feat(backend): Complete Phase 2.5 - Access Control Implementation

Implement comprehensive permission-based access control system with share management. Features: - Permission model (Read, Write, Admin) - Share model for resource sharing between users - Permission middleware for endpoint protection - Share management API endpoints - Permission check endpoints - MongoDB repository implementations for all models Files Added: - backend/src/db/permission.rs - Permission repository - backend/src/db/share.rs - Share repository - backend/src/db/user.rs - User repository - backend/src/db/profile.rs - Profile repository - backend/src/db/appointment.rs - Appointment repository - backend/src/db/family.rs - Family repository - backend/src/db/health_data.rs - Health data repository - backend/src/db/lab_result.rs - Lab results repository - backend/src/db/medication.rs - Medication repository - backend/src/db/mongodb_impl.rs - MongoDB trait implementations - backend/src/handlers/permissions.rs - Permission API handlers - backend/src/handlers/shares.rs - Share management handlers - backend/src/middleware/permission.rs - Permission checking middleware API Endpoints: - GET /api/permissions/check - Check user permissions - POST /api/shares - Create new share - GET /api/shares - List user shares - GET /api/shares/:id - Get specific share - PUT /api/shares/:id - Update share - DELETE /api/shares/:id - Delete share Status: Phase 2.5 COMPLETE - Building successfully, ready for production
2026-02-18 10:05:34 -03:00 · 2026-02-18 10:05:34 -03:00 · a31669930d
commit a31669930d
parent 9697a22522
28 changed files with 1649 additions and 1715 deletions
--- a/backend/src/db/mod.rs
+++ b/backend/src/db/mod.rs
@ -1,45 +1,27 @@
-### /home/asoliver/desarrollo/normogen/./backend/src/db/mod.rs
-```rust
-1: use mongodb::{
-2:     Client,
-3:     Database,
-4:     Collection,
-5:     options::ClientOptions,
-6: };
-7: use anyhow::Result;
-8: 
-9: #[derive(Clone)]
-10: pub struct MongoDb {
-11:     client: Client,
-12:     database_name: String,
-13: }
-14: 
-15: impl MongoDb {
-16:     pub async fn new(uri: &str, database_name: &str) -> Result<Self> {
-17:         let mut client_options = ClientOptions::parse(uri).await?;
-18:         client_options.default_database = Some(database_name.to_string());
-19:         
-20:         let client = Client::with_options(client_options)?;
-21:         
-22:         Ok(Self {
-23:             client,
-24:             database_name: database_name.to_string(),
-25:         })
-26:     }
-27:     
-28:     pub fn database(&self) -> Database {
-29:         self.client.database(&self.database_name)
-30:     }
-31:     
-32:     pub fn collection<T>(&self, name: &str) -> Collection<T> {
-33:         self.database().collection(name)
-34:     }
-35:     
-36:     pub async fn health_check(&self) -> Result<String> {
-37:         self.database()
-38:             .run_command(mongodb::bson::doc! { "ping": 1 }, None)
-39:             .await?;
-40:         Ok("healthy".to_string())
-41:     }
-42: }
-```
+use mongodb::{Client, Database};
+use std::env;
+use anyhow::Result;
+
+pub mod user;
+pub mod family;
+pub mod profile;
+pub mod health_data;
+pub mod lab_result;
+pub mod medication;
+pub mod appointment;
+pub mod share;
+pub mod permission;
+
+mod mongodb_impl;
+
+pub use mongodb_impl::MongoDb;
+
+pub async fn create_database() -> Result<Database> {
+    let mongo_uri = env::var("MONGODB_URI").expect("MONGODB_URI must be set");
+    let db_name = env::var("DATABASE_NAME").expect("DATABASE_NAME must be set");
+    
+    let client = Client::with_uri_str(&mongo_uri).await?;
+    let database = client.database(&db_name);
+    
+    Ok(database)
+}