Claude/spe m medical system 011 cu sepw2 l5 ff5k3a9x8bv t

[1bertogit]

PR Type

Enhancement

---

Description

• Implements complete SPE-M (Sistema de Pontuação Estética Médica) medical aesthetic evaluation system with database schema, API endpoints, and UI components

• Adds comprehensive database schema with 8 tables: patients, forms, formCriteria, formImages, auditLogs, and extended user table with medical credentials (crm, specialty)

• Implements full CRUD API endpoints for patients, forms, form criteria, and images with audit logging for LGPD compliance

• Creates interactive form editor with 8 evaluation criteria, auto-save functionality, real-time score calculation, and profile classification

• Adds standardized photo upload interface supporting 6 facial photography angles with drag-and-drop and validation

• Implements interactive canvas annotation tool using react-konva with drawing tools (pen, line, arrow, circle, text) and undo functionality

• Adds PDF report generation for finalized evaluations with patient info, scoring breakdown, and recommendations

• Creates patient management dashboard with search, filtering, CRUD operations, and soft-delete functionality

• Implements form management dashboard with status filtering, statistics, and action buttons

• Updates sidebar navigation and main dashboard with SPE-M-specific components and statistics

• Adds dependencies for PDF generation (jspdf, jspdf-autotable) and canvas drawing (konva, react-konva, use-image)

• Includes comprehensive documentation with setup instructions, API routes, and implementation details

---

Diagram Walkthrough

flowchart LR DB["Database Schema<br/>patients, forms,<br/>criteria, images,<br/>auditLogs"] API["API Endpoints<br/>CRUD operations<br/>Audit logging"] UI["Dashboard UI<br/>Patient & Form<br/>Management"] TOOLS["Tools<br/>Photo Upload<br/>Annotations<br/>PDF Export"] DB -- "stores data" --> API API -- "provides data" --> UI UI -- "uses" --> TOOLS TOOLS -- "generates" --> PDF["PDF Reports"] 

Loading

File Walkthrough

	Relevant files
Enhancement	22 files spe-m-criteria.ts SPE-M Medical Aesthetic Evaluation Criteria System              lib/spe-m-criteria.ts Defines SPE-M (Sistema de Pontuação Estética Médica) criteria system with 8 evaluation criteria for medical aesthetic assessment Exports interfaces CriterionField and Criterion for structuring evaluation data Provides helper functions: calculateCriterionScore(), calculateTotalScore(), and classifyProfile() for scoring logic Defines IMAGE_TYPES constant for 6 standard facial photography angles (frontal, profiles, oblique, base) +459/-0  pdf-generator.ts PDF Report Generation for SPE-M Evaluations                            lib/pdf-generator.ts Implements generateSPEMPDF() function to create professional PDF reports from SPE-M evaluation data Generates multi-page PDFs with patient info, evaluation summary, criteria breakdown, and recommendations Includes header styling, score visualization with color-coded classification badges, and audit trail footer Provides downloadPDF() helper function for client-side PDF download +332/-0  route.ts Form CRUD API Endpoints with Audit Logging                              app/api/forms/[id]/route.ts Implements GET endpoint to retrieve single form with patient info, criteria, and images Implements PUT endpoint to update form data, criteria scores, and recalculate total score Implements DELETE endpoint for form deletion with cascade behavior Creates audit logs for all operations (read, update, delete) for LGPD compliance +245/-0  route.ts Patient Management API Endpoints                                                  app/api/patients/[id]/route.ts Implements GET endpoint to retrieve single patient record with soft-delete filtering Implements PUT endpoint to update patient information (contact, medical history, allergies, medications) Implements DELETE endpoint for soft-delete (LGPD compliance - maintains data for 20 years) Creates audit logs for all patient operations +204/-0  route.ts Form Image Upload and Annotation API                                          app/api/forms/[id]/images/route.ts Implements POST endpoint to upload form images with validation of 6 image types Handles image replacement logic (updates existing image or creates new one) Implements PUT endpoint to update image annotations stored as JSON Integrates with R2 storage via uploadImage() function and creates audit logs +206/-0  route.ts Forms List and Creation API Endpoints                                        app/api/forms/route.ts Implements GET endpoint to list forms with filtering by patient ID and status, includes pagination Implements POST endpoint to create new form with automatic initialization of 8 empty criteria Validates patient ownership and creates audit logs for form creation Supports query parameters for filtering and pagination +203/-0  schema.ts Database Schema for SPE-M Medical System                                  db/schema.ts Adds crm and specialty fields to user table for doctor credentials Creates patients table with medical history, allergies, medications, and soft-delete support Creates forms table for SPE-M evaluations with scoring and classification fields Creates formCriteria table for 8 criteria per form with JSONB data storage Creates formImages table for 6 facial photos per form with annotations and metadata Creates auditLogs table for LGPD compliance tracking all user actions +94/-0    route.ts Patients List and Creation API Endpoints                                  app/api/patients/route.ts Implements GET endpoint to list patients with search filtering by name, CPF, or email Implements POST endpoint to create new patient with validation and duplicate CPF checking Supports pagination with limit and offset parameters Creates audit logs for patient creation and includes soft-delete filtering +156/-0  route.ts Form Finalization Endpoint                                                              app/api/forms/[id]/finalize/route.ts Implements POST endpoint to finalize forms (lock for editing) Recalculates total score and profile classification before finalization Updates form status to "finalized" and sets finalizedAt timestamp Creates audit log with finalization metadata +96/-0    route.ts Current User Session Endpoint                                                        app/api/auth/me/route.ts Implements GET endpoint to retrieve current authenticated user session Returns user object from session or 401 Unauthorized if not authenticated Simple endpoint for client-side user profile verification +23/-0    page.tsx Patient Details Dashboard Page                                                      app/dashboard/patients/[id]/page.tsx Creates patient detail page displaying comprehensive patient information and evaluation history Shows statistics cards: total forms, finalized forms, average score, and last evaluation date Implements timeline view of all SPE-M evaluations with status badges and classification indicators Includes personal information section with medical history, allergies, and current medications +505/-0  page.tsx SPE-M form editing interface with auto-save and scoring    app/dashboard/forms/[id]/edit/page.tsx Created interactive form editor for SPE-M evaluation with 8 criteria tabs Implemented auto-save functionality every 30 seconds with unsaved changes tracking Added real-time score calculation and profile classification display Integrated progress tracking, visual stepper navigation, and form finalization workflow +644/-0  page.tsx Patient management dashboard with search and CRUD operations app/dashboard/patients/page.tsx Built comprehensive patient management interface with CRUD operations Implemented search functionality, patient statistics, and data table display Added modal dialog for creating and editing patient records with medical history fields Integrated soft delete functionality with confirmation dialogs +511/-0  page.tsx Interactive image annotation canvas with drawing tools      app/dashboard/forms/[id]/photos/[imageId]/annotate/page.tsx Created interactive canvas annotation tool using react-konva library Implemented drawing tools: pen, line, arrow, circle, and text with color and stroke width controls Added undo/clear functionality and annotation persistence to database Integrated image loading and annotation state management +494/-0  page.tsx PDF report generation and export interface                              app/dashboard/forms/[id]/pdf/page.tsx Built PDF generation and export interface for finalized evaluations Implemented download, print, and email sending options for reports Added preview of PDF content structure and document layout information Integrated user data fetching for doctor information in reports +438/-0  spe-m-stats.tsx Dashboard statistics component for SPE-M system overview  app/dashboard/_components/spe-m-stats.tsx Created statistics dashboard component displaying patient count, form metrics, and average scores Implemented recent forms list with quick action buttons Added loading states and error handling for data fetching Integrated links to patient management and form viewing pages +237/-0  page.tsx Dashboard page refactored for SPE-M system                              app/dashboard/page.tsx Replaced generic dashboard components with SPE-M-specific statistics component Updated page title and description to reflect medical evaluation system Simplified layout to focus on SPE-M metrics and recent evaluations +5/-11    page.tsx SPE-M Forms Management Dashboard Page                                        app/dashboard/forms/page.tsx New page component for managing SPE-M forms with a comprehensive table view displaying patient forms, their status, scores, and classifications Implements form creation dialog allowing users to select a patient and create new evaluations Includes status filtering (draft, finalized, archived) and displays statistics cards showing total forms, drafts, finalized forms, and average score Provides action buttons for viewing, editing, downloading PDFs, and deleting forms with appropriate conditional rendering based on form status +426/-0  page.tsx Standardized Photo Upload Interface for Forms                        app/dashboard/forms/[id]/photos/page.tsx New page for managing standardized photo uploads for SPE-M evaluations with support for 6 required photo types Implements drag-and-drop and file selection interfaces with validation for image format (JPG/PNG) and size (max 10MB) Displays upload progress bar and provides tabbed navigation between different photo types with visual indicators for completed uploads Includes annotation capability links and quality guidelines for proper photo documentation +422/-0  page.tsx Form Evaluation Results View and Details Page                        app/dashboard/forms/[id]/page.tsx New page for viewing detailed SPE-M form evaluation results including patient information and comprehensive scoring breakdown Displays total score, risk classification (low/medium/high), and detailed criteria evaluation across 8 assessment criteria with tabbed navigation Shows patient demographics, general notes, recommendations, and attached images with proper date formatting Provides navigation buttons to edit forms, view photos, or download PDF reports based on form status +360/-0  table.tsx Reusable UI Table Component Library                                            components/ui/table.tsx New reusable table component library providing semantic HTML table elements with consistent styling Exports Table, TableHeader, TableBody, TableFooter, TableRow, TableHead, TableCell, and TableCaption components Implements hover effects, border styling, and responsive overflow handling using Tailwind CSS utilities Uses React forwardRef for proper ref forwarding and className merging via cn utility +117/-0  sidebar.tsx Sidebar Navigation Updates for SPE-M System                            app/dashboard/_components/sidebar.tsx Adds two new navigation items to sidebar: "Pacientes" (Patients) and "Formulários SPE-M" (SPE-M Forms) with appropriate icons Updates application branding from "Nextjs Starter Kit" to "Sistema SPE-M" in the sidebar header Imports Users and FileText icons from lucide-react for the new navigation items +13/-1
Configuration changes	5 files 0002_snapshot.json Database Migration Snapshot                                                            db/migrations/meta/0002_snapshot.json Database migration snapshot documenting all new tables and schema changes Includes table definitions for patients, forms, formCriteria, formImages, and auditLogs Documents foreign key relationships, indexes, and unique constraints Captures updated user table with medical fields (crm, specialty) +1003/-0 0001_snapshot.json Database schema snapshot with SPE-M medical system tables db/migrations/meta/0001_snapshot.json Added comprehensive database schema snapshot for PostgreSQL with 8 tables Defined schema for user, patients, forms, formCriteria, formImages, auditLogs, session, subscription, and verification tables Configured foreign key relationships with cascade delete policies Set up unique constraints for cpf, email, and token fields +985/-0  0001_wooden_mindworm.sql Initial Database Schema for SPE-M System                                  db/migrations/0001_wooden_mindworm.sql Creates core database schema for SPE-M medical system including forms, patients, formCriteria, and formImages tables Adds auditLogs table for tracking user actions with metadata and IP information Establishes foreign key relationships between forms, patients, criteria, and images with cascade delete policies Extends user table with crm and specialty fields for medical professional credentials +76/-0    _journal.json Migration Journal Updates                                                                db/migrations/meta/_journal.json Adds two new migration entries to the migration journal tracking database schema changes Records migration 0001_wooden_mindworm (timestamp 1761338699298) and 0002_thick_scourge (timestamp 1761442247834) Maintains migration version history and breakpoint information for database versioning +14/-0    0002_thick_scourge.sql Patient Medical Information Schema Extension                          db/migrations/0002_thick_scourge.sql Adds three new columns to patients table: medicalHistory, allergies, and currentMedications for enhanced patient medical information storage Enables tracking of patient medical background and medication details for comprehensive health assessment +3/-0
Dependencies	1 files package.json Dependencies for PDF and Canvas Functionality                        package.json Adds jspdf (^3.0.3) and jspdf-autotable (^5.0.2) for PDF generation Adds konva (^10.0.8) and react-konva (^19.2.0) for canvas drawing on images Adds use-image (^1.1.4) for image handling in Konva canvas +5/-0
Documentation	1 files SPE-M-README.md Complete implementation documentation for SPE-M system      SPE-M-README.md Comprehensive documentation of implemented features including database schema, API routes, and UI components Detailed setup instructions with environment variables and migration steps Listed pending implementations for photo upload, canvas annotations, and PDF generation Included LGPD compliance notes and troubleshooting guide +422/-0

---

Summary by CodeRabbit

• New Features

  • Patient management system with full CRUD operations and search functionality
  • SPE-M evaluation forms with 8 assessment criteria and automatic scoring
  • Form finalization with automatic risk classification
  • Photo upload and annotation interface for evaluations
  • PDF report generation and download capability
  • Enhanced dashboard with statistics, recent evaluations, and quick actions
  • Auto-save functionality for form drafts

• Improvements

  • Added comprehensive navigation sidebar for Patients and Forms sections
  • Integrated LGPD compliance audit logging for all operations

[vercel]

@claude is attempting to deploy a commit to the Goshen Labs Team on Vercel.

A member of the Team first needs to authorize it.

[coderabbitai]

Walkthrough

This pull request implements a complete medical aesthetic evaluation system (SPE-M) with patient management, form creation and editing, image upload with canvas annotation, PDF generation, and comprehensive audit logging. It includes database schema, API routes for CRUD operations, dashboard UI pages, utility functions for scoring and classification, and required dependencies.

Changes

Cohort / File(s)	Summary
Database Schema & Migrations db/schema.ts, db/migrations/0001_wooden_mindworm.sql, db/migrations/0002_thick_scourge.sql, db/migrations/meta/...	Creates tables for patients, forms, formCriteria, formImages, auditLogs; extends user table with crm/specialty fields; establishes cascade foreign key relationships; adds soft delete support and LGPD auditing fields
API Routes - Patient Management app/api/patients/route.ts, app/api/patients/[id]/route.ts	Implements GET/POST for listing and creating patients with search/filters, and GET/PUT/DELETE for individual patient operations with audit logging and soft deletes
API Routes - Form Management app/api/forms/route.ts, app/api/forms/[id]/route.ts, app/api/forms/[id]/finalize/route.ts	Implements form CRUD operations with automatic criterion initialization (8 criteria), scoring/classification calculation, finalization with audit logging, and change tracking
API Routes - Form Media & Auth app/api/forms/[id]/images/route.ts, app/api/auth/me/route.ts	Adds image upload/update with annotations and retrieves current authenticated user session
Dashboard Pages - Patient Management app/dashboard/patients/page.tsx, app/dashboard/patients/[id]/page.tsx	Patient list with create/edit/delete dialogs and detailed patient profile with evaluation history and statistics
Dashboard Pages - Form Management app/dashboard/forms/page.tsx, app/dashboard/forms/[id]/page.tsx, app/dashboard/forms/[id]/edit/page.tsx	Form list with filters, form viewer with tabbed criteria display, and comprehensive editor with auto-save, scoring, and progress tracking
Dashboard Pages - Form Media & PDF app/dashboard/forms/[id]/photos/page.tsx, app/dashboard/forms/[id]/photos/[imageId]/annotate/page.tsx, app/dashboard/forms/[id]/pdf/page.tsx	Image upload management with drag-and-drop and progress, canvas-based annotation tool using react-konva, and PDF generation/download/email UI
Dashboard Layout & Components app/dashboard/page.tsx, app/dashboard/_components/sidebar.tsx, app/dashboard/_components/spe-m-stats.tsx, components/ui/table.tsx	Updates dashboard to display SPE-M statistics, adds navigation items for patients and forms, creates reusable table UI components
SPE-M Utilities & PDF Generation lib/spe-m-criteria.ts, lib/pdf-generator.ts	Defines 8-criterion medical aesthetic evaluation framework with scoring calculations, profile classification (low/medium/high risk), image types, and PDF report generation
Dependencies & Documentation package.json, SPE-M-README.md	Adds jspdf, jspdf-autotable, konva, react-konva, use-image; comprehensive README with system design, configuration guide, feature overview, and usage instructions

Sequence Diagram(s)

sequenceDiagram actor User participant UI as Form Edit Page participant API as /api/forms/[id] participant DB as Database participant Calc as Scoring Engine User->>UI: Load form editor UI->>API: GET /api/forms/{id} API->>DB: Query form + criteria + patient DB-->>API: Return form data API-->>UI: Form data with 8 criteria UI->>UI: Initialize local state User->>UI: Edit criterion field UI->>UI: Update formData state UI->>Calc: Calculate criterion score Calc-->>UI: Score result UI->>UI: Recalculate total score par Auto-save (every 30s) UI->>API: PUT /api/forms/{id} with changes API->>DB: Update form + criteria DB-->>API: Success API->>DB: Insert audit log API-->>UI: Updated timestamps end User->>UI: Click Finalize UI->>API: POST /api/forms/{id}/finalize API->>DB: Query form + all criteria API->>Calc: calculateTotalScore Calc-->>API: Final score + classification API->>DB: Update form status=finalized API->>DB: Insert finalization audit log API-->>UI: Success with classification UI->>UI: Navigate to form view User->>UI: Upload image UI->>API: POST /api/forms/{id}/images (multipart) API->>DB: Insert/update formImage record API->>DB: Insert image upload audit log API-->>UI: Image metadata + status UI->>UI: Refresh image list + progress 

Loading

Estimated code review effort

🎯 4 (Complex) | ⏱️ ~60 minutes

Areas requiring extra attention:

• Scoring logic (lib/spe-m-criteria.ts): Verify criterion score calculation correctly aggregates selected field scores and average computations are accurate
• Authorization checks: Review all API routes ensure proper user ownership validation for patients/forms/images to prevent data leakage
• Form finalization (app/api/forms/[id]/finalize/route.ts): Confirm idempotency, immutability once finalized, and correct score/classification calculation
• Auto-save implementation (app/dashboard/forms/[id]/edit/page.tsx): Verify unsaved changes detection, conflict resolution, and state consistency during concurrent updates
• Database migrations: Ensure cascade delete relationships and soft delete queries (deletedAt filtering) work correctly across all endpoints
• Image upload handling (app/api/forms/[id]/images/route.ts): Validate file type/size restrictions, storage integration, and multipart parsing robustness
• Audit logging: Confirm all sensitive operations (create, update, delete, finalize) properly capture IP, user agent, and action metadata

Poem

🐰 Hop along with SPE-M dreams,
Patient forms and scoring schemes!
Eight criteria, annotate with care,
PDFs flying through the air,
Canvas, scoring, audit trails so clear,
The aesthetic eval system's finally here! 🎨✨

Pre-merge checks and finishing touches

❌ Failed checks (1 warning)

Check name	Status	Explanation	Resolution
Docstring Coverage	⚠️ Warning	Docstring coverage is 51.61% which is insufficient. The required threshold is 80.00%.	You can run @coderabbitai generate docstrings to improve docstring coverage.

✅ Passed checks (2 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title Check	✅ Passed	The PR title "Claude/spe m medical system 011 cu sepw2 l5 ff5k3a9x8bv t" contains the core descriptor "spe m medical system" which directly corresponds to the primary change in this changeset—a comprehensive implementation of the SPE-M (medical aesthetic evaluation) system. The title clearly identifies the main feature being added, including database schema, API routes, dashboard pages, and supporting utilities. However, the title includes branch naming artifacts (the "Claude/" prefix and random character suffixes) that are noisy and detract from clarity, suggesting the branch name was used directly as the PR title rather than being reformatted for human readability.

✨ Finishing touches

• 📝 Generate docstrings

🧪 Generate unit tests (beta)

• Create PR with unit tests
• Post copyable unit tests in a comment

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

[qodo-merge-pro]

PR Compliance Guide 🔍

Below is a summary of compliance checks for this PR:

Security Compliance
⚪	Sensitive information exposure Description: CPF (a sensitive identifier) is stored and logged in plaintext (metadata: { name, cpf }) during patient creation, risking sensitive data exposure in logs and at rest. route.ts [84-132] Referred Code const { name, cpf, birthDate, phone, email, address, notes, medicalHistory, allergies, currentMedications } = body; // Validation if (!name || !cpf) { return NextResponse.json( { error: "Name and CPF are required" }, { status: 400 } ); } // Check if CPF already exists for this user const existingPatient = await db .select() .from(patients) .where( and( eq(patients.cpf, cpf), eq(patients.userId, session.user.id), isNull(patients.deletedAt) ) ) ... (clipped 28 lines)
	Unvalidated file upload Description: Uploaded images are accepted and stored without validation of MIME type/extension or file size beyond the presence check, enabling potential malicious file uploads. route.ts [58-76] Referred Code if (!validImageTypes.includes(imageType)) { return NextResponse.json( { error: "Invalid image type" }, { status: 400 } ); } // Check if image of this type already exists for this form const existingImage = await db .select() .from(formImages) .where( and(eq(formImages.formId, id), eq(formImages.imageType, imageType)) ) .limit(1); // Upload to R2 storage const imageUrl = await uploadImage(file, `spe-m/${id}/${imageType}`);
	Excessive logging of PII Description: Audit logs include full changes bodies which may contain sensitive PII/medical details, leading to excessive data in logs and potential LGPD non-compliance. route.ts [120-131] Referred Code await db.insert(auditLogs).values({ id: nanoid(), userId: session.user.id, action: "update", entityType: "patient", entityId: id, ipAddress: request.ip || null, userAgent: request.headers.get("user-agent") || null, metadata: { changes: body }, timestamp: new Date(), });
	PII exposure in exports Description: CPF is formatted and rendered directly into PDFs without redaction or masking controls, which may violate least-privilege principles if PDFs are misrouted or shared. pdf-generator.ts [80-94] Referred Code const patientInfo = [ ["Nome:", data.patient.name], ["CPF:", data.patient.cpf.replace(/(\d{3})(\d{3})(\d{3})(\d{2})/, "$1.$2.$3-$4")], ["Data de Nascimento:", data.patient.birthDate ? new Date(data.patient.birthDate).toLocaleDateString("pt-BR") : "-"], ["Telefone:", data.patient.phone || "-"], ["Email:", data.patient.email || "-"], ]; patientInfo.forEach(([label, value]) => { doc.setFont("helvetica", "bold"); doc.text(label, 14, yPos); doc.setFont("helvetica", "normal"); doc.text(value, 50, yPos); yPos += 6; });
Ticket Compliance
⚪	🎫 No ticket provided Create ticket/issue
Codebase Duplication Compliance
⚪	Codebase context is not defined Follow the guide to enable codebase context checks.
Custom Compliance
🟢	Generic: Meaningful Naming and Self-Documenting Code Objective: Ensure all identifiers clearly express their purpose and intent, making code self-documenting Status: Passed
	Generic: Secure Error Handling Objective: To prevent the leakage of sensitive system information through error messages while providing sufficient detail for internal debugging. Status: Passed
🔴	Generic: Secure Logging Practices Objective: To ensure logs are useful for debugging and auditing without exposing sensitive information like PII, PHI, or cardholder data. Status: PII in logs: Audit log metadata includes sensitive PII such as CPF and patient name, which violates secure logging practices by storing PII in logs. Referred Code await db.insert(auditLogs).values({ id: nanoid(), userId: session.user.id, action: "create", entityType: "patient", entityId: patientId, ipAddress: request.ip || null, userAgent: request.headers.get("user-agent") || null, metadata: { name, cpf }, timestamp: new Date(), });
⚪	Generic: Comprehensive Audit Trails Objective: To create a detailed and reliable record of critical system actions for security analysis and compliance. Status: Incomplete coverage: Most CRUD actions create audit logs, but some read/list endpoints may not comprehensively log all sensitive reads and payload context, requiring verification of full coverage and metadata sufficiency across all endpoints. Referred Code // GET /api/forms/[id] - Get single form with all data export async function GET( request: NextRequest, { params }: { params: Promise<{ id: string }> } ) { try { const session = await auth.api.getSession({ headers: await headers(), }); if (!session?.user) { return NextResponse.json({ error: "Unauthorized" }, { status: 401 }); } const { id } = await params; // Get form with patient info const formData = await db .select({ form: forms, patient: patients, ... (clipped 46 lines)
	Generic: Robust Error Handling and Edge Case Management Objective: Ensure comprehensive error handling that provides meaningful context and graceful degradation Status: Input validation gaps: File upload endpoint validates presence and type but lacks explicit validation of file size, MIME whitelist, and JSON schema for annotations which may cause edge-case failures. Referred Code const formData = await request.formData(); const file = formData.get("file") as File; const imageType = formData.get("imageType") as string; if (!file || !imageType) { return NextResponse.json( { error: "File and image type are required" }, { status: 400 } ); } // Validate image type const validImageTypes = [ "frontal", "profile_right", "profile_left", "oblique_right", "oblique_left", "base", ]; ... (clipped 36 lines)
	Generic: Security-First Input Validation and Data Handling Objective: Ensure all data inputs are validated, sanitized, and handled securely to prevent vulnerabilities Status: CPF handling: CPF is accepted and stored without demonstrated normalization, format validation, or encryption-at-rest safeguards in this diff, and is later echoed in logs and responses. Referred Code const { name, cpf, birthDate, phone, email, address, notes, medicalHistory, allergies, currentMedications } = body; // Validation if (!name || !cpf) { return NextResponse.json( { error: "Name and CPF are required" }, { status: 400 } ); } // Check if CPF already exists for this user const existingPatient = await db .select() .from(patients) .where( and( eq(patients.cpf, cpf), eq(patients.userId, session.user.id), isNull(patients.deletedAt) ) ) ... (clipped 28 lines)

Compliance status legend

🟢 - Fully Compliant
🟡 - Partial Compliant
🔴 - Not Compliant
⚪ - Requires Further Human Verification
🏷️ - Compliance label

[qodo-merge-pro]

PR Code Suggestions ✨

Explore these optional code suggestions:

Category	Suggestion	Impact
High-level	Hardcoded criteria limit system flexibility The current implementation hardcodes all evaluation criteria and scoring logic in lib/spe-m-criteria.ts, which is inflexible. The suggestion is to move these definitions to the database to enable dynamic updates and versioning without requiring code changes. Examples: lib/spe-m-criteria.ts [22-416] export const SPE_M_CRITERIA: Criterion[] = [ // Criterion 1: Análise Facial Frontal { number: 1, name: "Análise Facial Frontal", description: "Avaliação da simetria e proporções faciais frontais", maxScore: 10, fields: [ { id: "facial_symmetry", ... (clipped 385 lines) Solution Walkthrough: Before: // lib/spe-m-criteria.ts // All criteria, fields, and scores are hardcoded in a constant export const SPE_M_CRITERIA: Criterion[] = [ { number: 1, name: "Análise Facial Frontal", maxScore: 10, fields: [ { id: "facial_symmetry", label: "Simetria Facial", type: "select", options: [ { value: "symmetric", label: "Simétrico", score: 10 }, // ... other options ], }, // ... other fields ], }, // ... other 7 criteria ]; // Calculation logic directly uses the hardcoded constant export function calculateCriterionScore(criterionNumber: number, formData: Record<string, string>): number { const criterion = SPE_M_CRITERIA.find((c) => c.number === criterionNumber); if (!criterion) return 0; // ... logic to calculate score based on criterion.fields } After: // db/schema.ts (new tables) // Table to store different versions of the evaluation model export const evaluationModels = pgTable("evaluation_models", { id: text("id").primaryKey(), name: text("name").notNull(), // e.g., "SPE-M" version: integer("version").notNull(), }); // Table to store criteria definitions, linked to a model version export const criteriaDefinitions = pgTable("criteria_definitions", { id: text("id").primaryKey(), modelId: text("modelId").references(() => evaluationModels.id), number: integer("number").notNull(), name: text("name").notNull(), fields: jsonb("fields").notNull(), // Contains fields, options, scores }); // lib/spe-m-criteria.ts (or a new service file) // Calculation logic now fetches criteria from the database export async function calculateCriterionScore(formId: string, criterionNumber: number, formData: Record<string, string>): number { // 1. Get the form to find its evaluation model version const form = await db.query.forms.findFirst({ where: eq(forms.id, formId) }); const modelVersionId = form.evaluationModelId; // 2. Fetch the specific criterion definition from the database const criterion = await db.query.criteriaDefinitions.findFirst({ where: and(eq(criteria.modelId, modelVersionId), eq(criteria.number, criterionNumber)) }); if (!criterion) return 0; // ... logic to calculate score based on dynamic criterion.fields } Suggestion importance[1-10]: 9 __ Why: The suggestion correctly identifies a major architectural limitation where evaluation criteria are hardcoded in lib/spe-m-criteria.ts, making the system rigid and hard to update; proposing a database-driven approach would significantly improve flexibility and long-term maintainability.	High
Security	Avoid storing plaintext passwords To prevent a critical security risk, ensure the password column in the account table stores hashed passwords, not plaintext. Consider making it non-nullable or removing it if unused. db/migrations/meta/0001_snapshot.json [71-76] "password": { "name": "password", "type": "text", "primaryKey": false, - "notNull": false + "notNull": true }, Apply / Chat Suggestion importance[1-10]: 9 __ Why: This suggestion correctly identifies a critical security vulnerability by flagging a password field that could be used to store plaintext passwords.	High
Possible issue	Fix broken query filtering logic Refactor the query filtering logic to support multiple simultaneous filters. Instead of overwriting the query for each parameter, build an array of conditions and apply them all in a single where clause. app/api/forms/route.ts [43-88] // Add filters +const conditions = [eq(forms.userId, session.user.id)]; if (patientId) { - query = db - .select({ - form: forms, - patient: { - id: patients.id, - name: patients.name, - cpf: patients.cpf, - }, - }) - .from(forms) - .leftJoin(patients, eq(forms.patientId, patients.id)) - .where( - and( - eq(forms.userId, session.user.id), - eq(forms.patientId, patientId) - ) - ) - .orderBy(desc(forms.createdAt)) - .limit(limit) - .offset(offset); + conditions.push(eq(forms.patientId, patientId)); +} +if (status) { + conditions.push(eq(forms.status, status)); } -if (status) { - query = db - .select({ - form: forms, - patient: { - id: patients.id, - name: patients.name, - cpf: patients.cpf, - }, - }) - .from(forms) - .leftJoin(patients, eq(forms.patientId, patients.id)) - .where( - and( - eq(forms.userId, session.user.id), - eq(forms.status, status) - ) - ) - .orderBy(desc(forms.createdAt)) - .limit(limit) - .offset(offset); -} +query.where(and(...conditions)); Apply / Chat Suggestion importance[1-10]: 8 __ Why: The suggestion correctly identifies a critical bug in the query filtering logic that prevents combining multiple filters, and the proposed fix correctly resolves the issue by building a dynamic list of conditions.	Medium
	Optimize auto-save timer performance Optimize the auto-save useEffect by removing formData from its dependency array to prevent the timer from being reset on every keystroke, which currently hinders its functionality. app/dashboard/forms/[id]/edit/page.tsx [69-90] // Auto-save every 30 seconds useEffect(() => { if (!formData || formData.form.status === "finalized") return; - // Clear existing timer - if (autoSaveTimerRef.current) { - clearInterval(autoSaveTimerRef.current); - } + const autoSave = async () => { + // Use a function to get the latest state to avoid stale closures + let shouldSave = false; + setHasUnsavedChanges(current => { + shouldSave = current; + return current; + }); - // Set up auto-save - autoSaveTimerRef.current = setInterval(() => { - if (hasUnsavedChanges) { - handleAutoSave(); + if (shouldSave) { + await handleAutoSave(); } - }, 30000); // 30 seconds + }; + + const timerId = setInterval(autoSave, 30000); // 30 seconds return () => { - if (autoSaveTimerRef.current) { - clearInterval(autoSaveTimerRef.current); - } + clearInterval(timerId); }; -}, [formData, hasUnsavedChanges]); +}, [formData?.form.status, handleAutoSave]); Apply / Chat Suggestion importance[1-10]: 8 __ Why: The suggestion correctly identifies a performance bug where the auto-save timer is reset on every keystroke, effectively preventing it from working as intended.	Medium
	Log correct action for image uploads Correct the audit log action for image uploads. The action should be 'update' when an existing image is replaced and 'create' for a new image, ensuring the audit trail is accurate. app/api/forms/[id]/images/route.ts [94-119] +let action: "create" | "update" = "create"; +let loggedImageId = imageId; + // If image exists, update it; otherwise insert if (existingImage.length > 0) { + action = "update"; + loggedImageId = existingImage[0].id; await db .update(formImages) .set({ storageUrl: imageUrl, metadata: imageData.metadata, updatedAt: new Date(), }) .where(eq(formImages.id, existingImage[0].id)); } else { await db.insert(formImages).values(imageData); } // Create audit log await db.insert(auditLogs).values({ id: nanoid(), userId: session.user.id, - action: "create", + action: action, entityType: "image", - entityId: imageId, + entityId: loggedImageId, ipAddress: request.ip || null, userAgent: request.headers.get("user-agent") || null, metadata: { formId: id, imageType }, timestamp: new Date(), }); Apply / Chat Suggestion importance[1-10]: 7 __ Why: The suggestion correctly identifies a bug in the audit logging where an image update is incorrectly logged as a 'create' action, and the fix ensures the audit trail is accurate, which is important for compliance.	Medium
	Prevent division by zero error Refactor the average score calculation to prevent a potential division-by-zero error and improve efficiency by using a single filter operation. app/dashboard/forms/page.tsx [409-419] -{forms.length > 0 - ? ( - forms - .filter((f) => f.form.totalScore) - .reduce( - (acc, f) => acc + parseFloat(f.form.totalScore || "0"), - 0 - ) / - forms.filter((f) => f.form.totalScore).length - ).toFixed(2) - : "N/A"} +{(() => { + const scoredForms = forms.filter((f) => f.form.totalScore); + if (scoredForms.length === 0) { + return "N/A"; + } + const totalScore = scoredForms.reduce( + (acc, f) => acc + parseFloat(f.form.totalScore || "0"), + 0 + ); + return (totalScore / scoredForms.length).toFixed(2); +})()} Apply / Chat Suggestion importance[1-10]: 7 __ Why: The suggestion correctly identifies a division-by-zero edge case that would display NaN, and the proposed fix is robust and also improves efficiency by avoiding a duplicate filter operation.	Medium
	Fix race condition on state update Fix a potential race condition by using the local userData variable from the API response directly when setting the email form state, instead of relying on the component's state which may not have been updated yet. app/dashboard/forms/[id]/pdf/page.tsx [86-102] // Fetch user data const userResponse = await fetch("/api/auth/me"); if (!userResponse.ok) throw new Error("Failed to fetch user"); -const userData = await userResponse.json(); +const userDataJson = await userResponse.json(); setFormData(formData); -setUserData(userData.user); +setUserData(userDataJson.user); // Set default email if (formData.patient.email) { setEmailForm((prev) => ({ ...prev, to: formData.patient.email, subject: `Relatório de Avaliação SPE-M - ${formData.patient.name}`, - message: `Prezado(a) ${formData.patient.name},\n\nSegue em anexo o relatório da sua avaliação SPE-M realizada em ${new Date(formData.form.createdAt).toLocaleDateString("pt-BR")}.\n\nAtenciosamente,\nDr(a). ${userData.user.name}`, + message: `Prezado(a) ${formData.patient.name},\n\nSegue em anexo o relatório da sua avaliação SPE-M realizada em ${new Date(formData.form.createdAt).toLocaleDateString("pt-BR")}.\n\nAtenciosamente,\nDr(a). ${userDataJson.user.name}`, })); } [To ensure code accuracy, apply this suggestion manually] Suggestion importance[1-10]: 7 __ Why: The suggestion correctly identifies a potential race condition where a state setter (setUserData) is called right before its value is used, and proposes using the local variable from the fetch response to ensure correctness.	Medium
	Fix bug in field update logic Update the logic for name and cpf fields to use an explicit undefined check instead of the || operator. This prevents falsy values like empty strings from being ignored during updates. app/api/patients/[id]/route.ts [99-112] // Update patient const updatedData = { - name: name || existingPatient[0].name, - cpf: cpf || existingPatient[0].cpf, + name: name !== undefined ? name : existingPatient[0].name, + cpf: cpf !== undefined ? cpf : existingPatient[0].cpf, birthDate: birthDate ? new Date(birthDate) : existingPatient[0].birthDate, phone: phone !== undefined ? phone : existingPatient[0].phone, email: email !== undefined ? email : existingPatient[0].email, address: address !== undefined ? address : existingPatient[0].address, notes: notes !== undefined ? notes : existingPatient[0].notes, medicalHistory: medicalHistory !== undefined ? medicalHistory : existingPatient[0].medicalHistory, allergies: allergies !== undefined ? allergies : existingPatient[0].allergies, currentMedications: currentMedications !== undefined ? currentMedications : existingPatient[0].currentMedications, updatedAt: new Date(), }; Apply / Chat Suggestion importance[1-10]: 6 __ Why: The suggestion correctly identifies a potential bug where name and cpf fields cannot be updated to an empty string, and also improves consistency with the update logic for other fields.	Low
General	Use non-blocking confirmation dialog Replace the blocking window.confirm() in the handleDelete function with a non-blocking AlertDialog from shadcn/ui to improve user experience and UI consistency. app/dashboard/patients/page.tsx [125-144] +// In your component, you would use AlertDialog from "@/components/ui/alert-dialog" +// The delete button would trigger this dialog. +// Example of what the button in the table row would look like: +/* +<AlertDialog> + <AlertDialogTrigger asChild> + <Button variant="ghost" size="sm" title="Excluir"> + <Trash2 className="w-4 h-4 text-destructive" /> + </Button> + </AlertDialogTrigger> + <AlertDialogContent> + <AlertDialogHeader> + <AlertDialogTitle>Tem certeza?</AlertDialogTitle> + <AlertDialogDescription> + Esta ação não pode ser desfeita. Isso irá "deletar" o paciente {patient.name} e seus dados associados. + </AlertDialogDescription> + </AlertDialogHeader> + <AlertDialogFooter> + <AlertDialogCancel>Cancelar</AlertDialogCancel> + <AlertDialogAction onClick={() => handleDelete(patient.id)}> + Continuar + </AlertDialogAction> + </AlertDialogFooter> + </AlertDialogContent> +</AlertDialog> +*/ + // Handle delete -const handleDelete = async (id: string, name: string) => { - if (!confirm(`Tem certeza que deseja excluir o paciente ${name}?`)) { - return; - } - +const handleDelete = async (id: string) => { try { const response = await fetch(`/api/patients/${id}`, { method: "DELETE", }); if (!response.ok) throw new Error("Failed to delete patient"); toast.success("Paciente excluído com sucesso!"); fetchPatients(); } catch (error) { toast.error("Erro ao excluir paciente"); console.error(error); } }; Apply / Chat Suggestion importance[1-10]: 6 __ Why: The suggestion correctly points out that using window.confirm() is a poor user experience and proposes a better, non-blocking alternative using an existing UI library, which improves UI consistency.	Low
More

[coderabbitai]

Actionable comments posted: 34

♻️ Duplicate comments (2)

db/migrations/meta/0001_snapshot.json (2)

368-483: Same integrity/indexing recommendations apply as in 0002.

Add UNIQUE (formId, criterionNumber), CHECKs on forms.status/profileClassification, and indexes on FK/filter columns, implemented via a new forward migration.

Also applies to: 196-284

---

484-592: CPF handling (PII) also applies here.

Secure storage and uniqueness via encrypted field + deterministic token; plan a safe backfill migration.

🧹 Nitpick comments (35)

app/dashboard/_components/sidebar.tsx (1)

30-39: Make nav items accessible and highlight nested routes.

• Replace clickable divs with to enable keyboard navigation and semantics; add aria-current when active.
• Use startsWith() so /dashboard/forms/[id] highlights "Formulários SPE-M".

Diff (core idea):

- {navItems.map((item) => ( - <div - key={item.href} - onClick={() => router.push(item.href)} - className={clsx( - "flex items-center gap-2 w-full rounded-lg px-3 py-2 text-sm font-medium transition-colors hover:cursor-pointer", - pathname === item.href - ? "bg-primary/10 text-primary hover:bg-primary/20" - : "text-muted-foreground hover:bg-muted hover:text-foreground", - )} - > - <item.icon className="h-4 w-4" /> - {item.label} - </div> - ))} + {navItems.map((item) => { + const active = + pathname === item.href || pathname?.startsWith(item.href + "/"); + return ( + <Link + key={item.href} + href={item.href} + className={clsx( + "flex items-center gap-2 w-full rounded-lg px-3 py-2 text-sm font-medium transition-colors", + active + ? "bg-primary/10 text-primary hover:bg-primary/20" + : "text-muted-foreground hover:bg-muted hover:text-foreground", + )} + aria-current={active ? "page" : undefined} + > + <item.icon className="h-4 w-4" /> + {item.label} + </Link> + ); + })}

Also applies to: 76-91

SPE-M-README.md (1)

286-286: Minor README polish for linting.

• Add a language to the file tree fenced block (e.g., ```text).
• Convert bare URLs to Markdown links.

Example:

- https://nextjs.org/docs + [Next.js Docs](https://nextjs.org/docs)

Optional: replace “Router” → “roteador” and “Template” → “modelo” for consistency in PT-BR.

Also applies to: 257-257, 407-408

app/dashboard/forms/[id]/photos/[imageId]/annotate/page.tsx (4)

174-180: Use functional state updates to avoid stale closures when appending/removing annotations.

Prevents lost updates during rapid interactions.

@@ - setAnnotations([...annotations, currentAnnotation]); + setAnnotations((prev) => [...prev, currentAnnotation]); @@ - setAnnotations([...annotations, newAnnotation]); + setAnnotations((prev) => [...prev, newAnnotation]); @@ - if (annotations.length > 0) { - setAnnotations(annotations.slice(0, -1)); - } + setAnnotations((prev) => (prev.length ? prev.slice(0, -1) : prev));

Also applies to: 188-199, 201-205

---

86-89: Effect should also depend on formId.

Ensures correct fetch if route changes both params.

- }, [imageId]); + }, [formId, imageId]);

---

24-33: Tighten types and remove any.

Define a discriminated union for Annotation and type stageRef as Konva.Stage for safer rendering.

• Replace tool: string with 'pen' | 'line' | 'arrow' | 'circle' | 'text'.
• Use per-tool fields (e.g., points required for pen/line/arrow).
• const stageRef = useRef<Konva.Stage | null>(null);

Also applies to: 84-85

---

182-199: Avoid blocking prompt/confirm; use a dialog/input from your UI kit.

Improves UX, accessibility, and consistency.

• Replace prompt("Digite o texto:") with a controlled Dialog + Input.
• Replace confirm(...) with a confirmation Dialog.

Also applies to: 207-211, 328-339, 324-327

lib/spe-m-criteria.ts (2)

381-401: Implement optional score weights; keep behavior identical when absent.

scoreWeight exists on fields but isn’t used. Use weighted average when provided; falls back to simple average otherwise.

 let totalScore = 0; - let totalFields = 0; + let totalWeight = 0; @@ - if (field.options) { + if (field.options) { const selectedOption = field.options.find( (opt) => opt.value === selectedValue ); if (selectedOption) { - totalScore += selectedOption.score; - totalFields++; + const w = field.scoreWeight ?? 1; + totalScore += selectedOption.score * w; + totalWeight += w; } } }); // Average score for this criterion - return totalFields > 0 ? totalScore / totalFields : 0; + return totalWeight > 0 ? totalScore / totalWeight : 0;

---

373-401: Heads-up: number/text fields are ignored in scoring.

If future criteria add type: "number" | "text", they won’t affect scores. Add a handler or document the constraint.

lib/pdf-generator.ts (2)

28-31: Images are provided in PDFData but not rendered. Intentional?

If intended, consider embedding small thumbnails (with annotations) into the PDF; otherwise remove from the type to avoid confusion.

Would you like a follow-up patch to render up to 6 thumbnails with captions (type label) and pagination-aware layout?

Also applies to: 39-45, 325-332

---

5-37: Export PDFData for reuse across modules.

Improves type reuse where callers build the payload.

-interface PDFData { +export interface PDFData {

app/dashboard/forms/[id]/photos/page.tsx (1)

38-41: Initialize currentTab from IMAGE_TYPES for consistency.

Avoid hardcoding “frontal”.

- const [currentTab, setCurrentTab] = useState("frontal"); + const [currentTab, setCurrentTab] = useState<string>(IMAGE_TYPES[0].id);

app/dashboard/forms/[id]/edit/page.tsx (2)

315-316: Completion checks should not rely on truthiness.

Values like "0" evaluate falsy and mark a filled field as incomplete.

- return criterion.fields.every((field) => c.data[field.id]); + return criterion.fields.every( + (field) => Object.prototype.hasOwnProperty.call(c.data, field.id) && + String(c.data[field.id]).length > 0 + );

- const isComplete = criterionData && criterion.fields.every((field) => criterionData.data[field.id]); + const isComplete = + !!criterionData && + criterion.fields.every( + (field) => + Object.prototype.hasOwnProperty.call(criterionData.data, field.id) && + String(criterionData.data[field.id]).length > 0 + );

Also applies to: 440-446

---

291-305: Optional: Consider averaging only filled criteria.

Current total averages across all criteria, weighting unfilled as zero. If you want “live score of filled sections,” filter to criteria with at least one filled field before averaging.

app/dashboard/forms/page.tsx (2)

71-89: Set loading true before refetch to show the spinner on filter changes.

Improves UX; spinner currently appears only on first load.

 const fetchForms = async () => { - try { + try { + setLoading(true); const params = new URLSearchParams(); if (patientIdParam) params.append("patientId", patientIdParam); if (statusFilter !== "all") params.append("status", statusFilter); - const response = await fetch(`/api/forms?${params}`); + const qs = params.toString(); + const response = await fetch(`/api/forms${qs ? `?${qs}` : ""}`); if (!response.ok) throw new Error("Failed to fetch forms"); const data = await response.json(); setForms(data.forms); } catch (error) { toast.error("Erro ao carregar formulários"); console.error(error); } finally { setLoading(false); } }; useEffect(() => { fetchForms(); fetchPatients(); }, [statusFilter, patientIdParam]);

Also applies to: 104-108

---

5-6: Remove unused imports.

Input, Search, CheckCircle aren’t used. Keep imports lean.

-import { Input } from "@/components/ui/input"; ... -import { Plus, Search, Edit, Trash2, Eye, FileDown, CheckCircle } from "lucide-react"; +// import { Input } from "@/components/ui/input"; // unused +import { Plus, Edit, Trash2, Eye, FileDown } from "lucide-react";

Also applies to: 30-31

app/dashboard/patients/page.tsx (3)

248-259: Validate/mask CPF on input; store digits only.

Prevents inconsistent data and display issues.

- <Input + <Input id="cpf" - value={formData.cpf} - onChange={(e) => - setFormData({ ...formData, cpf: e.target.value }) - } + inputMode="numeric" + pattern="[0-9]{11}" + value={formData.cpf} + onChange={(e) => { + const digits = e.target.value.replace(/\D/g, "").slice(0, 11); + setFormData({ ...formData, cpf: digits }); + }} required - placeholder="000.000.000-00" - maxLength={14} + placeholder="000.000.000-00" + maxLength={14} />

---

84-87: Debounce server search to cut request spam.

Add a small debounce around fetchPatients when typing.

- useEffect(() => { - fetchPatients(); - }, [searchQuery]); + useEffect(() => { + const id = setTimeout(() => { fetchPatients(); }, 300); + return () => clearTimeout(id); + }, [searchQuery]);

Also applies to: 378-389

---

491-499: “Novos este mês” ignores year.

January 2024 vs January 2025 both count. Compare year too.

- patients.filter( - (p) => - new Date(p.createdAt).getMonth() === new Date().getMonth() - ).length + (() => { + const now = new Date(); + return patients.filter((p) => { + const d = new Date(p.createdAt); + return d.getMonth() === now.getMonth() && d.getFullYear() === now.getFullYear(); + }).length; + })()

app/api/forms/route.ts (2)

23-25: Cap and validate pagination params.

Avoids heavy queries or NaN.

- const limit = parseInt(searchParams.get("limit") || "50"); - const offset = parseInt(searchParams.get("offset") || "0"); + const rawLimit = Number(searchParams.get("limit") ?? 50); + const rawOffset = Number(searchParams.get("offset") ?? 0); + const limit = Math.min(Math.max(1, isFinite(rawLimit) ? rawLimit : 50), 100); + const offset = Math.max(0, isFinite(rawOffset) ? rawOffset : 0);

Also applies to: 40-41

---

36-41: Hide soft‑deleted patients in join.

Prevents surfacing forms linked to deleted patients.

- .where(eq(forms.userId, session.user.id)) + .where(and(eq(forms.userId, session.user.id)))

And add to composed conditions:

+ // when joining, also ensure patient not soft-deleted + // .where(and(..., isNull(patients.deletedAt)))

app/dashboard/forms/[id]/pdf/page.tsx (2)

21-21: Lazy‑load PDF generator for download too.

Reduces page bundle; mirror print path.

- import { downloadPDF } from "@/lib/pdf-generator"; + // defer heavy pdf generator to user action

- const handleDownload = async () => { + const handleDownload = async () => { if (!formData || !userData) return; setGenerating(true); try { - await downloadPDF({ + const { downloadPDF } = await import("@/lib/pdf-generator"); + await downloadPDF({ form: formData.form, patient: formData.patient, criteria: formData.criteria, images: formData.images, doctor: { name: userData.name, crm: userData.crm, specialty: userData.specialty, }, });

Also applies to: 112-129

---

167-176: Email sending is TODO; can help wire it.

Hook to backend (e.g., /api/forms/[id]/email) with basic validation and rate limiting.

Do you want a thin API route + client integration added in this PR?

app/api/patients/[id]/route.ts (2)

114-118: Gracefully handle CPF uniqueness violations.

Return 409 instead of 500 on unique constraint errors.

- await db - .update(patients) - .set(updatedData) - .where(eq(patients.id, id)); + try { + await db.update(patients).set(updatedData).where(eq(patients.id, id)); + } catch (e: any) { + if (e?.code === "23505") { + return NextResponse.json({ error: "CPF already exists" }, { status: 409 }); + } + throw e; + }

---

3-4: CPF encryption not implemented despite schema promise.

Verification confirms no encryption/decryption logic exists in the codebase. The schema comment at db/schema.ts:98 states encryption will occur at the application layer, but CPF data is stored and retrieved as plaintext throughout: app/api/patients/route.ts, app/api/patients/[id]/route.ts, and other routes access CPF directly without encryption. Only display-level formatting masks the value. Implement encrypt/decrypt utilities in write and read paths to align with the schema contract.

app/dashboard/_components/spe-m-stats.tsx (1)

56-62: Ensure “Avaliações Recentes” are actually recent.

Slice assumes backend ordering. Explicitly sort by createdAt desc before slicing to 5.

- recentForms: formsData.forms.slice(0, 5), + recentForms: [...formsData.forms] + .sort( + (a, b) => + new Date(b.form.createdAt).getTime() - + new Date(a.form.createdAt).getTime() + ) + .slice(0, 5),

app/api/patients/route.ts (1)

20-24: Clamp pagination to sane bounds.

Prevent large scans and accidental abuse by clamping limit/offset (e.g., 1–200) and validating integers.

- const limit = parseInt(searchParams.get("limit") || "50"); - const offset = parseInt(searchParams.get("offset") || "0"); + const rawLimit = Number.parseInt(searchParams.get("limit") || "50", 10); + const rawOffset = Number.parseInt(searchParams.get("offset") || "0", 10); + const limit = Math.min(Math.max(isNaN(rawLimit) ? 50 : rawLimit, 1), 200); + const offset = Math.max(isNaN(rawOffset) ? 0 : rawOffset, 0);

app/dashboard/forms/[id]/page.tsx (2)

62-76: Harden fetch: avoid caching and abort on unmount.

Add cache: "no-store" and AbortController.

- useEffect(() => { - fetchForm(); - }, [formId]); + useEffect(() => { + const controller = new AbortController(); + fetchForm(controller.signal); + return () => controller.abort(); + }, [formId]); - const fetchForm = async () => { + const fetchForm = async (signal?: AbortSignal) => { try { - const response = await fetch(`/api/forms/${formId}`); + const response = await fetch(`/api/forms/${formId}`, { + cache: "no-store", + signal, + });

---

153-156: Mask CPF in UI.

Display only the last digits to reduce exposure.

- <p className="font-medium"> - {formData.patient.cpf.replace(/(\d{3})(\d{3})(\d{3})(\d{2})/, "$1.$2.$3-$4")} - </p> + <p className="font-medium"> + {`***.***.***-${String(formData.patient.cpf).slice(-2)}`} + </p>

app/dashboard/patients/[id]/page.tsx (3)

84-89: Forms fetch should not trigger patient-level redirect; handle separately and check .ok.

Currently any error in forms fetch redirects away. Keep patient visible and default to empty forms.

- // Fetch forms for this patient - const formsRes = await fetch(`/api/forms?patientId=${params.id}`); - const formsData = await formsRes.json(); - setForms(formsData.forms); + // Fetch forms for this patient + const formsRes = await fetch(`/api/forms?patientId=${params.id}`); + let formsData: { forms: FormWithDetails[] } = { forms: [] }; + if (formsRes.ok) { + formsData = await formsRes.json(); + } else { + console.warn("Failed to fetch forms for patient:", params.id); + } + setForms(formsData.forms); - } catch (error) { + } catch (error) { console.error("Error fetching patient data:", error); - // Redirect to patients list if patient not found - router.push("/dashboard/patients"); + // Redirect only if the patient fetch failed; otherwise keep page up. + router.push("/dashboard/patients");

Also applies to: 115-121

---

164-174: Timezone edge cases for birth dates.

new Date(birthDate) with a TIMESTAMP can shift by timezone and skew age or formatted date by ±1 day. Prefer storing birthDate as DATE in DB and emitting ISO date-only.

This is coupled with migration feedback to use DATE for patients.birthDate.

Also applies to: 329-336

---

70-76: Optional: abort in-flight requests on unmount or id change.

Avoid setting state after unmount and cancel obsolete fetches when params.id changes.

-import { useEffect, useState } from "react"; +import { useEffect, useState } from "react"; // ... useEffect(() => { - fetchPatientData(); + const ctrl = new AbortController(); + fetchPatientData(ctrl.signal); return () => ctrl.abort(); }, [params.id]); -const fetchPatientData = async () => { +const fetchPatientData = async (signal?: AbortSignal) => { try { setLoading(true); - const patientRes = await fetch(`/api/patients/${params.id}`); + const patientRes = await fetch(`/api/patients/${params.id}`, { signal }); // ... - const formsRes = await fetch(`/api/forms?patientId=${params.id}`); + const formsRes = await fetch(`/api/forms?patientId=${params.id}`, { signal });

db/migrations/0001_wooden_mindworm.sql (4)

22-23: Prefer timestamptz (or DATE for pure dates) for all temporal columns.

Using timestamp (without TZ) risks drift in multi‑TZ environments and JS clients. Recommend:

• Change createdAt/updatedAt/finalizedAt/uploadedAt to timestamptz.
• Consider DATE for patients.birthDate (see next comment).

Example patch:

-"createdAt" timestamp DEFAULT now() NOT NULL, -"updatedAt" timestamp DEFAULT now() NOT NULL, +"createdAt" timestamptz DEFAULT now() NOT NULL, +"updatedAt" timestamptz DEFAULT now() NOT NULL,

Apply similarly to all timestamp columns in these tables.

Also applies to: 34-35, 47-50, 63-66

---

57-57: Store birth dates as DATE, not TIMESTAMP.

Birth dates aren’t instants in time; TIMESTAMP causes TZ-related off‑by‑one issues in clients.

- "birthDate" timestamp, + "birthDate" date,

Pairs with the page.tsx age calculation note.

---

42-46: Constrain string enums (status/classification/imageType/action/entityType).

Use CHECK constraints or Postgres enums to enforce valid values.

Example:

-- Forms ALTER TABLE "forms" ADD CONSTRAINT forms_status_check CHECK (status IN ('draft','finalized','archived')); -- Classification (if using text) ALTER TABLE "forms" ADD CONSTRAINT forms_profile_classification_check CHECK ( "profileClassification" IN ('low','medium','high') ); -- formImages ALTER TABLE "formImages" ADD CONSTRAINT form_images_type_check CHECK ("imageType" IN ('pre','post','intra')); -- auditLogs ALTER TABLE "auditLogs" ADD CONSTRAINT auditlogs_action_check CHECK ("action" IN ('create','update','finalize','archive','delete')), ADD CONSTRAINT auditlogs_entitytype_check CHECK ("entityType" IN ('patient','form','formImage','formCriterion'));

Also applies to: 29-30, 4-6

---

53-67: Add indexes for common access patterns and soft‑delete.

To keep queries snappy at scale:

• Patients:
  • Index by userId and by (deletedAt IS NULL).
• Forms:
  • Index by patientId, userId, status, createdAt.
• Audit logs:
  • Composite (entityType, entityId), (userId, occurredAt).
• Images:
  • Index by formId.

Example:

CREATE INDEX idx_patients_userid ON "patients"("userId"); CREATE INDEX idx_patients_not_deleted ON "patients"("deletedAt") WHERE "deletedAt" IS NULL; CREATE INDEX idx_forms_patientid ON "forms"("patientId"); CREATE INDEX idx_forms_userid ON "forms"("userId"); CREATE INDEX idx_forms_status ON "forms"("status"); CREATE INDEX idx_forms_createdat ON "forms"("createdAt"); CREATE INDEX idx_auditlogs_entity ON "auditLogs"("entityType","entityId"); CREATE INDEX idx_auditlogs_user_ts ON "auditLogs"("userId","occurredAt"); CREATE INDEX idx_formimages_formid ON "formImages"("formId");

Also applies to: 38-51, 26-36, 1-11

📜 Review details

Configuration used: CodeRabbit UI

Review profile: CHILL

Plan: Pro

📥 Commits

Reviewing files that changed from the base of the PR and between b80fdf3 and 5d8195e.

⛔ Files ignored due to path filters (1)

• package-lock.json is excluded by !**/package-lock.json

📒 Files selected for processing (29)

• SPE-M-README.md (1 hunks)
• app/api/auth/me/route.ts (1 hunks)
• app/api/forms/[id]/finalize/route.ts (1 hunks)
• app/api/forms/[id]/images/route.ts (1 hunks)
• app/api/forms/[id]/route.ts (1 hunks)
• app/api/forms/route.ts (1 hunks)
• app/api/patients/[id]/route.ts (1 hunks)
• app/api/patients/route.ts (1 hunks)
• app/dashboard/_components/sidebar.tsx (3 hunks)
• app/dashboard/_components/spe-m-stats.tsx (1 hunks)
• app/dashboard/forms/[id]/edit/page.tsx (1 hunks)
• app/dashboard/forms/[id]/page.tsx (1 hunks)
• app/dashboard/forms/[id]/pdf/page.tsx (1 hunks)
• app/dashboard/forms/[id]/photos/[imageId]/annotate/page.tsx (1 hunks)
• app/dashboard/forms/[id]/photos/page.tsx (1 hunks)
• app/dashboard/forms/page.tsx (1 hunks)
• app/dashboard/page.tsx (2 hunks)
• app/dashboard/patients/[id]/page.tsx (1 hunks)
• app/dashboard/patients/page.tsx (1 hunks)
• components/ui/table.tsx (1 hunks)
• db/migrations/0001_wooden_mindworm.sql (1 hunks)
• db/migrations/0002_thick_scourge.sql (1 hunks)
• db/migrations/meta/0001_snapshot.json (1 hunks)
• db/migrations/meta/0002_snapshot.json (1 hunks)
• db/migrations/meta/_journal.json (1 hunks)
• db/schema.ts (3 hunks)
• lib/pdf-generator.ts (1 hunks)
• lib/spe-m-criteria.ts (1 hunks)
• package.json (3 hunks)

🧰 Additional context used

🧬 Code graph analysis (18)

app/api/patients/route.ts (4)

app/api/patients/[id]/route.ts (1)

• GET (10-62)

db/schema.ts (3)

• session (25-36)
• patients (95-113)
• auditLogs (167-179)

lib/auth.ts (1)

• auth (27-192)

db/drizzle.ts (1)

• db (6-6)

app/api/auth/me/route.ts (1)

lib/auth.ts (1)

• auth (27-192)

app/dashboard/page.tsx (1)

app/dashboard/_components/spe-m-stats.tsx (1)

• SPEMStats (26-237)

lib/pdf-generator.ts (1)

lib/spe-m-criteria.ts (2)

• classifyProfile (419-447)
• SPE_M_CRITERIA (22-371)

app/api/forms/[id]/finalize/route.ts (4)

db/schema.ts (4)

• session (25-36)
• forms (116-133)
• formCriteria (136-149)
• auditLogs (167-179)

lib/auth.ts (1)

• auth (27-192)

db/drizzle.ts (1)

• db (6-6)

lib/spe-m-criteria.ts (2)

• calculateTotalScore (404-416)
• classifyProfile (419-447)

app/api/forms/[id]/route.ts (3)

db/schema.ts (5)

• forms (116-133)
• patients (95-113)
• formCriteria (136-149)
• formImages (152-164)
• auditLogs (167-179)

db/drizzle.ts (1)

• db (6-6)

lib/spe-m-criteria.ts (2)

• calculateTotalScore (404-416)
• classifyProfile (419-447)

app/dashboard/forms/[id]/pdf/page.tsx (1)

lib/pdf-generator.ts (2)

• downloadPDF (328-332)
• generateSPEMPDF (39-326)

app/dashboard/patients/page.tsx (1)

db/schema.ts (1)

• patients (95-113)

components/ui/table.tsx (1)

lib/utils.ts (1)

• cn (4-6)

app/dashboard/forms/[id]/edit/page.tsx (1)

lib/spe-m-criteria.ts (4)

• calculateCriterionScore (374-401)
• calculateTotalScore (404-416)
• classifyProfile (419-447)
• SPE_M_CRITERIA (22-371)

app/dashboard/forms/[id]/page.tsx (1)

lib/spe-m-criteria.ts (2)

• classifyProfile (419-447)
• SPE_M_CRITERIA (22-371)

app/dashboard/forms/page.tsx (1)

db/schema.ts (2)

• forms (116-133)
• patients (95-113)

app/dashboard/patients/[id]/page.tsx (2)

db/schema.ts (1)

• forms (116-133)

lib/utils.ts (1)

• cn (4-6)

app/api/forms/[id]/images/route.ts (3)

db/schema.ts (4)

• session (25-36)
• forms (116-133)
• formImages (152-164)
• auditLogs (167-179)

lib/auth.ts (1)

• auth (27-192)

db/drizzle.ts (1)

• db (6-6)

app/api/patients/[id]/route.ts (4)

app/api/patients/route.ts (1)

• GET (10-70)

db/schema.ts (3)

• session (25-36)
• patients (95-113)
• auditLogs (167-179)

lib/auth.ts (1)

• auth (27-192)

db/drizzle.ts (1)

• db (6-6)

app/dashboard/forms/[id]/photos/page.tsx (1)

lib/spe-m-criteria.ts (1)

• IMAGE_TYPES (450-457)

app/api/forms/route.ts (4)

app/api/forms/[id]/route.ts (1)

• GET (11-81)

db/schema.ts (5)

• session (25-36)
• forms (116-133)
• patients (95-113)
• formCriteria (136-149)
• auditLogs (167-179)

lib/auth.ts (1)

• auth (27-192)

db/drizzle.ts (1)

• db (6-6)

db/schema.ts (1)

auth-schema.ts (1)

• user (3-11)

🪛 LanguageTool

SPE-M-README.md

[locale-violation] ~6-~6: “Router” é um estrangeirismo. É preferível dizer “encaminhador” ou “roteador”.
Context: ...trutura Base** ✅ - ✅ Next.js 15 com App Router - ✅ TypeScript configurado - ✅ Tailwind...

(PT_BARBARISMS_REPLACE_ROUTER)

---

[locale-violation] ~157-~157: “Template” é um estrangeirismo. É preferível dizer “modelo”.
Context: ...implementar gerador O que falta: - [ ] Template de PDF profissional - [ ] Cabeçalho com...

(PT_BARBARISMS_REPLACE_TEMPLATE)

---

[misspelling] ~185-~185: Esta é uma palavra só.
Context: ... [ ] Exportação de resultados #### 4.3 Auto-save e Versionamento - [ ] Salvamento automá...

(AUTO)

---

[uncategorized] ~193-~193: Encontrada possível ausência de vírgula.
Context: ... - [ ] Página de edição de perfil - [ ] Campos CRM e especialidade - [ ] Upload de ass...

(AI_PT_HYDRA_LEO_MISSING_COMMA)

---

[misspelling] ~342-~342: Esta é uma palavra só.
Context: ...de MÉDIA (importantes) 4. ✅ Implementar auto-save 5. ✅ Implementar comparação de fichas 6...

(AUTO)

🪛 markdownlint-cli2 (0.18.1)

SPE-M-README.md

257-257: Bare URL used

(MD034, no-bare-urls)

---

286-286: Fenced code blocks should have a language specified

(MD040, fenced-code-language)

---

407-407: Bare URL used

(MD034, no-bare-urls)

---

408-408: Bare URL used

(MD034, no-bare-urls)

🔇 Additional comments (7)

app/dashboard/_components/sidebar.tsx (1)

66-71: Header text change looks good.

app/api/auth/me/route.ts (1)

5-16: Solid GET /api/auth/me implementation.

Async headers() usage matches Next 15; clear 401/500 paths; minimal payload.

app/api/forms/[id]/images/route.ts (1)

13-14: The web search reveals an important discrepancy. Let me run corrected shell scripts to verify the remaining concerns in the review:

Now let me run corrected shell scripts to verify the remaining concerns:

Based on my research, Next.js 15 route handlers require params to be typed as Promise<{ id: string }> and must be awaited. The current code is correct for Next.js 15. The review comment's core recommendation to remove the Promise typing and the await is incorrect and would break the code.

Likely an incorrect or invalid review comment.

package.json (1)

53-55: Add "use client" directive to lib/pdf-generator.ts to clarify client-only usage.

lib/pdf-generator.ts statically imports jspdf and jspdf-autotable without marking itself as a client module. While the PDF page already uses dynamic import for lazy-loading, the library file should explicitly declare itself as client-only with "use client" at the top for clarity and consistency.

The annotate page (app/dashboard/forms/[id]/photos/[imageId]/annotate/page.tsx) is properly marked as a client component and safely imports react-konva and use-image.

Add to lib/pdf-generator.ts line 1:

"use client"; import jsPDF from "jspdf";

components/ui/table.tsx (1)

1-117: LGTM — accessible, typed table primitives look solid.

Forward refs, semantics (thead/tbody/tfoot), and styling are consistent. No issues spotted.

app/dashboard/page.tsx (1)

4-4: SPEMStats is correctly marked as a Client Component.

Verified: app/dashboard/_components/spe-m-stats.tsx starts with "use client" on line 1, followed by React hook imports. The import is safe and the client/server boundary is properly maintained.

db/migrations/0001_wooden_mindworm.sql (1)

75-75: Cascade on forms.userId → user delete: confirm business intent.

Deleting a user will delete all their forms. Is this intended? Many systems prefer reassigning or preserving medical records.

If not intended, switch to ON DELETE SET NULL (and make column nullable) or add an ownership transfer flow.

[coderabbitai]

⚠️ Potential issue | 🟠 Major

TOCTOU race: finalize check vs update.

Make update conditional on status != 'finalized' and verify affected rows.

+import { eq, and, ne } from "drizzle-orm"; ... - await db - .update(forms) - .set({ + const res = await db + .update(forms) + .set({ status: "finalized", totalScore: totalScore.toString(), profileClassification: profile.classification, finalizedAt: new Date(), updatedAt: new Date(), - }) - .where(eq(forms.id, id)); + }) + .where(and(eq(forms.id, id), ne(forms.status, "finalized"))); + if ((res as any)?.rowCount === 0) { + return NextResponse.json({ error: "Form is already finalized" }, { status: 409 }); + }

Also applies to: 59-70

🤖 Prompt for AI Agents

In app/api/forms/[id]/finalize/route.ts around lines 26-36 (and also apply same fix at lines 59-70), replace the separate existence check + unconditional update with an atomic conditional update that includes a WHERE status != 'finalized' (or equivalent) so the DB only changes rows that are not already finalized; after executing the update inspect the affected row count and if zero return a 409/appropriate error indicating the form is already finalized (or 404 if no such form for the user), otherwise proceed normally — this eliminates the TOCTOU race by making the finalize action conditional and verifying affected rows. 

[coderabbitai]

⚠️ Potential issue | 🟡 Minor

Response shape inconsistent with other endpoints.

Return the classification string under profileClassification; include full profile separately if needed.

- return NextResponse.json({ - message: "Form finalized successfully", - totalScore, - profileClassification: profile, - }); + return NextResponse.json({ + message: "Form finalized successfully", + totalScore, + profileClassification: profile.classification, + profile, + });

🤖 Prompt for AI Agents

In app/api/forms/[id]/finalize/route.ts around lines 84 to 88, the response currently returns the full profile object under profileClassification which breaks the response shape; change the response to set profileClassification to the classification string (e.g., profile.classification or profile?.classification) and, if the full profile must be returned, include it under a separate key (e.g., profile or fullProfile) so other endpoints receive the expected simple string in profileClassification. 

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

Make update atomic with a transaction.

Updating many criteria then the form should be all-or-nothing. Wrap in db.transaction.

- // Update criteria if provided - if (criteria && Array.isArray(criteria)) { - const updatePromises = criteria.map((criterion: any) => { - return db + // Update criteria if provided + if (criteria && Array.isArray(criteria)) { + await db.transaction(async (tx) => { + const updatePromises = criteria.map((criterion: any) => + tx .update(formCriteria) .set({ data: criterion.data, - score: criterion.score, + // Do not trust client score; compute server-side below + score: null, notes: criterion.notes || null, recommendations: criterion.recommendations || null, updatedAt: new Date(), }) .where( and( eq(formCriteria.formId, id), eq(formCriteria.criterionNumber, criterion.criterionNumber) ) - ); - }); - await Promise.all(updatePromises); + ) + ); + await Promise.all(updatePromises); + }); }

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	// Update criteria if provided
	if (criteria && Array.isArray(criteria)) {
	const updatePromises = criteria.map((criterion: any) => {
	return db
	.update(formCriteria)
	.set({
	data: criterion.data,
	score: criterion.score,
	notes: criterion.notes || null,
	recommendations: criterion.recommendations || null,
	updatedAt: new Date(),
	})
	.where(
	and(
	eq(formCriteria.formId, id),
	eq(formCriteria.criterionNumber, criterion.criterionNumber)
	)
	);
	});
	await Promise.all(updatePromises);
	}
	// Update criteria if provided
	if (criteria && Array.isArray(criteria)) {
	await db.transaction(async (tx) => {
	const updatePromises = criteria.map((criterion: any) =>
	tx
	.update(formCriteria)
	.set({
	data: criterion.data,
	// Do not trust client score; compute server-side below
	score: null,
	notes: criterion.notes || null,
	recommendations: criterion.recommendations || null,
	updatedAt: new Date(),
	})
	.where(
	and(
	eq(formCriteria.formId, id),
	eq(formCriteria.criterionNumber, criterion.criterionNumber)
	)
	)
	);
	await Promise.all(updatePromises);
	});
	}

🤖 Prompt for AI Agents

In app/api/forms/[id]/route.ts around lines 120 to 140, the current criteria updates run individually and are not grouped atomically; wrap the criteria updates (and the subsequent form update) inside a single db.transaction so all changes succeed or fail together. Implement db.transaction(async (tx) => { ... }) and use the transaction handle (tx) for the update calls instead of db, run Promise.all on the mapped tx.update(...) promises, then perform the form update within the same transaction; ensure you await the transaction call so it commits only if all operations succeed and automatically roll back on error. 

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

Compute totalScore server-side from persisted criteria; handle partial updates correctly.

Current code averages only the submitted subset and trusts client scores. Recompute from DB across all criteria for the form, then classify.

- // Calculate total score - let totalScore = null; - let profileClassification = null; - - if (criteria && Array.isArray(criteria)) { - totalScore = calculateTotalScore( - criteria.map((c: any) => ({ - criterionNumber: c.criterionNumber, - data: c.data, - })) - ); - - const profile = classifyProfile(totalScore); - profileClassification = profile.classification; - } + // Recompute from DB to avoid trusting client and to include all criteria + const persisted = await db + .select() + .from(formCriteria) + .where(eq(formCriteria.formId, id)); + const recomputed = calculateTotalScore( + persisted.map((c: any) => ({ + criterionNumber: c.criterionNumber, + data: c.data, + })) + ); + const profile = classifyProfile(recomputed); + const totalScore = recomputed; + const profileClassification = profile.classification; // Update form const updatedData = { generalNotes: generalNotes !== undefined ? generalNotes : existingForm[0].generalNotes, recommendations: recommendations !== undefined ? recommendations : existingForm[0].recommendations, - totalScore: totalScore !== null ? totalScore.toString() : existingForm[0].totalScore, - profileClassification: profileClassification || existingForm[0].profileClassification, + totalScore: totalScore.toString(), + profileClassification, updatedAt: new Date(), };

🤖 Prompt for AI Agents

In app/api/forms/[id]/route.ts around lines 142 to 168, the code currently computes totalScore from only the submitted criteria and trusts client-provided scores; instead, fetch the persisted criteria for the form from the DB, merge any client edits into that full set (or ignore client score fields and derive values server-side), then call calculateTotalScore over the complete, server-authoritative criteria array and use that result to compute profileClassification via classifyProfile; finally set totalScore (as string) and profileClassification in updatedData and persist—this ensures partial updates are handled correctly and the server recomputes scores from the DB-backed criteria. 

[coderabbitai]

⚠️ Potential issue | 🟠 Major

Don’t log raw request body in audit metadata.

Body may include sensitive notes/images. Log a minimal, whitelisted set (e.g., changed field names).

- metadata: { changes: body }, + metadata: { + changedFields: Object.keys(body ?? {}), + },

[coderabbitai]

⚠️ Potential issue | 🟠 Major

LGPD/PII risk: store CPF securely (encryption/tokenization).

patients.cpf is plain text with a unique constraint. This is sensitive PII; soft delete alone isn’t sufficient.

Suggestions:

• Use application- or DB-level encryption (e.g., AES-GCM via pgcrypto or an app KMS). For lookup/uniqueness, store:
  • encrypted_cpf (ciphertext) and
  • deterministic token/hash (e.g., HMAC-SHA256 over normalized CPF) with a UNIQUE index.
• Mask CPF in logs/UI; restrict access via RBAC.
• Add rotation process for the key/HMAC secret.

Example (conceptual):

-- New columns ALTER TABLE "patients" ADD COLUMN encryptedCpf bytea, ADD COLUMN cpfToken bytea; -- Deterministic token unique CREATE UNIQUE INDEX patients_cpftoken_unique ON "patients"(cpfToken);

Ensure backfill + migration plan for existing rows. (Compliance)

🤖 Prompt for AI Agents

In db/migrations/meta/0002_snapshot.json around lines 484 to 610, patients.cpf is stored as plaintext with a UNIQUE constraint which exposes sensitive PII; update the schema and migration to stop storing raw CPF, adding encryptedCpf (ciphertext) and cpfToken (deterministic HMAC/hash) columns, create a UNIQUE index on cpfToken, remove or deprecate the plain cpf column from uniqueness checks (and plan its safe removal), implement an application/DB-side deterministic HMAC (using a rotated secret or KMS) for lookups and a separate authenticated encryption (e.g., AES-GCM via pgcrypto or app KMS) for ciphertext, add a backfill migration that normalizes existing CPFs to produce cpfToken and encryptedCpf then securely delete or null plaintext cpfs, ensure CPF values are masked in logs/UI and access controlled via RBAC, and include a key rotation plan and migration steps to re-encrypt or re-hash data when rotating keys. 

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

CPF uniqueness conflicts with per-user checks and soft delete.

Current: global unique on cpf prevents two users from registering same CPF and blocks re‑create after soft delete.

• Replace column unique with composite unique (userId, cpf).
• If soft delete is required, make it partial (WHERE deletedAt IS NULL).

Example (Drizzle indices + SQL for partial index):

- cpf: text("cpf").notNull().unique(), // Will be encrypted in application layer + cpf: text("cpf").notNull(), // Will be encrypted/hashed in application layer

Add in your migration (SQL):

ALTER TABLE patients DROP CONSTRAINT IF EXISTS patients_cpf_unique; CREATE UNIQUE INDEX u_patients_user_cpf_active ON patients ("userId","cpf") WHERE "deletedAt" IS NULL;

Optional Drizzle composite (without partial):

import { uniqueIndex } from "drizzle-orm/pg-core"; // ... export const patients = pgTable("patients", { /* columns */ }, (t) => ({ uUserCpf: uniqueIndex("u_patients_user_cpf").on(t.userId, t.cpf), }));

Also consider storing cpfHash (HMAC) for uniqueness/search and encryptedCpf for display.

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

Enforce one row per criterion per form.

Add a unique index on (formId, criterionNumber) to prevent duplicates.

import { uniqueIndex } from "drizzle-orm/pg-core"; export const formCriteria = pgTable("formCriteria", { // columns... }, (t) => ({ uFormCriterion: uniqueIndex("u_form_criterion").on(t.formId, t.criterionNumber), }));

Migration (SQL):

CREATE UNIQUE INDEX u_form_criterion ON "formCriteria" ("formId","criterionNumber");

🤖 Prompt for AI Agents

In db/schema.ts around lines 135 to 149, the formCriteria table allows duplicate (formId, criterionNumber) rows; add a unique index to enforce one row per criterion per form by importing uniqueIndex from "drizzle-orm/pg-core" and adding the index in the pgTable call: provide a named uniqueIndex (e.g., u_form_criterion) on t.formId and t.criterionNumber in the third argument to pgTable, and add a corresponding SQL migration that runs CREATE UNIQUE INDEX u_form_criterion ON "formCriteria" ("formId","criterionNumber"); to prevent duplicates at the DB level. 

[coderabbitai]

🛠️ Refactor suggestion | 🟠 Major

Harden CPF masking to handle already-formatted inputs.

Current replace(/(\d{3}).../) fails if cpf includes punctuation or isn’t 11 digits.

- const patientInfo = [ - ["Nome:", data.patient.name], - ["CPF:", data.patient.cpf.replace(/(\d{3})(\d{3})(\d{3})(\d{2})/, "$1.$2.$3-$4")], + const cpfDigits = (data.patient.cpf || "").replace(/\D/g, ""); + const cpfMasked = + cpfDigits.length === 11 + ? cpfDigits.replace(/(\d{3})(\d{3})(\d{3})(\d{2})/, "$1.$2.$3-$4") + : (data.patient.cpf || "-"); + const patientInfo = [ + ["Nome:", data.patient.name], + ["CPF:", cpfMasked],

📝 Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change

	const patientInfo = [
	["Nome:", data.patient.name],
	["CPF:", data.patient.cpf.replace(/(\d{3})(\d{3})(\d{3})(\d{2})/, "$1.$2.$3-$4")],
	["Data de Nascimento:", data.patient.birthDate ? new Date(data.patient.birthDate).toLocaleDateString("pt-BR") : "-"],
	["Telefone:", data.patient.phone || "-"],
	["Email:", data.patient.email || "-"],
	];
	const cpfDigits = (data.patient.cpf || "").replace(/\D/g, "");
	const cpfMasked =
	cpfDigits.length === 11
	? cpfDigits.replace(/(\d{3})(\d{3})(\d{3})(\d{2})/, "$1.$2.$3-$4")
	: (data.patient.cpf || "-");
	const patientInfo = [
	["Nome:", data.patient.name],
	["CPF:", cpfMasked],
	["Data de Nascimento:", data.patient.birthDate ? new Date(data.patient.birthDate).toLocaleDateString("pt-BR") : "-"],
	["Telefone:", data.patient.phone || "-"],
	["Email:", data.patient.email || "-"],
	];

🤖 Prompt for AI Agents

In lib/pdf-generator.ts around lines 80 to 87, the CPF masking assumes an 11-digit numeric string and breaks if the input already contains punctuation or is not 11 digits; normalize the input by first guarding against missing cpf, stripping all non-digit characters, then if the resulting digits length is 11 format it into the pattern XXX.XXX.XXX-XX (e.g. via a regex or slice+join), otherwise fall back to returning the original value or a safe placeholder ("-") so the code never fails on pre-formatted or invalid CPF values. 

[coderabbitai]

⚠️ Potential issue | 🔴 Critical

🧩 Analysis chain

PII notice: PDF contains name, CPF, phone, and email.

Ensure user consent and secure handling (download-only, no third-party uploads). Consider adding a small “Confidencial” footer/watermark.

---

 --- 🏁 Script executed: ```shell #!/bin/bash # Examine the full pdf-generator.ts file to understand PII handling cat lib/pdf-generator.ts 

Length of output: 9118

---

🏁 Script executed:

#!/bin/bash # Search for consent-related patterns in the codebase rg -n -i "consent|permission|agree" -A 3 -B 3

Length of output: 6203

---

🏁 Script executed:

#!/bin/bash # Search for PII handling or data security patterns rg -n -i "pii|personally|confidential|secure|encrypt" -A 2 -B 2

Length of output: 2238

---

🏁 Script executed:

#!/bin/bash # Search for where pdf-generator is imported/used rg -n "from.*pdf-generator|require.*pdf-generator|import.*pdf-generator" -A 2 -B 2

Length of output: 783

---

🏁 Script executed:

#!/bin/bash # Look for data flow to pdf generation (parameters, functions) rg -n "generatePDF|pdf" --type ts -C 3 | head -100

Length of output: 4179

---

Add "Confidencial" watermark and review consent flow for sensitive patient data in PDF

The PDF correctly restricts to download-only (no third-party uploads), but lacks a confidentiality indicator. The code embeds patient PII (name, CPF, phone, email) without a "Confidencial" watermark or footer warning. Additionally, the codebase README (line 364) lists patient consent term as a TODO—ensure a consent mechanism is implemented before PDF generation with sensitive data, or document existing consent coverage in the application flow.

Required:

• Add "Confidencial" or "Uso Restrito" watermark to the PDF (applies to all pages)
• Verify or implement explicit user consent before generating PDFs with PII

🤖 Prompt for AI Agents

In lib/pdf-generator.ts around lines 296 to 323, the PDF footer loop embeds patient PII but lacks a confidentiality watermark and does not verify user consent; add a translucent diagonal "Confidencial" (or "Uso Restrito") watermark rendered on every page before footers (centered, large font, light gray, rotated) and ensure the watermark drawing is applied for each page in the existing page loop; additionally, before invoking PDF generation, call or implement a consent check function (e.g., verifyPatientConsent(patientId) or requireConsentFlag) that throws or returns false if explicit consent is not present and block generation if consent is missing, and update README to replace the TODO with a reference to the implemented consent check and where consent is recorded. 

[cubic-dev-ai]

20 issues found across 30 files

Prompt for AI agents (all 20 issues)

 Understand the root cause of the following 20 issues and fix them. <file name="app/dashboard/patients/[id]/page.tsx"> <violation number="1" location="app/dashboard/patients/[id]/page.tsx:408"> Sorting the state array in place mutates React state during render. Use a copied array before sorting to avoid state mutation.</violation> </file> <file name="app/api/patients/route.ts"> <violation number="1" location="app/api/patients/route.ts:22"> The limit query parameter is parsed with parseInt and used without validating for NaN, so requests like ?limit=abc will bubble NaN into LIMIT and trigger a runtime error instead of a proper 4xx response. Please validate and default the value before calling .limit().</violation> <violation number="2" location="app/api/patients/route.ts:23"> The offset query parameter is parsed with parseInt and used without checking for NaN, so inputs like ?offset=foo lead to a NaN offset and a database error. Add validation/defaulting before passing the value to .offset().</violation> </file> <file name="lib/pdf-generator.ts"> <violation number="1" location="lib/pdf-generator.ts:253"> Detailed criterion notes are written without verifying the remaining page space, letting long notes overflow past the bottom margin and disappear in the PDF. Please call checkPageBreak with the note block height before drawing it.</violation> <violation number="2" location="lib/pdf-generator.ts:278"> Long general notes are rendered without ensuring enough remaining space, so doc.text can write past the bottom margin and the PDF loses content. Call checkPageBreak with the computed block height before drawing the text.</violation> </file> <file name="app/dashboard/forms/page.tsx"> <violation number="1" location="app/dashboard/forms/page.tsx:409"> If there are forms without any recorded totalScore, this branch divides by zero and renders &quot;NaN&quot;. Guard the average on whether any form actually has a score before dividing.</violation> </file> <file name="app/dashboard/forms/[id]/edit/page.tsx"> <violation number="1" location="app/dashboard/forms/[id]/edit/page.tsx:115"> Ensure the change-tracking effect also resets hasUnsavedChanges to false when the serialized form data matches the initial snapshot, so the unsaved warning reflects reality.</violation> <violation number="2" location="app/dashboard/forms/[id]/edit/page.tsx:272"> Abort finalization when the draft save fails; handleSave should surface errors so handleFinalize can stop before calling the finalize endpoint.</violation> </file> <file name="app/api/forms/[id]/route.ts"> <violation number="1" location="app/api/forms/[id]/route.ts:121"> When `criteria` is provided but empty, this block still recalculates the totals; `calculateTotalScore([])` returns 0, so the form&#39;s persisted score becomes &quot;0&quot; and the profile classification flips to &quot;high&quot; on an otherwise unchanged update. Only recalc when there are actual criteria items.</violation> </file> <file name="app/api/forms/route.ts"> <violation number="1" location="app/api/forms/route.ts:82"> When both patientId and status are provided, this branch rebuilds the query without the earlier patientId constraint, so the response ignores the patient filter. Combine the optional predicates instead of reinitializing the query.</violation> </file> <file name="SPE-M-README.md"> <violation number="1" location="SPE-M-README.md:337"> The roadmap section marks pending features with ✅ even though earlier in the document they are still listed as TODO. Please switch these to an unchecked marker so readers aren’t misled about their completion status.</violation> </file> <file name="app/dashboard/forms/[id]/photos/page.tsx"> <violation number="1" location="app/dashboard/forms/[id]/photos/page.tsx:148"> Derive the required photo count from IMAGE_TYPES.length instead of hardcoding 6 so the validation and progress UI stay in sync with the configured image types.</violation> </file> <file name="db/migrations/meta/0001_snapshot.json"> <violation number="1" location="db/migrations/meta/0001_snapshot.json:10"> The patients table snapshot omits the medicalHistory, allergies, and currentMedications columns that exist in db/schema.ts, so this migration would create a schema missing fields the application expects, breaking patient records.</violation> </file> <file name="app/api/forms/[id]/images/route.ts"> <violation number="1" location="app/api/forms/[id]/images/route.ts:77"> When updating an existing image we still generate a new identifier, so the audit log’s entityId no longer matches the stored record. Reuse the existing image id so updates are audited against the correct entity.</violation> <violation number="2" location="app/api/forms/[id]/images/route.ts:122"> The response for an updated image returns the pre-update snapshot from `existingImage[0]`, so clients receive stale storageUrl and metadata despite the database having new values. Build the response from the fresh data you just persisted.</violation> </file> <file name="db/schema.ts"> <violation number="1" location="db/schema.ts:141"> criterionNumber should be unique per formId; otherwise a form can store duplicate criterion entries, breaking the expectation of exactly one row for each of the 8 criteria. Please add a composite unique constraint on (formId, criterionNumber) to enforce this.</violation> <violation number="2" location="db/schema.ts:157"> imageType should be unique per formId; otherwise the schema allows duplicate image slots for a form, undermining the &quot;6 photos per form&quot; requirement. Please add a composite unique constraint on (formId, imageType) to enforce one row per image type.</violation> </file> <file name="app/dashboard/_components/spe-m-stats.tsx"> <violation number="1" location="app/dashboard/_components/spe-m-stats.tsx:38"> Check that the /api/patients response is ok before reading patientsData.patients; otherwise a 401 payload shaped as { error: &quot;Unauthorized&quot; } leaves patientsData undefined and the component crashes when calling patientsData.patients.length.</violation> <violation number="2" location="app/dashboard/_components/spe-m-stats.tsx:42"> Verify formsRes.ok (or guard formsData.forms) before filtering; when /api/forms returns { error: &quot;Unauthorized&quot; } on a 401 the current code calls formsData.forms.filter and throws.</violation> <violation number="3" location="app/dashboard/_components/spe-m-stats.tsx:141"> Display the average score whenever there are finalized forms, even if the value is 0, otherwise real 0.00 averages are incorrectly shown as &quot;N/A&quot;.</violation> </file> 

_{React with 👍 or 👎 to teach cubic. Mention @cubic-dev-ai to give feedback, ask questions, or re-run the review.}

[cubic-dev-ai]

Sorting the state array in place mutates React state during render. Use a copied array before sorting to avoid state mutation.

Prompt for AI agents

Address the following comment on app/dashboard/patients/[id]/page.tsx at line 408: <comment>Sorting the state array in place mutates React state during render. Use a copied array before sorting to avoid state mutation.</comment> <file context> @@ -0,0 +1,505 @@ + &lt;div className=&quot;space-y-6&quot;&gt; + {/* Timeline */} + &lt;div className=&quot;relative&quot;&gt; + {forms + .sort( + (a, b) =&gt; </file context> 

[cubic-dev-ai]

The offset query parameter is parsed with parseInt and used without checking for NaN, so inputs like ?offset=foo lead to a NaN offset and a database error. Add validation/defaulting before passing the value to .offset().

Prompt for AI agents

Address the following comment on app/api/patients/route.ts at line 23: <comment>The offset query parameter is parsed with parseInt and used without checking for NaN, so inputs like ?offset=foo lead to a NaN offset and a database error. Add validation/defaulting before passing the value to .offset().</comment> <file context> @@ -0,0 +1,156 @@ + const { searchParams } = new URL(request.url); + const search = searchParams.get(&quot;search&quot;); + const limit = parseInt(searchParams.get(&quot;limit&quot;) || &quot;50&quot;); + const offset = parseInt(searchParams.get(&quot;offset&quot;) || &quot;0&quot;); + + // Build query </file context> 

[cubic-dev-ai]

The limit query parameter is parsed with parseInt and used without validating for NaN, so requests like ?limit=abc will bubble NaN into LIMIT and trigger a runtime error instead of a proper 4xx response. Please validate and default the value before calling .limit().

Prompt for AI agents

Address the following comment on app/api/patients/route.ts at line 22: <comment>The limit query parameter is parsed with parseInt and used without validating for NaN, so requests like ?limit=abc will bubble NaN into LIMIT and trigger a runtime error instead of a proper 4xx response. Please validate and default the value before calling .limit().</comment> <file context> @@ -0,0 +1,156 @@ + + const { searchParams } = new URL(request.url); + const search = searchParams.get(&quot;search&quot;); + const limit = parseInt(searchParams.get(&quot;limit&quot;) || &quot;50&quot;); + const offset = parseInt(searchParams.get(&quot;offset&quot;) || &quot;0&quot;); + </file context> 

[cubic-dev-ai]

Detailed criterion notes are written without verifying the remaining page space, letting long notes overflow past the bottom margin and disappear in the PDF. Please call checkPageBreak with the note block height before drawing it.

Prompt for AI agents

Address the following comment on lib/pdf-generator.ts at line 253: <comment>Detailed criterion notes are written without verifying the remaining page space, letting long notes overflow past the bottom margin and disappear in the PDF. Please call checkPageBreak with the note block height before drawing it.</comment> <file context> @@ -0,0 +1,332 @@ + doc.setFont(&quot;helvetica&quot;, &quot;italic&quot;); + doc.setTextColor(100, 100, 100); + const notes = doc.splitTextToSize(criterion.notes, pageWidth - 32); + doc.text(notes, 16, yPos); + yPos += notes.length * 5; + doc.setTextColor(0, 0, 0); </file context> 

[cubic-dev-ai]

Long general notes are rendered without ensuring enough remaining space, so doc.text can write past the bottom margin and the PDF loses content. Call checkPageBreak with the computed block height before drawing the text.

Prompt for AI agents

Address the following comment on lib/pdf-generator.ts at line 278: <comment>Long general notes are rendered without ensuring enough remaining space, so doc.text can write past the bottom margin and the PDF loses content. Call checkPageBreak with the computed block height before drawing the text.</comment> <file context> @@ -0,0 +1,332 @@ + + doc.setFont(&quot;helvetica&quot;, &quot;normal&quot;); + const notes = doc.splitTextToSize(data.form.generalNotes, pageWidth - 28); + doc.text(notes, 14, yPos); + yPos += notes.length * 5 + 5; + } </file context> 

[cubic-dev-ai]

imageType should be unique per formId; otherwise the schema allows duplicate image slots for a form, undermining the "6 photos per form" requirement. Please add a composite unique constraint on (formId, imageType) to enforce one row per image type.

Prompt for AI agents

Address the following comment on db/schema.ts at line 157: <comment>imageType should be unique per formId; otherwise the schema allows duplicate image slots for a form, undermining the &quot;6 photos per form&quot; requirement. Please add a composite unique constraint on (formId, imageType) to enforce one row per image type.</comment> <file context> @@ -83,3 +88,92 @@ export const subscription = pgTable(&quot;subscription&quot;, { + formId: text(&quot;formId&quot;) + .notNull() + .references(() =&gt; forms.id, { onDelete: &quot;cascade&quot; }), + imageType: text(&quot;imageType&quot;).notNull(), // frontal, profile_right, profile_left, oblique_right, oblique_left, base + storageUrl: text(&quot;storageUrl&quot;).notNull(), + thumbnailUrl: text(&quot;thumbnailUrl&quot;), </file context> 

[cubic-dev-ai]

criterionNumber should be unique per formId; otherwise a form can store duplicate criterion entries, breaking the expectation of exactly one row for each of the 8 criteria. Please add a composite unique constraint on (formId, criterionNumber) to enforce this.

Prompt for AI agents

Address the following comment on db/schema.ts at line 141: <comment>criterionNumber should be unique per formId; otherwise a form can store duplicate criterion entries, breaking the expectation of exactly one row for each of the 8 criteria. Please add a composite unique constraint on (formId, criterionNumber) to enforce this.</comment> <file context> @@ -83,3 +88,92 @@ export const subscription = pgTable(&quot;subscription&quot;, { + formId: text(&quot;formId&quot;) + .notNull() + .references(() =&gt; forms.id, { onDelete: &quot;cascade&quot; }), + criterionNumber: integer(&quot;criterionNumber&quot;).notNull(), // 1-8 + criterionName: text(&quot;criterionName&quot;).notNull(), + data: jsonb(&quot;data&quot;).notNull(), // Stores all fields for this criterion </file context> 

[cubic-dev-ai]

Display the average score whenever there are finalized forms, even if the value is 0, otherwise real 0.00 averages are incorrectly shown as "N/A".

Prompt for AI agents

Address the following comment on app/dashboard/_components/spe-m-stats.tsx at line 141: <comment>Display the average score whenever there are finalized forms, even if the value is 0, otherwise real 0.00 averages are incorrectly shown as &quot;N/A&quot;.</comment> <file context> @@ -0,0 +1,237 @@ + &lt;/CardHeader&gt; + &lt;CardContent&gt; + &lt;div className=&quot;text-2xl font-bold&quot;&gt; + {stats.averageScore &gt; 0 ? stats.averageScore.toFixed(2) : &quot;N/A&quot;} + &lt;/div&gt; + &lt;p className=&quot;text-xs text-muted-foreground mt-1&quot;&gt; </file context> 

Suggested change

	{stats.averageScore > 0 ? stats.averageScore.toFixed(2) : "N/A"}
	{stats.finalizedForms > 0 ? stats.averageScore.toFixed(2) : "N/A"}

[cubic-dev-ai]

Verify formsRes.ok (or guard formsData.forms) before filtering; when /api/forms returns { error: "Unauthorized" } on a 401 the current code calls formsData.forms.filter and throws.

Prompt for AI agents

Address the following comment on app/dashboard/_components/spe-m-stats.tsx at line 42: <comment>Verify formsRes.ok (or guard formsData.forms) before filtering; when /api/forms returns { error: &quot;Unauthorized&quot; } on a 401 the current code calls formsData.forms.filter and throws.</comment> <file context> @@ -0,0 +1,237 @@ + + // Fetch forms + const formsRes = await fetch(&quot;/api/forms?limit=100&quot;); + const formsData = await formsRes.json(); + + const finalizedForms = formsData.forms.filter( </file context> 

[cubic-dev-ai]

Check that the /api/patients response is ok before reading patientsData.patients; otherwise a 401 payload shaped as { error: "Unauthorized" } leaves patientsData undefined and the component crashes when calling patientsData.patients.length.

Prompt for AI agents

Address the following comment on app/dashboard/_components/spe-m-stats.tsx at line 38: <comment>Check that the /api/patients response is ok before reading patientsData.patients; otherwise a 401 payload shaped as { error: &quot;Unauthorized&quot; } leaves patientsData undefined and the component crashes when calling patientsData.patients.length.</comment> <file context> @@ -0,0 +1,237 @@ + try { + // Fetch patients + const patientsRes = await fetch(&quot;/api/patients&quot;); + const patientsData = await patientsRes.json(); + + // Fetch forms </file context>