rebreak-monorepo/backend/server/api/profile/me/demographics.patch.ts

/**
 * PATCH /api/profile/me/demographics
 *
 * User-initiated demographics update. Strict: data flows ONLY from the user
 * via this endpoint — never from Lyra-Extraction (see
 * memory/feedback_demographics_user_initiated.md).
 *
 * Side-effect: when all 6 core fields are filled AND user is on free plan AND
 * trial has never been used, awards a 7-day Pro-Trial
 * (memory/project_demographic_pro_trial_reward.md).
 *
 * Core 6 for trial: birthYear, gender, maritalStatus, employmentStatus,
 * bundesland, city. shiftWork/industry/jobTenure are bonus fields.
 *
 * Logging: count of changed fields only — never the values themselves
 * (DSGVO Art-9 + DiGA privacy posture).
 */
import { z } from "zod";
import {
  type DemographicsPatch,
  tryAwardProTrial,
  updateDemographics,
} from "../../../db/profile";
import { requireUser } from "../../../utils/auth";

// 16 ISO-3166-2:DE Bundesländer-Codes
const BUNDESLAND_REGEX = /^DE-(BW|BY|BE|BB|HB|HH|HE|MV|NI|NW|RP|SL|SN|ST|SH|TH)$/;

const GENDER_VALUES = ["male", "female", "diverse", "no_answer"] as const;
const MARITAL_VALUES = [
  "single",
  "partnered",
  "married",
  "divorced",
  "widowed",
  "no_answer",
] as const;
// Enum-Werte SYNCED mit Frontend (apps/rebreak-native/components/profile/DemographicsAccordion.tsx).
// Wenn hier was ändert MUSS Frontend nachgezogen werden — sonst rejected Backend alle PATCHes.
const EMPLOYMENT_STATUS_VALUES = [
  "employed",
  "self_employed",
  "in_training",
  "unemployed",
  "retired",
  "homemaking",
  "other",
] as const;
const JOB_TENURE_VALUES = [
  "less_1y",
  "1_3y",
  "3_5y",
  "5_10y",
  "more_10y",
] as const;

const Schema = z.object({
  birthYear: z
    .number()
    .int()
    .min(1920)
    .max(2010)
    .nullable()
    .optional(),
  gender: z.enum(GENDER_VALUES).nullable().optional(),
  maritalStatus: z.enum(MARITAL_VALUES).nullable().optional(),
  // legacy field — accepted for backwards-compat with old frontend versions, not shown in new UI
  profession: z.string().trim().max(80).nullable().optional(),
  // new structured employment fields
  employmentStatus: z.enum(EMPLOYMENT_STATUS_VALUES).nullable().optional(),
  shiftWork: z.boolean().nullable().optional(),
  industry: z.string().trim().max(64).nullable().optional(),
  jobTenure: z.enum(JOB_TENURE_VALUES).nullable().optional(),
  bundesland: z
    .string()
    .regex(BUNDESLAND_REGEX, "Ungültiger Bundesland-Code (ISO-3166-2:DE)")
    .nullable()
    .optional(),
  city: z.string().trim().max(80).nullable().optional(),
});

export default defineEventHandler(async (event) => {
  const user = await requireUser(event);
  const raw = await readBody(event);
  const parsed = Schema.safeParse(raw);

  if (!parsed.success) {
    throw createError({
      statusCode: 422,
      message: "Validation failed",
      data: { issues: parsed.error.issues },
    });
  }

  // Strip undefined entries — keep null (= explicit clear)
  const patch: DemographicsPatch = {};
  for (const [key, value] of Object.entries(parsed.data)) {
    if (value !== undefined) {
      (patch as Record<string, unknown>)[key] = value;
    }
  }

  const changedFields = Object.keys(patch).length;
  if (changedFields === 0) {
    throw createError({
      statusCode: 400,
      message: "Keine Felder zum Aktualisieren übergeben",
    });
  }

  await updateDemographics(user.id, patch);

  // Trial-Trigger: prüft DB-Zustand nach Update — nicht patch-Felder.
  // Erlaubt schrittweise Eingabe (1 Feld pro Save) und triggert erst
  // wenn alle 6 Felder zusammen gesetzt sind.
  const trial = await tryAwardProTrial(user.id, "demographics_complete");

  console.log(
    `[demographics-update] user=${user.id} changedFields=${changedFields} trialAwarded=${trial.trialAwarded}`,
  );

  return {
    success: true,
    data: {
      trialAwarded: trial.trialAwarded,
      expiresAt: trial.expiresAt?.toISOString() ?? null,
    },
  };
});