This commit is contained in:
@ -10,6 +10,7 @@
|
||||
* GET ?scoringProfiles=1 -> active scoring profile definitions (encrypted)
|
||||
* GET ?scoringReview=1 -> coach review state (coachBand only; computed on device)
|
||||
* POST action=coachScoringReview -> coach agrees with or overrides calculated band (encrypted)
|
||||
* POST action=setClientNote -> upsert counselor note for an assigned client (max 200 chars, encrypted)
|
||||
* POST -> submit interview answers for a client (coach / supervisor / admin).
|
||||
* Re-posting the same clientCode + questionnaireID updates answers in place (re-edit).
|
||||
* Sensitive POST/GET ?clients=1 bodies use encrypted payloads (HKDF from Bearer token).
|
||||
@ -85,6 +86,27 @@ if ($method === 'POST') {
|
||||
}
|
||||
}
|
||||
|
||||
if (($body['action'] ?? '') === 'setClientNote') {
|
||||
require_role(['coach'], $tokenRec);
|
||||
require_fields($body, ['clientCode']);
|
||||
$clientCode = trim((string)$body['clientCode']);
|
||||
require_once __DIR__ . '/../lib/analytics.php';
|
||||
$note = qdb_normalize_client_followup_note($body['note'] ?? '');
|
||||
|
||||
try {
|
||||
$opened = qdb_open_write_or_fail();
|
||||
[$pdo, $tmpDb, $lockFp] = $opened;
|
||||
qdb_analytics_set_followup_note($pdo, $tokenRec, $clientCode, $note);
|
||||
qdb_save($tmpDb, $lockFp);
|
||||
json_success_sensitive(
|
||||
['clientCode' => $clientCode, 'note' => $note],
|
||||
$tokenRec['_token']
|
||||
);
|
||||
} catch (Throwable $e) {
|
||||
qdb_handler_fail($e, 'Save client note', $pdo ?? null, $tmpDb ?? null, $lockFp ?? null);
|
||||
}
|
||||
}
|
||||
|
||||
require_fields($body, ['questionnaireID', 'clientCode', 'answers']);
|
||||
|
||||
$qnID = trim($body['questionnaireID']);
|
||||
@ -462,6 +484,7 @@ if ($fetchClients) {
|
||||
$clientCodes = $stmt->fetchAll(PDO::FETCH_COLUMN);
|
||||
|
||||
$completions = [];
|
||||
$notesByClient = [];
|
||||
if (!empty($clientCodes)) {
|
||||
$placeholders = implode(',', array_fill(0, count($clientCodes), '?'));
|
||||
$stmt2 = $pdo->prepare("
|
||||
@ -477,12 +500,23 @@ if ($fetchClients) {
|
||||
'completedAt' => $row['completedAt'] !== null ? (int) $row['completedAt'] : null,
|
||||
];
|
||||
}
|
||||
|
||||
if (qdb_table_exists($pdo, 'client_followup_note')) {
|
||||
$stmtNotes = $pdo->prepare(
|
||||
"SELECT clientCode, note FROM client_followup_note WHERE clientCode IN ($placeholders)"
|
||||
);
|
||||
$stmtNotes->execute($clientCodes);
|
||||
foreach ($stmtNotes->fetchAll(PDO::FETCH_ASSOC) as $row) {
|
||||
$notesByClient[$row['clientCode']] = (string)($row['note'] ?? '');
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
$clients = array_map(function ($code) use ($completions) {
|
||||
$clients = array_map(function ($code) use ($completions, $notesByClient) {
|
||||
return [
|
||||
'clientCode' => $code,
|
||||
'clientCode' => $code,
|
||||
'completedQuestionnaires' => $completions[$code] ?? [],
|
||||
'note' => $notesByClient[$code] ?? '',
|
||||
];
|
||||
}, $clientCodes);
|
||||
|
||||
|
||||
Reference in New Issue
Block a user