From f4df22a94ef3dbf40009ae9b2a24ceb8030f2453 Mon Sep 17 00:00:00 2001
From: Ashesh3 <3626859+Ashesh3@users.noreply.github.com>
Date: Wed, 24 Apr 2024 13:43:18 +0530
Subject: [PATCH 1/4] Prevent destination facility from marking shift as
 complete

---
 care/facility/api/serializers/shifting.py | 13 ++++++++++++-
 1 file changed, 12 insertions(+), 1 deletion(-)

diff --git a/care/facility/api/serializers/shifting.py b/care/facility/api/serializers/shifting.py
index 4a82b39923..f59cd69228 100644
--- a/care/facility/api/serializers/shifting.py
+++ b/care/facility/api/serializers/shifting.py
@@ -324,7 +324,18 @@ def update(self, instance, validated_data):
             "status" in validated_data
             and validated_data["status"] == REVERSE_SHIFTING_STATUS_CHOICES["COMPLETED"]
         ):
-            discharge_patient(instance.patient)
+            # Staff from the destination must not be able to mark the shift as complete.
+            destination_facility = (
+                validated_data["assigned_facility"] or instance.assigned_facility
+            )
+            if destination_facility and user in destination_facility.users.all():
+                raise ValidationError(
+                    {
+                        "status": [
+                            "Permission Denied - Destination Facility cannot complete the shift"
+                        ]
+                    }
+                )
 
         old_status = instance.status
         new_instance = super().update(instance, validated_data)

From 5f69227dcd447e1e66aed8b827e1bbd8e45faabb Mon Sep 17 00:00:00 2001
From: Ashesh <3626859+Ashesh3@users.noreply.github.com>
Date: Mon, 29 Apr 2024 09:59:01 +0530
Subject: [PATCH 2/4] Update care/facility/api/serializers/shifting.py

Co-authored-by: Aakash Singh <mail@singhaakash.dev>
---
 care/facility/api/serializers/shifting.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/care/facility/api/serializers/shifting.py b/care/facility/api/serializers/shifting.py
index f59cd69228..1effd9dd7d 100644
--- a/care/facility/api/serializers/shifting.py
+++ b/care/facility/api/serializers/shifting.py
@@ -328,7 +328,7 @@ def update(self, instance, validated_data):
             destination_facility = (
                 validated_data["assigned_facility"] or instance.assigned_facility
             )
-            if destination_facility and user in destination_facility.users.all():
+            if destination_facility and destination_facility.users.contains(user):
                 raise ValidationError(
                     {
                         "status": [

From e898aa05da30f37fbdc9f75bad8ed6657b403191 Mon Sep 17 00:00:00 2001
From: Aakash Singh <mail@singhaakash.dev>
Date: Mon, 29 Apr 2024 16:44:40 +0530
Subject: [PATCH 3/4] Update care/facility/api/serializers/shifting.py

---
 care/facility/api/serializers/shifting.py | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/care/facility/api/serializers/shifting.py b/care/facility/api/serializers/shifting.py
index 1effd9dd7d..b79109e0ed 100644
--- a/care/facility/api/serializers/shifting.py
+++ b/care/facility/api/serializers/shifting.py
@@ -326,7 +326,7 @@ def update(self, instance, validated_data):
         ):
             # Staff from the destination must not be able to mark the shift as complete.
             destination_facility = (
-                validated_data["assigned_facility"] or instance.assigned_facility
+                validated_data.get("assigned_facility") or instance.assigned_facility
             )
             if destination_facility and destination_facility.users.contains(user):
                 raise ValidationError(

From 438decca80acc1562f4278ef704e191f9ef2b6e8 Mon Sep 17 00:00:00 2001
From: Khavin Shankar <khavinshankar@gmail.com>
Date: Mon, 3 Jun 2024 08:49:47 +0530
Subject: [PATCH 4/4] allow only origin facility user to mark shifting request
 as completed

---
 care/facility/api/serializers/shifting.py | 18 +++++++-----------
 1 file changed, 7 insertions(+), 11 deletions(-)

diff --git a/care/facility/api/serializers/shifting.py b/care/facility/api/serializers/shifting.py
index b79109e0ed..fbdb615fdc 100644
--- a/care/facility/api/serializers/shifting.py
+++ b/care/facility/api/serializers/shifting.py
@@ -323,19 +323,15 @@ def update(self, instance, validated_data):
         if (
             "status" in validated_data
             and validated_data["status"] == REVERSE_SHIFTING_STATUS_CHOICES["COMPLETED"]
+            and not has_facility_permission(user, instance.origin_facility)
         ):
-            # Staff from the destination must not be able to mark the shift as complete.
-            destination_facility = (
-                validated_data.get("assigned_facility") or instance.assigned_facility
+            raise ValidationError(
+                {
+                    "status": [
+                        "Permission Denied - Only staff from the origin facility can mark the shift as complete."
+                    ]
+                }
             )
-            if destination_facility and destination_facility.users.contains(user):
-                raise ValidationError(
-                    {
-                        "status": [
-                            "Permission Denied - Destination Facility cannot complete the shift"
-                        ]
-                    }
-                )
 
         old_status = instance.status
         new_instance = super().update(instance, validated_data)