retrieve patient data
$get_response = $this->make_request( "/wp-json/kivicare/v1/patients/{$patient_id}", 'GET', array(), $this->doctor_user );
$this->assertRestResponse( $get_response, 200 );
$retrieved_patient = $get_response->get_data();
$this->assertEquals( $patient_id, $retrieved_patient['id'] );
$this->assertEquals( $clinic_id, $retrieved_patient['clinic_id'] );
// STEP 6: Verify patient appears in clinic's patient list
$list_response = $this->make_request( '/wp-json/kivicare/v1/patients', 'GET', array( 'clinic_id' => $clinic_id ), $this->doctor_user );
$this->assertRestResponse( $list_response, 200 );
$patients_list = $list_response->get_data();
$this->assertIsArray( $patients_list['data'] );
$found_patient = false;
foreach ( $patients_list['data'] as $list_patient ) {
if ( $list_patient['id'] === $patient_id ) {
$found_patient = true;
break;
}
}
$this->assertTrue( $found_patient, 'Created patient should appear in clinic patient list' );
}
/**
* Test patient creation with duplicate email handling.
*
* @test
*/
public function test_patient_creation_duplicate_email_handling() {
// This test will fail initially as duplicate handling isn't implemented
$this->markTestIncomplete( 'Duplicate email handling not implemented yet - TDD RED phase' );
// ARRANGE: First patient created successfully
$clinic_id = $this->create_test_clinic();
$patient_data = array(
'display_name' => 'João Silva',
'user_email' => 'joao@example.com',
'clinic_id' => $clinic_id,
);
$first_response = $this->make_request( '/wp-json/kivicare/v1/patients', 'POST', $patient_data, $this->doctor_user );
$this->assertRestResponse( $first_response, 201 );
// ACT: Try to create second patient with same email
$duplicate_data = array(
'display_name' => 'João Santos',
'user_email' => 'joao@example.com', // Same email
'clinic_id' => $clinic_id,
);
$duplicate_response = $this->make_request( '/wp-json/kivicare/v1/patients', 'POST', $duplicate_data, $this->doctor_user );
// ASSERT: Should return appropriate error
$this->assertRestResponse( $duplicate_response, 409 );
$error_data = $duplicate_response->get_data();
$this->assertEquals( 'duplicate_email', $error_data['code'] );
}
/**
* Test patient creation with data validation.
*
* @test
*/
public function test_patient_creation_data_validation() {
// This test will fail initially as validation isn't implemented
$this->markTestIncomplete( 'Patient data validation not implemented yet - TDD RED phase' );
$clinic_id = $this->create_test_clinic();
// Test required field validation
$invalid_data_sets = array(
// Missing name
array(
'data' => array( 'user_email' => 'test@example.com', 'clinic_id' => $clinic_id ),
'field' => 'display_name',
),
// Missing email
array(
'data' => array( 'display_name' => 'Test Patient', 'clinic_id' => $clinic_id ),
'field' => 'user_email',
),
// Invalid email format
array(
'data' => array( 'display_name' => 'Test Patient', 'user_email' => 'invalid-email', 'clinic_id' => $clinic_id ),
'field' => 'user_email',
),
// Missing clinic
array(
'data' => array( 'display_name' => 'Test Patient', 'user_email' => 'test@example.com' ),
'field' => 'clinic_id',
),
// Invalid clinic ID
array(
'data' => array( 'display_name' => 'Test Patient', 'user_email' => 'test@example.com', 'clinic_id' => 99999 ),
'field' => 'clinic_id',
),
);
foreach ( $invalid_data_sets as $test_case ) {
$response = $this->make_request( '/wp-json/kivicare/v1/patients', 'POST', $test_case['data'], $this->doctor_user );
$this->assertRestResponse( $response, 400 );
$error_data = $response->get_data();
$this->assertArrayHasKey( 'data', $error_data );
$this->assertArrayHasKey( 'params', $error_data['data'] );
$this->assertArrayHasKey( $test_case['field'], $error_data['data']['params'] );
}
}
/**
* Test patient creation permissions by role.
*
* @test
*/
public function test_patient_creation_permissions() {
// This test will fail initially as permissions aren't implemented
$this->markTestIncomplete( 'Patient creation permissions not implemented yet - TDD RED phase' );
$clinic_id = $this->create_test_clinic();
$patient_data = array(
'display_name' => 'Test Patient',
'user_email' => 'test@example.com',
'clinic_id' => $clinic_id,
);
// Test different role permissions
$role_tests = array(
array( 'user_id' => $this->admin_user, 'expected_status' => 201 ), // Admin can create
array( 'user_id' => $this->doctor_user, 'expected_status' => 201 ), // Doctor can create
array( 'user_id' => $this->receptionist_user, 'expected_status' => 201 ), // Receptionist can create
array( 'user_id' => $this->patient_user, 'expected_status' => 403 ), // Patient cannot create
);
foreach ( $role_tests as $i => $test ) {
// Make email unique for each test
$test_data = $patient_data;
$test_data['user_email'] = "test{$i}@example.com";
$response = $this->make_request( '/wp-json/kivicare/v1/patients', 'POST', $test_data, $test['user_id'] );
$this->assertRestResponse( $response, $test['expected_status'] );
}
}
/**
* Test patient creation with clinic isolation.
*
* @test
*/
public function test_patient_creation_clinic_isolation() {
// This test will fail initially as clinic isolation isn't implemented
$this->markTestIncomplete( 'Clinic isolation not implemented yet - TDD RED phase' );
// ARRANGE: Two different clinics and doctors
$clinic1_id = $this->create_test_clinic();
$clinic2_id = $this->create_test_clinic();
$doctor2_id = $this->factory->user->create( array( 'role' => 'doctor' ) );
global $wpdb;
// Map doctors to their respective clinics
$wpdb->insert( $wpdb->prefix . 'kc_doctor_clinic_mappings', array( 'doctor_id' => $this->doctor_user, 'clinic_id' => $clinic1_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_doctor_clinic_mappings', array( 'doctor_id' => $doctor2_id, 'clinic_id' => $clinic2_id ) );
// ACT: Doctor 1 tries to create patient in Doctor 2's clinic
$patient_data = array(
'display_name' => 'Cross Clinic Patient',
'user_email' => 'cross@example.com',
'clinic_id' => $clinic2_id, // Different clinic
);
$response = $this->make_request( '/wp-json/kivicare/v1/patients', 'POST', $patient_data, $this->doctor_user );
// ASSERT: Should be forbidden
$this->assertRestResponse( $response, 403 );
$error_data = $response->get_data();
$this->assertEquals( 'clinic_access_denied', $error_data['code'] );
}
}

409
tests/integration/test-role-permissions.php Normal file
View File

@@ -0,0 +1,409 @@
/**
* Descomplicar® Crescimento Digital
* https://descomplicar.pt
*/
<?php
/**
* Integration tests for Role-Based Access Control (User Story 5).
*
* These tests validate complete user stories and MUST FAIL initially (TDD RED phase).
*
* @package KiviCare_API\Tests\Integration
*/
/**
* Role-based permissions integration tests.
*
* User Story: Role-based access control across all API endpoints
*/
class Test_Role_Permissions extends KiviCare_API_Test_Case {
/**
* Test complete role-based access control workflow.
*
* @test
*/
public function test_role_based_access_control_workflow() {
// This test will fail initially as role-based permissions aren't implemented
$this->markTestIncomplete( 'Role-based access control not implemented yet - TDD RED phase' );
// ARRANGE: Setup complete scenario with all roles
$clinic_id = $this->create_test_clinic();
global $wpdb;
// Map users to clinic
$wpdb->insert( $wpdb->prefix . 'kc_doctor_clinic_mappings', array( 'doctor_id' => $this->doctor_user, 'clinic_id' => $clinic_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_patient_clinic_mappings', array( 'patient_id' => $this->patient_user, 'clinic_id' => $clinic_id ) );
// Create test data
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
$encounter_response = $this->make_request( '/wp-json/kivicare/v1/encounters', 'POST', array(
'appointment_id' => $appointment_id,
'description' => 'Test encounter for permission testing',
), $this->doctor_user );
$encounter_id = $encounter_response->get_data()['id'];
// Define permission matrix for all roles and endpoints
$permission_matrix = array(
// ADMINISTRATOR - Full access to everything
'administrator' => array(
'user_id' => $this->admin_user,
'permissions' => array(
// Clinics
array( 'GET', '/wp-json/kivicare/v1/clinics', 200 ),
array( 'POST', '/wp-json/kivicare/v1/clinics', 201 ),
array( 'PUT', "/wp-json/kivicare/v1/clinics/{$clinic_id}", 200 ),
array( 'DELETE', "/wp-json/kivicare/v1/clinics/{$clinic_id}", 200 ),
// Patients
array( 'GET', '/wp-json/kivicare/v1/patients', 200 ),
array( 'POST', '/wp-json/kivicare/v1/patients', 201 ),
array( 'GET', "/wp-json/kivicare/v1/patients/{$this->patient_user}", 200 ),
array( 'PUT', "/wp-json/kivicare/v1/patients/{$this->patient_user}", 200 ),
// Appointments
array( 'GET', '/wp-json/kivicare/v1/appointments', 200 ),
array( 'POST', '/wp-json/kivicare/v1/appointments', 201 ),
array( 'GET', "/wp-json/kivicare/v1/appointments/{$appointment_id}", 200 ),
array( 'PUT', "/wp-json/kivicare/v1/appointments/{$appointment_id}", 200 ),
array( 'DELETE', "/wp-json/kivicare/v1/appointments/{$appointment_id}", 200 ),
// Encounters
array( 'GET', '/wp-json/kivicare/v1/encounters', 200 ),
array( 'POST', '/wp-json/kivicare/v1/encounters', 201 ),
array( 'GET', "/wp-json/kivicare/v1/encounters/{$encounter_id}", 200 ),
array( 'PUT', "/wp-json/kivicare/v1/encounters/{$encounter_id}", 200 ),
// Bills
array( 'GET', '/wp-json/kivicare/v1/bills', 200 ),
array( 'POST', "/wp-json/kivicare/v1/bills/1/payment", 200 ),
),
),
// DOCTOR - Medical access, read patients, create encounters
'doctor' => array(
'user_id' => $this->doctor_user,
'permissions' => array(
// Clinics - Read only
array( 'GET', '/wp-json/kivicare/v1/clinics', 200 ),
array( 'POST', '/wp-json/kivicare/v1/clinics', 403 ),
array( 'PUT', "/wp-json/kivicare/v1/clinics/{$clinic_id}", 403 ),
array( 'DELETE', "/wp-json/kivicare/v1/clinics/{$clinic_id}", 403 ),
// Patients - Full access to clinic patients
array( 'GET', '/wp-json/kivicare/v1/patients', 200 ),
array( 'POST', '/wp-json/kivicare/v1/patients', 201 ),
array( 'GET', "/wp-json/kivicare/v1/patients/{$this->patient_user}", 200 ),
array( 'PUT', "/wp-json/kivicare/v1/patients/{$this->patient_user}", 200 ),
// Appointments - Read and update own appointments
array( 'GET', '/wp-json/kivicare/v1/appointments', 200 ),
array( 'POST', '/wp-json/kivicare/v1/appointments', 403 ), // Cannot create
array( 'GET', "/wp-json/kivicare/v1/appointments/{$appointment_id}", 200 ),
array( 'PUT', "/wp-json/kivicare/v1/appointments/{$appointment_id}", 200 ),
array( 'DELETE', "/wp-json/kivicare/v1/appointments/{$appointment_id}", 403 ),
// Encounters - Full access
array( 'GET', '/wp-json/kivicare/v1/encounters', 200 ),
array( 'POST', '/wp-json/kivicare/v1/encounters', 201 ),
array( 'GET', "/wp-json/kivicare/v1/encounters/{$encounter_id}", 200 ),
array( 'PUT', "/wp-json/kivicare/v1/encounters/{$encounter_id}", 200 ),
// Prescriptions - Full access
array( 'POST', "/wp-json/kivicare/v1/encounters/{$encounter_id}/prescriptions", 201 ),
// Bills - Read only
array( 'GET', '/wp-json/kivicare/v1/bills', 200 ),
array( 'POST', "/wp-json/kivicare/v1/bills/1/payment", 403 ),
),
),
// PATIENT - Own data only, read-only access
'patient' => array(
'user_id' => $this->patient_user,
'permissions' => array(
// Clinics - No access
array( 'GET', '/wp-json/kivicare/v1/clinics', 403 ),
array( 'POST', '/wp-json/kivicare/v1/clinics', 403 ),
// Patients - Own data only
array( 'GET', '/wp-json/kivicare/v1/patients', 403 ), // Cannot list all patients
array( 'POST', '/wp-json/kivicare/v1/patients', 403 ),
array( 'GET', "/wp-json/kivicare/v1/patients/{$this->patient_user}", 200 ), // Own data
array( 'PUT', "/wp-json/kivicare/v1/patients/{$this->patient_user}", 200 ), // Update own data
// Appointments - Own appointments only
array( 'GET', '/wp-json/kivicare/v1/appointments', 200 ), // Filtered to own
array( 'POST', '/wp-json/kivicare/v1/appointments', 201 ), // Can book appointments
array( 'GET', "/wp-json/kivicare/v1/appointments/{$appointment_id}", 200 ),
array( 'PUT', "/wp-json/kivicare/v1/appointments/{$appointment_id}", 403 ), // Cannot modify
array( 'DELETE', "/wp-json/kivicare/v1/appointments/{$appointment_id}", 200 ), // Can cancel own
// Encounters - Own encounters, read-only
array( 'GET', '/wp-json/kivicare/v1/encounters', 200 ), // Filtered to own
array( 'POST', '/wp-json/kivicare/v1/encounters', 403 ),
array( 'GET', "/wp-json/kivicare/v1/encounters/{$encounter_id}", 200 ),
array( 'PUT', "/wp-json/kivicare/v1/encounters/{$encounter_id}", 403 ),
// Prescriptions - Read own prescriptions
array( 'GET', "/wp-json/kivicare/v1/patients/{$this->patient_user}/prescriptions", 200 ),
array( 'POST', "/wp-json/kivicare/v1/encounters/{$encounter_id}/prescriptions", 403 ),
// Bills - Own bills only
array( 'GET', '/wp-json/kivicare/v1/bills', 200 ), // Filtered to own
array( 'POST', "/wp-json/kivicare/v1/bills/1/payment", 403 ),
),
),
// RECEPTIONIST - Appointments and basic patient data
'receptionist' => array(
'user_id' => $this->receptionist_user,
'permissions' => array(
// Clinics - Read only
array( 'GET', '/wp-json/kivicare/v1/clinics', 200 ),
array( 'POST', '/wp-json/kivicare/v1/clinics', 403 ),
// Patients - Basic access
array( 'GET', '/wp-json/kivicare/v1/patients', 200 ),
array( 'POST', '/wp-json/kivicare/v1/patients', 201 ),
array( 'GET', "/wp-json/kivicare/v1/patients/{$this->patient_user}", 200 ),
array( 'PUT', "/wp-json/kivicare/v1/patients/{$this->patient_user}", 200 ), // Basic info only
// Appointments - Full access
array( 'GET', '/wp-json/kivicare/v1/appointments', 200 ),
array( 'POST', '/wp-json/kivicare/v1/appointments', 201 ),
array( 'GET', "/wp-json/kivicare/v1/appointments/{$appointment_id}", 200 ),
array( 'PUT', "/wp-json/kivicare/v1/appointments/{$appointment_id}", 200 ),
array( 'DELETE', "/wp-json/kivicare/v1/appointments/{$appointment_id}", 200 ),
// Encounters - No access to medical data
array( 'GET', '/wp-json/kivicare/v1/encounters', 403 ),
array( 'POST', '/wp-json/kivicare/v1/encounters', 403 ),
array( 'GET', "/wp-json/kivicare/v1/encounters/{$encounter_id}", 403 ),
// Bills - Full access
array( 'GET', '/wp-json/kivicare/v1/bills', 200 ),
array( 'POST', "/wp-json/kivicare/v1/bills/1/payment", 200 ),
),
),
);
// Execute permission tests for each role
foreach ( $permission_matrix as $role => $role_data ) {
foreach ( $role_data['permissions'] as $permission ) {
list( $method, $endpoint, $expected_status ) = $permission;
// Prepare test data based on method
$test_data = array();
if ( $method === 'POST' ) {
if ( strpos( $endpoint, 'clinics' ) !== false ) {
$test_data = array( 'name' => 'Test Clinic', 'email' => 'test@clinic.com' );
} elseif ( strpos( $endpoint, 'patients' ) !== false ) {
$test_data = array( 'display_name' => 'Test Patient', 'user_email' => 'test@patient.com', 'clinic_id' => $clinic_id );
} elseif ( strpos( $endpoint, 'appointments' ) !== false ) {
$test_data = array(
'appointment_start_date' => gmdate( 'Y-m-d', strtotime( '+2 days' ) ),
'appointment_start_time' => '10:00:00',
'appointment_end_time' => '10:30:00',
'doctor_id' => $this->doctor_user,
'patient_id' => $this->patient_user,
'clinic_id' => $clinic_id,
);
} elseif ( strpos( $endpoint, 'encounters' ) !== false ) {
$test_data = array( 'appointment_id' => $appointment_id, 'description' => 'Test encounter' );
} elseif ( strpos( $endpoint, 'prescriptions' ) !== false ) {
$test_data = array( 'name' => 'Test Medicine', 'frequency' => 'Daily', 'duration' => '7 days' );
} elseif ( strpos( $endpoint, 'payment' ) !== false ) {
$test_data = array( 'amount' => '50.00', 'payment_method' => 'cash' );
}
} elseif ( $method === 'PUT' ) {
if ( strpos( $endpoint, 'clinics' ) !== false ) {
$test_data = array( 'name' => 'Updated Clinic Name' );
} elseif ( strpos( $endpoint, 'patients' ) !== false ) {
$test_data = array( 'phone' => '+351999888777' );
} elseif ( strpos( $endpoint, 'appointments' ) !== false ) {
$test_data = array( 'description' => 'Updated appointment notes' );
} elseif ( strpos( $endpoint, 'encounters' ) !== false ) {
$test_data = array( 'description' => 'Updated encounter notes' );
}
}
// Make request and assert
$response = $this->make_request( $endpoint, $method, $test_data, $role_data['user_id'] );
$this->assertRestResponse(
$response,
$expected_status,
"Failed permission test for role {$role}: {$method} {$endpoint} (expected {$expected_status}, got {$response->get_status()})"
);
}
}
}
/**
* Test data filtering based on user role and clinic access.
*
* @test
*/
public function test_role_based_data_filtering() {
// This test will fail initially as data filtering isn't implemented
$this->markTestIncomplete( 'Role-based data filtering not implemented yet - TDD RED phase' );
// ARRANGE: Setup multi-clinic scenario
$clinic1_id = $this->create_test_clinic();
$clinic2_id = $this->create_test_clinic();
$doctor2_id = $this->factory->user->create( array( 'role' => 'doctor' ) );
$patient2_id = $this->factory->user->create( array( 'role' => 'patient' ) );
global $wpdb;
// Map users to different clinics
$wpdb->insert( $wpdb->prefix . 'kc_doctor_clinic_mappings', array( 'doctor_id' => $this->doctor_user, 'clinic_id' => $clinic1_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_doctor_clinic_mappings', array( 'doctor_id' => $doctor2_id, 'clinic_id' => $clinic2_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_patient_clinic_mappings', array( 'patient_id' => $this->patient_user, 'clinic_id' => $clinic1_id ) );
$wpdb->insert( $wpdb->prefix . 'kc_patient_clinic_mappings', array( 'patient_id' => $patient2_id, 'clinic_id' => $clinic2_id ) );
// Create appointments in both clinics
$appointment1_id = $this->create_test_appointment( $clinic1_id, $this->doctor_user, $this->patient_user );
$appointment2_id = $this->create_test_appointment( $clinic2_id, $doctor2_id, $patient2_id );
// TEST: Doctor 1 should only see clinic 1 data
$doctor1_patients = $this->make_request( '/wp-json/kivicare/v1/patients', 'GET', array(), $this->doctor_user );
$patients_data = $doctor1_patients->get_data()['data'];
foreach ( $patients_data as $patient ) {
$this->assertEquals( $clinic1_id, $patient['clinic_id'], 'Doctor should only see patients from their clinic' );
}
$doctor1_appointments = $this->make_request( '/wp-json/kivicare/v1/appointments', 'GET', array(), $this->doctor_user );
$appointments_data = $doctor1_appointments->get_data()['data'];
foreach ( $appointments_data as $appointment ) {
$this->assertEquals( $clinic1_id, $appointment['clinic_id'], 'Doctor should only see appointments from their clinic' );
}
// TEST: Patient should only see own data
$patient_appointments = $this->make_request( '/wp-json/kivicare/v1/appointments', 'GET', array(), $this->patient_user );
$patient_appointments_data = $patient_appointments->get_data()['data'];
foreach ( $patient_appointments_data as $appointment ) {
$this->assertEquals( $this->patient_user, $appointment['patient_id'], 'Patient should only see their own appointments' );
}
// TEST: Administrator should see all data
$admin_patients = $this->make_request( '/wp-json/kivicare/v1/patients', 'GET', array(), $this->admin_user );
$all_patients_data = $admin_patients->get_data()['data'];
$clinic_ids = wp_list_pluck( $all_patients_data, 'clinic_id' );
$this->assertContains( $clinic1_id, $clinic_ids );
$this->assertContains( $clinic2_id, $clinic_ids );
}
/**
* Test API key authentication and permissions.
*
* @test
*/
public function test_api_key_authentication_permissions() {
// This test will fail initially as API key authentication isn't implemented
$this->markTestIncomplete( 'API key authentication not implemented yet - TDD RED phase' );
// ARRANGE: Generate API keys for different purposes
$api_keys = array(
'read_only' => $this->generate_api_key( 'read_only', array( 'read_patients', 'read_appointments' ) ),
'full_admin' => $this->generate_api_key( 'full_admin', array( 'all' ) ),
'billing' => $this->generate_api_key( 'billing', array( 'read_bills', 'process_payments' ) ),
);
$clinic_id = $this->create_test_clinic();
$appointment_id = $this->create_test_appointment( $clinic_id, $this->doctor_user, $this->patient_user );
// Test API key permissions
$api_key_tests = array(
array( 'key' => 'read_only', 'method' => 'GET', 'endpoint' => '/wp-json/kivicare/v1/patients', 'expected' => 200 ),
array( 'key' => 'read_only', 'method' => 'POST', 'endpoint' => '/wp-json/kivicare/v1/patients', 'expected' => 403 ),
array( 'key' => 'full_admin', 'method' => 'POST', 'endpoint' => '/wp-json/kivicare/v1/patients', 'expected' => 201 ),
array( 'key' => 'billing', 'method' => 'GET', 'endpoint' => '/wp-json/kivicare/v1/bills', 'expected' => 200 ),
array( 'key' => 'billing', 'method' => 'GET', 'endpoint' => '/wp-json/kivicare/v1/patients', 'expected' => 403 ),
);
foreach ( $api_key_tests as $test ) {
// Set API key in header
$_SERVER['HTTP_X_API_KEY'] = $api_keys[ $test['key'] ];
$test_data = array();
if ( $test['method'] === 'POST' && strpos( $test['endpoint'], 'patients' ) !== false ) {
$test_data = array( 'display_name' => 'API Test Patient', 'user_email' => 'api@test.com', 'clinic_id' => $clinic_id );
}
$response = $this->make_request( $test['endpoint'], $test['method'], $test_data );
$this->assertRestResponse( $response, $test['expected'] );
}
// Cleanup
unset( $_SERVER['HTTP_X_API_KEY'] );
}
/**
* Test permission inheritance and role hierarchy.
*
* @test
*/
public function test_permission_inheritance_hierarchy() {
// This test will fail initially as role hierarchy isn't implemented
$this->markTestIncomplete( 'Permission inheritance not implemented yet - TDD RED phase' );
// Create custom role with specific capabilities
add_role( 'clinic_manager', 'Clinic Manager', array(
'read' => true,
'manage_kivicare_api' => true,
'kivicare_api_clinic_admin' => true,
'kivicare_api_manage_doctors' => true,
'kivicare_api_manage_patients' => true,
'kivicare_api_view_reports' => true,
));
$clinic_manager_id = $this->factory->user->create( array( 'role' => 'clinic_manager' ) );
$clinic_id = $this->create_test_clinic();
// Test role hierarchy permissions
$hierarchy_tests = array(
// Clinic manager should have patient and doctor management access
array( 'user' => $clinic_manager_id, 'endpoint' => '/wp-json/kivicare/v1/patients', 'method' => 'GET', 'expected' => 200 ),
array( 'user' => $clinic_manager_id, 'endpoint' => '/wp-json/kivicare/v1/patients', 'method' => 'POST', 'expected' => 201 ),
array( 'user' => $clinic_manager_id, 'endpoint' => '/wp-json/kivicare/v1/reports/clinic', 'method' => 'GET', 'expected' => 200 ),
// But should NOT have medical data access
array( 'user' => $clinic_manager_id, 'endpoint' => '/wp-json/kivicare/v1/encounters', 'method' => 'GET', 'expected' => 403 ),
array( 'user' => $clinic_manager_id, 'endpoint' => '/wp-json/kivicare/v1/encounters/1/prescriptions', 'method' => 'POST', 'expected' => 403 ),
);
foreach ( $hierarchy_tests as $test ) {
$test_data = array();
if ( $test['method'] === 'POST' && strpos( $test['endpoint'], 'patients' ) !== false ) {
$test_data = array( 'display_name' => 'Manager Test', 'user_email' => 'manager@test.com', 'clinic_id' => $clinic_id );
}
$response = $this->make_request( $test['endpoint'], $test['method'], $test_data, $test['user'] );
$this->assertRestResponse( $response, $test['expected'] );
}
// Cleanup custom role
remove_role( 'clinic_manager' );
}
/**
* Helper method to generate API key (will be implemented).
*
* @param string $name Key name.
* @param array $permissions Key permissions.
* @return string API key.
*/
private function generate_api_key( $name, $permissions ) {
// This would be implemented with actual API key generation
return 'api_key_' . $name . '_' . wp_generate_password( 32, false );
}
}

111
tests/mocks/mock-kivicare.php Normal file
View File

@@ -0,0 +1,111 @@
/**
* Descomplicar® Crescimento Digital
* https://descomplicar.pt
*/
<?php
/**
* Mock KiviCare plugin functionality for testing.
*
* @package KiviCare_API\Tests\Mocks
*/
// Exit if accessed directly.
if ( ! defined( 'ABSPATH' ) ) {
exit;
}
/**
* Mock KiviCare plugin activation check.
*/
function mock_kivicare_activation() {
// Mock the KiviCare plugin as active
add_filter( 'active_plugins', function( $plugins ) {
$plugins[] = 'kivicare-clinic-&-patient-management-system/kivicare-clinic-&-patient-management-system.php';
return $plugins;
});
}
/**
* Mock KiviCare user roles.
*/
function mock_kivicare_roles() {
// Add KiviCare roles that don't exist in core WordPress
add_role( 'doctor', 'Doctor', array(
'read' => true,
'manage_kivicare_api' => true,
'kivicare_api_medical_access' => true,
));
add_role( 'patient', 'Patient', array(
'read' => true,
'manage_kivicare_api' => true,
'kivicare_api_patient_access' => true,
));
add_role( 'kivicare_receptionist', 'Receptionist', array(
'read' => true,
'manage_kivicare_api' => true,
'kivicare_api_reception_access' => true,
));
// Add capabilities to administrator role
$admin_role = get_role( 'administrator' );
if ( $admin_role ) {
$admin_role->add_cap( 'manage_kivicare_api' );
$admin_role->add_cap( 'kivicare_api_full_access' );
}
}
/**
* Mock KiviCare constants.
*/
function mock_kivicare_constants() {
if ( ! defined( 'KIVI_CARE_VERSION' ) ) {
define( 'KIVI_CARE_VERSION', '2.5.0' );
}
if ( ! defined( 'KIVI_CARE_DIR' ) ) {
define( 'KIVI_CARE_DIR', WP_PLUGIN_DIR . '/kivicare-clinic-&-patient-management-system/' );
}
}
/**
* Mock KiviCare helper functions.
*/
if ( ! function_exists( 'kcGetDefaultClinicId' ) ) {
/**
* Mock function to get default clinic ID.
*
* @return int
*/
function kcGetDefaultClinicId() {
return get_option( 'kivicare_api_test_clinic_id', 1 );
}
}
if ( ! function_exists( 'kcCheckPermission' ) ) {
/**
* Mock function to check KiviCare permissions.
*
* @param string $permission Permission to check.
* @return bool
*/
function kcCheckPermission( $permission ) {
return current_user_can( 'manage_kivicare_api' );
}
}
/**
* Initialize mock KiviCare functionality.
*/
function init_mock_kivicare() {
mock_kivicare_activation();
mock_kivicare_constants();
// Wait until init to add roles
add_action( 'init', 'mock_kivicare_roles' );
}
// Initialize mocks
init_mock_kivicare();

280
tests/setup/test-database.php Normal file
View File

@@ -0,0 +1,280 @@
/**
* Descomplicar® Crescimento Digital
* https://descomplicar.pt
*/
<?php
/**
* Test database setup for KiviCare API tests.
*
* @package KiviCare_API\Tests
*/
/**
* Class to handle test database setup.
*/
class KiviCare_API_Test_Database {
/**
* Create necessary KiviCare tables for testing.
*/
public static function create_tables() {
global $wpdb;
$charset_collate = $wpdb->get_charset_collate();
// Clinics table
$table_name = $wpdb->prefix . 'kc_clinics';
$sql = "CREATE TABLE $table_name (
id bigint(20) NOT NULL AUTO_INCREMENT,
name varchar(191) NOT NULL,
email varchar(191) DEFAULT NULL,
telephone_no varchar(191) DEFAULT NULL,
specialties longtext,
address text,
city varchar(191) DEFAULT NULL,
state varchar(191) DEFAULT NULL,
country varchar(191) DEFAULT NULL,
postal_code varchar(191) DEFAULT NULL,
status tinyint(1) DEFAULT 1,
clinic_admin_id bigint(20) DEFAULT NULL,
clinic_logo bigint(20) DEFAULT NULL,
profile_image bigint(20) DEFAULT NULL,
extra longtext,
created_at datetime DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (id),
KEY clinic_admin_id (clinic_admin_id),
KEY status (status)
) $charset_collate;";
require_once ABSPATH . 'wp-admin/includes/upgrade.php';
dbDelta( $sql );
// Appointments table
$table_name = $wpdb->prefix . 'kc_appointments';
$sql = "CREATE TABLE $table_name (
id bigint(20) NOT NULL AUTO_INCREMENT,
appointment_start_date date NOT NULL,
appointment_start_time time NOT NULL,
appointment_end_date date DEFAULT NULL,
appointment_end_time time DEFAULT NULL,
visit_type varchar(191) DEFAULT NULL,
clinic_id bigint(20) NOT NULL,
doctor_id bigint(20) NOT NULL,
patient_id bigint(20) NOT NULL,
description text,
status tinyint(1) DEFAULT 1,
appointment_report longtext,
created_at datetime DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (id),
KEY clinic_id (clinic_id),
KEY doctor_id (doctor_id),
KEY patient_id (patient_id),
KEY appointment_date (appointment_start_date, appointment_start_time),
KEY status (status)
) $charset_collate;";
dbDelta( $sql );
// Patient encounters table
$table_name = $wpdb->prefix . 'kc_patient_encounters';
$sql = "CREATE TABLE $table_name (
id bigint(20) NOT NULL AUTO_INCREMENT,
encounter_date date NOT NULL,
clinic_id bigint(20) NOT NULL,
doctor_id bigint(20) NOT NULL,
patient_id bigint(20) NOT NULL,
appointment_id bigint(20) DEFAULT NULL,
description text,
status tinyint(1) DEFAULT 1,
added_by bigint(20) DEFAULT NULL,
template_id bigint(20) DEFAULT NULL,
created_at datetime DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (id),
KEY clinic_id (clinic_id),
KEY doctor_id (doctor_id),
KEY patient_id (patient_id),
KEY appointment_id (appointment_id),
KEY encounter_date (encounter_date)
) $charset_collate;";
dbDelta( $sql );
// Prescriptions table
$table_name = $wpdb->prefix . 'kc_prescription';
$sql = "CREATE TABLE $table_name (
id bigint(20) NOT NULL AUTO_INCREMENT,
encounter_id bigint(20) NOT NULL,
patient_id bigint(20) NOT NULL,
name text NOT NULL,
frequency varchar(199) DEFAULT NULL,
duration varchar(199) DEFAULT NULL,
instruction text,
added_by bigint(20) DEFAULT NULL,
is_from_template tinyint(1) DEFAULT 0,
created_at datetime DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (id),
KEY encounter_id (encounter_id),
KEY patient_id (patient_id)
) $charset_collate;";
dbDelta( $sql );
// Bills table
$table_name = $wpdb->prefix . 'kc_bills';
$sql = "CREATE TABLE $table_name (
id bigint(20) NOT NULL AUTO_INCREMENT,
encounter_id bigint(20) DEFAULT NULL,
appointment_id bigint(20) DEFAULT NULL,
clinic_id bigint(20) NOT NULL,
title varchar(191) DEFAULT NULL,
total_amount varchar(50) DEFAULT NULL,
discount varchar(50) DEFAULT '0',
actual_amount varchar(50) DEFAULT NULL,
status bigint(20) DEFAULT 1,
payment_status varchar(10) DEFAULT 'unpaid',
created_at datetime DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (id),
KEY encounter_id (encounter_id),
KEY appointment_id (appointment_id),
KEY clinic_id (clinic_id),
KEY payment_status (payment_status)
) $charset_collate;";
dbDelta( $sql );
// Services table
$table_name = $wpdb->prefix . 'kc_services';
$sql = "CREATE TABLE $table_name (
id bigint(20) NOT NULL AUTO_INCREMENT,
type varchar(191) DEFAULT 'system_service',
name varchar(191) NOT NULL,
price varchar(50) DEFAULT '0',
status tinyint(1) DEFAULT 1,
created_at datetime DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (id),
KEY type (type),
KEY status (status)
) $charset_collate;";
dbDelta( $sql );
// Doctor clinic mappings
$table_name = $wpdb->prefix . 'kc_doctor_clinic_mappings';
$sql = "CREATE TABLE $table_name (
id bigint(20) NOT NULL AUTO_INCREMENT,
doctor_id bigint(20) NOT NULL,
clinic_id bigint(20) NOT NULL,
created_at datetime DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (id),
UNIQUE KEY doctor_clinic (doctor_id, clinic_id),
KEY doctor_id (doctor_id),
KEY clinic_id (clinic_id)
) $charset_collate;";
dbDelta( $sql );
// Patient clinic mappings
$table_name = $wpdb->prefix . 'kc_patient_clinic_mappings';
$sql = "CREATE TABLE $table_name (
id bigint(20) NOT NULL AUTO_INCREMENT,
patient_id bigint(20) NOT NULL,
clinic_id bigint(20) NOT NULL,
created_at datetime DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (id),
UNIQUE KEY patient_clinic (patient_id, clinic_id),
KEY patient_id (patient_id),
KEY clinic_id (clinic_id)
) $charset_collate;";
dbDelta( $sql );
// Appointment service mappings
$table_name = $wpdb->prefix . 'kc_appointment_service_mapping';
$sql = "CREATE TABLE $table_name (
id bigint(20) NOT NULL AUTO_INCREMENT,
appointment_id bigint(20) NOT NULL,
service_id bigint(20) NOT NULL,
created_at datetime DEFAULT CURRENT_TIMESTAMP,
PRIMARY KEY (id),
KEY appointment_id (appointment_id),
KEY service_id (service_id)
) $charset_collate;";
dbDelta( $sql );
}
/**
* Insert sample data for testing.
*/
public static function insert_sample_data() {
global $wpdb;
// Create sample clinic
$wpdb->insert(
$wpdb->prefix . 'kc_clinics',
array(
'name' => 'Test Clinic',
'email' => 'test@clinic.com',
'telephone_no' => '+351912345678',
'address' => 'Rua de Teste, 123',
'city' => 'Lisboa',
'state' => 'Lisboa',
'country' => 'Portugal',
'postal_code' => '1000-001',
'status' => 1,
'created_at' => current_time( 'mysql' ),
)
);
$clinic_id = $wpdb->insert_id;
// Create sample services
$services = array(
array( 'name' => 'General Consultation', 'price' => '50.00' ),
array( 'name' => 'Blood Test', 'price' => '25.00' ),
array( 'name' => 'X-Ray', 'price' => '75.00' ),
);
foreach ( $services as $service ) {
$wpdb->insert(
$wpdb->prefix . 'kc_services',
array(
'name' => $service['name'],
'price' => $service['price'],
'status' => 1,
'created_at' => current_time( 'mysql' ),
)
);
}
// Store clinic ID for use in tests
update_option( 'kivicare_api_test_clinic_id', $clinic_id );
}
/**
* Clean up test data.
*/
public static function cleanup() {
global $wpdb;
$tables = array(
'kc_clinics',
'kc_appointments',
'kc_patient_encounters',
'kc_prescription',
'kc_bills',
'kc_services',
'kc_doctor_clinic_mappings',
'kc_patient_clinic_mappings',
'kc_appointment_service_mapping',
);
foreach ( $tables as $table ) {
// phpcs:ignore WordPress.DB.DirectDatabaseQuery.DirectQuery
$wpdb->query( "TRUNCATE TABLE {$wpdb->prefix}$table" );
}
delete_option( 'kivicare_api_test_clinic_id' );
}
}