fix: normalize POST success response status

Surface specific validation and database failures when updating contact details so API responses are actionable.

.gitignore

@@ -126,7 +126,4 @@ _modules/*
 /phpunit*.xml
 /public/.htaccess
 
-#-------------------------
+
-# Claude
-#-------------------------
-.claude

.serena/.gitignore

@@ -0,0 +1,2 @@
+/cache
+/project.local.yml

.serena/memories/clqms01-be/style_conventions.md

@@ -0,0 +1 @@
+CLQMS backend is a PHP 8.1+ CodeIgniter 4 API-only project that follows PSR-12 spacing/brace rules and prefers short arrays. New PHP files should enable `declare(strict_types=1)` and use typed arguments/returns (nullable unions over doc-only hints). Controllers use `ResponseTrait` to emit `{ status, message, data }` JSON responses; shared logic lives in `app/Libraries`/`app/Traits`. Guard clauses and single-purpose helpers keep methods ~40 lines; repeated flows are extracted. Database work uses Query Builder/Model methods, `helper('utc')`, and `checkDbError()` for manual queries. Multi-table writes wrap `$this->db->transStart()/transComplete()` with status checks. Lookups leverage `App\\Libraries\\Lookups` and JSON files in `app/Libraries/Data/valuesets/`. Routes stay in `app/Config/Routes.php` grouped by resource; filters like `auth` guard protected routes. Audits/logging use `log_message` with sanitized data. Tests live under `tests/Feature` and `tests/Unit`, use PHPUnit 10.5+ conventions, and expect status assertions per HTTP semantics.

.serena/memories/clqms01-be/suggested_commands.md

@@ -0,0 +1,14 @@
+Essential commands for CLQMS development (run from repo root on Windows PowerShell):
+
+• `composer install` – install PHP dependencies before running CodeIgniter or tests.
+• `npm install` – sync `package-lock.json` for tooling such as API docs bundler.
+• `./vendor/bin/phpunit` – run entire PHPUnit suite (or target files via `--filter`).
+• `php spark test --filter <Class>::<method>` – focused test run when you know the class/method.
+• `php spark migrate` / `php spark migrate:rollback` – apply or roll back database migrations.
+• `php spark serve` – lightweight dev server for the API while developing locally.
+• `node public/bundle-api-docs.js` – regenerate bundled OpenAPI docs whenever the YAML files change.
+• `git status`, `git diff`, `git log --oneline`, `git add <paths>`, `git commit`, `git pull`, `git push` – version control workflow commands.
+• `ls` / `dir` / `Get-ChildItem` – inspect directories in PowerShell; `cd` to move between directories.
+• `type <file>` or `Get-Content` – view file contents when tools are not convenient.
+
+Use these commands routinely after code changes, tests, or migrations.

.serena/memories/clqms01-be/task_completion_steps.md

@@ -0,0 +1,10 @@
+When a task is completed in CLQMS backend, follow these wrap-up steps:
+
+1. Run relevant tests (`./vendor/bin/phpunit` or targeted `php spark test --filter ...`).
+2. If migrations changed, run `php spark migrate` / `php spark migrate:rollback` locally and ensure schema updates succeed.
+3. After editing OpenAPI documentation (YAML files or controller mappings), regenerate `public/api-docs.bundled.yaml` via `node public/bundle-api-docs.js` and check it into Git.
+4. Confirm code adheres to PSR-12/CodeIgniter conventions (strict types, response format, transactions, guard clauses) before committing.
+5. Review `git status/diff` to ensure only intended files are staged; do not commit `.env` or other secret files.
+6. For shared logic changes, double-check lookup JSON cache use and response logging.
+
+These steps keep the API consistent, documented, and tested before merging or deploying.

.serena/project.yml

@@ -0,0 +1,154 @@
+# the name by which the project can be referenced within Serena
+project_name: "clqms01-be"
+
+
+# list of languages for which language servers are started; choose from:
+#   al                  bash                clojure             cpp                 csharp
+#   csharp_omnisharp    dart                elixir              elm                 erlang
+#   fortran             fsharp              go                  groovy              haskell
+#   haxe                java                julia               kotlin              lua
+#   markdown
+#   matlab              nix                 pascal              perl                php
+#   php_phpactor        powershell          python              python_jedi         r
+#   rego                ruby                ruby_solargraph     rust                scala
+#   swift               terraform           toml                typescript          typescript_vts
+#   vue                 yaml                zig
+#   (This list may be outdated. For the current list, see values of Language enum here:
+#   https://github.com/oraios/serena/blob/main/src/solidlsp/ls_config.py
+#   For some languages, there are alternative language servers, e.g. csharp_omnisharp, ruby_solargraph.)
+# Note:
+#   - For C, use cpp
+#   - For JavaScript, use typescript
+#   - For Free Pascal/Lazarus, use pascal
+# Special requirements:
+#   Some languages require additional setup/installations.
+#   See here for details: https://oraios.github.io/serena/01-about/020_programming-languages.html#language-servers
+# When using multiple languages, the first language server that supports a given file will be used for that file.
+# The first language is the default language and the respective language server will be used as a fallback.
+# Note that when using the JetBrains backend, language servers are not used and this list is correspondingly ignored.
+languages:
+- php
+
+# the encoding used by text files in the project
+# For a list of possible encodings, see https://docs.python.org/3.11/library/codecs.html#standard-encodings
+encoding: "utf-8"
+
+# line ending convention to use when writing source files.
+# Possible values: unset (use global setting), "lf", "crlf", or "native" (platform default)
+# This does not affect Serena's own files (e.g. memories and configuration files), which always use native line endings.
+line_ending:
+
+# The language backend to use for this project.
+# If not set, the global setting from serena_config.yml is used.
+# Valid values: LSP, JetBrains
+# Note: the backend is fixed at startup. If a project with a different backend
+# is activated post-init, an error will be returned.
+language_backend:
+
+# whether to use project's .gitignore files to ignore files
+ignore_all_files_in_gitignore: true
+
+# advanced configuration option allowing to configure language server-specific options.
+# Maps the language key to the options.
+# Have a look at the docstring of the constructors of the LS implementations within solidlsp (e.g., for C# or PHP) to see which options are available.
+# No documentation on options means no options are available.
+ls_specific_settings: {}
+
+# list of additional paths to ignore in this project.
+# Same syntax as gitignore, so you can use * and **.
+# Note: global ignored_paths from serena_config.yml are also applied additively.
+ignored_paths: []
+
+# whether the project is in read-only mode
+# If set to true, all editing tools will be disabled and attempts to use them will result in an error
+# Added on 2025-04-18
+read_only: false
+
+# list of tool names to exclude.
+# This extends the existing exclusions (e.g. from the global configuration)
+#
+# Below is the complete list of tools for convenience.
+# To make sure you have the latest list of tools, and to view their descriptions, 
+# execute `uv run scripts/print_tool_overview.py`.
+#
+#  * `activate_project`: Activates a project based on the project name or path.
+#  * `check_onboarding_performed`: Checks whether project onboarding was already performed.
+#  * `create_text_file`: Creates/overwrites a file in the project directory.
+#  * `delete_memory`: Delete a memory file. Should only happen if a user asks for it explicitly,
+#       for example by saying that the information retrieved from a memory file is no longer correct
+#       or no longer relevant for the project.
+#  * `edit_memory`: Replaces content matching a regular expression in a memory.
+#  * `execute_shell_command`: Executes a shell command.
+#  * `find_file`: Finds files in the given relative paths
+#  * `find_referencing_symbols`: Finds symbols that reference the given symbol using the language server backend
+#  * `find_symbol`: Performs a global (or local) search using the language server backend.
+#  * `get_current_config`: Prints the current configuration of the agent, including the active and available projects, tools, contexts, and modes.
+#  * `get_symbols_overview`: Gets an overview of the top-level symbols defined in a given file.
+#  * `initial_instructions`: Provides instructions Serena usage (i.e. the 'Serena Instructions Manual')
+#       for clients that do not read the initial instructions when the MCP server is connected.
+#  * `insert_after_symbol`: Inserts content after the end of the definition of a given symbol.
+#  * `insert_before_symbol`: Inserts content before the beginning of the definition of a given symbol.
+#  * `list_dir`: Lists files and directories in the given directory (optionally with recursion).
+#  * `list_memories`: List available memories. Any memory can be read using the `read_memory` tool.
+#  * `onboarding`: Performs onboarding (identifying the project structure and essential tasks, e.g. for testing or building).
+#  * `read_file`: Reads a file within the project directory.
+#  * `read_memory`: Read the content of a memory file. This tool should only be used if the information
+#       is relevant to the current task. You can infer whether the information
+#       is relevant from the memory file name.
+#       You should not read the same memory file multiple times in the same conversation.
+#  * `rename_memory`: Renames or moves a memory. Moving between project and global scope is supported
+#       (e.g., renaming "global/foo" to "bar" moves it from global to project scope).
+#  * `rename_symbol`: Renames a symbol throughout the codebase using language server refactoring capabilities.
+#       For JB, we use a separate tool.
+#  * `replace_content`: Replaces content in a file (optionally using regular expressions).
+#  * `replace_symbol_body`: Replaces the full definition of a symbol using the language server backend.
+#  * `safe_delete_symbol`:
+#  * `search_for_pattern`: Performs a search for a pattern in the project.
+#  * `write_memory`: Write some information (utf-8-encoded) about this project that can be useful for future tasks to a memory in md format.
+#       The memory name should be meaningful.
+excluded_tools: []
+
+# list of tools to include that would otherwise be disabled (particularly optional tools that are disabled by default).
+# This extends the existing inclusions (e.g. from the global configuration).
+included_optional_tools: []
+
+# fixed set of tools to use as the base tool set (if non-empty), replacing Serena's default set of tools.
+# This cannot be combined with non-empty excluded_tools or included_optional_tools.
+fixed_tools: []
+
+# list of mode names to that are always to be included in the set of active modes
+# The full set of modes to be activated is base_modes + default_modes.
+# If the setting is undefined, the base_modes from the global configuration (serena_config.yml) apply.
+# Otherwise, this setting overrides the global configuration.
+# Set this to [] to disable base modes for this project.
+# Set this to a list of mode names to always include the respective modes for this project.
+base_modes:
+
+# list of mode names that are to be activated by default.
+# The full set of modes to be activated is base_modes + default_modes.
+# If the setting is undefined, the default_modes from the global configuration (serena_config.yml) apply.
+# Otherwise, this overrides the setting from the global configuration (serena_config.yml).
+# This setting can, in turn, be overridden by CLI parameters (--mode).
+default_modes:
+
+# initial prompt for the project. It will always be given to the LLM upon activating the project
+# (contrary to the memories, which are loaded on demand).
+initial_prompt: ""
+
+# time budget (seconds) per tool call for the retrieval of additional symbol information
+# such as docstrings or parameter information.
+# This overrides the corresponding setting in the global configuration; see the documentation there.
+# If null or missing, use the setting from the global configuration.
+symbol_info_budget:
+
+# list of regex patterns which, when matched, mark a memory entry as read‑only.
+# Extends the list from the global configuration, merging the two lists.
+read_only_memory_patterns: []
+
+# list of regex patterns for memories to completely ignore.
+# Matching memories will not appear in list_memories or activate_project output
+# and cannot be accessed via read_memory or write_memory.
+# To access ignored memory files, use the read_file tool on the raw file path.
+# Extends the list from the global configuration, merging the two lists.
+# Example: ["_archive/.*", "_episodes/.*"]
+ignored_memory_patterns: []

AGENTS.md

@@ -1,235 +1,153 @@
-# CLQMS Backend - Agent Instructions
+# AGENTS.md - Code Guidelines for CLQMS
 
-**Project:** Clinical Laboratory Quality Management System (CLQMS) Backend
+> **CLQMS (Clinical Laboratory Quality Management System)** – headless REST API backend built on CodeIgniter 4 with a focus on laboratory workflows, JWT authentication, and synchronized OpenAPI documentation.
-**Framework:** CodeIgniter 4 (PHP 8.1+)
-**Platform:** Windows - Use PowerShell or CMD for terminal commands
-**Frontend:** Alpine.js (views/v2 directory)
 
-## Build / Test Commands
+---
+
+## Repository Snapshot
+- `app/` holds controllers, models, filters, and traits wired through PSR-4 `App\` namespace.
+- `tests/` relies on CodeIgniter's testing helpers plus Faker for deterministic fixtures.
+- Shared response helpers and ValueSet lookups live under `app/Libraries` and `app/Traits` and should be reused before introducing new helpers.
+- Environment values, secrets, and database credentials live in `.env` but are never committed; treat the file as a reference for defaults.
+
+---
+
+## Build, Lint & Test
+All commands run from the repository root.
 
 ```bash
-# Install dependencies
+# Run the entire PHPUnit suite
-composer install
+./vendor/bin/phpunit
 
-# Run all tests
+# Target a single test file (fast verification)
-composer test
+./vendor/bin/phpunit tests/feature/Patients/PatientCreateTest.php
-php vendor/bin/phpunit
 
-# Run single test file
+# Run one test case by method
-php vendor/bin/phpunit tests/feature/Patients/PatientIndexTest.php
+./vendor/bin/phpunit --filter testCreatePatientSuccess tests/feature/Patients/PatientCreateTest.php
 
-# Run single test method
+# Generate scaffolding (model, controller, migration)
-php vendor/bin/phpunit tests/feature/Patients/PatientIndexTest.php --filter=testIndexWithoutParams
+php spark make:model <Name>
+php spark make:controller <Name>
+php spark make:migration <name>
 
-# Run tests with coverage
+# Database migrations
-php vendor/bin/phpunit --coverage-html build/logs/html
+php spark migrate
+php spark migrate:rollback
 
-# Run tests in verbose mode
+# After OpenAPI edits
-php vendor/bin/phpunit --verbose
+node public/bundle-api-docs.js
 ```
 
-**Test Structure:**
+Use `php spark test --filter <Class>::<method>` when filtering more than one test file is cumbersome.
-- Feature tests: `tests/feature/` - API endpoint testing with `FeatureTestTrait`
-- Unit tests: `tests/unit/` - Model/Logic testing
-- Base test case: `Tests\Support\v2\MasterTestCase.php` - Provides JWT auth and helper methods
 
-## Code Style Guidelines
+---
 
-### PHP Standards
+## Agent Rules Scan
-- **PHP Version:** 8.1 minimum
+- No `.cursor/rules/*` or `.cursorrules` directory detected; continue without Cursor-specific constraints.
-- **PSR-4 Autoloading:** Follow namespace-to-path conventions (`App\Controllers\*`, `App\Models\*`)
+- No `.github/copilot-instructions.md` present; Copilot behaviors revert to general GitHub defaults.
-- **Line endings:** Unix-style (LF) - configure editor accordingly
 
-### Naming Conventions
+---
-| Element | Convention | Examples |
-|---------|------------|----------|
-| Classes | PascalCase | `PatientController`, `BaseModel` |
-| Methods | camelCase | `getPatient()`, `createPatient()` |
-| Variables | camelCase | `$internalPID`, `$patientData` |
-| Constants | UPPER_SNAKE_CASE | `ORDER_PRIORITY`, `TEST_TYPE` |
-| Table names | snake_case | `patient`, `pat_idt`, `valueset` |
-| Column names | PascalCase (original DB) | `InternalPID`, `PatientID` |
 
-### File Organization
+## Coding Standards
-```
-app/
-├── Controllers/{Domain}/
-│   └── DomainController.php
-├── Models/{Domain}/
-│   └── DomainModel.php
-├── Libraries/
-│   └── ValueSet.php          # Base lookup class (loads from JSON)
-│   └── Lookups.php           # Extends ValueSet - use this for lookups
-└── Views/v2/
-```
 
-### Imports and Namespaces
+### Language & Formatting
-```php
+- PHP 8.1+ is the baseline; enable `declare(strict_types=1)` at the top of new files when practical.
-<?php
+- Follow PSR-12 for spacing, line length (~120), and brace placement; prefer 4 spaces and avoid tabs.
-namespace App\Controllers\Patient;
+- Use short arrays `[]`, and wrap multiline arguments/arrays with one-per-line items.
+- Favor expression statements that return early (guard clauses) and keep nested logic shallow.
+- Keep methods under ~40 lines when possible; extract private helpers for repeated flows.
 
-use CodeIgniter\Controller;
+### Naming & Types
-use CodeIgniter\API\ResponseTrait;
+- Classes, controllers, libraries, and traits: PascalCase (e.g., `PatientImportController`).
-use App\Models\Patient\PatientModel;
+- Methods, services, traits: camelCase (`fetchActivePatients`).
-```
+- Properties: camelCase for new code; legacy snake_case may persist but avoid new snake_case unless mirroring legacy columns.
+- Constants: UPPER_SNAKE_CASE.
+- DTOs/array shapes: Use descriptive names (`$patientInput`, `$validatedPayload`).
+- Type hints required for method arguments/returns; use union/nullables (e.g., `?string`) instead of doc-only comments.
+- Prefer PHPDoc only when type inference fails (complex union or array shapes) but still keep method summaries concise.
 
-- Use fully qualified class names or `use` statements
+### Imports & Structure
-- Group imports logically
+- Namespace declarations at the very top followed by grouped `use` statements.
-- Avoid unnecessary aliases
+- Import order: Core framework (`CodeIgniter`), then `App\`, then third-party packages (Firebase, Faker, etc.). Keep each group alphabetical.
+- No inline `use` statements inside methods.
+- Keep `use` statements de-duplicated; rely on IDE or `phpcbf` to reorder.
 
-### Code Formatting
+### Controller Structure
-- **Indentation:** 4 spaces (not tabs)
+- Controllers orchestrate request validation, delegates to services/models, and return `ResponseTrait` responses; avoid direct DB queries here.
-- **Braces:** Allman style for classes/functions, K&R for control structures
+- Inject models/services via constructor when they are reused. When instantiating on the fly, reference FQCN (`new \App\Models\...`).
-- **Line length:** Soft limit 120 characters
+- Map HTTP verbs to semantic methods (`index`, `show`, `create`, `update`, `delete`). Keep action methods under 30 lines by delegating heavy lifting to models or libraries.
-- **Empty lines:** Single blank line between method definitions and logical groups
+- Always respond through `$this->respond()` or `$this->respondCreated()` so JSON structure stays consistent.
 
-### Type Hints and Return Types
+### Response & Error Handling
-```php
+- All responses follow `{ status, message, data }`. `status` values: `success`, `failed`, or `error`.
-// Required for new code
+- Use `$this->respondCreated()`, `$this->respondNoContent()`, or `$this->respond()` with explicit HTTP codes.
-public function getPatient(int $internalPID): ?array
+- Wrap JWT/external calls in try/catch. Log unexpected exceptions with `log_message('error', $e->getMessage())` before responding with a sanitized failure.
-protected function createPatient(array $input): int
+- For validation failures, return HTTP 400 with detailed message; unauthorized access returns 401. Maintain parity with existing tests.
-private function checkDbError(object $db, string $context): void
 
-// Use nullable types for optional returns
+### Database & Transactions
-public function findById(?int $id): ?array
+- Use Query Builder or Model methods; enable `use App\Models\BaseModel` which handles UTC conversions.
-```
+- Always call `helper('utc')` when manipulating timestamps.
+- Wrap multi-table changes in `$this->db->transStart()` / `$this->db->transComplete()` and check `transStatus()` to abort if false.
+- Run `checkDbError()` (existing helper) after saves when manual queries are necessary.
 
-### Controller Patterns
+### Service Helpers & Libraries
-```php
+- Encapsulate complex lookups (ValueSet, encryption) inside `app/Libraries` or Traits.
-class PatientController extends Controller {
+- Reuse `App\Libraries\Lookups` for consistent label/value translations.
-    use ResponseTrait;
+- Keep shared logic (e.g., response formatting, JWT decoding) inside Traits and import them via `use`.
 
-    protected $db;
+### Testing & Coverage
-    protected $model;
+- Place feature tests under `tests/Feature`, unit tests under `tests/Unit`.
-    protected $rules;
+- Test class names should follow `ClassNameTest`; methods follow `test<Action><Scenario><Result>` (e.g., `testCreatePatientValidationFail`).
+- Use `FeatureTestTrait` and `CIUnitTestCase` for API tests; prefer `withBodyFormat('json')->post()` flows.
+- Assert status codes: 200 for GET/PATCH, 201 for POST, 400 for validation, 401 for auth, 404 for missing resources, 500 for server errors.
+- Run targeted tests during development, full suite before merging.
 
-    public function __construct() {
+### Documentation & API Sync
-        $this->db = \Config\Database::connect();
+- Whenever a controller or route changes, update `public/paths/<resource>.yaml` and matching `public/components/schemas`. Add tags or schema refs in `public/api-docs.yaml`.
-        $this->model = new PatientModel();
+- After editing OpenAPI files, regenerate the bundled docs with `node public/bundle-api-docs.js`. Check `public/api-docs.bundled.yaml` into version control.
-        $this->rules = [...]; // Validation rules
+- Keep the controller-to-YAML mapping table updated to reflect new resources.
-    }
 
-    public function index() {
+### Routing Conventions
-        try {
+- Keep route definitions grouped inside `$routes->group('api/<resource>')` blocks in `app/Config/Routes.php`.
-            $data = $this->model->findAll();
+- Prefer nested controllers (e.g., `Patient\PatientController`) for domain partitioning.
-            return $this->respond([...], 200);
+- Use RESTful verbs (GET: index/show, POST: create, PATCH: update, DELETE: delete) to keep behavior predictable.
-        } catch (\Exception $e) {
+- Document side effects (snapshots, audit logs) directly in the corresponding OpenAPI `paths` file.
-            return $this->failServerError($e->getMessage());
-        }
-    }
-}
-```
 
-### Model Patterns
+### Environment & Secrets
-```php
+- Use `.env` as the source of truth for database/jwt settings. Do not commit production credentials.
-class PatientModel extends BaseModel {
+- Sample values are provided in `.env`; copy to `.env.local` or CI secrets with overrides.
-    protected $table = 'patient';
+- `JWT_SECRET` must be treated as sensitive and rotated via environment updates only.
-    protected $primaryKey = 'InternalPID';
-    protected $allowedFields = [...];
-    protected $useSoftDeletes = true;
-    protected $deletedField = 'DelDate';
 
-    public function getPatients(array $filters = []): array {
+### Workflows & Misc
-        // Query builder chain
+- Use `php spark migrate`/`migrate:rollback` for schema changes.
-        $this->select('...');
+- For seeding or test fixtures, prefer factories (Faker) seeded in `tests/Support` when available.
-        $this->join(...);
+- Document major changes in `issues.md` or dedicated feature docs under `docs/` before merging.
-        if (!empty($filters['key'])) {
-            $this->where('key', $filters['key']);
-        }
-        return $this->findAll();
-    }
-}
-```
 
-### Error Handling
+### Security & Filters
-- Controllers: Use try-catch with `failServerError()`, `failValidationErrors()`, `failNotFound()`
+- Apply the `auth` filter to every protected route, and keep `ApiKey` or other custom filters consolidated under `app/Filters`.
-- Models: Throw `\Exception` with descriptive messages
+- Sanitize user inputs via `filter_var`, `esc()` helpers, or validated entities before they hit the database.
-- Database errors: Check `$db->error()` after operations
+- Always use parameterized queries/Model `save()` methods to prevent SQL injection, especially with legacy PascalCase columns.
-- Always validate input before DB operations
+- Respond 401 for missing tokens, 403 when permissions fail, and log sanitized details for ops debugging.
 
-### Validation Rules
+### Legacy Field Naming & ValueSets
-```php
+- Databases use PascalCase columns such as `PatientID`, `NameFirst`, `CreatedAt`. Keep migration checks aware of these names.
-protected $rules = [
+- ValueSet lookups centralize label translation: `Lookups::get('gender')`, `Lookups::getLabel('gender', '1')`, `Lookups::transformLabels($payload, ['Sex' => 'gender'])`.
-    'PatientID' => 'required|regex_match[/^[A-Za-z0-9]+$/]|max_length[30]',
+- Prefer `App\Libraries\Lookups` or `app/Traits/ValueSetTrait` to avoid ad-hoc mappings.
-    'EmailAddress' => 'permit_empty|valid_email|max_length[100]',
-    'Phone' => 'permit_empty|regex_match[/^\+?[0-9]{8,15}$/]',
-];
-```
 
-### Date Handling
+### Nested Data Handling
-- All dates stored/retrieved in UTC via `BaseModel` callbacks
+- For entities that carry related collections (`PatIdt`, `PatCom`, `PatAtt`), extract nested arrays before filtering and validating.
-- Use `utc` helper functions: `convert_array_to_utc()`, `convert_array_to_utc_iso()`
+- Use transactions whenever multi-table inserts/updates occur so orphan rows are avoided.
-- Format: ISO 8601 (`Y-m-d\TH:i:s\Z`) for API responses
+- Guard against empty/null arrays by normalizing to `[]` before iterating.
 
-### API Response Format
+### Observability & Logging
-```php
+- Use `log_message('info', ...)` for happy-path checkpoints and `'error'` for catch-all failures.
-// Success
+- Avoid leaking sensitive values (tokens, secrets) in logs; log IDs or hash digests instead.
-return $this->respond([
+- Keep `writable/logs` clean by rotating or pruning stale log files with automation outside the repo.
-    'status' => 'success',
-    'message' => 'Data fetched successfully',
-    'data' => $rows
-], 200);
 
-// Created
+---
-return $this->respondCreated([
-    'status' => 'success',
-    'message' => 'Record created'
-]);
 
-// Error
+## Final Notes for Agents
-return $this->failServerError('Something went wrong: ' . $e->getMessage());
+- This repo has no UI layer; focus exclusively on REST interactions.
-```
+- Always pull `public/api-docs.bundled.yaml` in after running `node public/bundle-api-docs.js` so downstream services see the latest contract.
-
+- When in doubt, align with existing controller traits and response helpers to avoid duplicating logic.
-### Database Transactions
+- Rely on Serena tools for guided edits, searches, and context summaries (use the available symbolic and search tools before running shell commands).
-```php
-$db->transBegin();
-try {
-    $this->insert($data);
-    $this->checkDbError($db, 'Insert operation');
-    $db->transCommit();
-    return $insertId;
-} catch (\Exception $e) {
-    $db->transRollback();
-    throw $e;
-}
-```
-
-### Frontend Integration (Alpine.js)
-- API calls use `BASEURL` global variable
-- Include `credentials: 'include'` for authenticated requests
-- Modals use `x-show` with `@click.self` backdrop close
-
-### Lookups Library
-Use `App\Libraries\Lookups` (extends `ValueSet`) for all static lookup values. Data is loaded from JSON files in `app/Libraries/Data/valuesets/`:
-```php
-use App\Libraries\Lookups;
-
-// Get formatted for frontend dropdowns [{value: 'X', label: 'Y'}, ...]
-$gender = Lookups::get('gender');
-$priorities = Lookups::get('order_priority');
-
-// Get raw data [{key: 'X', value: 'Y'}, ...]
-$raw = Lookups::getRaw('gender');
-
-// Get single label by key
-$label = Lookups::getLabel('gender', '1'); // Returns 'Female'
-
-// Get options with key/value pairs
-$options = Lookups::getOptions('gender');
-// Returns: [['key' => '1', 'value' => 'Female'], ...]
-
-// Transform data with lookup labels
-$patients = Lookups::transformLabels($patients, [
-    'Sex' => 'gender',
-    'Priority' => 'order_priority'
-]);
-
-// Clear cache after data changes
-Lookups::clearCache();
-```
-
-### Important Notes
-- **Soft deletes:** Use `DelDate` field instead of hard delete
-- **UTC timezone:** All dates normalized to UTC automatically
-- **JWT auth:** API endpoints require Bearer token in `Authorization` header
-- **No comments:** Do not add comments unless explicitly requested

README.md

@@ -1,14 +1,26 @@
 # CLQMS (Clinical Laboratory Quality Management System)
 
-> **The core backend engine for modern clinical laboratory workflows.**
+> **A REST API backend for modern clinical laboratory workflows.**
 
-CLQMS is a robust, mission-critical API suite designed to streamline laboratory operations, ensure data integrity, and manage complex diagnostic workflows. Built on a foundation of precision and regulatory compliance, this system handles everything from patient registration to high-throughput test resulting.
+---
+
+CLQMS is a **headless REST API backend** designed to streamline laboratory operations, ensure data integrity, and manage complex diagnostic workflows. Built on a foundation of precision and regulatory compliance, this system provides comprehensive JSON endpoints for laboratory operations.
+
+**Key Characteristic:** This is an **API-only system** with no view layer. Frontend applications (web, mobile, desktop) consume these REST endpoints to build laboratory information systems.
 
 ---
 
 ## 🏛️ Core Architecture & Design
 
-The system is currently undergoing a strategic **Architectural Redesign** to consolidate legacy structures into a high-performance, maintainable schema. This design, spearheaded by leadership, focuses on reducing technical debt and improving data consistency across:
+CLQMS is a **headless REST API system** following a clean architecture pattern. The system is designed to be consumed by any frontend client (web, mobile, desktop) through comprehensive JSON endpoints.
+
+**API-First Architecture:**
+- **No View Layer:** This system provides REST APIs only - no HTML views, no server-side rendering
+- **Frontend Agnostic:** Any client can consume these APIs (React, Vue, Angular, mobile apps, desktop apps)
+- **JSON-First:** All requests/responses use JSON format
+- **Stateless:** Each API request is independent with JWT authentication
+
+The system is currently undergoing a strategic **Architectural Redesign** to consolidate legacy structures into a high-performance, maintainable schema. This design focuses on reducing technical debt and improving data consistency across:
 
 - **Unified Test Definitions:** Consolidating technical, calculated, and site-specific test data.
 - **Reference Range Centralization:** A unified engine for numeric, threshold, text, and coded results.
@@ -30,23 +42,177 @@ The system is currently undergoing a strategic **Architectural Redesign** to con
 | Component      | Specification |
 | :------------- | :------------ |
 | **Language**   | PHP 8.1+ (PSR-compliant) |
-| **Framework**  | CodeIgniter 4 |
+| **Framework**  | CodeIgniter 4 (API-only mode) |
 | **Security**   | JWT (JSON Web Tokens) Authorization |
 | **Database**   | MySQL (Optimized Schema Migration in progress) |
+| **API Format** | RESTful JSON |
+| **Testing**    | PHPUnit 10.5+ |
 
 
 ---
 
 ## 📂 Documentation & Specifications
 
-For detailed architectural blueprints and API specifications, please refer to the internal documentation:
+### Key Documents
 
-👉 **[Internal Documentation Index](./docs/README.md)**
+| Document | Location | Description |
+|----------|----------|-------------|
+| **PRD** | `PRD.md` | Complete Product Requirements Document (API-focused) |
+| **Technical Guide** | `CLAUDE.md` | Architecture, coding standards, common commands |
+| **API Overview** | This file | REST API documentation and endpoints |
+| **Database Migrations** | `app/Database/Migrations/` | Database schema history |
 
-Key documents:
+### API Documentation
-- [Database Schema Redesign Proposal](./docs/20251216002-Test_OrderTest_RefRange_schema_redesign_proposal.md)
+
-- [API Contract: Patient Registration](./docs/api_contract_patient_registration.md)
+All API endpoints follow REST conventions:
-- [Database Design Review (Reference)](./docs/20251212001-database_design_review_sonnet.md)
+
+**Base URL:** `/api`
+
+**Authentication:** JWT token required for most endpoints (except `/api/login`, `/api/demo/*`)
+
+**Response Format:**
+```json
+{
+  "status": "success|error",
+  "message": "Human-readable message",
+  "data": { ... }
+}
+```
+
+---
+
+## 🔌 REST API Overview
+
+### API Endpoint Categories
+
+#### Authentication & Authorization
+
+| Method | Endpoint | Description | Auth Required |
+|--------|----------|-------------|---------------|
+| `POST` | `/api/login` | User login, returns JWT token | No |
+| `POST` | `/api/logout` | Invalidate JWT token | Yes |
+| `POST` | `/api/refresh` | Refresh JWT token | Yes |
+
+#### Patient Management
+
+| Method | Endpoint | Description | Auth Required |
+|--------|----------|-------------|---------------|
+| `GET` | `/api/patient` | List patients with pagination | Yes |
+| `GET` | `/api/patient/{id}` | Get patient details | Yes |
+| `POST` | `/api/patient` | Create new patient | Yes |
+| `PATCH` | `/api/patient/{id}` | Update patient | Yes |
+| `DELETE` | `/api/patient/{id}` | Soft delete patient | Yes |
+
+#### Order Management
+
+| Method | Endpoint | Description | Auth Required |
+|--------|----------|-------------|---------------|
+| `GET` | `/api/ordertest` | List orders | Yes |
+| `GET` | `/api/ordertest/{id}` | Get order details | Yes |
+| `POST` | `/api/ordertest` | Create order | Yes |
+| `PATCH` | `/api/ordertest/{id}` | Update order | Yes |
+| `DELETE` | `/api/ordertest/{id}` | Delete order | Yes |
+| `POST` | `/api/ordertest/status` | Update order status | Yes |
+
+#### Demo/Test Endpoints (No Auth)
+
+| Method | Endpoint | Description | Auth Required |
+|--------|----------|-------------|---------------|
+| `POST` | `/api/demo/order` | Create demo order with patient | No |
+
+#### Specimen Management
+
+| Method | Endpoint | Description | Auth Required |
+|--------|----------|-------------|---------------|
+| `GET` | `/api/specimen` | List specimens | Yes |
+| `GET` | `/api/specimen/{id}` | Get specimen details | Yes |
+| `POST` | `/api/specimen` | Create specimen | Yes |
+| `PATCH` | `/api/specimen/{id}` | Update specimen | Yes |
+| `POST` | `/api/specimen/status` | Update specimen status | Yes |
+
+#### Result Management
+
+| Method | Endpoint | Description | Auth Required |
+|--------|----------|-------------|---------------|
+| `GET` | `/api/patresult` | List patient results | Yes |
+| `GET` | `/api/patresult/{id}` | Get result details | Yes |
+| `POST` | `/api/patresult` | Enter new result | Yes |
+| `PATCH` | `/api/patresult/{id}` | Update result | Yes |
+| `POST` | `/api/patresult/status` | Verify result (VER/REV/REP) | Yes |
+
+#### Edge API (Instrument Integration)
+
+| Method | Endpoint | Description | Auth Required |
+|--------|----------|-------------|---------------|
+| `POST` | `/api/edge/result` | Receive instrument results | API Key |
+| `GET` | `/api/edge/order` | Fetch pending orders | API Key |
+| `POST` | `/api/edge/order/{id}/ack` | Acknowledge order | API Key |
+| `POST` | `/api/edge/status` | Log instrument status | API Key |
+
+### API Response Format
+
+All API endpoints return JSON in this format:
+
+**Success Response:**
+```json
+{
+  "status": "success",
+  "message": "Operation completed successfully",
+  "data": {
+    // Response data here
+  }
+}
+```
+
+**Error Response:**
+```json
+{
+  "status": "error",
+  "message": "Error description",
+  "errors": [
+    {
+      "field": "field_name",
+      "message": "Validation error message"
+    }
+  ]
+}
+```
+
+### Authentication
+
+Most endpoints require JWT authentication:
+
+**Request Headers:**
+```
+Authorization: Bearer {jwt_token}
+Content-Type: application/json
+```
+
+**Login Request Example:**
+```bash
+POST /api/login
+{
+  "username": "labuser",
+  "password": "password123"
+}
+```
+
+**Login Response:**
+```json
+{
+  "status": "success",
+  "message": "Login successful",
+  "data": {
+    "token": "eyJ0eXAiOiJKV1QiLCJhbGc...",
+    "expires_in": 3600,
+    "user": {
+      "id": 1,
+      "username": "labuser",
+      "name": "Lab User"
+    }
+  }
+}
+```
 
 ---
 
@@ -151,32 +317,12 @@ $labeled = Lookups::transformLabels($patients, [
 Lookups::clearCache();
 ```
 
-### Frontend Usage (Alpine.js)
-
-```php
-<?php
-// In your PHP view file
-use App\Libraries\Lookups;
-
-$allLookups = Lookups::getAll();
-?>
-<script>
-const LOOKUPS = <?= json_encode($allLookups) ?>;
-console.log(LOOKUPS.gender);
-// Output: {"values":[{"key":"1","value":"Female"},{"key":"2","value":"Male"},...]}
-
-// Convenience accessors
-const genderValues = LOOKUPS.gender.values;
-const genderDropdown = LOOKUPS.gender.values.map(v => ({value: v.key, label: v.value}));
-</script>
-```
-
 ### When to Use
 
 | Approach | Use Case |
 |----------|----------|
-| **Lookups Library** | Static values that rarely change (gender, status, types) - fast, cached |
+| **Lookups Library** | Server-side static values that rarely change (gender, status, types) - fast, cached |
-| **API `/api/valueset*`** | Dynamic values managed by admins at runtime |
+| **API `/api/valueset*`** | Dynamic values managed by admins at runtime, or for frontend clients needing lookup data |
 
 ### Adding New Lookups
 
@@ -199,9 +345,9 @@ const genderDropdown = LOOKUPS.gender.values.map(v => ({value: v.key, label: v.v
 
 ## 📋 Master Data Management
 
-CLQMS provides comprehensive master data management for laboratory operations. All master data is accessible via the V2 UI at `/v2/master/*` endpoints.
+CLQMS provides comprehensive master data management for laboratory operations. All master data is accessible via REST API endpoints.
 
-### 🧪 Laboratory Tests (`/v2/master/tests`)
+### 🧪 Laboratory Tests
 
 The Test Definitions module manages all laboratory test configurations including parameters, calculated tests, and test panels.
 
@@ -254,7 +400,7 @@ The Test Definitions module manages all laboratory test configurations including
 }
 ```
 
-### 📏 Reference Ranges (`/v2/master/refrange`)
+### 📏 Reference Ranges
 
 Reference Ranges define normal and critical values for test results. The system supports multiple reference range types based on patient demographics.
 
@@ -263,9 +409,7 @@ Reference Ranges define normal and critical values for test results. The system
 | Type | Table | Description |
 |------|-------|-------------|
 | Numeric | `refnum` | Numeric ranges with age/sex criteria |
-| Threshold | `refthold` | Critical threshold values |
 | Text | `reftxt` | Text-based reference values |
-| Value Set | `refvset` | Coded reference values |
 
 #### Numeric Reference Range Structure
 
@@ -292,7 +436,7 @@ Reference Ranges define normal and critical values for test results. The system
 | `PATCH` | `/api/refnum` | Update reference range |
 | `DELETE` | `/api/refnum` | Soft delete reference range |
 
-### 📑 Value Sets (`/v2/master/valuesets`)
+### 📑 Value Sets
 
 Value Sets are configurable dropdown options used throughout the system. Each Value Set Definition (VSetDef) contains multiple Value Set Values (ValueSet).
 
@@ -353,7 +497,7 @@ valuesetdef (VSetDefID, VSName, VSDesc)
 | Category | Tables | Purpose |
 |----------|--------|---------|
 | Tests | `testdefsite`, `testdeftech`, `testdefcal`, `testdefgrp`, `testmap` | Test definitions |
-| Reference Ranges | `refnum`, `refthold`, `reftxt`, `refvset` | Result validation |
+| Reference Ranges | `refnum`, `reftxt` | Result validation |
 | Value Sets | `valuesetdef`, `valueset` | Configurable options |
 
 ---
@@ -366,15 +510,15 @@ The **Edge API** provides endpoints for integrating laboratory instruments via t
 
 | Method | Endpoint | Description |
 |--------|----------|-------------|
-| `POST` | `/api/edge/results` | Receive instrument results (stored in `edgeres`) |
+| `POST` | `/api/edge/result` | Receive instrument results (stored in `edgeres`) |
-| `GET` | `/api/edge/orders` | Fetch pending orders for an instrument |
+| `GET` | `/api/edge/order` | Fetch pending orders for an instrument |
-| `POST` | `/api/edge/orders/:id/ack` | Acknowledge order delivery to instrument |
+| `POST` | `/api/edge/order/:id/ack` | Acknowledge order delivery to instrument |
 | `POST` | `/api/edge/status` | Log instrument status updates |
 
 ### Workflow
 
 ```
-Instrument → tiny-edge → POST /api/edge/results → edgeres table → [Manual/Auto Processing] → patres table
+Instrument → tiny-edge → POST /api/edge/result → edgeres table → [Manual/Auto Processing] → patres table
 ```
 
 **Key Features:**
@@ -386,6 +530,9 @@ Instrument → tiny-edge → POST /api/edge/results → edgeres table → [Manua
 ---
 
 ### 📜 Usage Notice
+
+**This is an API-only backend system.** There are no views, HTML templates, or server-side rendering components. Frontend applications should consume these REST endpoints to build user interfaces for laboratory operations.
+
 This repository contains proprietary information intended for the 5Panda Team and authorized collaborators.
 
 ---

TODO.md

@@ -1,284 +0,0 @@
-# CLQMS MVP Todo List
-
-> Clinical Laboratory Quality Management System - Minimum Viable Product
-
-## Quick Start: Create Order with Minimal Master Data
-
-You **don't need** all master data finished to create an order. Here's what's actually required:
-
-### Minimum Required (4 Tables)
-
-```sql
--- 1. Patient (already exists in codebase)
--- Just need at least 1 patient
-
--- 2. Order Status Values (VSetID=11)
-INSERT INTO valueset (VID, VSetID, VValue, VDesc, VOrder) VALUES
-(1, 11, 'ORD', 'Ordered', 1),
-(2, 11, 'SCH', 'Scheduled', 2),
-(3, 11, 'ANA', 'Analysis', 3),
-(4, 11, 'VER', 'Verified', 4),
-(5, 11, 'REV', 'Reviewed', 5),
-(6, 11, 'REP', 'Reported', 6);
-
--- 3. Priority Values (VSetID=10)
-INSERT INTO valueset (VID, VSetID, VValue, VDesc, VOrder) VALUES
-(1, 10, 'S', 'Stat', 1),
-(2, 10, 'R', 'Routine', 2),
-(3, 10, 'A', 'ASAP', 3);
-
--- 4. Counter for Order ID
-INSERT INTO counter (CounterName, CounterValue) VALUES ('ORDER', 1);
-
--- Run seeder: php spark db:seed MinimalMasterDataSeeder
-```
-
-### API Endpoints (No Auth Required for Testing)
-
-```bash
-# Create demo order (auto-creates patient if needed)
-POST /api/demo/order
-{
-  "PatientID": "PT001",
-  "NameFirst": "John",
-  "NameLast": "Doe",
-  "Gender": "1",
-  "Birthdate": "1990-05-15",
-  "Priority": "R",
-  "OrderingProvider": "Dr. Smith"
-}
-
-# List orders
-GET /api/demo/orders
-
-# Create order (requires auth)
-POST /api/ordertest
-{
-  "InternalPID": 1,
-  "Priority": "R",
-  "OrderingProvider": "Dr. Smith"
-}
-
-# Update order status
-POST /api/ordertest/status
-{
-  "OrderID": "00250112000001",
-  "OrderStatus": "SCH"
-}
-```
-
-## Core Workflow
-Order → Collection → Reception → Preparation → Analysis → Verification → Review → Reporting
-
----
-
-## Phase 1: Core Lab Workflow (Must Have)
-
-### 1.1 Order Management
-- [ ] Complete `OrderTestController` create/update/delete
-- [ ] Implement order ID generation (LLYYMMDDXXXXX format)
-- [ ] Implement order attachment handling (ordercom, orderatt tables)
-- [ ] Add order status tracking (ORD→SCH→ANA→VER→REV→REP)
-- [ ] Create order test mapping (testmap table)
-- [ ] Add calculated test parameter auto-selection
-
-### 1.2 Specimen Management
-- [ ] Complete `SpecimenController` API
-- [ ] Implement specimen ID generation (OrderID + SSS + C)
-- [ ] Build specimen collection API (Collection status)
-- [ ] Build specimen transport API (In-transport status)
-- [ ] Build specimen reception API (Received/Rejected status)
-- [ ] Build specimen preparation API (Centrifuge, Aliquot, Pre-treatment)
-- [ ] Build specimen storage API (Stored status)
-- [ ] Build specimen dispatching API (Dispatch status)
-- [ ] Implement specimen condition tracking (HEM, ITC, LIP flags)
-
-### 1.3 Result Management
-- [ ] Complete `ResultController` with full CRUD
-- [ ] Implement result entry API (numeric, text, valueset, range)
-- [ ] Implement result verification workflow (Technical + Clinical)
-- [ ] Add reference range validation (numeric, threshold, text, valueset)
-- [ ] Implement critical value flagging (threshold-based)
-- [ ] Implement result rerun with AspCnt tracking
-- [ ] Add result report generation API
-
-### 1.4 Patient Visit
-- [ ] Complete `PatVisitController` create/read
-- [ ] Implement patient visit to order linking
-- [ ] Add admission/discharge/transfer (ADT) tracking
-- [ ] Add diagnosis linking (patdiag table)
-
----
-
-## Phase 2: Instrument Integration (Must Have)
-
-### 2.1 Edge API
-- [ ] Complete `EdgeController` results endpoint
-- [ ] Implement edgeres table data handling
-- [ ] Implement edgestatus tracking
-- [ ] Implement edgeack acknowledgment
-- [ ] Build instrument orders endpoint (/api/edge/orders)
-- [ ] Build order acknowledgment endpoint (/api/edge/orders/:id/ack)
-- [ ] Build status logging endpoint (/api/edge/status)
-
-### 2.2 Test Mapping
-- [ ] Implement test mapping CRUD (TestMapModel)
-- [ ] Build instrument code to LQMS test mapping
-- [ ] Add many-to-one mapping support (e.g., glucose variations)
-
----
-
-## Phase 3: Quality Management (Should Have)
-
-### 3.1 Quality Control
-- [ ] Build QC result entry API
-- [ ] Implement QC result storage (calres table)
-- [ ] Add Levey-Jennings data preparation endpoints
-- [ ] Implement QC validation (2SD auto-validation)
-- [ ] Add Sigma score calculation endpoint
-
-### 3.2 Calibration
-- [ ] Build calibration result entry API
-- [ ] Implement calibration factor tracking
-- [ ] Add calibration history endpoint
-- [ ] Implement calibration validation
-
-### 3.3 Audit Trail
-- [ ] Add audit logging middleware
-- [ ] Implement data change tracking (what/who/when/how/where)
-- [ ] Build audit query endpoint
-- [ ] Add security log endpoints
-
----
-
-## Phase 4: Master Data (Already Have - Need Completion)
-
-### 4.1 Test Definitions ✅ Existing
-- [ ] Test definitions (testdefsite)
-- [ ] Technical specs (testdeftech)
-- [ ] Calculated tests (testdefcal)
-- [ ] Group tests (testdefgrp)
-- [ ] Test parameters
-
-### 4.2 Reference Ranges ✅ Existing
-- [ ] Numeric ranges (refnum)
-- [ ] Threshold ranges (refthold)
-- [ ] Text ranges (reftxt)
-- [ ] Value set ranges (refvset)
-
-### 4.3 Organizations ✅ Existing
-- [ ] Sites (SiteController)
-- [ ] Departments (DepartmentController)
-- [ ] Workstations (WorkstationController)
-- [ ] Disciplines (DisciplineController)
-
-### 4.4 Value Sets ✅ Existing
-- [ ] Value set definitions (ValueSetDefController)
-- [ ] Value set values (ValueSetController)
-
----
-
-## Phase 5: Inventory & Billing (Nice to Have)
-
-### 5.1 Inventory
-- [ ] Build counter management API
-- [ ] Implement product catalog endpoints
-- [ ] Add reagent tracking
-- [ ] Implement consumables usage logging
-
-### 5.2 Billing
-- [ ] Add billing account linking
-- [ ] Implement tariff selection by service class
-- [ ] Build billing export endpoint
-
----
-
-## Priority Matrix
-
-| Priority | Feature | Controller/Model | Status |
-|----------|---------|-----------------|--------|
-| P0 | Order CRUD | OrderTestController + OrderTestModel | ✅ Done |
-| P0 | Specimen Status | SpecimenController | ⚠️ Needs API |
-| P0 | Result Entry | ResultController | ❌ Empty |
-| P0 | Result Verification | ResultController | ❌ Empty |
-| P1 | Visit Management | PatVisitController | ⚠️ Partial |
-| P1 | Instrument Integration | EdgeController | ⚠️ Partial |
-| P1 | Reference Range Validation | RefNumModel + API | ⚠️ Need API |
-| P2 | QC Results | New Controller | ❌ Not exist |
-| P2 | Audit Trail | New Model | ❌ Not exist |
-| P3 | Inventory | CounterController | ⚠️ Partial |
-| P3 | Billing | New Controller | ❌ Not exist |
-
----
-
-## Quick Test: Does Order Creation Work?
-
-```bash
-# Test 1: Create demo order (no auth required)
-curl -X POST http://localhost:8080/api/demo/order \
-  -H "Content-Type: application/json" \
-  -d '{"NameFirst": "Test", "NameLast": "Patient"}'
-
-# Expected Response:
-{
-  "status": "success",
-  "message": "Demo order created successfully",
-  "data": {
-    "PatientID": "DEMO1736689600",
-    "InternalPID": 1,
-    "OrderID": "00250112000001",
-    "OrderStatus": "ORD"
-  }
-}
-
-# Test 2: Update order status
-curl -X POST http://localhost:8080/api/ordertest/status \
-  -H "Content-Type: application/json" \
-  -H "Authorization: Bearer <token>" \
-  -d '{"OrderID": "00250112000001", "OrderStatus": "SCH"}'
-```
-
----
-
-## Success Criteria
-
-### Functional
-- Patient registration works ✅
-- Test ordering generates valid OrderID and SID
-- Specimens track through collection → transport → reception → preparation → analysis
-- Results can be entered with reference range validation
-- Results verified through VER → REV → REP workflow
-- Instruments can send results via Edge API
-
-### Non-Functional
-- JWT authentication required for all endpoints
-- Soft delete (DelDate) on all transactions
-- UTC timezone for all datetime fields
-- Audit logging for data changes
-- < 2s response time for standard queries
-
----
-
-## Current Codebase Status
-
-### Controllers (Need Work)
-- ❌ OrderTestController - placeholder code, incomplete
-- ❌ ResultController - only validates JWT
-- ✅ PatientController - complete
-- ✅ TestsController - complete
-- ✅ PatVisitController - partial
-
-### Models (Good)
-- ✅ PatientModel - complete
-- ✅ TestDef* models - complete
-- ✅ Ref* models - complete
-- ✅ ValueSet* models - complete
-- ✅ SpecimenModel - exists, needs API
-
-### Missing Controllers
-- ❌ SpecimenController - need full implementation
-- ❌ ResultController - need full implementation
-- ❌ QualityControlController - not exist
-- ❌ CalibrationController - not exist
-- ❌ AuditController - not exist
-- ❌ BillingController - not exist

app/Config/Database.php

@@ -174,7 +174,7 @@ class Database extends Config
         'hostname'    => 'localhost',
         'username'    => 'root',
         'password'    => 'adminsakti',
-        'database'    => 'clqms01',
+        'database'    => 'clqms01_test',
         'DBDriver'    => 'MySQLi',
         'DBPrefix'    => '',  // Needed to ensure we're working correctly with prefixes live. DO NOT REMOVE FOR CI DEVS
         'pConnect'    => false,
@@ -204,6 +204,9 @@ class Database extends Config
         // we are currently running an automated test suite, so that
         // we don't overwrite live data on accident.
         if (ENVIRONMENT === 'testing') {
+            if ($this->tests['database'] === $this->default['database']) {
+                throw new \RuntimeException('Tests database cannot match the default database.');
+            }
             $this->defaultGroup = 'tests';
         }
     }

app/Config/Routes.php

@@ -6,7 +6,7 @@ use CodeIgniter\Router\RouteCollection;
  * @var RouteCollection $routes
  */
 $routes->get('/', function () {
-    return redirect()->to('/v2');
+    return "Backend Running";
 });
 
 $routes->options('(:any)', function () {
@@ -15,12 +15,23 @@ $routes->options('(:any)', function () {
 
 $routes->group('api', ['filter' => 'auth'], function ($routes) {
     $routes->get('dashboard', 'DashboardController::index');
-    $routes->get('result', 'ResultController::index');
     $routes->get('sample', 'SampleController::index');
+    $routes->get('audit-logs', 'Audit\AuditLogController::index');
+    
+    // Results CRUD
+    $routes->group('result', function ($routes) {
+        $routes->get('/', 'ResultController::index');
+        $routes->post('/', 'ResultController::create');
+        $routes->get('(:num)', 'ResultController::show/$1');
+        $routes->patch('(:any)', 'ResultController::update/$1');
+        $routes->delete('(:num)', 'ResultController::delete/$1');
+    });
+    
+    // Reports
+    $routes->get('report/(:num)', 'ReportController::view/$1');
 });
 
-// Public Routes (no auth required)
+
-$routes->get('/v2/login', 'PagesController::login');
 
 // V2 Auth API Routes (public - no auth required)
 $routes->group('v2/auth', function ($routes) {
@@ -30,30 +41,6 @@ $routes->group('v2/auth', function ($routes) {
     $routes->post('logout', 'AuthV2Controller::logout');
 });
 
-// Protected Page Routes - V2 (requires auth)
-$routes->group('v2', ['filter' => 'auth'], function ($routes) {
-    $routes->get('/', 'PagesController::dashboard');
-    $routes->get('dashboard', 'PagesController::dashboard');
-    $routes->get('patients', 'PagesController::patients');
-    $routes->get('requests', 'PagesController::requests');
-    $routes->get('settings', 'PagesController::settings');
-
-    // Master Data - Organization
-    $routes->get('master/organization/accounts', 'PagesController::masterOrgAccounts');
-    $routes->get('master/organization/sites', 'PagesController::masterOrgSites');
-    $routes->get('master/organization/disciplines', 'PagesController::masterOrgDisciplines');
-    $routes->get('master/organization/departments', 'PagesController::masterOrgDepartments');
-    $routes->get('master/organization/workstations', 'PagesController::masterOrgWorkstations');
-
-    // Master Data - Specimen
-    $routes->get('master/specimen/containers', 'PagesController::masterSpecimenContainers');
-    $routes->get('master/specimen/preparations', 'PagesController::masterSpecimenPreparations');
-
-    // Master Data - Tests & ValueSets
-    $routes->get('master/tests', 'PagesController::masterTests');
-    $routes->get('master/valuesets', 'PagesController::masterValueSets');
-});
-
 // Faker
 $routes->get('faker/faker-patient/(:num)', 'faker\FakerPatient::sendMany/$1');
 
@@ -73,7 +60,7 @@ $routes->group('api', function ($routes) {
         $routes->post('/', 'Patient\PatientController::create');
         $routes->get('(:num)', 'Patient\PatientController::show/$1');
         $routes->delete('/', 'Patient\PatientController::delete');
-        $routes->patch('/', 'Patient\PatientController::update');
+        $routes->patch('(:any)', 'Patient\PatientController::update/$1');
         $routes->get('check', 'Patient\PatientController::patientCheck');
     });
 
@@ -84,41 +71,25 @@ $routes->group('api', function ($routes) {
         $routes->get('patient/(:num)', 'PatVisitController::showByPatient/$1');
         $routes->get('(:any)', 'PatVisitController::show/$1');
         $routes->delete('/', 'PatVisitController::delete');
-        $routes->patch('/', 'PatVisitController::update');
+        $routes->patch('(:any)', 'PatVisitController::update/$1');
     });
 
-    $routes->group('patvisitadt', function ($routes) {
+        $routes->group('patvisitadt', function ($routes) {
+        $routes->get('visit/(:num)', 'PatVisitController::getADTByVisit/$1');
+        $routes->get('(:num)', 'PatVisitController::showADT/$1');
         $routes->post('/', 'PatVisitController::createADT');
-        $routes->patch('/', 'PatVisitController::updateADT');
+        $routes->patch('(:any)', 'PatVisitController::updateADT/$1');
+        $routes->delete('/', 'PatVisitController::deleteADT');
     });
 
     // Master Data
-    $routes->group('race', function ($routes) {
-        $routes->get('/', 'Race::index');
-        $routes->get('(:num)', 'Race::show/$1');
-    });
-
-    $routes->group('country', function ($routes) {
-        $routes->get('/', 'Country::index');
-        $routes->get('(:num)', 'Country::show/$1');
-    });
-
-    $routes->group('religion', function ($routes) {
-        $routes->get('/', 'Religion::index');
-        $routes->get('(:num)', 'Religion::show/$1');
-    });
-
-    $routes->group('ethnic', function ($routes) {
-        $routes->get('/', 'Ethnic::index');
-        $routes->get('(:num)', 'Ethnic::show/$1');
-    });
 
     // Location
     $routes->group('location', function ($routes) {
         $routes->get('/', 'LocationController::index');
         $routes->get('(:num)', 'LocationController::show/$1');
         $routes->post('/', 'LocationController::create');
-        $routes->patch('/', 'LocationController::update');
+        $routes->patch('(:any)', 'LocationController::update/$1');
         $routes->delete('/', 'LocationController::delete');
     });
 
@@ -127,7 +98,7 @@ $routes->group('api', function ($routes) {
         $routes->get('/', 'Contact\ContactController::index');
         $routes->get('(:num)', 'Contact\ContactController::show/$1');
         $routes->post('/', 'Contact\ContactController::create');
-        $routes->patch('/', 'Contact\ContactController::update');
+        $routes->patch('(:any)', 'Contact\ContactController::update/$1');
         $routes->delete('/', 'Contact\ContactController::delete');
     });
 
@@ -135,7 +106,7 @@ $routes->group('api', function ($routes) {
         $routes->get('/', 'Contact\OccupationController::index');
         $routes->get('(:num)', 'Contact\OccupationController::show/$1');
         $routes->post('/', 'Contact\OccupationController::create');
-        $routes->patch('/', 'Contact\OccupationController::update');
+        $routes->patch('(:any)', 'Contact\OccupationController::update/$1');
         //$routes->delete('/', 'Contact\OccupationController::delete');
     });
 
@@ -143,35 +114,55 @@ $routes->group('api', function ($routes) {
         $routes->get('/', 'Contact\MedicalSpecialtyController::index');
         $routes->get('(:num)', 'Contact\MedicalSpecialtyController::show/$1');
         $routes->post('/', 'Contact\MedicalSpecialtyController::create');
-        $routes->patch('/', 'Contact\MedicalSpecialtyController::update');
+        $routes->patch('(:any)', 'Contact\MedicalSpecialtyController::update/$1');
     });
 
+    // Lib ValueSet (file-based)
     $routes->group('valueset', function ($routes) {
         $routes->get('/', 'ValueSetController::index');
         $routes->get('(:any)', 'ValueSetController::index/$1');
         $routes->post('refresh', 'ValueSetController::refresh');
 
-        $routes->get('items', 'ValueSetController::items');
+        // User ValueSet (database-based)
-        $routes->get('items/(:num)', 'ValueSetController::showItem/$1');
+        $routes->group('user', function ($routes) {
-        $routes->post('items', 'ValueSetController::createItem');
+            $routes->group('items', function ($routes) {
-        $routes->put('items/(:num)', 'ValueSetController::updateItem/$1');
+                $routes->get('/', 'ValueSetController::items');
-        $routes->delete('items/(:num)', 'ValueSetController::deleteItem/$1');
+                $routes->get('(:num)', 'ValueSetController::showItem/$1');
+                $routes->post('/', 'ValueSetController::createItem');
+                $routes->put('(:num)', 'ValueSetController::updateItem/$1');
+                $routes->delete('(:num)', 'ValueSetController::deleteItem/$1');
+            });
+
+            $routes->group('def', function ($routes) {
+                $routes->get('/', 'ValueSetDefController::index');
+                $routes->get('(:num)', 'ValueSetDefController::show/$1');
+                $routes->post('/', 'ValueSetDefController::create');
+                $routes->put('(:num)', 'ValueSetDefController::update/$1');
+                $routes->delete('(:num)', 'ValueSetDefController::delete/$1');
+            });
+        });
     });
 
-    $routes->group('valuesetdef', function ($routes) {
+    // Result ValueSet
-        $routes->get('/', 'ValueSetDefController::index');
+    $routes->group('result', function ($routes) {
-        $routes->get('(:num)', 'ValueSetDefController::show/$1');
+        $routes->group('valueset', function ($routes) {
-        $routes->post('/', 'ValueSetDefController::create');
+            $routes->get('/', 'Result\ResultValueSetController::index');
-        $routes->put('(:num)', 'ValueSetDefController::update/$1');
+            $routes->get('(:num)', 'Result\ResultValueSetController::show/$1');
-        $routes->delete('(:num)', 'ValueSetDefController::delete/$1');
+            $routes->post('/', 'Result\ResultValueSetController::create');
+            $routes->put('(:num)', 'Result\ResultValueSetController::update/$1');
+            $routes->delete('(:num)', 'Result\ResultValueSetController::delete/$1');
+        });
     });
 
+    $routes->post('calc/testsite/(:num)', 'CalculatorController::calculateByTestSite/$1');
+    $routes->post('calc/testcode/(:any)', 'CalculatorController::calculateByCodeOrName/$1');
+
     // Counter
     $routes->group('counter', function ($routes) {
         $routes->get('/', 'CounterController::index');
         $routes->get('(:num)', 'CounterController::show/$1');
         $routes->post('/', 'CounterController::create');
-        $routes->patch('/', 'CounterController::update');
+        $routes->patch('(:any)', 'CounterController::update/$1');
         $routes->delete('/', 'CounterController::delete');
     });
 
@@ -189,7 +180,7 @@ $routes->group('api', function ($routes) {
             $routes->get('/', 'Organization\AccountController::index');
             $routes->get('(:num)', 'Organization\AccountController::show/$1');
             $routes->post('/', 'Organization\AccountController::create');
-            $routes->patch('/', 'Organization\AccountController::update');
+            $routes->patch('(:any)', 'Organization\AccountController::update/$1');
             $routes->delete('/', 'Organization\AccountController::delete');
         });
 
@@ -198,7 +189,7 @@ $routes->group('api', function ($routes) {
             $routes->get('/', 'Organization\SiteController::index');
             $routes->get('(:num)', 'Organization\SiteController::show/$1');
             $routes->post('/', 'Organization\SiteController::create');
-            $routes->patch('/', 'Organization\SiteController::update');
+            $routes->patch('(:any)', 'Organization\SiteController::update/$1');
             $routes->delete('/', 'Organization\SiteController::delete');
         });
 
@@ -207,7 +198,7 @@ $routes->group('api', function ($routes) {
             $routes->get('/', 'Organization\DisciplineController::index');
             $routes->get('(:num)', 'Organization\DisciplineController::show/$1');
             $routes->post('/', 'Organization\DisciplineController::create');
-            $routes->patch('/', 'Organization\DisciplineController::update');
+            $routes->patch('(:any)', 'Organization\DisciplineController::update/$1');
             $routes->delete('/', 'Organization\DisciplineController::delete');
         });
 
@@ -216,7 +207,7 @@ $routes->group('api', function ($routes) {
             $routes->get('/', 'Organization\DepartmentController::index');
             $routes->get('(:num)', 'Organization\DepartmentController::show/$1');
             $routes->post('/', 'Organization\DepartmentController::create');
-            $routes->patch('/', 'Organization\DepartmentController::update');
+            $routes->patch('(:any)', 'Organization\DepartmentController::update/$1');
             $routes->delete('/', 'Organization\DepartmentController::delete');
         });
 
@@ -225,9 +216,54 @@ $routes->group('api', function ($routes) {
             $routes->get('/', 'Organization\WorkstationController::index');
             $routes->get('(:num)', 'Organization\WorkstationController::show/$1');
             $routes->post('/', 'Organization\WorkstationController::create');
-            $routes->patch('/', 'Organization\WorkstationController::update');
+            $routes->patch('(:any)', 'Organization\WorkstationController::update/$1');
             $routes->delete('/', 'Organization\WorkstationController::delete');
         });
+
+        // HostApp
+        $routes->group('hostapp', function ($routes) {
+            $routes->get('/', 'Organization\HostAppController::index');
+            $routes->get('(:num)', 'Organization\HostAppController::show/$1');
+            $routes->post('/', 'Organization\HostAppController::create');
+            $routes->patch('(:num)', 'Organization\HostAppController::update/$1');
+            $routes->delete('/', 'Organization\HostAppController::delete');
+        });
+
+        // HostComPara
+        $routes->group('hostcompara', function ($routes) {
+            $routes->get('/', 'Organization\HostComParaController::index');
+            $routes->get('(:num)', 'Organization\HostComParaController::show/$1');
+            $routes->post('/', 'Organization\HostComParaController::create');
+            $routes->patch('(:num)', 'Organization\HostComParaController::update/$1');
+            $routes->delete('/', 'Organization\HostComParaController::delete');
+        });
+
+        // CodingSys
+        $routes->group('codingsys', function ($routes) {
+            $routes->get('/', 'Organization\CodingSysController::index');
+            $routes->get('(:num)', 'Organization\CodingSysController::show/$1');
+            $routes->post('/', 'Organization\CodingSysController::create');
+            $routes->patch('(:any)', 'Organization\CodingSysController::update/$1');
+            $routes->delete('/', 'Organization\CodingSysController::delete');
+        });
+    });
+
+    // Infrastructure
+    $routes->group('equipmentlist', function ($routes) {
+        $routes->get('/', 'Infrastructure\EquipmentListController::index');
+        $routes->get('(:num)', 'Infrastructure\EquipmentListController::show/$1');
+        $routes->post('/', 'Infrastructure\EquipmentListController::create');
+        $routes->patch('(:any)', 'Infrastructure\EquipmentListController::update/$1');
+        $routes->delete('/', 'Infrastructure\EquipmentListController::delete');
+    });
+
+    // Users
+    $routes->group('user', function ($routes) {
+        $routes->get('/', 'User\UserController::index');
+        $routes->get('(:num)', 'User\UserController::show/$1');
+        $routes->post('/', 'User\UserController::create');
+        $routes->patch('(:any)', 'User\UserController::update/$1');
+        $routes->delete('(:num)', 'User\UserController::delete/$1');
     });
 
     // Specimen
@@ -237,48 +273,72 @@ $routes->group('api', function ($routes) {
             $routes->get('/', 'Specimen\ContainerDefController::index');
             $routes->get('(:num)', 'Specimen\ContainerDefController::show/$1');
             $routes->post('/', 'Specimen\ContainerDefController::create');
-            $routes->patch('/', 'Specimen\ContainerDefController::update');
+            $routes->patch('(:any)', 'Specimen\ContainerDefController::update/$1');
         });
         $routes->group('containerdef', function ($routes) {
             $routes->get('/', 'Specimen\ContainerDefController::index');
             $routes->get('(:num)', 'Specimen\ContainerDefController::show/$1');
             $routes->post('/', 'Specimen\ContainerDefController::create');
-            $routes->patch('/', 'Specimen\ContainerDefController::update');
+            $routes->patch('(:any)', 'Specimen\ContainerDefController::update/$1');
         });
 
         $routes->group('prep', function ($routes) {
             $routes->get('/', 'Specimen\SpecimenPrepController::index');
             $routes->get('(:num)', 'Specimen\SpecimenPrepController::show/$1');
             $routes->post('/', 'Specimen\SpecimenPrepController::create');
-            $routes->patch('/', 'Specimen\SpecimenPrepController::update');
+            $routes->patch('(:any)', 'Specimen\SpecimenPrepController::update/$1');
         });
 
         $routes->group('status', function ($routes) {
             $routes->get('/', 'Specimen\SpecimenStatusController::index');
             $routes->get('(:num)', 'Specimen\SpecimenStatusController::show/$1');
             $routes->post('/', 'Specimen\SpecimenStatusController::create');
-            $routes->patch('/', 'Specimen\SpecimenStatusController::update');
+            $routes->patch('(:any)', 'Specimen\SpecimenStatusController::update/$1');
         });
 
         $routes->group('collection', function ($routes) {
             $routes->get('/', 'Specimen\SpecimenCollectionController::index');
             $routes->get('(:num)', 'Specimen\SpecimenCollectionController::show/$1');
             $routes->post('/', 'Specimen\SpecimenCollectionController::create');
-            $routes->patch('/', 'Specimen\SpecimenCollectionController::update');
+            $routes->patch('(:any)', 'Specimen\SpecimenCollectionController::update/$1');
         });
 
-        $routes->get('/', 'Specimen\SpecimenController::index');
+    $routes->get('/', 'Specimen\SpecimenController::index');
-        $routes->get('(:num)', 'Specimen\SpecimenController::show/$1');
+    $routes->get('(:num)', 'Specimen\SpecimenController::show/$1');
-        $routes->post('/', 'Specimen\SpecimenController::create');
+    $routes->post('/', 'Specimen\SpecimenController::create');
-        $routes->patch('/', 'Specimen\SpecimenController::update');
+    $routes->patch('(:any)', 'Specimen\SpecimenController::update/$1');
-    });
+    $routes->delete('(:num)', 'Specimen\SpecimenController::delete/$1');
+});
 
-    // Tests
+    // Test 
-    $routes->group('tests', function ($routes) {
+    $routes->group('test', function ($routes) {
-        $routes->get('/', 'TestsController::index');
+        $routes->get('/', 'Test\TestsController::index');
-        $routes->get('(:num)', 'TestsController::show/$1');
+        $routes->get('(:num)', 'Test\TestsController::show/$1');
-        $routes->post('/', 'TestsController::create');
+        $routes->post('/', 'Test\TestsController::create');
-        $routes->patch('/', 'TestsController::update');
+        $routes->patch('(:segment)', 'Test\TestsController::update/$1');
+        $routes->group('testmap', function ($routes) {
+            $routes->get('/', 'Test\TestMapController::index');
+            $routes->get('(:num)', 'Test\TestMapController::show/$1');
+            $routes->post('/', 'Test\TestMapController::create');
+            $routes->patch('(:segment)', 'Test\TestMapController::update/$1');
+            $routes->delete('/', 'Test\TestMapController::delete');
+
+            // Filter routes
+            $routes->get('by-testcode/(:any)', 'Test\TestMapController::showByTestCode/$1');
+
+            // TestMapDetail nested routes
+            $routes->group('detail', function ($routes) {
+                $routes->get('/', 'Test\TestMapDetailController::index');
+                $routes->get('(:num)', 'Test\TestMapDetailController::show/$1');
+                $routes->post('/', 'Test\TestMapDetailController::create');
+                $routes->patch('(:segment)', 'Test\TestMapDetailController::update/$1');
+                $routes->delete('/', 'Test\TestMapDetailController::delete');
+                $routes->get('by-testmap/(:num)', 'Test\TestMapDetailController::showByTestMap/$1');
+                $routes->post('batch', 'Test\TestMapDetailController::batchCreate');
+                $routes->patch('batch', 'Test\TestMapDetailController::batchUpdate');
+                $routes->delete('batch', 'Test\TestMapDetailController::batchDelete');
+            });
+        });
     });
 
     // Orders
@@ -286,22 +346,34 @@ $routes->group('api', function ($routes) {
         $routes->get('/', 'OrderTestController::index');
         $routes->get('(:any)', 'OrderTestController::show/$1');
         $routes->post('/', 'OrderTestController::create');
-        $routes->patch('/', 'OrderTestController::update');
+        $routes->patch('(:any)', 'OrderTestController::update/$1');
         $routes->delete('/', 'OrderTestController::delete');
         $routes->post('status', 'OrderTestController::updateStatus');
     });
 
+    // Rules
+    $routes->group('rule', ['filter' => 'auth'], function ($routes) {
+        $routes->get('/', 'Rule\RuleController::index');
+        $routes->get('(:num)', 'Rule\RuleController::show/$1');
+        $routes->post('/', 'Rule\RuleController::create');
+        $routes->patch('(:any)', 'Rule\RuleController::update/$1');
+        $routes->delete('(:num)', 'Rule\RuleController::delete/$1');
+        $routes->post('validate', 'Rule\RuleController::validateExpr');
+        $routes->post('compile', 'Rule\RuleController::compile');
+    });
+
+
     // Demo/Test Routes (No Auth)
 $routes->group('api/demo', function ($routes) {
     $routes->post('order', 'Test\DemoOrderController::createDemoOrder');
-    $routes->get('orders', 'Test\DemoOrderController::listDemoOrders');
+    $routes->get('order', 'Test\DemoOrderController::listDemoOrders');
 });
 
 // Edge API - Integration with tiny-edge
     $routes->group('edge', function ($routes) {
-        $routes->post('results', 'EdgeController::results');
+        $routes->post('result', 'EdgeController::results');
-        $routes->get('orders', 'EdgeController::orders');
+        $routes->get('order', 'EdgeController::orders');
-        $routes->post('orders/(:num)/ack', 'EdgeController::ack/$1');
+        $routes->post('order/(:num)/ack', 'EdgeController::ack/$1');
         $routes->post('status', 'EdgeController::status');
     });
 });

app/Controllers/AreaGeoController.php

@@ -1,7 +1,7 @@
 <?php
 namespace App\Controllers;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
 use App\Models\AreaGeoModel;
 
@@ -32,16 +32,21 @@ class AreaGeoController extends BaseController {
 
     public function getProvinces() {
         $rows = $this->model->getProvinces();
-        if (empty($rows)) { return $this->respond([ 'status'  => 'success', 'message' => "data not found", 'data' => '' ], 200); }
+        $transformed = array_map(function($row) {
-        return $this->respond([ 'status' => 'success', 'message'=> "Data fetched successfully", 'data' => $rows ], 200); 
+            return ['value' => $row['AreaGeoID'], 'label' => $row['AreaName']];
+        }, $rows);
+        if (empty($transformed)) { return $this->respond([ 'status'  => 'success', 'data' => [] ], 200); }
+        return $this->respond([ 'status' => 'success', 'data' => $transformed ], 200);
     }
 
     public function getCities() {
-        $filter = [ 'Parent' => $this->request->getVar('Parent') ?? null ];
+        $filter = [ 'Parent' => $this->request->getVar('ProvinceID') ?? null ];
         $rows = $this->model->getCities($filter);
-        
+        $transformed = array_map(function($row) {
-        if (empty($rows)) { return $this->respond([ 'status'  => 'success', 'message' => "data not found", 'data' => [] ], 200); }
+            return ['value' => $row['AreaGeoID'], 'label' => $row['AreaName']];
-        return $this->respond([ 'status' => 'success', 'message'=> "Data fetched successfully", 'data' => $rows ], 200); 
+        }, $rows);
+        if (empty($transformed)) { return $this->respond([ 'status'  => 'success', 'data' => [] ], 200); }
+        return $this->respond([ 'status' => 'success', 'data' => $transformed ], 200);
     }
    
 }

app/Controllers/Audit/AuditLogController.php

@@ -0,0 +1,60 @@
+<?php
+
+namespace App\Controllers\Audit;
+
+use App\Controllers\BaseController;
+use App\Services\AuditLogService;
+use App\Traits\ResponseTrait;
+use CodeIgniter\HTTP\ResponseInterface;
+use InvalidArgumentException;
+
+class AuditLogController extends BaseController
+{
+    use ResponseTrait;
+
+    private AuditLogService $auditLogService;
+
+    public function __construct()
+    {
+        $this->auditLogService = new AuditLogService();
+    }
+
+    public function index(): ResponseInterface
+    {
+        $filters = [
+            'table' => $this->request->getGet('table'),
+            'rec_id' => $this->request->getGet('rec_id') ?? $this->request->getGet('recId'),
+            'event_id' => $this->request->getGet('event_id') ?? $this->request->getGet('eventId'),
+            'activity_id' => $this->request->getGet('activity_id') ?? $this->request->getGet('activityId'),
+            'from' => $this->request->getGet('from'),
+            'to' => $this->request->getGet('to'),
+            'search' => $this->request->getGet('search'),
+            'page' => $this->request->getGet('page'),
+            'perPage' => $this->request->getGet('perPage') ?? $this->request->getGet('per_page'),
+        ];
+
+        try {
+            $payload = $this->auditLogService->fetchLogs($filters);
+
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'Audit logs retrieved successfully',
+                'data' => $payload,
+            ], 200);
+
+        } catch (InvalidArgumentException $e) {
+            return $this->respond([
+                'status' => 'failed',
+                'message' => $e->getMessage(),
+                'data' => null,
+            ], 400);
+        } catch (\Throwable $e) {
+            log_message('error', 'AuditLogController::index error: ' . $e->getMessage());
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Unable to retrieve audit logs',
+                'data' => null,
+            ], 500);
+        }
+    }
+}

app/Controllers/AuthController.php

@@ -2,7 +2,7 @@
 
 namespace App\Controllers;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 use CodeIgniter\Controller;
 
 use Firebase\JWT\JWT;
@@ -16,6 +16,8 @@ class AuthController extends Controller
 {
     use ResponseTrait;
 
+    protected $db;
+
     // ok
     public function __construct()
     {
@@ -170,19 +172,22 @@ class AuthController extends Controller
         try {
             // Melakukan Hash terhadap Payload dengan Kunci .env menggunakan Algortima HMAC + SHA-256
             $jwt = JWT::encode($payload, $key, 'HS256');
-        } catch (Exception $e) {
+        } catch (\Exception $e) {
             return $this->fail('Error generating JWT: ' . $e->getMessage(), 500);
         }
 
+        // Detect if HTTPS is being used
+        $isSecure = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on';
+
         // Kirim Respon ke HttpOnly yg akan disimpan di browser dan tidak akan dapat diakses oleh siapapun
         $this->response->setCookie([
             'name' => 'token',              // nama token
             'value' => $jwt,                 // value dari jwt yg sudah di hash
             'expire' => 864000,               // 10 hari
             'path' => '/',                  // valid untuk semua path
-            'secure' => true,                 // set true kalau sudah HTTPS
+            'secure' => $isSecure,
             'httponly' => true,                 // dipakai agar cookie berikut tidak dapat diakses oleh javascript
-            'samesite' => Cookie::SAMESITE_NONE
+            'samesite' => $isSecure ? Cookie::SAMESITE_NONE : Cookie::SAMESITE_LAX
         ]);
 
         // Response tanpa token di body
@@ -214,15 +219,18 @@ class AuthController extends Controller
     // }
     public function logout()
     {
+        // Detect if HTTPS is being used
+        $isSecure = isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] === 'on';
+        
         // Definisikan ini pada cookies browser, harus sama dengan cookies login
         return $this->response->setCookie([
             'name' => 'token',
             'value' => '',
             'expire' => time() - 3600,
             'path' => '/',
-            'secure' => true,
+            'secure' => $isSecure,
             'httponly' => true,
-            'samesite' => Cookie::SAMESITE_NONE
+            'samesite' => $isSecure ? Cookie::SAMESITE_NONE : Cookie::SAMESITE_LAX
 
         ])->setJSON([
                     'status' => 'success',

app/Controllers/AuthV2Controller.php

@@ -2,7 +2,7 @@
 
 namespace App\Controllers;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 use CodeIgniter\Controller;
 
 use Firebase\JWT\JWT;

app/Controllers/BaseController.php

@@ -30,12 +30,12 @@ abstract class BaseController extends Controller
 
     /**
      * An array of helpers to be loaded automatically upon
-     * class instantiation. These helpers will be available
+     * class instantiation. These will be available
      * to all other controllers that extend BaseController.
      *
      * @var list<string>
      */
-    protected $helpers = [];
+    protected $helpers = ['json'];
 
     /**
      * Be sure to declare properties for any property fetch you initialized.

app/Controllers/CalculatorController.php

@@ -0,0 +1,183 @@
+<?php
+
+namespace App\Controllers;
+
+use App\Traits\ResponseTrait;
+use App\Services\CalculatorService;
+use App\Models\Test\TestDefCalModel;
+use CodeIgniter\Controller;
+use CodeIgniter\HTTP\ResponseInterface;
+
+class CalculatorController extends Controller
+{
+  use ResponseTrait;
+
+  protected CalculatorService $calculator;
+  protected TestDefCalModel $calcModel;
+
+  public function __construct()
+  {
+    $this->calculator = new CalculatorService();
+    $this->calcModel = new TestDefCalModel();
+  }
+
+  /**
+   * POST api/calculate
+   * Calculate a formula with provided variables
+   * 
+   * Request: {
+   *   "formula": "{result} * {factor} + {gender}",
+   *   "variables": {
+   *     "result": 100,
+   *     "factor": 0.5,
+   *     "gender": "female"
+   *   }
+   * }
+   */
+  public function calculate(): ResponseInterface
+  {
+    try {
+      $data = $this->request->getJSON(true);
+      
+      if (empty($data['formula'])) {
+        return $this->respond([
+          'status' => 'failed',
+          'message' => 'Formula is required'
+        ], 400);
+      }
+
+      $result = $this->calculator->calculate(
+        $data['formula'],
+        $data['variables'] ?? []
+      );
+
+      return $this->respond([
+        'status' => 'success',
+        'data' => [
+          'result' => $result,
+          'formula' => $data['formula'],
+          'variables' => $data['variables'] ?? []
+        ]
+      ], 200);
+
+    } catch (\Exception $e) {
+      return $this->respond([
+        'status' => 'failed',
+        'message' => $e->getMessage()
+      ], 400);
+    }
+  }
+
+  /**
+   * POST api/calculate/validate
+   * Validate a formula syntax
+   * 
+   * Request: {
+   *   "formula": "{result} * 2 + 5"
+   * }
+   */
+  public function validateFormula(): ResponseInterface
+  {
+    try {
+      $data = $this->request->getJSON(true);
+      
+      if (empty($data['formula'])) {
+        return $this->respond([
+          'status' => 'failed',
+          'message' => 'Formula is required'
+        ], 400);
+      }
+
+      $validation = $this->calculator->validate($data['formula']);
+
+      return $this->respond([
+        'status' => $validation['valid'] ? 'success' : 'failed',
+        'data' => [
+          'valid' => $validation['valid'],
+          'error' => $validation['error'],
+          'variables' => $this->calculator->extractVariables($data['formula'])
+        ]
+      ], 200);
+
+    } catch (\Exception $e) {
+      return $this->respond([
+        'status' => 'failed',
+        'message' => $e->getMessage()
+      ], 400);
+    }
+  }
+
+  /**
+   * POST api/calc/testsite/{testSiteID}
+   * Calculate using TestDefCal definition
+   * 
+   * Request: {
+   *   "result": 85,
+   *   "gender": "female",
+   *   "age": 30
+   * }
+   */
+  public function calculateByTestSite($testSiteID): ResponseInterface
+  {
+    try {
+      $calcDef = $this->calcModel->existsByTestSiteID($testSiteID);
+      
+      if (!$calcDef) {
+        return $this->respond([
+          'status' => 'failed',
+          'message' => 'No calculation defined for this test site'
+        ], 404);
+      }
+
+      $testValues = $this->request->getJSON(true);
+      $result = $this->calculator->calculateFromDefinition($calcDef, $testValues);
+
+      return $this->respond([
+        'status' => 'success',
+        'data' => [
+          'result' => $result,
+          'testSiteID' => $testSiteID,
+          'formula' => $calcDef['FormulaCode'],
+          'variables' => $testValues
+        ]
+      ], 200);
+
+    } catch (\Exception $e) {
+      return $this->respond([
+        'status' => 'failed',
+        'message' => $e->getMessage()
+      ], 400);
+    }
+  }
+
+  /**
+   * POST api/calc/testcode/{codeOrName}
+   * Evaluate a configured calculation by its code or name and return only the result map.
+   */
+  public function calculateByCodeOrName($codeOrName): ResponseInterface
+  {
+    try {
+      $calcDef = $this->calcModel->findActiveByCodeOrName($codeOrName);
+
+      if (!$calcDef || empty($calcDef['FormulaCode'])) {
+        return $this->response->setJSON(new \stdClass());
+      }
+
+      $input = $this->request->getJSON(true);
+      $variables = is_array($input) ? $input : [];
+
+      $result = $this->calculator->calculate($calcDef['FormulaCode'], $variables);
+
+      if ($result === null) {
+        return $this->response->setJSON(new \stdClass());
+      }
+
+      $responseKey = $calcDef['TestSiteCode'] ?? strtoupper($codeOrName);
+
+      return $this->response->setJSON([ $responseKey => $result ]);
+    } catch (\Exception $e) {
+      log_message('error', "Calc lookup failed for {$codeOrName}: " . $e->getMessage());
+      return $this->response->setJSON(new \stdClass());
+    }
+  }
+}

app/Controllers/Contact/ContactController.php

@@ -1,22 +1,26 @@
 <?php
 namespace App\Controllers\Contact;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
-
+use App\Libraries\ValueSet;
 use App\Models\Contact\ContactModel;
 
 class ContactController extends BaseController {
     use ResponseTrait;
+    use PatchValidationTrait;
 
     protected $db;
     protected $model;
     protected $rules;
+    protected $patchRules;
 
     public function __construct() {
         $this->db = \Config\Database::connect();
         $this->model = new ContactModel();
         $this->rules = [ 'NameFirst' => 'required' ];
+        $this->patchRules = [ 'NameFirst' => 'permit_empty' ];
     }
 
     public function index() {
@@ -28,6 +32,11 @@ class ContactController extends BaseController {
             return $this->respond([ 'status'  => 'success', 'message' => "no Data.", 'data' => [] ], 200);
         }
 
+        $rows = ValueSet::transformLabels($rows, [
+            'Specialty' => 'specialty',
+            'Occupation' => 'occupation',
+        ]);
+
         return $this->respond([ 'status' => 'success', 'message'=> "fetch success", 'data' => $rows ], 200);
     }
 
@@ -39,6 +48,11 @@ class ContactController extends BaseController {
             return $this->respond([ 'status'  => 'success', 'message' => "no Data.", 'data' => null ], 200);
         }
 
+        $row = ValueSet::transformLabels([$row], [
+            'Specialty' => 'specialty',
+            'Occupation' => 'occupation',
+        ])[0];
+
         return $this->respond([ 'status' => 'success', 'message'=> "fetch success", 'data' => $row ], 200);
     }
 
@@ -58,20 +72,60 @@ class ContactController extends BaseController {
         $input = $this->request->getJSON(true);
         if (!$this->validateData($input, $this->rules)) { return $this->failValidationErrors($this->validator->getErrors()); }
         try {
-            $id = $this->model->saveContact($input,true);
+            $result = $this->model->saveContact($input);
-            return $this->respondCreated([ 'status'  => 'success', 'message' => 'data created successfully', 'data' => $id ], 201);
+
+            if (($result['status'] ?? 'error') !== 'success') {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => $result['message'] ?? 'Failed to create contact',
+                    'data' => []
+                ], 400);
+            }
+
+            return $this->respondCreated([ 'status'  => 'success', 'message' => 'data created successfully', 'data' => $result ], 201);
         } catch (\Throwable $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
         }
     }
 
-    public function update() {
+    public function update($ContactID = null) {
-        $input = $this->request->getJSON(true);
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
-        if (!$this->validateData($input, $this->rules)) { return $this->failValidationErrors($this->validator->getErrors()); }
+        if ($input === null) {
+            return;
+        }
+
+        $id = $this->requirePatchId($ContactID, 'ContactID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->find($id);
+        if (!$existing) {
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Contact not found',
+                'data' => []
+            ], 404);
+        }
+
+        $validationInput = array_intersect_key($input, $this->patchRules);
+        if (!empty($validationInput) && !$this->validateData($validationInput, $this->patchRules)) {
+            return $this->failValidationErrors($this->validator->getErrors());
+        }
+
+        $input['ContactID'] = $id;
         try {
-            $this->model->saveContact($input);
+            $result = $this->model->saveContact($input);
-            $id = $input['ContactID'];
+
-            return $this->respondCreated([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 201);
+            if (($result['status'] ?? 'error') !== 'success') {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => $result['message'] ?? 'Failed to update contact',
+                    'data' => []
+                ], 400);
+            }
+
+            return $this->respond([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $result ], 200);
         } catch (\Throwable $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
         }

app/Controllers/Contact/MedicalSpecialtyController.php

@@ -1,7 +1,7 @@
 <?php
 namespace App\Controllers\Contact;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
 use App\Models\Contact\MedicalSpecialtyModel;
 
@@ -51,8 +51,12 @@ class MedicalSpecialtyController extends BaseController {
         }
     }
 
-    public function update() {
+    public function update($SpecialtyID = null) {
         $input = $this->request->getJSON(true);
+        if (!$SpecialtyID || !ctype_digit((string) $SpecialtyID)) {
+            return $this->respond(['status' => 'error', 'message' => 'SpecialtyID is required and must be a valid integer'], 400);
+        }
+        $input['SpecialtyID'] = (int) $SpecialtyID;
         try {
             $this->model->update($input['SpecialtyID'], $input);
             return $this->respondCreated([ 'status'  => 'success', 'message' => 'Data updated successfully', 'data' => $input['SpecialtyID'] ], 201);

app/Controllers/Contact/OccupationController.php

@@ -1,7 +1,7 @@
 <?php
 namespace App\Controllers\Contact;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
 use App\Models\Contact\OccupationModel;
 
@@ -51,8 +51,12 @@ class OccupationController extends BaseController {
         }
     }
 
-    public function update() {
+    public function update($OccupationID = null) {
         $input = $this->request->getJSON(true);
+        if (!$OccupationID || !ctype_digit((string) $OccupationID)) {
+            return $this->respond(['status' => 'error', 'message' => 'OccupationID is required and must be a valid integer'], 400);
+        }
+        $input['OccupationID'] = (int) $OccupationID;
         try {
             $this->model->update($input['OccupationID'], $input);
             return $this->respondCreated([ 'status'  => 'success', 'message' => 'Data updated successfully', 'data' => $input['OccupationID'] ], 201);

app/Controllers/CounterController.php

@@ -1,7 +1,7 @@
 <?php
 namespace App\Controllers;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
 use App\Models\CounterModel;
 
@@ -43,8 +43,12 @@ class CounterController extends BaseController {
         }
     }
 
-    public function update() {
+    public function update($CounterID = null) {
         $input = $this->request->getJSON(true);
+        if (!$CounterID || !ctype_digit((string) $CounterID)) {
+            return $this->respond(['status' => 'error', 'message' => 'CounterID is required and must be a valid integer'], 400);
+        }
+        $input['CounterID'] = (int) $CounterID;
         try {
             $this->model->update($input['CounterID'], $input);
             return $this->respondCreated([ 'status'  => 'success', 'message' => 'Data updated successfully', 'data' => $input['CounterID'] ], 201);

app/Controllers/DashboardController.php

@@ -2,7 +2,7 @@
 
 namespace App\Controllers;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 use CodeIgniter\Controller;
 
 use Firebase\JWT\JWT;

app/Controllers/EdgeController.php

@@ -2,7 +2,7 @@
 
 namespace App\Controllers;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 use CodeIgniter\Controller;
 
 class EdgeController extends Controller
@@ -19,7 +19,7 @@ class EdgeController extends Controller
     }
 
     /**
-     * POST /api/edge/results
+     * POST /api/edge/result
      * Receive results from tiny-edge
      */
     public function results()
@@ -70,7 +70,7 @@ class EdgeController extends Controller
     }
 
     /**
-     * GET /api/edge/orders
+     * GET /api/edge/order
      * Return pending orders for an instrument
      */
     public function orders()
@@ -96,7 +96,7 @@ class EdgeController extends Controller
     }
 
     /**
-     * POST /api/edge/orders/:id/ack
+     * POST /api/edge/order/:id/ack
      * Acknowledge order delivery
      */
     public function ack($orderId = null)

app/Controllers/HomeController.php

@@ -2,7 +2,7 @@
 
 namespace App\Controllers;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 use CodeIgniter\Controller;
 
 use Firebase\JWT\JWT;

app/Controllers/Infrastructure/EquipmentListController.php

@@ -0,0 +1,116 @@
+<?php
+
+namespace App\Controllers\Infrastructure;
+
+use App\Controllers\BaseController;
+use App\Traits\ResponseTrait;
+use App\Models\Infrastructure\EquipmentListModel;
+
+class EquipmentListController extends BaseController {
+    use ResponseTrait;
+
+    protected $db;
+    protected $model;
+
+    public function __construct() {
+        $this->db = \Config\Database::connect();
+        $this->model = new EquipmentListModel();
+    }
+
+    public function index() {
+        $filter = [
+            'IEID' => $this->request->getVar('IEID'),
+            'InstrumentName' => $this->request->getVar('InstrumentName'),
+            'DepartmentID' => $this->request->getVar('DepartmentID'),
+            'WorkstationID' => $this->request->getVar('WorkstationID'),
+            'isEnable' => $this->request->getVar('isEnable'),
+        ];
+
+        $rows = $this->model->getEquipmentLists($filter);
+
+        if (empty($rows)) {
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'no Data.',
+                'data' => []
+            ], 200);
+        }
+
+        return $this->respond([
+            'status' => 'success',
+            'message' => 'fetch success',
+            'data' => $rows
+        ], 200);
+    }
+
+    public function show($EID = null) {
+        $row = $this->model->getEquipmentList($EID);
+
+        if (empty($row)) {
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'no Data.',
+                'data' => null
+            ], 200);
+        }
+
+        return $this->respond([
+            'status' => 'success',
+            'message' => 'fetch success',
+            'data' => $row
+        ], 200);
+    }
+
+    public function create() {
+        $input = $this->request->getJSON(true);
+
+        try {
+            $EID = $this->model->insert($input, true);
+            return $this->respondCreated([
+                'status' => 'success',
+                'message' => 'data created successfully',
+                'data' => $EID
+            ], 201);
+        } catch (\Throwable $e) {
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function update($EID = null) {
+        $input = $this->request->getJSON(true);
+
+        try {
+            if (!$EID || !ctype_digit((string) $EID)) {
+                return $this->failValidationErrors('EID is required.');
+            }
+            $input['EID'] = (int) $EID;
+            $this->model->update($EID, $input);
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'data updated successfully',
+                'data' => $EID
+            ], 200);
+        } catch (\Throwable $e) {
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function delete() {
+        try {
+            $input = $this->request->getJSON(true);
+            $EID = $input['EID'];
+
+            if (!$EID) {
+                return $this->failValidationErrors('EID is required.');
+            }
+
+            $this->model->delete($EID);
+            return $this->respondDeleted([
+                'status' => 'success',
+                'message' => "{$EID} deleted successfully."
+            ]);
+        } catch (\Throwable $e) {
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+}

app/Controllers/LocationController.php

@@ -1,15 +1,18 @@
 <?php
 namespace App\Controllers;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
 use App\Models\Location\LocationModel;
 
 class LocationController extends BaseController {
     use ResponseTrait;
+    use PatchValidationTrait;
 
     protected $model;
     protected $rules;
+    protected $patchRules;
 
     public function __construct() {
         $this->model = new LocationModel();
@@ -17,6 +20,23 @@ class LocationController extends BaseController {
             'LocCode' => 'required|max_length[6]',
             'LocFull' => 'required',
         ];
+        $this->patchRules = [
+            'SiteID' => 'permit_empty|is_natural_no_zero',
+            'LocCode' => 'permit_empty|max_length[6]',
+            'Parent' => 'permit_empty|is_natural',
+            'LocFull' => 'permit_empty',
+            'Description' => 'permit_empty|max_length[255]',
+            'LocType' => 'permit_empty',
+            'Street1' => 'permit_empty|max_length[255]',
+            'Street2' => 'permit_empty|max_length[255]',
+            'City' => 'permit_empty|max_length[255]',
+            'Province' => 'permit_empty|max_length[255]',
+            'PostCode' => 'permit_empty|max_length[20]',
+            'GeoLocationSystem' => 'permit_empty|max_length[255]',
+            'GeoLocationData' => 'permit_empty|max_length[255]',
+            'Phone' => 'permit_empty|max_length[20]',
+            'Email' => 'permit_empty|valid_email|max_length[255]',
+        ];
     }
 
     public function index() {
@@ -50,12 +70,43 @@ class LocationController extends BaseController {
         }
     }
 
-    public function update() {
+    public function update($LocationID = null) {
-        $input = $this->request->getJSON(true);
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
+        if ($input === null) {
+            return;
+        }
+
+        $id = $this->requirePatchId($LocationID, 'LocationID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->find($id);
+        if (!$existing) {
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Location not found',
+                'data' => []
+            ], 404);
+        }
+
+        $validationInput = array_intersect_key($input, $this->patchRules);
+        if ($validationInput === []) {
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'No valid fields provided for update.',
+                'data' => []
+            ], 422);
+        }
+
+        if (!$this->validateData($validationInput, $this->patchRules)) {
+            return $this->failValidationErrors($this->validator->getErrors());
+        }
+
+        $input['LocationID'] = $id;
         try {
-            if (!$this->validateData($input, $this->rules)) { return $this->failValidationErrors( $this->validator->getErrors()); }
+            $result = $this->model->saveLocation($input);
-            $result = $this->model->saveLocation($input, true);
+            return $this->respond([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $result ], 200);
-            return $this->respondCreated([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $result ], 201);
         } catch (\Throwable $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
         }

app/Controllers/OrderTestController.php

@@ -1,8 +1,9 @@
 <?php
 namespace App\Controllers;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 use CodeIgniter\Controller;
+use App\Libraries\ValueSet;
 use App\Models\OrderTest\OrderTestModel;
 use App\Models\Patient\PatientModel;
 use App\Models\PatVisit\PatVisitModel;
@@ -28,6 +29,7 @@ class OrderTestController extends Controller {
 
     public function index() {
         $internalPID = $this->request->getVar('InternalPID');
+        $includeDetails = $this->request->getVar('include') === 'details';
 
         try {
             if ($internalPID) {
@@ -35,11 +37,23 @@ class OrderTestController extends Controller {
             } else {
                 $rows = $this->db->table('ordertest')
                     ->where('DelDate', null)
-                    ->orderBy('OrderDateTime', 'DESC')
+                    ->orderBy('TrnDate', 'DESC')
                     ->get()
                     ->getResultArray();
             }
 
+            $rows = ValueSet::transformLabels($rows, [
+                'Priority' => 'order_priority',
+                'OrderStatus' => 'order_status',
+            ]);
+
+            if ($includeDetails && !empty($rows)) {
+                foreach ($rows as &$row) {
+                    $row['Specimens'] = $this->getOrderSpecimens($row['InternalOID']);
+                    $row['Tests'] = $this->getOrderTests($row['InternalOID']);
+                }
+            }
+
             return $this->respond([
                 'status' => 'success',
                 'message' => 'Data fetched successfully',
@@ -60,6 +74,16 @@ class OrderTestController extends Controller {
                     'data' => null
                 ], 200);
             }
+
+            $row = ValueSet::transformLabels([$row], [
+                'Priority' => 'order_priority',
+                'OrderStatus' => 'order_status',
+            ])[0];
+
+            // Include specimens and tests
+            $row['Specimens'] = $this->getOrderSpecimens($row['InternalOID']);
+            $row['Tests'] = $this->getOrderTests($row['InternalOID']);
+
             return $this->respond([
                 'status' => 'success',
                 'message' => 'Data fetched successfully',
@@ -70,6 +94,65 @@ class OrderTestController extends Controller {
         }
     }
 
+    private function getOrderSpecimens($internalOID) {
+        $specimens = $this->db->table('specimen s')
+            ->select('s.*, cd.ConCode, cd.ConName')
+            ->join('containerdef cd', 'cd.ConDefID = s.ConDefID', 'left')
+            ->where('s.OrderID', $internalOID)
+            ->where('s.EndDate IS NULL')
+            ->get()
+            ->getResultArray();
+        
+        // Get status for each specimen
+        foreach ($specimens as &$specimen) {
+            $status = $this->db->table('specimenstatus')
+                ->where('SID', $specimen['SID'])
+                ->where('EndDate IS NULL')
+                ->orderBy('CreateDate', 'DESC')
+                ->get()
+                ->getRowArray();
+            $specimen['Status'] = $status['SpcStatus'] ?? 'PENDING';
+        }
+        
+        return $specimens;
+    }
+
+    private function getOrderTests($internalOID) {
+        $tests = $this->db->table('patres pr')
+            ->select('pr.*, tds.TestSiteCode, tds.TestSiteName, tds.TestType, tds.SeqScr AS TestSeqScr, tds.SeqRpt AS TestSeqRpt, tds.DisciplineID, d.DisciplineCode, d.DisciplineName, d.SeqScr AS DisciplineSeqScr, d.SeqRpt AS DisciplineSeqRpt')
+            ->join('testdefsite tds', 'tds.TestSiteID = pr.TestSiteID', 'left')
+            ->join('discipline d', 'd.DisciplineID = tds.DisciplineID', 'left')
+            ->where('pr.OrderID', $internalOID)
+            ->where('pr.DelDate IS NULL')
+            ->orderBy('COALESCE(d.SeqScr, 999999) ASC')
+            ->orderBy('COALESCE(d.SeqRpt, 999999) ASC')
+            ->orderBy('COALESCE(tds.SeqScr, 999999) ASC')
+            ->orderBy('COALESCE(tds.SeqRpt, 999999) ASC')
+            ->orderBy('pr.ResultID ASC')
+            ->get()
+            ->getResultArray();
+
+        foreach ($tests as &$test) {
+            $discipline = [
+                'DisciplineID' => $test['DisciplineID'] ?? null,
+                'DisciplineCode' => $test['DisciplineCode'] ?? null,
+                'DisciplineName' => $test['DisciplineName'] ?? null,
+                'SeqScr' => $test['DisciplineSeqScr'] ?? null,
+                'SeqRpt' => $test['DisciplineSeqRpt'] ?? null,
+            ];
+
+            $test['Discipline'] = $discipline;
+            $test['SeqScr'] = $test['TestSeqScr'] ?? null;
+            $test['SeqRpt'] = $test['TestSeqRpt'] ?? null;
+            $test['DisciplineID'] = $discipline['DisciplineID'];
+
+            unset($test['DisciplineCode'], $test['DisciplineName'], $test['DisciplineSeqScr'], $test['DisciplineSeqRpt'], $test['TestSeqScr'], $test['TestSeqRpt']);
+        }
+        unset($test);
+
+        return $tests;
+    }
+
     public function create() {
         $input = $this->request->getJSON(true);
 
@@ -91,25 +174,37 @@ class OrderTestController extends Controller {
 
             $orderID = $this->model->createOrder($input);
              
+            // Fetch complete order details
+            $order = $this->model->getOrder($orderID);
+            $order['Specimens'] = $this->getOrderSpecimens($order['InternalOID']);
+            $order['Tests'] = $this->getOrderTests($order['InternalOID']);
+
+            // Rule engine triggers are fired at the test/result level (test_created, result_updated)
+
             return $this->respondCreated([
                 'status' => 'success',
                 'message' => 'Order created successfully',
-                'data' => ['OrderID' => $orderID]
+                'data' => $order
             ], 201);
         } catch (\Exception $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
         }
     }
 
-    public function update() {
+    public function update($OrderID = null) {
         $input = $this->request->getJSON(true);
 
-        if (empty($input['OrderID'])) {
+        if ($OrderID === null || $OrderID === '') {
             return $this->failValidationErrors(['OrderID' => 'OrderID is required']);
         }
 
+        if (isset($input['OrderID']) && (string) $input['OrderID'] !== (string) $OrderID) {
+            return $this->failValidationErrors(['OrderID' => 'OrderID in URL does not match body']);
+        }
+
         try {
-            $order = $this->model->getOrder($input['OrderID']);
+            $input['OrderID'] = $OrderID;
+            $order = $this->model->getOrder($OrderID);
             if (!$order) {
                 return $this->failNotFound('Order not found');
             }
@@ -122,13 +217,17 @@ class OrderTestController extends Controller {
             if (isset($input['WorkstationID'])) $updateData['WorkstationID'] = $input['WorkstationID'];
 
             if (!empty($updateData)) {
-                $this->model->update($input['OrderID'], $updateData);
+                $this->model->update($order['InternalOID'], $updateData);
             }
 
+            $updatedOrder = $this->model->getOrder($OrderID);
+            $updatedOrder['Specimens'] = $this->getOrderSpecimens($updatedOrder['InternalOID']);
+            $updatedOrder['Tests'] = $this->getOrderTests($updatedOrder['InternalOID']);
+
             return $this->respond([
                 'status' => 'success',
                 'message' => 'Order updated successfully',
-                'data' => $this->model->getOrder($input['OrderID'])
+                'data' => $updatedOrder
             ], 200);
         } catch (\Exception $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
@@ -180,10 +279,14 @@ class OrderTestController extends Controller {
 
             $this->model->updateStatus($input['OrderID'], $input['OrderStatus']);
 
+            $updatedOrder = $this->model->getOrder($input['OrderID']);
+            $updatedOrder['Specimens'] = $this->getOrderSpecimens($updatedOrder['InternalOID']);
+            $updatedOrder['Tests'] = $this->getOrderTests($updatedOrder['InternalOID']);
+
             return $this->respond([
                 'status' => 'success',
                 'message' => 'Order status updated successfully',
-                'data' => $this->model->getOrder($input['OrderID'])
+                'data' => $updatedOrder
             ], 200);
         } catch (\Exception $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());

app/Controllers/Organization/AccountController.php

@@ -1,13 +1,15 @@
 <?php
 namespace App\Controllers\Organization;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
 
 use App\Models\Organization\AccountModel;
 
 class AccountController extends BaseController {
     use ResponseTrait;
+    use PatchValidationTrait;
 
     protected $db;
     protected $model;
@@ -46,8 +48,10 @@ class AccountController extends BaseController {
     public function delete() {
         try {
             $input = $this->request->getJSON(true);
-            $id = $input["AccountID"];
+            $id = $this->requirePatchId($input['AccountID'] ?? null, 'AccountID');
-            if (!$id) { return $this->failValidationErrors('ID is required.'); }
+            if ($id === null) {
+                return;
+            }
             $this->model->delete($id);
             return $this->respondDeleted([ 'status' => 'success', 'message' => "{$id} deleted successfully."]);
         } catch (\Throwable $e) {
@@ -57,6 +61,17 @@ class AccountController extends BaseController {
 
     public function create() {
         $input = $this->request->getJSON(true);
+
+        $validation = service('validation');
+        $validation->setRules([
+            'AccountName' => 'required|string|max_length[255]',
+            'Parent' => 'permit_empty|integer',
+        ]);
+
+        if (!$validation->run($input)) {
+            return $this->failValidationErrors($validation->getErrors());
+        }
+
         try {
             $id = $this->model->insert($input,true);
             return $this->respondCreated([ 'status'  => 'success', 'message' => 'data created successfully', 'data' => $id ], 201);
@@ -65,13 +80,36 @@ class AccountController extends BaseController {
         }
     }
 
-    public function update() {
+    public function update($AccountID = null) {
-        $input = $this->request->getJSON(true);
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
+        if ($input === null) {
+            return;
+        }
+
+        $id = $this->requirePatchId($AccountID, 'AccountID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->find($id);
+        if (!$existing) {
+            return $this->respond([ 'status' => 'failed', 'message' => 'Account not found', 'data' => [] ], 404);
+        }
+
+        $validation = service('validation');
+        $validation->setRules([
+            'AccountName' => 'permit_empty|string|max_length[255]',
+            'Parent' => 'permit_empty|integer',
+        ]);
+
+        if (!$validation->run($input)) {
+            return $this->failValidationErrors($validation->getErrors());
+        }
+
+        $input['AccountID'] = $id;
         try {
-            $id = $input['AccountID'];
-            if (!$id) { return $this->failValidationErrors('ID is required.'); }
             $this->model->update($id, $input);
-            return $this->respondCreated([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 201);
+            return $this->respond([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 200);
         } catch (\Throwable $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
         }

app/Controllers/Organization/CodingSysController.php

@@ -0,0 +1,112 @@
+<?php
+
+namespace App\Controllers\Organization;
+
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
+use App\Controllers\BaseController;
+use App\Models\Organization\CodingSysModel;
+
+class CodingSysController extends BaseController {
+    use ResponseTrait;
+    use PatchValidationTrait;
+
+    protected $db;
+    protected $model;
+
+    public function __construct() {
+        $this->db = \Config\Database::connect();
+        $this->model = new CodingSysModel();
+    }
+
+    public function index() {
+        $filter = [
+            'CodingSysAbb' => $this->request->getVar('CodingSysAbb'),
+            'FullText' => $this->request->getVar('FullText'),
+        ];
+
+        $builder = $this->model;
+
+        if (!empty($filter['CodingSysAbb'])) {
+            $builder->like('CodingSysAbb', $filter['CodingSysAbb'], 'both');
+        }
+        if (!empty($filter['FullText'])) {
+            $builder->like('FullText', $filter['FullText'], 'both');
+        }
+
+        $rows = $builder->findAll();
+
+        if (empty($rows)) {
+            return $this->respond(['status' => 'success', 'message' => 'no Data.', 'data' => []], 200);
+        }
+
+        return $this->respond(['status' => 'success', 'message' => 'fetch success', 'data' => $rows], 200);
+    }
+
+    public function show($CodingSysID = null) {
+        $row = $this->model->where('CodingSysID', $CodingSysID)->first();
+
+        if (empty($row)) {
+            return $this->respond(['status' => 'success', 'message' => 'no Data.', 'data' => null], 200);
+        }
+
+        return $this->respond(['status' => 'success', 'message' => 'fetch success', 'data' => $row], 200);
+    }
+
+    public function delete() {
+        try {
+            $input = $this->request->getJSON(true);
+            $id = $input['CodingSysID'] ?? null;
+
+            if (!$id) {
+                return $this->failValidationErrors('CodingSysID is required.');
+            }
+
+            $this->model->delete($id);
+            return $this->respondDeleted(['status' => 'success', 'message' => "{$id} deleted successfully."]);
+        } catch (\Throwable $e) {
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function create() {
+        $input = $this->request->getJSON(true);
+
+        try {
+            $id = $this->model->insert($input, true);
+            return $this->respondCreated(['status' => 'success', 'message' => 'data created successfully', 'data' => $id], 201);
+        } catch (\Throwable $e) {
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function update($CodingSysID = null) {
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
+        if ($input === null) {
+            return;
+        }
+
+        $id = $this->requirePatchId($CodingSysID, 'CodingSysID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->find($id);
+        if (!$existing) {
+            return $this->respond(['status' => 'failed', 'message' => 'CodingSys not found', 'data' => []], 404);
+        }
+
+        if (isset($input['CodingSysID']) && (string) $input['CodingSysID'] !== (string) $id) {
+            return $this->failValidationErrors('CodingSysID in URL does not match body.');
+        }
+
+        $input['CodingSysID'] = $id;
+
+        try {
+            $this->model->update($id, $input);
+            return $this->respondCreated(['status' => 'success', 'message' => 'data updated successfully', 'data' => $id], 201);
+        } catch (\Throwable $e) {
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+}

app/Controllers/Organization/DepartmentController.php

@@ -1,13 +1,15 @@
 <?php
 namespace App\Controllers\Organization;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
 
 use App\Models\Organization\DepartmentModel;
 
 class DepartmentController extends BaseController {
     use ResponseTrait;
+    use PatchValidationTrait;
 
     protected $db;
     protected $model;
@@ -62,12 +64,26 @@ class DepartmentController extends BaseController {
         }
     }
 
-    public function update() {
+    public function update($DepartmentID = null) {
-        $input = $this->request->getJSON(true);
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
+        if ($input === null) {
+            return;
+        }
+
+        $id = $this->requirePatchId($DepartmentID, 'DepartmentID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->find($id);
+        if (!$existing) {
+            return $this->respond([ 'status' => 'failed', 'message' => 'Department not found', 'data' => [] ], 404);
+        }
+
+        $input['DepartmentID'] = $id;
         try {
-            $id = $input['DepartmentID'];
             $this->model->update($id, $input);
-            return $this->respondCreated([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 201);
+            return $this->respond([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 200);
         } catch (\Throwable $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
         }

app/Controllers/Organization/DisciplineController.php

@@ -1,13 +1,15 @@
 <?php
 namespace App\Controllers\Organization;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
 
 use App\Models\Organization\DisciplineModel;
 
 class DisciplineController extends BaseController {
   use ResponseTrait;
+  use PatchValidationTrait;
 
   protected $db;
   protected $model;
@@ -44,8 +46,10 @@ class DisciplineController extends BaseController {
   public function delete() {
     try {
       $input = $this->request->getJSON(true);
-      $id = $input["DisciplineID"];
+      $id = $this->requirePatchId($input['DisciplineID'] ?? null, 'DisciplineID');
-      if (!$id) { return $this->failValidationErrors('ID is required.'); }
+      if ($id === null) {
+        return;
+      }
       $this->model->delete($id);
       return $this->respondDeleted([ 'status' => 'success', 'message' => "{$id} deleted successfully."]);
     } catch (\Throwable $e) {
@@ -55,6 +59,20 @@ class DisciplineController extends BaseController {
 
   public function create() {
     $input = $this->request->getJSON(true);
+
+    $validation = service('validation');
+    $validation->setRules([
+      'DisciplineCode' => 'required|string|max_length[50]',
+      'DisciplineName' => 'required|string|max_length[255]',
+      'Parent' => 'permit_empty|integer',
+      'SeqScr' => 'permit_empty|integer',
+      'SeqRpt' => 'permit_empty|integer',
+    ]);
+
+    if (!$validation->run($input)) {
+      return $this->failValidationErrors($validation->getErrors());
+    }
+
     try {
       $id = $this->model->insert($input,true);
       return $this->respondCreated([ 'status'  => 'success', 'message' => 'data created successfully', 'data' => $id ], 201);
@@ -63,11 +81,42 @@ class DisciplineController extends BaseController {
     }
   }
 
-  public function update() {
+  public function update($DisciplineID = null) {
-    $input = $this->request->getJSON(true);
+    $input = $this->requirePatchPayload($this->request->getJSON(true));
-    $id = $input['DisciplineID'];
+    if ($input === null) {
-    $this->model->update($id, $input);
+      return;
-    return $this->respondCreated([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 201);
+    }
+
+    $id = $this->requirePatchId($DisciplineID, 'DisciplineID');
+    if ($id === null) {
+      return;
+    }
+
+    $existing = $this->model->find($id);
+    if (!$existing) {
+      return $this->respond([ 'status' => 'failed', 'message' => 'Discipline not found', 'data' => [] ], 404);
+    }
+
+    $validation = service('validation');
+    $validation->setRules([
+      'DisciplineCode' => 'permit_empty|string|max_length[50]',
+      'DisciplineName' => 'permit_empty|string|max_length[255]',
+      'Parent' => 'permit_empty|integer',
+      'SeqScr' => 'permit_empty|integer',
+      'SeqRpt' => 'permit_empty|integer',
+    ]);
+
+    if (!$validation->run($input)) {
+      return $this->failValidationErrors($validation->getErrors());
+    }
+
+    $input['DisciplineID'] = $id;
+    try {
+      $this->model->update($id, $input);
+      return $this->respond([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 200);
+    } catch (\Throwable $e) {
+      return $this->failServerError('Something went wrong: ' . $e->getMessage());
+    }
     /*
     try {
       $id = $input['DisciplineID'];

app/Controllers/Organization/HostAppController.php

@@ -0,0 +1,124 @@
+<?php
+
+namespace App\Controllers\Organization;
+
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
+use App\Controllers\BaseController;
+use App\Models\Organization\HostAppModel;
+
+class HostAppController extends BaseController {
+    use ResponseTrait;
+    use PatchValidationTrait;
+
+    protected $db;
+    protected $model;
+
+    public function __construct() {
+        $this->db = \Config\Database::connect();
+        $this->model = new HostAppModel();
+    }
+
+    public function index() {
+        $filter = [
+            'HostAppID' => $this->request->getVar('HostAppID'),
+            'HostAppName' => $this->request->getVar('HostAppName'),
+        ];
+
+        $builder = $this->model->select('hostapp.*, site.SiteName')
+            ->join('site', 'site.SiteID = hostapp.SiteID', 'left');
+
+        if (!empty($filter['HostAppID'])) {
+            if (!ctype_digit((string) $filter['HostAppID'])) {
+                return $this->failValidationErrors('HostAppID filter must be a valid integer.');
+            }
+            $builder->where('hostapp.HostAppID', (int) $filter['HostAppID']);
+        }
+        if (!empty($filter['HostAppName'])) {
+            $builder->like('hostapp.HostAppName', $filter['HostAppName'], 'both');
+        }
+
+        $rows = $builder->findAll();
+
+        if (empty($rows)) {
+            return $this->respond(['status' => 'success', 'message' => 'no Data.', 'data' => []], 200);
+        }
+
+        return $this->respond(['status' => 'success', 'message' => 'fetch success', 'data' => $rows], 200);
+    }
+
+    public function show($HostAppID = null) {
+        $id = $this->requirePatchId($HostAppID, 'HostAppID');
+        if ($id === null) {
+            return;
+        }
+
+        $row = $this->model->select('hostapp.*, site.SiteName')
+            ->join('site', 'site.SiteID = hostapp.SiteID', 'left')
+            ->where('hostapp.HostAppID', $id)
+            ->first();
+
+        if (empty($row)) {
+            return $this->respond(['status' => 'success', 'message' => 'no Data.', 'data' => null], 200);
+        }
+
+        return $this->respond(['status' => 'success', 'message' => 'fetch success', 'data' => $row], 200);
+    }
+
+    public function delete() {
+        try {
+            $input = $this->request->getJSON(true);
+            $id = $this->requirePatchId($input['HostAppID'] ?? null, 'HostAppID');
+            if ($id === null) {
+                return;
+            }
+
+            $this->model->delete($id);
+            return $this->respondDeleted(['status' => 'success', 'message' => "{$id} deleted successfully."]);
+        } catch (\Throwable $e) {
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function create() {
+        $input = $this->request->getJSON(true);
+
+        try {
+            unset($input['HostAppID']);
+            $id = $this->model->insert($input, true);
+            return $this->respondCreated(['status' => 'success', 'message' => 'data created successfully', 'data' => $id], 201);
+        } catch (\Throwable $e) {
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function update($HostAppID = null) {
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
+        if ($input === null) {
+            return;
+        }
+
+        $id = $this->requirePatchId($HostAppID, 'HostAppID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->find($id);
+        if (!$existing) {
+            return $this->respond(['status' => 'failed', 'message' => 'HostApp not found', 'data' => []], 404);
+        }
+
+        if (isset($input['HostAppID'])) {
+            if ((string) $input['HostAppID'] !== (string) $id) {
+                return $this->failValidationErrors('HostAppID in URL does not match body.');
+            }
+            unset($input['HostAppID']);
+        }
+        try {
+            $this->model->update($id, $input);
+            return $this->respond(['status' => 'success', 'message' => 'data updated successfully', 'data' => $id], 200);
+        } catch (\Throwable $e) {
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+}

app/Controllers/Organization/HostComParaController.php

@@ -0,0 +1,135 @@
+<?php
+
+namespace App\Controllers\Organization;
+
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
+use App\Controllers\BaseController;
+use App\Models\Organization\HostComParaModel;
+
+class HostComParaController extends BaseController {
+    use ResponseTrait;
+    use PatchValidationTrait;
+
+    protected $db;
+    protected $model;
+
+    public function __construct() {
+        $this->db = \Config\Database::connect();
+        $this->model = new HostComParaModel();
+    }
+
+    public function index() {
+        $filter = [
+            'HostAppID' => $this->request->getVar('HostAppID'),
+            'HostIP' => $this->request->getVar('HostIP'),
+        ];
+
+        $builder = $this->model->select('hostcompara.*, hostapp.HostAppName')
+            ->join('hostapp', 'hostapp.HostAppID = hostcompara.HostAppID', 'left');
+
+        if (!empty($filter['HostAppID'])) {
+            if (!ctype_digit((string) $filter['HostAppID'])) {
+                return $this->failValidationErrors('HostAppID filter must be a valid integer.');
+            }
+            $builder->where('hostcompara.HostAppID', (int) $filter['HostAppID']);
+        }
+        if (!empty($filter['HostIP'])) {
+            $builder->like('hostcompara.HostIP', $filter['HostIP'], 'both');
+        }
+
+        $rows = $builder->findAll();
+
+        if (empty($rows)) {
+            return $this->respond(['status' => 'success', 'message' => 'no Data.', 'data' => []], 200);
+        }
+
+        return $this->respond(['status' => 'success', 'message' => 'fetch success', 'data' => $rows], 200);
+    }
+
+    public function show($HostAppID = null) {
+        $id = $this->requirePatchId($HostAppID, 'HostAppID');
+        if ($id === null) {
+            return;
+        }
+
+        $row = $this->model->select('hostcompara.*, hostapp.HostAppName')
+            ->join('hostapp', 'hostapp.HostAppID = hostcompara.HostAppID', 'left')
+            ->where('hostcompara.HostAppID', $id)
+            ->first();
+
+        if (empty($row)) {
+            return $this->respond(['status' => 'success', 'message' => 'no Data.', 'data' => null], 200);
+        }
+
+        return $this->respond(['status' => 'success', 'message' => 'fetch success', 'data' => $row], 200);
+    }
+
+    public function delete() {
+        try {
+            $input = $this->request->getJSON(true);
+            $id = $this->requirePatchId($input['HostAppID'] ?? null, 'HostAppID');
+            if ($id === null) {
+                return;
+            }
+
+            $this->model->delete($id);
+            return $this->respondDeleted(['status' => 'success', 'message' => "{$id} deleted successfully."]);
+        } catch (\Throwable $e) {
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function create() {
+        $input = $this->request->getJSON(true);
+
+        try {
+            $hostAppId = $input['HostAppID'] ?? null;
+            if ($hostAppId === null) {
+                return $this->failValidationErrors('HostAppID is required.');
+            }
+
+            if (!ctype_digit((string) $hostAppId)) {
+                return $this->failValidationErrors('HostAppID must be a valid integer.');
+            }
+
+            $input['HostAppID'] = (int) $hostAppId;
+
+            $id = $this->model->insert($input, true);
+            return $this->respondCreated(['status' => 'success', 'message' => 'data created successfully', 'data' => $id], 201);
+        } catch (\Throwable $e) {
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function update($HostAppID = null) {
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
+        if ($input === null) {
+            return;
+        }
+
+        $id = $this->requirePatchId($HostAppID, 'HostAppID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->find($id);
+        if (!$existing) {
+            return $this->respond(['status' => 'failed', 'message' => 'HostComPara not found', 'data' => []], 404);
+        }
+
+        if (isset($input['HostAppID'])) {
+            if ((string) $input['HostAppID'] !== (string) $id) {
+                return $this->failValidationErrors('HostAppID in URL does not match body.');
+            }
+            unset($input['HostAppID']);
+        }
+
+        try {
+            $this->model->update($id, $input);
+            return $this->respond(['status' => 'success', 'message' => 'data updated successfully', 'data' => $id], 200);
+        } catch (\Throwable $e) {
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+}

app/Controllers/Organization/SiteController.php

@@ -1,13 +1,15 @@
 <?php
 namespace App\Controllers\Organization;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
 
 use App\Models\Organization\SiteModel;
 
 class SiteController extends BaseController {
     use ResponseTrait;
+    use PatchValidationTrait;
 
     protected $db;
     protected $model;
@@ -56,6 +58,17 @@ class SiteController extends BaseController {
 
     public function create() {
         $input = $this->request->getJSON(true);
+        
+        $validation = service('validation');
+        $validation->setRules([
+            'SiteCode' => 'required|regex_match[/^[A-Z0-9]{2,6}$/]',
+            'SiteName' => 'required',
+        ]);
+        
+        if (!$validation->run($input)) {
+            return $this->failValidationErrors($validation->getErrors());
+        }
+        
         try {
             $id = $this->model->insert($input,true);
             return $this->respondCreated([ 'status'  => 'success', 'message' => 'data created successfully', 'data' => $id ], 201);
@@ -64,13 +77,38 @@ class SiteController extends BaseController {
         }
     }
 
-    public function update() {
+    public function update($SiteID = null) {
-        $input = $this->request->getJSON(true);
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
+        if ($input === null) {
+            return;
+        }
+
+        $id = $this->requirePatchId($SiteID, 'SiteID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->find($id);
+        if (!$existing) {
+            return $this->respond([ 'status' => 'failed', 'message' => 'Site not found', 'data' => [] ], 404);
+        }
+
+        $input['SiteID'] = $id;
+        
+        if (!empty($input['SiteCode'])) {
+            $validation = service('validation');
+            $validation->setRules([
+                'SiteCode' => 'regex_match[/^[A-Z0-9]{2,6}$/]',
+            ]);
+            
+            if (!$validation->run($input)) {
+                return $this->failValidationErrors($validation->getErrors());
+            }
+        }
+        
         try {
-            $id = $input['SiteID'];
-            if (!$id) { return $this->failValidationErrors('ID is required.'); }
             $this->model->update($id, $input);
-            return $this->respondCreated([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 201);
+            return $this->respond([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 200);
         } catch (\Throwable $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
         }

app/Controllers/Organization/WorkstationController.php

@@ -1,13 +1,15 @@
 <?php
 namespace App\Controllers\Organization;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
 
 use App\Models\Organization\WorkstationModel;
 
 class WorkstationController extends BaseController {
     use ResponseTrait;
+    use PatchValidationTrait;
 
     protected $db;
     protected $model;
@@ -63,12 +65,26 @@ class WorkstationController extends BaseController {
         }
     }
 
-    public function update() {
+    public function update($WorkstationID = null) {
-        $input = $this->request->getJSON(true);
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
+        if ($input === null) {
+            return;
+        }
+
+        $id = $this->requirePatchId($WorkstationID, 'WorkstationID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->find($id);
+        if (!$existing) {
+            return $this->respond([ 'status' => 'failed', 'message' => 'Workstation not found', 'data' => [] ], 404);
+        }
+
+        $input['WorkstationID'] = $id;
         try {
-            $id = $input['WorkstationID'];
             $this->model->update($id, $input);
-            return $this->respondCreated([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 201);
+            return $this->respond([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 200);
         } catch (\Throwable $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
         }

app/Controllers/PagesController.php

@@ -10,169 +10,5 @@ namespace App\Controllers;
  */
 class PagesController extends BaseController
 {
-    /**
+    // Add page methods here as needed
-     * Dashboard page
-     */
-    public function dashboard()
-    {
-        return view('v2/dashboard/dashboard_index', [
-            'pageTitle' => 'Dashboard',
-            'activePage' => 'dashboard'
-        ]);
-    }
-
-    /**
-     * Patients page
-     */
-    public function patients()
-    {
-        return view('v2/patients/patients_index', [
-            'pageTitle' => 'Patients',
-            'activePage' => 'patients'
-        ]);
-    }
-
-    /**
-     * Lab Requests page
-     */
-    public function requests()
-    {
-        return view('v2/requests/requests_index', [
-            'pageTitle' => 'Lab Requests',
-            'activePage' => 'requests'
-        ]);
-    }
-
-    /**
-     * Settings page
-     */
-    public function settings()
-    {
-        return view('v2/settings/settings_index', [
-            'pageTitle' => 'Settings',
-            'activePage' => 'settings'
-        ]);
-    }
-
-    // ========================================
-    // Master Data - Organization
-    // ========================================
-    
-    /**
-     * Master Data - Organization Accounts
-     */
-    public function masterOrgAccounts()
-    {
-        return view('v2/master/organization/accounts_index', [
-            'pageTitle' => 'Organization Accounts',
-            'activePage' => 'master-org-accounts'
-        ]);
-    }
-
-    /**
-     * Master Data - Organization Sites
-     */
-    public function masterOrgSites()
-    {
-        return view('v2/master/organization/sites_index', [
-            'pageTitle' => 'Organization Sites',
-            'activePage' => 'master-org-sites'
-        ]);
-    }
-
-    /**
-     * Master Data - Organization Disciplines
-     */
-    public function masterOrgDisciplines()
-    {
-        return view('v2/master/organization/disciplines_index', [
-            'pageTitle' => 'Disciplines',
-            'activePage' => 'master-org-disciplines'
-        ]);
-    }
-
-    /**
-     * Master Data - Organization Departments
-     */
-    public function masterOrgDepartments()
-    {
-        return view('v2/master/organization/departments_index', [
-            'pageTitle' => 'Departments',
-            'activePage' => 'master-org-departments'
-        ]);
-    }
-
-    /**
-     * Master Data - Organization Workstations
-     */
-    public function masterOrgWorkstations()
-    {
-        return view('v2/master/organization/workstations_index', [
-            'pageTitle' => 'Workstations',
-            'activePage' => 'master-org-workstations'
-        ]);
-    }
-
-    // ========================================
-    // Master Data - Specimen
-    // ========================================
-
-    /**
-     * Master Data - Specimen Containers
-     */
-    public function masterSpecimenContainers()
-    {
-        return view('v2/master/specimen/containers_index', [
-            'pageTitle' => 'Container Definitions',
-            'activePage' => 'master-specimen-containers'
-        ]);
-    }
-
-    /**
-     * Master Data - Specimen Preparations
-     */
-    public function masterSpecimenPreparations()
-    {
-        return view('v2/master/specimen/preparations_index', [
-            'pageTitle' => 'Specimen Preparations',
-            'activePage' => 'master-specimen-preparations'
-        ]);
-    }
-
-    // ========================================
-    // Master Data - Tests & ValueSets
-    // ========================================
-
-    /**
-     * Master Data - Lab Tests
-     */
-    public function masterTests()
-    {
-        return view('v2/master/tests/tests_index', [
-            'pageTitle' => 'Lab Tests',
-            'activePage' => 'master-tests'
-        ]);
-    }
-
-    /**
-     * Master Data - Value Sets
-     */
-    public function masterValueSets()
-    {
-        return view('v2/master/valuesets/valuesets_index', [
-            'pageTitle' => 'Value Sets',
-            'activePage' => 'master-valuesets'
-        ]);
-    }
-
-    /**
-     * Login page
-     */
-    public function login()
-    {
-        return view('v2/auth/login', [
-            'pageTitle' => 'Login',
-            'activePage' => ''
-        ]);
-    }
 }

app/Controllers/PatVisitController.php

@@ -1,13 +1,16 @@
 <?php
 namespace App\Controllers;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
 use App\Models\PatVisit\PatVisitModel;
 use App\Models\PatVisit\PatVisitADTModel;
+use App\Models\Patient\PatientModel;
 
 class PatVisitController extends BaseController {
 	use ResponseTrait;
+	use PatchValidationTrait;
 	
 	protected $model;
 
@@ -15,11 +18,66 @@ class PatVisitController extends BaseController {
 		$this->model = new PatVisitModel();
 	}
 
+	public function index() {
+		try {
+			$InternalPID = $this->request->getVar('InternalPID');
+			$PVID = $this->request->getVar('PVID');
+			$PatientID = $this->request->getVar('PatientID');
+			$PatientName = $this->request->getVar('PatientName');
+			$CreateDateFrom = $this->request->getVar('CreateDateFrom');
+			$CreateDateTo = $this->request->getVar('CreateDateTo');
+			
+			$builder = $this->model->select('patvisit.*, patient.NameFirst, patient.NameLast, patient.PatientID, location.LocFull as LastLocation')
+				->join('patient', 'patient.InternalPID=patvisit.InternalPID', 'left')
+				->join('(SELECT a1.*
+					FROM patvisitadt a1
+					INNER JOIN (
+						SELECT InternalPVID, MAX(PVADTID) AS MaxID
+						FROM patvisitadt
+						GROUP BY InternalPVID
+					) a2 ON a1.InternalPVID = a2.InternalPVID AND a1.PVADTID = a2.MaxID
+				) AS latest_patvisitadt', 'latest_patvisitadt.InternalPVID = patvisit.InternalPVID', 'left')
+				->join('location', 'location.LocationID = latest_patvisitadt.LocationID', 'left');
+			
+			if ($InternalPID) {
+				$builder->where('patvisit.InternalPID', $InternalPID);
+			}
+			if ($PVID) {
+				$builder->like('patvisit.PVID', $PVID, 'both');
+			}
+			if ($PatientID) {
+				$builder->like('patient.PatientID', $PatientID, 'both');
+			}
+			if ($PatientName) {
+				$builder->groupStart()
+					->like('patient.NameFirst', $PatientName, 'both')
+					->orLike('patient.NameLast', $PatientName, 'both')
+					->groupEnd();
+			}
+			if ($CreateDateFrom) {
+				$builder->where('patvisit.CreateDate >=', $CreateDateFrom);
+			}
+			if ($CreateDateTo) {
+				$builder->where('patvisit.CreateDate <=', $CreateDateTo);
+			}
+			
+			$rows = $builder->orderBy('patvisit.CreateDate', 'DESC')->findAll();
+			
+			if (empty($rows)) {
+				return $this->respond(['status' => 'success', 'message' => 'data not found', 'data' => []], 200);
+			}
+			
+			return $this->respond(['status' => 'success', 'message' => 'data found', 'data' => $rows], 200);
+		} catch (\Exception $e) {
+			return $this->failServerError('Something went wrong: ' . $e->getMessage());
+		}
+	}
+
 	public function show($PVID = null) {
 		try {
 			$row = $this->model->show($PVID);
 			if (empty($row)) { 
-				return $this->respond([ 'status' => 'success', 'message'=> "data not found", 'data' => null ], 200); 
+				return $this->respond([ 'status' => 'success', 'message'=> "data not found", 'data' => [] ], 200); 
 			} 
 			return $this->respond([ 'status' => 'success', 'message'=> "data found", 'data' => $row ], 200);
 		} catch (\Exception $e) {
@@ -38,12 +96,25 @@ class PatVisitController extends BaseController {
 		}
 	}
 
-	public function update() {
+	public function update($InternalPVID = null) {
-		$input = $this->request->getJSON(true);
+		$input = $this->requirePatchPayload($this->request->getJSON(true));
+		if ($input === null) {
+			return;
+		}
+
+		$id = $this->requirePatchId($InternalPVID, 'InternalPVID');
+		if ($id === null) {
+			return;
+		}
+
+		$visit = $this->model->find($id);
+		if (!$visit) {
+			return $this->respond(['status' => 'failed', 'message' => 'Visit not found', 'data' => []], 404);
+		}
+		$input['InternalPVID'] = $id;
 		try {
-			if (!$input["InternalPVID"] || !is_numeric($input["InternalPVID"])) { return $this->respond(['status' => 'error', 'message' => 'Invalid or missing ID'], 400); }
 			$data = $this->model->updatePatVisit($input);
-			return $this->respond(['status'  => 'success', 'message' => 'Data updated successfully', 'data' => $data], 201);
+			return $this->respond(['status'  => 'success', 'message' => 'Data updated successfully', 'data' => $data], 200);
 		} catch (\Exception $e) {
 			return $this->failServerError('Something went wrong: ' . $e->getMessage());
 		}
@@ -52,6 +123,18 @@ class PatVisitController extends BaseController {
 	public function create() {
 		$input = $this->request->getJSON(true);
 		try {
+			// Validate required fields
+			if (!isset($input['InternalPID']) || !is_numeric($input['InternalPID'])) {
+				return $this->respond(['status' => 'error', 'message' => 'InternalPID is required and must be numeric'], 400);
+			}
+			
+			// Check if patient exists
+			$patientModel = new PatientModel();
+			$patient = $patientModel->find($input['InternalPID']);
+			if (!$patient) {
+				return $this->respond(['status' => 'error', 'message' => 'Patient not found'], 404);
+			}
+			
 			$data = $this->model->createPatVisit($input);
 			return $this->respond(['status'  => 'success', 'message' => 'Data created successfully', 'data' => $data], 201);
 		} catch (\Exception $e) {
@@ -59,25 +142,172 @@ class PatVisitController extends BaseController {
 		}
 	}
 
-	public function createADT() {
+	public function delete() {
 		$input = $this->request->getJSON(true);
-		if (!$input["InternalPVID"] || !is_numeric($input["InternalPVID"])) { return $this->respond(['status' => 'error', 'message' => 'Invalid or missing ID'], 400); }
-		$modelPVA = new PatVisitADTModel();
 		try {
-			$data = $modelPVA->insert($input, true);
+			if (!isset($input["InternalPVID"]) || !is_numeric($input["InternalPVID"])) { 
-			return $this->respond(['status'  => 'success', 'message' => 'Data created successfully', 'data' => $data], 201);
+				return $this->respond(['status' => 'error', 'message' => 'Invalid or missing ID'], 400); 
+			}
+			
+			// Check if visit exists
+			$visit = $this->model->find($input["InternalPVID"]);
+			if (!$visit) {
+				return $this->respond(['status' => 'error', 'message' => 'Visit not found'], 404);
+			}
+			
+			// Soft delete using EndDate (configured in model)
+			$result = $this->model->delete($input["InternalPVID"]);
+			
+			if ($result) {
+				return $this->respond(['status' => 'success', 'message' => 'Data deleted successfully'], 200);
+			} else {
+				return $this->respond(['status' => 'error', 'message' => 'Failed to delete data'], 500);
+			}
 		} catch (\Exception $e) {
 			return $this->failServerError('Something went wrong: ' . $e->getMessage());
 		}
 	}
 
-	public function updateADT() {
+	public function createADT() {
 		$input = $this->request->getJSON(true);
-		if (!$input["PVADTID"] || !is_numeric($input["PVADTID"])) { return $this->respond(['status' => 'error', 'message' => 'Invalid or missing ID'], 400); }
+		$internalPVID = $input['InternalPVID'] ?? $input['InternalPID'] ?? null;
+		if (!$internalPVID || !is_numeric($internalPVID)) {
+			return $this->respond(['status' => 'error', 'message' => 'Invalid or missing InternalPVID'], 400);
+		}
+		$input['InternalPVID'] = (int) $internalPVID;
 		$modelPVA = new PatVisitADTModel();
 		try {
-			$data = $modelPVA->update($input['PVADTID'], $input);
+			$data = $modelPVA->insert($input, true);
-			return $this->respond(['status'  => 'success', 'message' => 'Data updated successfully', 'data' => $data], 201);
+			$record = $modelPVA->find($data);
+			if ($record) {
+				$record['ADTID'] = $record['PVADTID'];
+			}
+			return $this->respond(['status'  => 'success', 'message' => 'Data created successfully', 'data' => $record ?? ['ADTID' => $data]], 201);
+		} catch (\Exception $e) {
+			return $this->failServerError('Something went wrong: ' . $e->getMessage());
+		}
+	}
+
+	public function updateADT($PVADTID = null) {
+		$input = $this->requirePatchPayload($this->request->getJSON(true));
+		if ($input === null) {
+			return;
+		}
+
+		$id = $this->requirePatchId($PVADTID, 'PVADTID');
+		if ($id === null) {
+			return;
+		}
+
+		$modelPVA = new PatVisitADTModel();
+		$adt = $modelPVA->find($id);
+		if (!$adt) {
+			return $this->respond(['status' => 'failed', 'message' => 'ADT record not found', 'data' => []], 404);
+		}
+
+		$internalPVID = null;
+		if (array_key_exists('InternalPVID', $adt) && !empty($adt['InternalPVID'])) {
+			$internalPVID = $adt['InternalPVID'];
+		} elseif (array_key_exists('InternalPID', $adt) && !empty($adt['InternalPID'])) {
+			$internalPVID = $adt['InternalPID'];
+		}
+
+		if ($internalPVID !== null && (!array_key_exists('InternalPVID', $input) || $input['InternalPVID'] === null || $input['InternalPVID'] === '')) {
+			$input['InternalPVID'] = $internalPVID;
+		}
+
+		$input['PVADTID'] = $id;
+		try {
+			$data = $modelPVA->update($id, $input);
+			return $this->respond(['status'  => 'success', 'message' => 'Data updated successfully', 'data' => $data], 200);
+		} catch (\Exception $e) {
+			return $this->failServerError('Something went wrong: ' . $e->getMessage());
+		}
+	}
+
+	public function getADTByVisit($InternalPVID = null) {
+		try {
+			if (!$InternalPVID || !is_numeric($InternalPVID)) {
+				return $this->respond(['status' => 'error', 'message' => 'Invalid or missing InternalPVID'], 400);
+			}
+
+			$modelPVA = new PatVisitADTModel();
+			$rows = $modelPVA->select('patvisitadt.*, location.LocFull as LocationName, 
+				attDoc.NameFirst as AttDocFirstName, attDoc.NameLast as AttDocLastName,
+				refDoc.NameFirst as RefDocFirstName, refDoc.NameLast as RefDocLastName,
+				admDoc.NameFirst as AdmDocFirstName, admDoc.NameLast as AdmDocLastName,
+				cnsDoc.NameFirst as CnsDocFirstName, cnsDoc.NameLast as CnsDocLastName')
+				->join('location', 'location.LocationID = patvisitadt.LocationID', 'left')
+				->join('contact attDoc', 'attDoc.ContactID = patvisitadt.AttDoc', 'left')
+				->join('contact refDoc', 'refDoc.ContactID = patvisitadt.RefDoc', 'left')
+				->join('contact admDoc', 'admDoc.ContactID = patvisitadt.AdmDoc', 'left')
+				->join('contact cnsDoc', 'cnsDoc.ContactID = patvisitadt.CnsDoc', 'left')
+				->where('patvisitadt.InternalPVID', $InternalPVID)
+				->where('patvisitadt.DelDate', null)
+				->orderBy('patvisitadt.CreateDate', 'ASC')
+				->findAll();
+
+			if (empty($rows)) {
+				return $this->respond(['status' => 'success', 'message' => 'No ADT history found', 'data' => []], 200);
+			}
+
+			return $this->respond(['status' => 'success', 'message' => 'ADT history retrieved', 'data' => $rows], 200);
+		} catch (\Exception $e) {
+			return $this->failServerError('Something went wrong: ' . $e->getMessage());
+		}
+	}
+
+	public function showADT($PVADTID = null) {
+		try {
+			if (!$PVADTID || !is_numeric($PVADTID)) {
+				return $this->respond(['status' => 'error', 'message' => 'Invalid or missing PVADTID'], 400);
+			}
+
+			$modelPVA = new PatVisitADTModel();
+			$row = $modelPVA->select('patvisitadt.*, location.LocFull as LocationName, 
+				attDoc.NameFirst as AttDocFirstName, attDoc.NameLast as AttDocLastName,
+				refDoc.NameFirst as RefDocFirstName, refDoc.NameLast as RefDocLastName,
+				admDoc.NameFirst as AdmDocFirstName, admDoc.NameLast as AdmDocLastName,
+				cnsDoc.NameFirst as CnsDocFirstName, cnsDoc.NameLast as CnsDocLastName')
+				->join('location', 'location.LocationID = patvisitadt.LocationID', 'left')
+				->join('contact attDoc', 'attDoc.ContactID = patvisitadt.AttDoc', 'left')
+				->join('contact refDoc', 'refDoc.ContactID = patvisitadt.RefDoc', 'left')
+				->join('contact admDoc', 'admDoc.ContactID = patvisitadt.AdmDoc', 'left')
+				->join('contact cnsDoc', 'cnsDoc.ContactID = patvisitadt.CnsDoc', 'left')
+				->where('patvisitadt.PVADTID', $PVADTID)
+				->where('patvisitadt.DelDate', null)
+				->first();
+
+			if (empty($row)) {
+				return $this->respond(['status' => 'success', 'message' => 'ADT record not found', 'data' => []], 200);
+			}
+
+			return $this->respond(['status' => 'success', 'message' => 'ADT record retrieved', 'data' => $row], 200);
+		} catch (\Exception $e) {
+			return $this->failServerError('Something went wrong: ' . $e->getMessage());
+		}
+	}
+
+public function deleteADT() {
+		$input = $this->request->getJSON(true);
+		try {
+			if (!isset($input["PVADTID"]) || !is_numeric($input["PVADTID"])) { 
+				return $this->respond(['status' => 'error', 'message' => 'Invalid or missing PVADTID'], 400); 
+			}
+			
+			$modelPVA = new PatVisitADTModel();
+			$adt = $modelPVA->find($input["PVADTID"]);
+			if (!$adt) {
+				return $this->respond(['status' => 'error', 'message' => 'ADT record not found'], 404);
+			}
+			
+			$result = $modelPVA->delete($input["PVADTID"]);
+			
+			if ($result) {
+				return $this->respond(['status' => 'success', 'message' => 'ADT record deleted successfully'], 200);
+			} else {
+				return $this->respond(['status' => 'error', 'message' => 'Failed to delete ADT record'], 500);
+			}
 		} catch (\Exception $e) {
 			return $this->failServerError('Something went wrong: ' . $e->getMessage());
 		}

app/Controllers/Patient/PatientController.php

@@ -1,9 +1,9 @@
 <?php
 namespace App\Controllers\Patient;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 use CodeIgniter\Controller;
-
+use App\Libraries\ValueSet;
 use App\Models\Patient\PatientModel;
 
 class PatientController extends Controller {
@@ -17,8 +17,8 @@ class PatientController extends Controller {
         $this->db = \Config\Database::connect();
         $this->model = new PatientModel();
         $this->rules = [
-            'PatientID'         => 'required|regex_match[/^[A-Za-z0-9]+$/]|max_length[30]',
+            'PatientID'         => 'required|regex_match[/^[A-Za-z0-9.-]+$/]|max_length[30]',
-            'AlternatePID'      => 'permit_empty|regex_match[/^[A-Za-z0-9]+$/]|max_length[30]',
+            'AlternatePID'      => 'permit_empty|regex_match[/^[A-Za-z0-9.-]+$/]|max_length[30]',
             'Prefix'            => 'permit_empty|regex_match[/^[A-Za-z\'\. ]+$/]|max_length[10]',
             'Sex'             => 'required',
 
@@ -58,6 +58,11 @@ class PatientController extends Controller {
 
         try {
             $rows = $this->model->getPatients($filters);
+            
+            $rows = ValueSet::transformLabels($rows, [
+                'Sex' => 'sex',
+            ]);
+            
             return $this->respond([ 'status' => 'success', 'message'=> "data fetched successfully", 'data'   => $rows ], 200);
         } catch (\Exception $e) {
             return $this->failServerError('Exception : '.$e->getMessage());
@@ -68,6 +73,11 @@ class PatientController extends Controller {
         try {
             $row = $this->model->getPatient($InternalPID);
             if (empty($row)) { return $this->respond([ 'status'  => 'success', 'message' => "data not found.", 'data' => null ], 200); }
+            
+            $row = ValueSet::transformLabels([$row], [
+                'Sex' => 'sex',
+            ])[0];
+            
             return $this->respond([ 'status'  => 'success', 'message' => "data fetched successfully", 'data' => $row ], 200);
         } catch (\Exception $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
@@ -79,13 +89,7 @@ class PatientController extends Controller {
 
         // Khusus untuk Override PATIDT
         $type = $input['PatIdt']['IdentifierType'] ?? null;
-        $identifierRulesMap = [
+        $identifierRulesMap = $this->getPatIdtIdentifierRulesMap();
-            'KTP'  => 'required|regex_match[/^[0-9]{16}$/]',            // 16 pas digit numeric
-            'PASS' => 'required|regex_match[/^[A-Za-z0-9]{1,9}$/]',     // alphanumeric max 9
-            'SSN'  => 'required|regex_match[/^[0-9]{9}$/]',             // numeric, pas 9 digit
-            'SIM'  => 'required|regex_match[/^[0-9]{19,20}$/]',         // numeric 19–20 digit
-            'KTAS' => 'required|regex_match[/^[0-9]{11}$/]',            // numeric, pas 11 digit
-        ];
         if ($type === null || $type === '' || !is_string($type)) {
             $identifierRule = 'permit_empty|max_length[255]';
             $this->rules['PatIdt.IdentifierType'] = 'permit_empty';
@@ -105,37 +109,118 @@ class PatientController extends Controller {
         }
     }
 
-    public function update() {
+    public function update($InternalPID = null) {
-        $input = $this->request->getJSON(true);
+        $input = $this->request->getJSON(true) ?? [];
 
-        // Khusus untuk Override PATIDT
+        if (!$InternalPID || !ctype_digit((string) $InternalPID)) {
-        $type = $input['PatIdt']['IdentifierType'] ?? null;
+            return $this->respond([
-        $identifierRulesMap = [
+                'status' => 'error',
-            'KTP'  => 'required|regex_match[/^[0-9]{16}$/]',
+                'message' => 'InternalPID is required and must be a valid integer.'
-            'PASS' => 'required|regex_match[/^[A-Za-z0-9]{6,9}$/]',
+            ], 400);
-            'SSN'  => 'required|regex_match[/^[0-9]{3}-[0-9]{2}-[0-9]{4}$/]',
+        }
-            'SIM'  => 'required|regex_match[/^[A-Za-z0-9]{12,14}$/]',
+
-            'KTAS' => 'required|regex_match[/^[A-Za-z0-9]{12,15}$/]',
+        if (!is_array($input) || $input === []) {
-        ];
+            return $this->respond([
-        if ($type === null || $type === '' || !is_string($type)) {
+                'status' => 'failed',
-            $identifierRule = 'permit_empty|max_length[255]';
+                'message' => 'Patch payload is required.'
-            $this->rules['PatIdt.IdentifierType'] = 'permit_empty';
+            ], 400);
-            $this->rules['PatIdt.Identifier']     = $identifierRule;
+        }
-        } else {
+
-            $identifierRule = $identifierRulesMap[$type] ?? 'permit_empty|max_length[255]';
+        if (array_key_exists('PatIdt', $input) && $input['PatIdt'] !== null && !is_array($input['PatIdt'])) {
-            $this->rules['PatIdt.IdentifierType'] = 'required';
+            return $this->failValidationErrors([
-            $this->rules['PatIdt.Identifier']     = $identifierRule;
+                'PatIdt' => 'PatIdt must be an object or null.'
+            ]);
+        }
+
+        $patchRules = $this->buildPatchRules($input);
+        if ($patchRules !== [] && !$this->validateData($input, $patchRules)) {
+            return $this->failValidationErrors($this->validator->getErrors());
         }
 
-        if (!$this->validateData($input, $this->rules)) { return $this->failValidationErrors($this->validator->getErrors()); }
         try {
-            $InternalPID = $this->model->updatePatient($input);
+            $updatedPid = $this->model->updatePatientPartial((int) $InternalPID, $input);
-            return $this->respondCreated([ 'status'  => 'success', 'message' => "data $InternalPID update successfully" ]);
+            if ($updatedPid === null) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => "data $InternalPID not found"
+                ], 404);
+            }
+
+            return $this->respond([ 'status'  => 'success', 'message' => "data $updatedPid update successfully" ], 200);
         } catch (\Exception $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
         }
     }
 
+    private function buildPatchRules(array $input): array
+    {
+        $rules = [];
+
+        $fieldRules = [
+            'PatientID' => 'permit_empty|regex_match[/^[A-Za-z0-9.-]+$/]|max_length[30]',
+            'AlternatePID' => 'permit_empty|regex_match[/^[A-Za-z0-9.-]+$/]|max_length[30]',
+            'Prefix' => 'permit_empty|regex_match[/^[A-Za-z\'\. ]+$/]|max_length[10]',
+            'Sex' => 'permit_empty',
+            'NameFirst' => 'required|regex_match[/^[A-Za-z\'\. ]+$/]|min_length[1]|max_length[60]',
+            'NameMiddle' => 'permit_empty|regex_match[/^[A-Za-z\'\. ]+$/]|min_length[1]|max_length[60]',
+            'NameMaiden' => 'permit_empty|regex_match[/^[A-Za-z\'\. ]+$/]|min_length[1]|max_length[60]',
+            'NameLast' => 'permit_empty|regex_match[/^[A-Za-z\'\. ]+$/]|min_length[1]|max_length[60]',
+            'Suffix' => 'permit_empty|regex_match[/^[A-Za-z\'\. ]+$/]|max_length[10]',
+            'PlaceOfBirth' => 'permit_empty|regex_match[/^[A-Za-z\'\. ]+$/]|max_length[100]',
+            'Citizenship' => 'permit_empty|regex_match[/^[A-Za-z\'\. ]+$/]|max_length[100]',
+            'Street_1' => 'permit_empty|regex_match[/^[A-Za-z0-9\'.,\/\- ]+$/]|max_length[255]',
+            'Street_2' => 'permit_empty|regex_match[/^[A-Za-z0-9\'.,\/\- ]+$/]|max_length[255]',
+            'Street_3' => 'permit_empty|regex_match[/^[A-Za-z0-9\'.,\/\- ]+$/]|max_length[255]',
+            'EmailAddress1' => 'permit_empty|valid_email|max_length[100]',
+            'EmailAddress2' => 'permit_empty|valid_email|max_length[100]',
+            'Birthdate' => 'permit_empty',
+            'ZIP' => 'permit_empty|is_natural|max_length[10]',
+            'Phone' => 'permit_empty|regex_match[/^\\+?[0-9]{8,15}$/]',
+            'MobilePhone' => 'permit_empty|regex_match[/^\\+?[0-9]{8,15}$/]',
+            'Country' => 'permit_empty|max_length[10]',
+            'Race' => 'permit_empty|max_length[100]',
+            'MaritalStatus' => 'permit_empty',
+            'Religion' => 'permit_empty|max_length[100]',
+            'Ethnic' => 'permit_empty|max_length[100]',
+            'isDead' => 'permit_empty',
+            'TimeOfDeath' => 'permit_empty',
+            'PatCom' => 'permit_empty|string',
+            'PatAtt' => 'permit_empty',
+            'LinkTo' => 'permit_empty',
+            'Custodian' => 'permit_empty',
+        ];
+
+        foreach ($fieldRules as $field => $rule) {
+            if (array_key_exists($field, $input) && $field !== 'PatIdt') {
+                $rules[$field] = $rule;
+            }
+        }
+
+        if (array_key_exists('PatIdt', $input) && $input['PatIdt'] !== null) {
+            $type = $input['PatIdt']['IdentifierType'] ?? null;
+            $identifierRulesMap = $this->getPatIdtIdentifierRulesMap();
+            $identifierRule = is_string($type)
+                ? ($identifierRulesMap[$type] ?? 'required|max_length[255]')
+                : 'required|max_length[255]';
+
+            $rules['PatIdt.IdentifierType'] = 'required';
+            $rules['PatIdt.Identifier'] = $identifierRule;
+        }
+
+        return $rules;
+    }
+
+    private function getPatIdtIdentifierRulesMap(): array
+    {
+        return [
+            'KTP'  => 'required|regex_match[/^[0-9]{16}$/]',
+            'PASS' => 'required|regex_match[/^[A-Za-z0-9]{1,9}$/]',
+            'SSN'  => 'required|regex_match[/^[0-9]{9}$/]',
+            'SIM'  => 'required|regex_match[/^[0-9]{19,20}$/]',
+            'KTAS' => 'required|regex_match[/^[0-9]{11}$/]',
+        ];
+    }
+    
     public function delete() {
         try {
             $input = $this->request->getJSON(true);
@@ -170,41 +255,57 @@ class PatientController extends Controller {
     public function patientCheck() {
         try {
             $PatientID = $this->request->getVar('PatientID');
-            $EmailAddress1 = $this->request->getVar('EmailAddress1');
+            $EmailAddress = $this->request->getVar('EmailAddress');
-
+            $Phone = $this->request->getVar('Phone');
-            $tableName = '';
-            $searchName = '';
 
             if (!empty($PatientID)){
-                $tableName = 'PatientID';
+                if (!preg_match('/^[A-Za-z0-9.-]+$/', (string) $PatientID)) {
-                $searchName = $PatientID;
+                    return $this->respond([
-            } elseif (!empty($EmailAddress1)){
+                        'status' => 'error',
-                $tableName = 'EmailAddress1';
+                        'message' => 'PatientID format is invalid.',
-                $searchName = $EmailAddress1;
+                        'data' => null
+                    ], 400);
+                }
+
+                $patient = $this->db->table('patient')
+                    ->where('PatientID', $PatientID)
+                    ->get()
+                    ->getRowArray();
+            } elseif (!empty($EmailAddress)) {
+                $patient = $this->db->table('patient')
+                    ->groupStart()
+                        ->where('EmailAddress1', $EmailAddress)
+                        ->orWhere('EmailAddress2', $EmailAddress)
+                    ->groupEnd()
+                    ->get()
+                    ->getRowArray();
+            } elseif (!empty($Phone)){
+                $patient = $this->db->table('patient')
+                    ->groupStart()
+                        ->where('Phone', $Phone)
+                        ->orWhere('MobilePhone', $Phone)
+                    ->groupEnd()
+                    ->get()
+                    ->getRowArray();
             } else {
                 return $this->respond([
                     'status' => 'error',
-                    'message' => 'PatientID or EmailAddress1 parameter is required.',
+                    'message' => 'PatientID, EmailAddress, or Phone parameter is required.',
                     'data' => null
                 ], 400); 
             }
 
-            $patient = $this->db->table('patient')
-                ->where($tableName, $searchName)
-                ->get()
-                ->getRowArray();
-
             if (!$patient) {
                 return $this->respond([
                     'status'  => 'success',
-                    'message' => "$tableName not found.",
+                    'message' => !empty($PatientID) ? 'PatientID not found.' : (!empty($Phone) ? 'Phone not found.' : 'EmailAddress not found.'),
                     'data'    => true,
                 ], 200);
             }
 
             return $this->respond([
                 'status'  => 'success',
-                'message' => "$tableName already exists.",
+                'message' => !empty($PatientID) ? 'PatientID already exists.' : (!empty($Phone) ? 'Phone already exists.' : 'EmailAddress already exists.'),
                 'data'    => false,
             ], 200);
 

app/Controllers/ReportController.php

@@ -0,0 +1,75 @@
+<?php
+
+namespace App\Controllers;
+
+use App\Traits\ResponseTrait;
+use CodeIgniter\Controller;
+use App\Models\PatResultModel;
+use App\Models\OrderTest\OrderTestModel;
+use App\Models\Patient\PatientModel;
+
+class ReportController extends Controller {
+    use ResponseTrait;
+
+    protected $resultModel;
+    protected $orderModel;
+    protected $patientModel;
+
+    public function __construct() {
+        $this->resultModel = new PatResultModel();
+        $this->orderModel = new OrderTestModel();
+        $this->patientModel = new PatientModel();
+    }
+
+    /**
+     * Generate HTML lab report for an order
+     * GET /api/report/{orderID}
+     */
+    public function view($orderID) {
+        try {
+            // Get order details
+            $order = $this->orderModel->find((int)$orderID);
+            
+            if (!$order) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'Order not found',
+                    'data' => []
+                ], 404);
+            }
+
+            // Get patient details
+            $patient = $this->patientModel->find($order['InternalPID']);
+            
+            if (!$patient) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'Patient not found',
+                    'data' => []
+                ], 404);
+            }
+
+            // Get results for this order
+            $results = $this->resultModel->getByOrder((int)$orderID);
+
+            // Prepare data for the view
+            $data = [
+                'patient' => $patient,
+                'order' => $order,
+                'results' => $results,
+                'generatedAt' => date('Y-m-d H:i:s')
+            ];
+
+            // Return HTML view
+            return view('reports/lab_report', $data);
+
+        } catch (\Exception $e) {
+            log_message('error', 'ReportController::view error: ' . $e->getMessage());
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Failed to generate report',
+                'data' => []
+            ], 500);
+        }
+    }
+}

app/Controllers/Result/ResultValueSetController.php

@@ -0,0 +1,144 @@
+<?php
+
+namespace App\Controllers\Result;
+
+use App\Models\ValueSet\ValueSetModel;
+use App\Traits\ResponseTrait;
+
+class ResultValueSetController extends \CodeIgniter\Controller
+{
+    use ResponseTrait;
+
+    protected $dbModel;
+
+    public function __construct()
+    {
+        $this->dbModel = new ValueSetModel();
+    }
+
+    public function index()
+    {
+        $search = $this->request->getGet('search') ?? $this->request->getGet('param') ?? null;
+        $VSetID = $this->request->getGet('VSetID') ?? null;
+
+        $rows = $this->dbModel->getValueSets($search, $VSetID);
+
+        return $this->respond([
+            'status' => 'success',
+            'data' => $rows
+        ], 200);
+    }
+
+    public function show($id = null)
+    {
+        $row = $this->dbModel->getValueSet($id);
+        if (!$row) {
+            return $this->failNotFound("ValueSet item not found: $id");
+        }
+
+        return $this->respond([
+            'status' => 'success',
+            'data' => $row
+        ], 200);
+    }
+
+    public function create()
+    {
+        $input = $this->request->getJSON(true);
+        if (!$input) {
+            return $this->failValidationErrors(['Invalid JSON input']);
+        }
+
+        $data = [
+            'SiteID' => $input['SiteID'] ?? 1,
+            'VSetID' => $input['VSetID'] ?? null,
+            'VOrder' => $input['VOrder'] ?? 0,
+            'VValue' => $input['VValue'] ?? '',
+            'VDesc' => $input['VDesc'] ?? '',
+            'VCategory' => $input['VCategory'] ?? null
+        ];
+
+        if ($data['VSetID'] === null) {
+            return $this->failValidationErrors(['VSetID is required']);
+        }
+
+        try {
+            $id = $this->dbModel->insert($data, true);
+            if (!$id) {
+                return $this->failValidationErrors($this->dbModel->errors());
+            }
+
+            $newRow = $this->dbModel->getValueSet($id);
+            return $this->respondCreated([
+                'status' => 'success',
+                'message' => 'ValueSet item created',
+                'data' => $newRow
+            ]);
+        } catch (\Exception $e) {
+            return $this->failServerError('Failed to create: ' . $e->getMessage());
+        }
+    }
+
+    public function update($id = null)
+    {
+        $input = $this->request->getJSON(true);
+        if (!$input) {
+            return $this->failValidationErrors(['Invalid JSON input']);
+        }
+
+        $existing = $this->dbModel->getValueSet($id);
+        if (!$existing) {
+            return $this->failNotFound("ValueSet item not found: $id");
+        }
+
+        $data = [];
+        if (isset($input['VSetID'])) $data['VSetID'] = $input['VSetID'];
+        if (isset($input['VOrder'])) $data['VOrder'] = $input['VOrder'];
+        if (isset($input['VValue'])) $data['VValue'] = $input['VValue'];
+        if (isset($input['VDesc'])) $data['VDesc'] = $input['VDesc'];
+        if (isset($input['SiteID'])) $data['SiteID'] = $input['SiteID'];
+        if (isset($input['VCategory'])) $data['VCategory'] = $input['VCategory'];
+
+        if (empty($data)) {
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'No changes to update',
+                'data' => $existing
+            ], 200);
+        }
+
+        try {
+            $updated = $this->dbModel->update($id, $data);
+            if (!$updated) {
+                return $this->failValidationErrors($this->dbModel->errors());
+            }
+
+            $newRow = $this->dbModel->getValueSet($id);
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'ValueSet item updated',
+                'data' => $newRow
+            ], 200);
+        } catch (\Exception $e) {
+            return $this->failServerError('Failed to update: ' . $e->getMessage());
+        }
+    }
+
+    public function delete($id = null)
+    {
+        $existing = $this->dbModel->getValueSet($id);
+        if (!$existing) {
+            return $this->failNotFound("ValueSet item not found: $id");
+        }
+
+        try {
+            $this->dbModel->delete($id);
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'ValueSet item deleted'
+            ], 200);
+        } catch (\Exception $e) {
+            return $this->failServerError('Failed to delete: ' . $e->getMessage());
+        }
+    }
+}

app/Controllers/ResultController.php

@@ -2,33 +2,279 @@
 
 namespace App\Controllers;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
 use CodeIgniter\Controller;
-
+use App\Models\PatResultModel;
-use Firebase\JWT\JWT;
+use Config\Services;
-use Firebase\JWT\Key;
-use Firebase\JWT\ExpiredException;
-use Firebase\JWT\SignatureInvalidException;
-use Firebase\JWT\BeforeValidException;
-use CodeIgniter\Cookie\Cookie;
 
 class ResultController extends Controller {
     use ResponseTrait;
+    use PatchValidationTrait;
 
-    public function index() {
+    protected $model;
 
-        $token = $this->request->getCookie('token');
+    public function __construct() {
-        $key   = getenv('JWT_SECRET');
+        $this->model = new PatResultModel();
-
-        // Decode Token dengan Key yg ada di .env
-        $decodedPayload = JWT::decode($token, new Key($key, 'HS256'));
-
-        return $this->respond([
-            'status'  => 'success',
-            'code'    => 200,
-            'message' => 'Authenticated',
-            'data'    => $decodedPayload
-        ], 200);
     }
 
+    /**
+     * List results with optional filters
+     * GET /api/result
+     */
+    public function index() {
+        try {
+            $orderID = $this->request->getGet('order_id');
+            $patientID = $this->request->getGet('patient_id');
+
+            if ($orderID) {
+                $results = $this->model->getByOrder((int)$orderID);
+            } elseif ($patientID) {
+                $results = $this->model->getByPatient((int)$patientID);
+            } else {
+                // Get all results with pagination
+                $page = (int)($this->request->getGet('page') ?? 1);
+                $perPage = (int)($this->request->getGet('per_page') ?? 20);
+                
+                $results = $this->model
+                    ->where('DelDate', null)
+                    ->orderBy('ResultID', 'DESC')
+                    ->paginate($perPage, 'default', $page);
+            }
+
+            $results = is_array($results)
+                ? array_map([$this, 'hydrateResultPayload'], $results)
+                : $results;
+
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'Results retrieved successfully',
+                'data' => $results
+            ], 200);
+
+        } catch (\Exception $e) {
+            log_message('error', 'ResultController::index error: ' . $e->getMessage());
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Failed to retrieve results',
+                'data' => []
+            ], 500);
+        }
+    }
+
+    /**
+     * Get single result
+     * GET /api/result/{id}
+     */
+    public function show($id) {
+        try {
+            $result = $this->model->getWithRelations((int)$id);
+
+            if (!$result) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'Result not found',
+                    'data' => []
+                ], 404);
+            }
+
+            $result = $this->hydrateResultPayload($result);
+
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'Result retrieved successfully',
+                'data' => $result
+            ], 200);
+
+        } catch (\Exception $e) {
+            log_message('error', 'ResultController::show error: ' . $e->getMessage());
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Failed to retrieve result',
+                'data' => []
+            ], 500);
+        }
+    }
+
+    /**
+     * Create a new result entry
+     * POST /api/result
+     */
+    public function create() {
+        $payload = $this->request->getJSON(true);
+        if (!is_array($payload) || empty($payload)) {
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'No data provided',
+                'data' => []
+            ], 400);
+        }
+
+        if (isset($payload['ResultValue'])) {
+            $payload['Result'] = $payload['ResultValue'];
+        }
+
+        $dbPayload = $payload;
+        unset($dbPayload['ResultValue'], $dbPayload['ResultCode']);
+
+        try {
+            $resultId = $this->model->insert($dbPayload, true);
+
+            if (!$resultId) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'Failed to create result',
+                    'data' => []
+                ], 500);
+            }
+
+            $this->rememberResultCode($resultId, $payload['ResultCode'] ?? null);
+
+            return $this->respondCreated([
+                'status' => 'success',
+                'message' => 'Result created successfully',
+                'data' => [
+                    'ResultID' => $resultId,
+                    'ResultValue' => $payload['ResultValue'] ?? ($payload['Result'] ?? null),
+                    'ResultCode' => $payload['ResultCode'] ?? null,
+                ]
+            ], 201);
+        } catch (\Exception $e) {
+            log_message('error', 'ResultController::create error: ' . $e->getMessage());
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Failed to create result',
+                'data' => []
+            ], 500);
+        }
+    }
+
+    /**
+     * Update result with validation
+     * PATCH /api/result/{id}
+     */
+    public function update($id) {
+        try {
+            $data = $this->requirePatchPayload($this->request->getJSON(true));
+            if ($data === null) {
+                return;
+            }
+
+            $validatedId = $this->requirePatchId($id, 'ResultID');
+            if ($validatedId === null) {
+                return;
+            }
+
+            $existing = $this->model->find($validatedId);
+            if (!$existing) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'Result not found',
+                    'data' => []
+                ], 404);
+            }
+
+		$resultCode = $data['ResultCode'] ?? null;
+		$hasResultValue = array_key_exists('ResultValue', $data);
+
+		if ($hasResultValue) {
+			$data['Result'] = $data['ResultValue'];
+		}
+
+		unset($data['ResultValue'], $data['ResultCode']);
+
+		$shouldUpdateModel = $hasResultValue || !empty($data);
+
+		if ($shouldUpdateModel) {
+			$result = $this->model->updateWithValidation($validatedId, $data);
+		} else {
+			$result = [
+				'success' => true,
+				'flag' => null,
+				'message' => 'Result updated successfully'
+			];
+		}
+
+		if (!$result['success']) {
+			return $this->respond([
+				'status' => 'failed',
+				'message' => $result['message'],
+				'data' => []
+			], 400);
+		}
+
+		if ($resultCode !== null) {
+			$this->rememberResultCode($validatedId, $resultCode);
+		}
+
+            // Get updated result with relations
+            $updatedResult = $this->model->getWithRelations($validatedId);
+
+            return $this->respond([
+                'status' => 'success',
+                'message' => $result['message'],
+                'data' => [
+                    'result' => $updatedResult ? $this->hydrateResultPayload($updatedResult) : [],
+                    'flag' => $result['flag']
+                ]
+            ], 200);
+
+        } catch (\Exception $e) {
+            log_message('error', 'ResultController::update error: ' . $e->getMessage());
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Failed to update result',
+                'data' => []
+            ], 500);
+        }
+    }
+
+    /**
+     * Soft delete result
+     * DELETE /api/result/{id}
+     */
+    public function delete($id) {
+        try {
+            $result = $this->model->find((int)$id);
+
+            if (!$result) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'Result not found',
+                    'data' => []
+                ], 404);
+            }
+
+            $deleted = $this->model->softDelete((int)$id);
+
+            if (!$deleted) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'Failed to delete result',
+                    'data' => []
+                ], 500);
+            }
+
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'Result deleted successfully',
+                'data' => []
+            ], 200);
+
+        } catch (\Exception $e) {
+            log_message('error', 'ResultController::delete error: ' . $e->getMessage());
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Failed to delete result',
+                'data' => []
+            ], 500);
+        }
+    }
+
+    private function hydrateResultPayload(array $payload): array {
+        if (!array_key_exists('ResultValue', $payload) && array_key_exists('Result', $payload)) {
+            $payload['ResultValue'] = $payload['Result'];
+        }
+        return $payload;
+    }
 }

app/Controllers/Rule/RuleController.php

@@ -0,0 +1,372 @@
+<?php
+
+namespace App\Controllers\Rule;
+
+use App\Controllers\BaseController;
+use App\Models\Rule\RuleDefModel;
+use App\Models\Test\TestDefSiteModel;
+use App\Services\RuleExpressionService;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
+
+class RuleController extends BaseController
+{
+    use ResponseTrait;
+    use PatchValidationTrait;
+
+    protected RuleDefModel $ruleDefModel;
+
+    public function __construct()
+    {
+        $this->ruleDefModel = new RuleDefModel();
+    }
+
+    public function index()
+    {
+        try {
+            $eventCode = $this->request->getGet('EventCode');
+            $testSiteID = $this->request->getGet('TestSiteID');
+            $search = $this->request->getGet('search');
+
+            $builder = $this->ruleDefModel->where('ruledef.EndDate', null);
+
+            if ($eventCode !== null && $eventCode !== '') {
+                $builder->where('ruledef.EventCode', $eventCode);
+            }
+            if ($search !== null && $search !== '') {
+                $builder->like('ruledef.RuleName', $search);
+            }
+
+            // Filter by TestSiteID - join with mapping table
+            if ($testSiteID !== null && $testSiteID !== '' && is_numeric($testSiteID)) {
+                $builder->join('testrule', 'testrule.RuleID = ruledef.RuleID', 'inner');
+                $builder->where('testrule.TestSiteID', (int) $testSiteID);
+                $builder->where('testrule.EndDate IS NULL');
+            }
+
+            $rows = $builder
+                ->orderBy('ruledef.RuleID', 'ASC')
+                ->findAll();
+
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'fetch success',
+                'data' => $rows,
+            ], 200);
+        } catch (\Throwable $e) {
+            log_message('error', 'RuleController::index error: ' . $e->getMessage());
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Failed to fetch rules',
+                'data' => [],
+            ], 500);
+        }
+    }
+
+    public function show($id = null)
+    {
+        try {
+            if (!$id || !is_numeric($id)) {
+                return $this->failValidationErrors('RuleID is required');
+            }
+
+            $rule = $this->ruleDefModel->where('EndDate', null)->find((int) $id);
+            if (!$rule) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'Rule not found',
+                    'data' => [],
+                ], 404);
+            }
+
+            $linkedTests = $this->ruleDefModel->getLinkedTests((int) $id);
+
+            $rule['linkedTests'] = $linkedTests;
+
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'fetch success',
+                'data' => $rule,
+            ], 200);
+        } catch (\Throwable $e) {
+            log_message('error', 'RuleController::show error: ' . $e->getMessage());
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Failed to fetch rule',
+                'data' => [],
+            ], 500);
+        }
+    }
+
+    public function create()
+    {
+        $input = $this->requirePatchPayload($this->request->getJSON(true) ?? []);
+        if ($input === null) {
+            return;
+        }
+
+        $validation = service('validation');
+        $validation->setRules([
+            'RuleCode' => 'required|max_length[50]',
+            'RuleName' => 'required|max_length[100]',
+            'EventCode' => 'required|max_length[50]',
+            'TestSiteIDs' => 'required',
+            'TestSiteIDs.*' => 'is_natural_no_zero',
+            'ConditionExpr' => 'permit_empty|max_length[1000]',
+        ]);
+
+        if (!$validation->run($input)) {
+            return $this->failValidationErrors($validation->getErrors());
+        }
+
+        $testSiteIDs = $input['TestSiteIDs'] ?? [];
+        if (!is_array($testSiteIDs) || empty($testSiteIDs)) {
+            return $this->failValidationErrors(['TestSiteIDs' => 'At least one TestSiteID is required']);
+        }
+
+        // Validate all TestSiteIDs exist
+        $testDef = new TestDefSiteModel();
+        foreach ($testSiteIDs as $testSiteID) {
+            $exists = $testDef->where('EndDate', null)->find((int) $testSiteID);
+            if (!$exists) {
+                return $this->failValidationErrors(['TestSiteIDs' => "TestSiteID {$testSiteID} not found"]);
+            }
+        }
+
+        $db = \Config\Database::connect();
+        $db->transStart();
+
+        try {
+            $ruleData = [
+                'RuleCode' => $input['RuleCode'],
+                'RuleName' => $input['RuleName'],
+                'Description' => $input['Description'] ?? null,
+                'EventCode' => $input['EventCode'],
+                'ConditionExpr' => $input['ConditionExpr'] ?? null,
+                'ConditionExprCompiled' => $input['ConditionExprCompiled'] ?? null,
+            ];
+
+            $ruleID = $this->ruleDefModel->insert($ruleData, true);
+            if (!$ruleID) {
+                throw new \Exception('Failed to create rule');
+            }
+
+            // Link rule to test sites
+            foreach ($testSiteIDs as $testSiteID) {
+                $this->ruleDefModel->linkTest($ruleID, (int) $testSiteID);
+            }
+
+            $db->transComplete();
+            if ($db->transStatus() === false) {
+                throw new \Exception('Transaction failed');
+            }
+
+            return $this->respondCreated([
+                'status' => 'success',
+                'message' => 'Rule created successfully',
+                'data' => ['RuleID' => $ruleID],
+            ], 201);
+        } catch (\Throwable $e) {
+            $db->transRollback();
+            log_message('error', 'RuleController::create error: ' . $e->getMessage());
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function update($id = null)
+    {
+        $input = $this->request->getJSON(true) ?? [];
+
+        if (!$id || !is_numeric($id)) {
+            $id = $input['RuleID'] ?? null;
+        }
+        if (!$id || !is_numeric($id)) {
+            return $this->failValidationErrors('RuleID is required');
+        }
+
+        $existing = $this->ruleDefModel->where('EndDate', null)->find((int) $id);
+        if (!$existing) {
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Rule not found',
+                'data' => [],
+            ], 404);
+        }
+
+        $validation = service('validation');
+        $validation->setRules([
+            'RuleCode' => 'permit_empty|max_length[50]',
+            'RuleName' => 'permit_empty|max_length[100]',
+            'EventCode' => 'permit_empty|max_length[50]',
+            'TestSiteIDs' => 'permit_empty',
+            'TestSiteIDs.*' => 'is_natural_no_zero',
+            'ConditionExpr' => 'permit_empty|max_length[1000]',
+        ]);
+
+        if (!$validation->run($input)) {
+            return $this->failValidationErrors($validation->getErrors());
+        }
+
+        $db = \Config\Database::connect();
+        $db->transStart();
+
+        try {
+            $updateData = [];
+            foreach (['RuleCode', 'RuleName', 'Description', 'EventCode', 'ConditionExpr', 'ConditionExprCompiled'] as $field) {
+                if (array_key_exists($field, $input)) {
+                    $updateData[$field] = $input[$field];
+                }
+            }
+
+            if (!empty($updateData)) {
+                $this->ruleDefModel->update((int) $id, $updateData);
+            }
+
+            // Update test site mappings if provided
+            if (isset($input['TestSiteIDs']) && is_array($input['TestSiteIDs'])) {
+                $testSiteIDs = $input['TestSiteIDs'];
+                
+                // Validate all TestSiteIDs exist
+                $testDef = new TestDefSiteModel();
+                foreach ($testSiteIDs as $testSiteID) {
+                    $exists = $testDef->where('EndDate', null)->find((int) $testSiteID);
+                    if (!$exists) {
+                        throw new \Exception("TestSiteID {$testSiteID} not found");
+                    }
+                }
+
+                // Get current linked tests
+                $currentLinks = $this->ruleDefModel->getLinkedTests((int) $id);
+                
+                // Unlink tests that are no longer in the list
+                foreach ($currentLinks as $currentTestSiteID) {
+                    if (!in_array($currentTestSiteID, $testSiteIDs)) {
+                        $this->ruleDefModel->unlinkTest((int) $id, $currentTestSiteID);
+                    }
+                }
+                
+                // Link new tests
+                foreach ($testSiteIDs as $testSiteID) {
+                    if (!in_array($testSiteID, $currentLinks)) {
+                        $this->ruleDefModel->linkTest((int) $id, (int) $testSiteID);
+                    }
+                }
+            }
+
+            $db->transComplete();
+            if ($db->transStatus() === false) {
+                throw new \Exception('Transaction failed');
+            }
+
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'Rule updated successfully',
+                'data' => ['RuleID' => (int) $id],
+            ], 200);
+        } catch (\Throwable $e) {
+            $db->transRollback();
+            log_message('error', 'RuleController::update error: ' . $e->getMessage());
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function delete($id = null)
+    {
+        try {
+            if (!$id || !is_numeric($id)) {
+                return $this->failValidationErrors('RuleID is required');
+            }
+
+            $existing = $this->ruleDefModel->where('EndDate', null)->find((int) $id);
+            if (!$existing) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'Rule not found',
+                    'data' => [],
+                ], 404);
+            }
+
+            $this->ruleDefModel->delete((int) $id);
+
+            return $this->respondDeleted([
+                'status' => 'success',
+                'message' => 'Rule deleted successfully',
+                'data' => ['RuleID' => (int) $id],
+            ]);
+        } catch (\Throwable $e) {
+            log_message('error', 'RuleController::delete error: ' . $e->getMessage());
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function validateExpr()
+    {
+        $input = $this->request->getJSON(true) ?? [];
+        $expr = $input['expr'] ?? '';
+        $context = $input['context'] ?? [];
+
+        if (!is_string($expr) || trim($expr) === '') {
+            return $this->failValidationErrors(['expr' => 'expr is required']);
+        }
+        if (!is_array($context)) {
+            return $this->failValidationErrors(['context' => 'context must be an object']);
+        }
+
+        try {
+            $svc = new RuleExpressionService();
+            $result = $svc->evaluate($expr, $context);
+
+            return $this->respond([
+                'status' => 'success',
+                'data' => [
+                    'valid' => true,
+                    'result' => $result,
+                ],
+            ], 200);
+        } catch (\Throwable $e) {
+            return $this->respond([
+                'status' => 'failed',
+                'data' => [
+                    'valid' => false,
+                    'error' => $e->getMessage(),
+                ],
+            ], 200);
+        }
+    }
+
+    /**
+     * Compile DSL expression to engine-compatible structure.
+     * Frontend calls this when user clicks "Compile" button.
+     */
+    public function compile()
+    {
+        $input = $this->request->getJSON(true) ?? [];
+        $expr = $input['expr'] ?? '';
+
+        if (!is_string($expr) || trim($expr) === '') {
+            return $this->failValidationErrors(['expr' => 'Expression is required']);
+        }
+
+        try {
+            $svc = new RuleExpressionService();
+            $compiled = $svc->compile($expr);
+
+            return $this->respond([
+                'status' => 'success',
+                'data' => [
+                    'raw' => $expr,
+                    'compiled' => $compiled,
+                    'conditionExprCompiled' => json_encode($compiled),
+                ],
+            ], 200);
+        } catch (\Throwable $e) {
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Compilation failed',
+                'data' => [
+                    'error' => $e->getMessage(),
+                ],
+            ], 400);
+        }
+    }
+}

app/Controllers/SampleController.php

@@ -2,7 +2,7 @@
 
 namespace App\Controllers;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 use CodeIgniter\Controller;
 
 use Firebase\JWT\JWT;

app/Controllers/Specimen/ContainerDefController.php

@@ -2,16 +2,20 @@
 
 namespace App\Controllers\Specimen;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
+use App\Libraries\ValueSet;
 use App\Models\Specimen\ContainerDefModel;
 
 class ContainerDefController extends BaseController {
   use ResponseTrait;
+  use PatchValidationTrait;
 
   protected $db;
   protected $model;
   protected $rules;
+  protected $patchRules;
 
   public function __construct() {
     $this->db = \Config\Database::connect();
@@ -20,6 +24,10 @@ class ContainerDefController extends BaseController {
       'ConCode' => 'required|max_length[50]',
       'ConName' => 'required|max_length[50]'
     ];
+    $this->patchRules = [
+      'ConCode' => 'permit_empty|max_length[50]',
+      'ConName' => 'permit_empty|max_length[50]'
+    ];
   }
 
   public function index() {
@@ -29,6 +37,13 @@ class ContainerDefController extends BaseController {
 				'ConName' => $this->request->getVar('ConName')
 			];
       $rows = $this->model->getContainers($filter);
+
+      $rows = ValueSet::transformLabels($rows, [
+        'ConCategory' => 'container_class',
+        'CapColor' => 'container_cap_color',
+        'ConSize' => 'container_size',
+      ]);
+
       return $this->respond([ 'status' => 'success', 'message'=> "data fetched successfully", 'data'   => $rows ], 200);
     } catch (\Exception $e) {
       return $this->failServerError('Exception : '.$e->getMessage());
@@ -41,6 +56,13 @@ class ContainerDefController extends BaseController {
       if (empty($row)) {
         return $this->respond([ 'status' => 'success', 'message'=> "data not found", 'data' => null ], 200);
       }
+
+      $row = ValueSet::transformLabels([$row], [
+        'ConCategory' => 'container_class',
+        'CapColor' => 'container_cap_color',
+        'ConSize' => 'container_size',
+      ])[0];
+
       return $this->respond([ 'status' => 'success', 'message'=> "data fetched successfully", 'data'   => $row ], 200);
     } catch (\Exception $e) {
       return $this->failServerError('Exception : '.$e->getMessage());
@@ -52,18 +74,37 @@ class ContainerDefController extends BaseController {
     if (!$this->validateData($input, $this->rules)) { return $this->failValidationErrors($this->validator->getErrors()); }
     try {
       $ConDefID = $this->model->insert($input);
-      return $this->respondCreated([ 'status'  => 'success', 'message' => "data $ConDefID created successfully" ]);
+      return $this->respondCreated([ 'status'  => 'success', 'message' => "data $ConDefID created successfully", 'data' => $ConDefID ]);
     } catch (\Exception $e) {
       return $this->failServerError('Something went wrong: ' . $e->getMessage());
     }
   }
 
-  public function update() {
+  public function update($ConDefID = null) {
-    $input = $this->request->getJSON(true);
+    $input = $this->requirePatchPayload($this->request->getJSON(true));
-    if (!$this->validateData($input, $this->rules)) { return $this->failValidationErrors($this->validator->getErrors()); }
+    if ($input === null) {
+      return;
+    }
+
+    $id = $this->requirePatchId($ConDefID, 'ConDefID');
+    if ($id === null) {
+      return;
+    }
+
+    $existing = $this->model->find($id);
+    if (!$existing) {
+      return $this->respond([ 'status' => 'failed', 'message' => 'Container definition not found', 'data' => [] ], 404);
+    }
+
+    $validationInput = array_intersect_key($input, $this->patchRules);
+    if (!empty($validationInput) && !$this->validateData($validationInput, $this->patchRules)) {
+      return $this->failValidationErrors($this->validator->getErrors());
+    }
+
+    $input['ConDefID'] = $id;
     try {
-      $ConDefID = $this->model->update($input['ConDefID'], $input);
+      $this->model->update($id, $input);
-      return $this->respondCreated([ 'status'  => 'success', 'message' => "data $ConDefID updated successfully" ]);
+      return $this->respondCreated([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 201);
     } catch (\Exception $e) {
       return $this->failServerError('Something went wrong: ' . $e->getMessage());
     }

app/Controllers/Specimen/SpecimenCollectionController.php

@@ -2,12 +2,15 @@
 
 namespace App\Controllers\Specimen;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
+use App\Libraries\ValueSet;
 use App\Models\Specimen\SpecimenCollectionModel;
 
 class SpecimenCollectionController extends BaseController {
     use ResponseTrait;
+    use PatchValidationTrait;
 
     protected $db;
     protected $model;
@@ -22,6 +25,13 @@ class SpecimenCollectionController extends BaseController {
     public function index() {
         try {
             $rows = $this->model->findAll();
+
+            $rows = ValueSet::transformLabels($rows, [
+                'CollectionMethod' => 'collection_method',
+                'Additive' => 'additive',
+                'SpecimenRole' => 'specimen_role',
+            ]);
+
             return $this->respond([ 'status' => 'success', 'message'=> "data fetched successfully", 'data'   => $rows ], 200);
         } catch (\Exception $e) {
             return $this->failServerError('Exception : '.$e->getMessage());
@@ -34,6 +44,13 @@ class SpecimenCollectionController extends BaseController {
             if (empty($row)) {
                 return $this->respond([ 'status' => 'success', 'message'=> "data not found", 'data' => null ], 200);
             }
+
+            $row = ValueSet::transformLabels([$row], [
+                'CollectionMethod' => 'collection_method',
+                'Additive' => 'additive',
+                'SpecimenRole' => 'specimen_role',
+            ])[0];
+
             return $this->respond([ 'status' => 'success', 'message'=> "data fetched successfully", 'data'   => $row ], 200);
         } catch (\Exception $e) {
             return $this->failServerError('Exception : '.$e->getMessage());
@@ -51,12 +68,29 @@ class SpecimenCollectionController extends BaseController {
         }
     }
 
-    public function update() {
+    public function update($SpcColID = null) {
-        $input = $this->request->getJSON(true);
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
-        if (!$this->validateData($input, $this->rules)) { return $this->failValidationErrors($this->validator->getErrors()); }
+        if ($input === null) {
+            return;
+        }
+
+        $id = $this->requirePatchId($SpcColID, 'SpcColID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->where('SpcColID', $id)->first();
+        if (!$existing) {
+            return $this->respond([ 'status' => 'failed', 'message' => 'Specimen collection not found', 'data' => [] ], 404);
+        }
+
+        $input['SpcColID'] = $id;
+        if ($this->rules !== [] && !$this->validateData($input, $this->rules)) {
+            return $this->failValidationErrors($this->validator->getErrors());
+        }
         try {
-            $id = $this->model->update($input['SpcColID'], $input);
+            $this->model->update($id, $input);
-            return $this->respondCreated([ 'status'  => 'success', 'message' => "data $id updated successfully" ]);
+            return $this->respondCreated([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 201);
         } catch (\Exception $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
         }

app/Controllers/Specimen/SpecimenController.php

@@ -2,12 +2,15 @@
 
 namespace App\Controllers\Specimen;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
+use App\Libraries\ValueSet;
 use App\Models\Specimen\SpecimenModel;
 
 class SpecimenController extends BaseController {
     use ResponseTrait;
+    use PatchValidationTrait;
 
     protected $db;
     protected $model;
@@ -22,6 +25,13 @@ class SpecimenController extends BaseController {
     public function index() {
         try {
             $rows = $this->model->findAll();
+
+            $rows = ValueSet::transformLabels($rows, [
+                'SpecimenType' => 'specimen_type',
+                'SpecimenStatus' => 'specimen_status',
+                'BodySite' => 'body_site',
+            ]);
+
             return $this->respond([ 'status' => 'success', 'message'=> "data fetched successfully", 'data'   => $rows ], 200);
         } catch (\Exception $e) {
             return $this->failServerError('Exception : '.$e->getMessage());
@@ -34,6 +44,13 @@ class SpecimenController extends BaseController {
             if (empty($row)) {
                 return $this->respond([ 'status' => 'success', 'message'=> "data not found", 'data' => null ], 200);
             }
+
+            $row = ValueSet::transformLabels([$row], [
+                'SpecimenType' => 'specimen_type',
+                'SpecimenStatus' => 'specimen_status',
+                'BodySite' => 'body_site',
+            ])[0];
+
             return $this->respond([ 'status' => 'success', 'message'=> "data fetched successfully", 'data'   => $row ], 200);
         } catch (\Exception $e) {
             return $this->failServerError('Exception : '.$e->getMessage());
@@ -51,15 +68,76 @@ class SpecimenController extends BaseController {
         }
     }
 
-    public function update() {
+    public function update($SID = null) {
-        $input = $this->request->getJSON(true);
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
+        if ($input === null) {
+            return;
+        }
+
+        $id = $this->requirePatchId($SID, 'SID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->where('SID', $id)->first();
+        if (!$existing) {
+            return $this->respond([ 'status' => 'failed', 'message' => 'Specimen not found', 'data' => [] ], 404);
+        }
+
+        $input['SID'] = $id;
         if (!$this->validateData($input, $this->rules)) { return $this->failValidationErrors($this->validator->getErrors()); }
         try {
-            $id = $this->model->update($input['SID'], $input);
+            $this->model->update($id, $input);
-            return $this->respondCreated([ 'status'  => 'success', 'message' => "data $id updated successfully" ]);
+            return $this->respond([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 200);
         } catch (\Exception $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
         }
     }
 
+    /**
+     * Delete a specimen (soft delete)
+     * DELETE /api/specimen/(:num)
+     */
+    public function delete($id) {
+        try {
+            // Check if specimen exists
+            $specimen = $this->model->where('SID', $id)->first();
+            
+            if (empty($specimen)) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'Specimen not found',
+                    'data' => null
+                ], 404);
+            }
+            
+            // Perform soft delete (set DelDate)
+            $deleted = $this->model->update($id, [
+                'DelDate' => date('Y-m-d H:i:s')
+            ]);
+            
+            if (!$deleted) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'Failed to delete specimen',
+                    'data' => null
+                ], 500);
+            }
+            
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'Specimen deleted successfully',
+                'data' => ['SID' => $id]
+            ], 200);
+            
+        } catch (\Exception $e) {
+            log_message('error', 'SpecimenController::delete error: ' . $e->getMessage());
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Failed to delete specimen',
+                'data' => null
+            ], 500);
+        }
+    }
+
 }

app/Controllers/Specimen/SpecimenPrepController.php

@@ -2,12 +2,14 @@
 
 namespace App\Controllers\Specimen;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
 use App\Models\Specimen\SpecimenPrepModel;
 
 class SpecimenPrepController extends BaseController {
     use ResponseTrait;
+    use PatchValidationTrait;
 
     protected $db;
     protected $model;
@@ -51,12 +53,29 @@ class SpecimenPrepController extends BaseController {
         }
     }
 
-    public function update() {
+    public function update($SpcPrpID = null) {
-        $input = $this->request->getJSON(true);
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
-        if (!$this->validateData($input, $this->rules)) { return $this->failValidationErrors($this->validator->getErrors()); }
+        if ($input === null) {
+            return;
+        }
+
+        $id = $this->requirePatchId($SpcPrpID, 'SpcPrpID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->where('SpcPrpID', $id)->first();
+        if (!$existing) {
+            return $this->respond([ 'status' => 'failed', 'message' => 'Specimen prep not found', 'data' => [] ], 404);
+        }
+
+        $input['SpcPrpID'] = $id;
+        if ($this->rules !== [] && !$this->validateData($input, $this->rules)) {
+            return $this->failValidationErrors($this->validator->getErrors());
+        }
         try {
-            $id = $this->model->update($input['SpcPrpID'], $input);
+            $this->model->update($id, $input);
-            return $this->respondCreated([ 'status'  => 'success', 'message' => "data $id updated successfully" ]);
+            return $this->respondCreated([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 201);
         } catch (\Exception $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
         }

app/Controllers/Specimen/SpecimenStatusController.php

@@ -2,12 +2,15 @@
 
 namespace App\Controllers\Specimen;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
+use App\Libraries\ValueSet;
 use App\Models\Specimen\SpecimenStatusModel;
 
-class ContainerDef extends BaseController {
+class SpecimenStatusController extends BaseController {
     use ResponseTrait;
+    use PatchValidationTrait;
 
     protected $db;
     protected $model;
@@ -22,6 +25,12 @@ class ContainerDef extends BaseController {
     public function index() {
         try {
             $rows = $this->model->findAll();
+
+            $rows = ValueSet::transformLabels($rows, [
+                'Status' => 'specimen_status',
+                'Activity' => 'specimen_activity',
+            ]);
+
             return $this->respond([ 'status' => 'success', 'message'=> "data fetched successfully", 'data'   => $rows ], 200);
         } catch (\Exception $e) {
             return $this->failServerError('Exception : '.$e->getMessage());
@@ -34,6 +43,12 @@ class ContainerDef extends BaseController {
             if (empty($row)) {
                 return $this->respond([ 'status' => 'success', 'message'=> "data not found", 'data' => null ], 200);
             }
+
+            $row = ValueSet::transformLabels([$row], [
+                'Status' => 'specimen_status',
+                'Activity' => 'specimen_activity',
+            ])[0];
+
             return $this->respond([ 'status' => 'success', 'message'=> "data fetched successfully", 'data'   => $row ], 200);
         } catch (\Exception $e) {
             return $this->failServerError('Exception : '.$e->getMessage());
@@ -51,12 +66,29 @@ class ContainerDef extends BaseController {
         }
     }
 
-    public function update() {
+    public function update($SpcStaID = null) {
-        $input = $this->request->getJSON(true);
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
-        if (!$this->validateData($input, $this->rules)) { return $this->failValidationErrors($this->validator->getErrors()); }
+        if ($input === null) {
+            return;
+        }
+
+        $id = $this->requirePatchId($SpcStaID, 'SpcStaID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->where('SpcStaID', $id)->first();
+        if (!$existing) {
+            return $this->respond([ 'status' => 'failed', 'message' => 'Specimen status not found', 'data' => [] ], 404);
+        }
+
+        $input['SpcStaID'] = $id;
+        if ($this->rules !== [] && !$this->validateData($input, $this->rules)) {
+            return $this->failValidationErrors($this->validator->getErrors());
+        }
         try {
-            $id = $this->model->update($input['SpcStaID'], $input);
+            $this->model->update($id, $input);
-            return $this->respondCreated([ 'status'  => 'success', 'message' => "data $id updated successfully" ]);
+            return $this->respondCreated([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 201);
         } catch (\Exception $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
         }

app/Controllers/Test/DemoOrderController.php

@@ -1,10 +1,11 @@
 <?php
 namespace App\Controllers\Test;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 use CodeIgniter\Controller;
+use App\Libraries\ValueSet;
 use App\Models\Patient\PatientModel;
-use App\Models\OrderTest\OrderTestModel;
+use App\Models\OrderTestModel;
 
 class DemoOrderController extends Controller {
     use ResponseTrait;
@@ -43,6 +44,7 @@ class DemoOrderController extends Controller {
             'Priority' => $input['Priority'] ?? 'R',
             'OrderingProvider' => $input['OrderingProvider'] ?? 'Dr. Demo',
             'DepartmentID' => $input['DepartmentID'] ?? 1,
+            'Tests' => $input['Tests'] ?? []
         ];
 
         $orderID = $this->orderModel->createOrder($orderData);
@@ -69,6 +71,11 @@ class DemoOrderController extends Controller {
             ->get()
             ->getResultArray();
 
+        $orders = ValueSet::transformLabels($orders, [
+            'Priority' => 'order_priority',
+            'OrderStatus' => 'order_status',
+        ]);
+
         return $this->respond([
             'status' => 'success',
             'message' => 'Data fetched successfully',

app/Controllers/Test/TestMapController.php

@@ -1,56 +1,570 @@
 <?php
 namespace App\Controllers\Test;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
+use App\Libraries\ValueSet;
 use App\Models\Test\TestMapModel;
+use App\Models\Test\TestMapDetailModel;
 
 class TestMapController extends BaseController {
     use ResponseTrait;
+    use PatchValidationTrait;
 
     protected $db;
     protected $rules;
+    protected $patchRules;
     protected $model;
+    protected $modelDetail;
+    protected array $headerFields = ['HostType', 'HostID', 'ClientType', 'ClientID'];
+    protected array $detailFields = ['HostTestCode', 'HostTestName', 'ConDefID', 'ClientTestCode', 'ClientTestName'];
+    protected array $detailRules;
+    protected array $detailPatchRules;
 
     public function __construct() {
         $this->db = \Config\Database::connect();
         $this->model = new TestMapModel;
+        $this->modelDetail = new TestMapDetailModel;
+        $this->rules = [
+            'HostID' => 'required|integer',
+            'ClientID' => 'required|integer',
+        ];
+        $this->patchRules = [
+            'HostID' => 'permit_empty|integer',
+            'ClientID' => 'permit_empty|integer',
+            'HostType' => 'permit_empty|string',
+            'ClientType' => 'permit_empty|string',
+        ];
+        $this->detailRules = [
+            'HostTestCode' => 'permit_empty|max_length[10]',
+            'HostTestName' => 'permit_empty|max_length[100]',
+            'ConDefID' => 'permit_empty|integer',
+            'ClientTestCode' => 'permit_empty|max_length[10]',
+            'ClientTestName' => 'permit_empty|max_length[100]',
+        ];
+        $this->detailPatchRules = $this->detailRules;
     }
 
     public function index() {
-        $rows = $this->model->findAll();
+        $rows = $this->model->getUniqueGroupings();
+        $rows = $this->applyIndexFilters($rows);
         if (empty($rows)) { return $this->respond([ 'status'  => 'success', 'message' => "no Data.", 'data' => [] ], 200); }
+
+        $rows = ValueSet::transformLabels($rows, [
+            'HostType' => 'entity_type',
+            'ClientType' => 'entity_type',
+        ]);
+
+        $rows = array_map([$this, 'sanitizeTopLevelPayload'], $rows);
+
         return $this->respond([ 'status' => 'success', 'message'=> "Data fetched successfully", 'data' => $rows ], 200);
     }
 
     public function show($id = null) {
-        $row = $this->model->where('TestMapID',$id)->first();
+        $row = $this->model->getByIdWithNames($id);
         if (empty($row)) { return $this->respond([ 'status'  => 'success', 'message' => "no Data.", 'data' => null ], 200); }
+
+        $row = ValueSet::transformLabels([$row], [
+            'HostType' => 'entity_type',
+            'ClientType' => 'entity_type',
+        ])[0];
+
+        $row = $this->sanitizeTopLevelPayload($row);
+
+        // Include testmapdetail records
+        $row['details'] = $this->modelDetail->getDetailsByTestMap($id);
+
         return $this->respond([ 'status' => 'success', 'message'=> "Data fetched successfully", 'data' => $row ], 200);
     }
 
     public function create() {
         $input = $this->request->getJSON(true);
-        if (!$this->validateData($input, $this->rules)) { return $this->failValidationErrors($this->validator->getErrors()); }
+        $detailsPayload = null;
+        if (array_key_exists('details', $input)) {
+            $detailsPayload = $this->resolveDetailOperations($input['details']);
+            if ($detailsPayload === null) { return; }
+        }
+
+        $headerInput = array_intersect_key($input, array_flip($this->headerFields));
+        if (!$this->validateData($headerInput, $this->rules)) {
+            log_message('error', 'TestMap create validation failed: ' . json_encode($this->validator->getErrors()));
+            return $this->failValidationErrors($this->validator->getErrors());
+        }
+
+        $this->db->transStart();
         try {
-            $id = $this->model->insert($input);
+            $id = $this->model->insert($headerInput);
+
+            if ($detailsPayload !== null && !empty($detailsPayload['created'])) {
+                if (!$this->insertDetailRows($id, $detailsPayload['created'])) {
+                    $this->db->transRollback();
+                    return;
+                }
+            }
+
+            $this->db->transComplete();
+            if ($this->db->transStatus() === false) {
+                return $this->failServerError('Something went wrong while saving the test map.');
+            }
+
             return $this->respondCreated([ 'status'  => 'success', 'message' => "data created successfully", 'data' => $id ]);
+        } catch (\Exception $e) {
+            $this->db->transRollback();
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function update($TestMapID = null) {
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
+        if ($input === null) {
+            return;
+        }
+
+        $detailsPayload = null;
+        if (array_key_exists('details', $input)) {
+            $detailsPayload = $this->resolveDetailOperations($input['details']);
+            if ($detailsPayload === null) {
+                return;
+            }
+        }
+
+        $id = $this->requirePatchId($TestMapID, 'TestMapID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->where('TestMapID', $id)->where('EndDate', null)->first();
+        if (!$existing) {
+            return $this->respond([ 'status' => 'failed', 'message' => 'Test map not found', 'data' => [] ], 404);
+        }
+
+        if (isset($input['TestMapID']) && (string) $input['TestMapID'] !== (string) $id) {
+            return $this->failValidationErrors('TestMapID in URL does not match body.');
+        }
+
+        $validationInput = array_intersect_key($headerInput = array_intersect_key($input, array_flip($this->headerFields)), $this->patchRules);
+        if (!empty($validationInput) && !$this->validateData($validationInput, $this->patchRules)) {
+            return $this->failValidationErrors($this->validator->getErrors());
+        }
+
+        $input['TestMapID'] = $id;
+        $this->db->transStart();
+        try {
+            if (!empty($headerInput)) {
+                $this->model->update($id, $headerInput);
+            }
+
+            if ($detailsPayload !== null && !$this->applyDetailOperations($id, $detailsPayload)) {
+                $this->db->transRollback();
+                return;
+            }
+
+            $this->db->transComplete();
+            if ($this->db->transStatus() === false) {
+                return $this->failServerError('Something went wrong while updating the test map.');
+            }
+
+            return $this->respond([ 'status'  => 'success', 'message' => 'data updated successfully', 'data' => $id ], 200);
+        } catch (\Exception $e) {
+            $this->db->transRollback();
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function delete() {
+        $input = $this->request->getJSON(true);
+        $id = $input["TestMapID"] ?? null;
+        if (!$id) { return $this->failValidationErrors('TestMapID is required.'); }
+        
+        try {
+                $row = $this->model->where('TestMapID', $id)->where('EndDate', null)->first();
+            if (empty($row)) { return $this->respond([ 'status'  => 'failed', 'message' => "Data not found or already deleted.", 'data' => null ], 404); }
+            
+            $this->db->transStart();
+            $timestamp = date('Y-m-d H:i:s');
+            $this->model->update($id, ['EndDate' => $timestamp]);
+
+            $this->modelDetail->where('TestMapID', $id)
+                ->where('EndDate', null)
+                ->set('EndDate', $timestamp)
+                ->update();
+
+            $this->db->transComplete();
+
+            if ($this->db->transStatus() === false) {
+                return $this->failServerError('Something went wrong while deleting the test map.');
+            }
+
+            return $this->respond([ 'status'  => 'success', 'message' => "data deleted successfully", 'data' => $id ], 200);
         } catch (\Exception $e) {
             return $this->failServerError('Something went wrong: ' . $e->getMessage());
         }
     }
 
-    public function update() {
+    public function showByTestCode($testCode = null) {
-        $input = $this->request->getJSON(true);
+        if (!$testCode) { return $this->failValidationErrors('TestCode is required.'); }
-        $id = $input["TestMapID"];
+        
-        if (!$id) { return $this->failValidationErrors('TestMapID is required.'); }
+        $rows = $this->model->getMappingsByTestCode($testCode);
-        if (!$this->validateData($input, $this->rules)) { return $this->failValidationErrors( $this->validator->getErrors() ); }
+        if (empty($rows)) { return $this->respond([ 'status'  => 'success', 'message' => "no Data.", 'data' => [] ], 200); }
-        try {
+
-            $this->model->update($id,$input);
+        $rows = ValueSet::transformLabels($rows, [
-            return $this->respondCreated([ 'status'  => 'success', 'message' => "data updated successfully", 'data' => $id ]);
+            'HostType' => 'entity_type',
-        } catch (\Exception $e) {
+            'ClientType' => 'entity_type',
-            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        ]);
+
+        $rows = array_map([$this, 'sanitizeTopLevelPayload'], $rows);
+
+        return $this->respond([ 'status' => 'success', 'message'=> "Data fetched successfully", 'data' => $rows ], 200);
+    }
+
+    private function sanitizeTopLevelPayload(array $row): array
+    {
+        unset($row['TestCode'], $row['testcode']);
+        return $row;
+    }
+
+    private function applyIndexFilters(array $rows): array
+    {
+        $hostFilter = trim((string) $this->request->getGet('host'));
+        $clientFilter = trim((string) $this->request->getGet('client'));
+
+        if ($hostFilter === '' && $clientFilter === '') {
+            return $rows;
         }
+
+        return array_values(array_filter($rows, function (array $row) use ($hostFilter, $clientFilter): bool {
+            if ($hostFilter !== '' && !$this->matchesSearch($row, 'Host', $hostFilter)) {
+                return false;
+            }
+
+            if ($clientFilter !== '' && !$this->matchesSearch($row, 'Client', $clientFilter)) {
+                return false;
+            }
+
+            return true;
+        }));
+    }
+
+    private function matchesSearch(array $row, string $prefix, string $filter): bool
+    {
+        $haystacks = [
+            (string) ($row[$prefix . 'Name'] ?? ''),
+            (string) ($row[$prefix . 'ID'] ?? ''),
+            (string) ($row[$prefix . 'Type'] ?? ''),
+        ];
+
+        $needle = strtolower($filter);
+
+        foreach ($haystacks as $value) {
+            if ($value !== '' && str_contains(strtolower($value), $needle)) {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    private function resolveDetailOperations(mixed $detailsPayload): ?array
+    {
+        if ($detailsPayload === null) {
+            return null;
+        }
+
+        if (!is_array($detailsPayload)) {
+            $this->failValidationErrors('details must be an array or object.');
+            return null;
+        }
+
+        if ($this->isDetailOpsPayload($detailsPayload)) {
+            $createdItems = $this->normalizeDetailList($detailsPayload['created'] ?? [], 'details.created');
+            if ($createdItems === null) { return null; }
+            $editedItems = $this->normalizeDetailList($detailsPayload['edited'] ?? [], 'details.edited');
+            if ($editedItems === null) { return null; }
+            $deletedIds = $this->normalizeDetailIds($detailsPayload['deleted'] ?? []);
+            if ($deletedIds === null) { return null; }
+
+            return ['created' => $createdItems, 'edited' => $editedItems, 'deleted' => $deletedIds];
+        }
+
+        if ($this->isListPayload($detailsPayload)) {
+            $items = $this->normalizeDetailList($detailsPayload, 'details');
+            if ($items === null) { return null; }
+            return ['created' => $items, 'edited' => [], 'deleted' => []];
+        }
+
+        if ($this->isAssocArray($detailsPayload)) {
+            $items = $this->normalizeDetailList([$detailsPayload], 'details');
+            if ($items === null) { return null; }
+            return ['created' => $items, 'edited' => [], 'deleted' => []];
+        }
+
+        $this->failValidationErrors('details must be an array of objects or contain created/edited/deleted arrays.');
+        return null;
+    }
+
+    private function applyDetailOperations(int $testMapID, array $operations): bool
+    {
+        if (!empty($operations['edited']) && !$this->updateDetails($testMapID, $operations['edited'])) {
+            return false;
+        }
+
+        if (!empty($operations['deleted']) && !$this->softDeleteDetails($testMapID, $operations['deleted'])) {
+            return false;
+        }
+
+        if (!empty($operations['created']) && !$this->insertDetailRows($testMapID, $operations['created'])) {
+            return false;
+        }
+
+        return true;
+    }
+
+    private function insertDetailRows(int $testMapID, array $items): bool
+    {
+        if (empty($items)) {
+            return true;
+        }
+
+        $prepared = [];
+        foreach ($items as $index => $item) {
+            if (!$this->validateData($item, $this->detailRules)) {
+                $this->failValidationErrors(['details.created' => $this->validator->getErrors()]);
+                return false;
+            }
+            $prepared[] = array_merge(['TestMapID' => $testMapID], $item);
+        }
+
+        $this->modelDetail->insertBatch($prepared);
+        return true;
+    }
+
+    private function updateDetails(int $testMapID, array $items): bool
+    {
+        foreach ($items as $index => $detail) {
+            $detailID = $detail['TestMapDetailID'] ?? null;
+            if (!$detailID || !ctype_digit((string) $detailID)) {
+                $this->failValidationErrors("details.edited[{$index}].TestMapDetailID is required and must be an integer.");
+                return false;
+            }
+
+            if (array_key_exists('TestMapID', $detail) && (int) $detail['TestMapID'] !== $testMapID) {
+                $this->failValidationErrors("details.edited[{$index}] must belong to TestMap {$testMapID}.");
+                return false;
+            }
+
+            $existing = $this->modelDetail->where('TestMapDetailID', $detailID)
+                ->where('TestMapID', $testMapID)
+                ->where('EndDate', null)
+                ->first();
+
+            if (empty($existing)) {
+                $this->failValidationErrors("Detail record {$detailID} not found for this test map.");
+                return false;
+            }
+
+            $updateData = array_intersect_key($detail, array_flip($this->detailFields));
+            if ($updateData === []) {
+                continue;
+            }
+
+            if (!$this->validateData($updateData, $this->detailPatchRules)) {
+                $this->failValidationErrors($this->validator->getErrors());
+                return false;
+            }
+
+            $this->modelDetail->update($detailID, $updateData);
+        }
+
+        return true;
+    }
+
+    private function softDeleteDetails(int $testMapID, array $ids): bool
+    {
+        if (empty($ids)) {
+            return true;
+        }
+
+        $existing = $this->modelDetail->select('TestMapDetailID')
+            ->whereIn('TestMapDetailID', $ids)
+            ->where('TestMapID', $testMapID)
+            ->where('EndDate', null)
+            ->findAll();
+
+        $foundIds = array_column($existing, 'TestMapDetailID');
+        $missing = array_diff($ids, $foundIds);
+        if (!empty($missing)) {
+            $this->failValidationErrors('Some detail IDs do not exist or belong to another test map: ' . implode(', ', $missing));
+            return false;
+        }
+
+        $this->modelDetail->whereIn('TestMapDetailID', $ids)
+            ->where('TestMapID', $testMapID)
+            ->where('EndDate', null)
+            ->set('EndDate', date('Y-m-d H:i:s'))
+            ->update();
+
+        return true;
+    }
+
+    private function isDetailOpsPayload(array $payload): bool
+    {
+        return (bool) array_intersect(array_keys($payload), ['created', 'edited', 'deleted']);
+    }
+
+    private function isListPayload(array $payload): bool
+    {
+        if ($payload === []) {
+            return true;
+        }
+        return array_keys($payload) === range(0, count($payload) - 1);
+    }
+
+    private function isAssocArray(array $payload): bool
+    {
+        if ($payload === []) {
+            return false;
+        }
+        return array_keys($payload) !== range(0, count($payload) - 1);
+    }
+
+    private function normalizeDetailList(mixed $value, string $fieldPath): ?array
+    {
+        if ($value === null) {
+            return [];
+        }
+
+        if (!is_array($value)) {
+            $this->failValidationErrors("{$fieldPath} must be an array of objects.");
+            return null;
+        }
+
+        if ($value !== [] && $this->isAssocArray($value)) {
+            $value = [$value];
+        }
+
+        $results = [];
+        foreach ($value as $index => $item) {
+            if (!is_array($item)) {
+                $this->failValidationErrors("{$fieldPath}[{$index}] must be an object.");
+                return null;
+            }
+            $results[] = $item;
+        }
+
+        return $results;
+    }
+
+    private function normalizeDetailIds(mixed $value): ?array
+    {
+        if ($value === null) {
+            return [];
+        }
+
+        if (!is_array($value)) {
+            $value = [$value];
+        }
+
+        $results = [];
+        foreach ($value as $index => $item) {
+            if (!ctype_digit((string) $item)) {
+                $this->failValidationErrors("details.deleted[{$index}] must be an integer.");
+                return null;
+            }
+            $results[] = (int) $item;
+        }
+
+        return array_values(array_unique($results));
+    }
+
+    public function batchCreate() {
+        $items = $this->request->getJSON(true);
+        if (!is_array($items)) { return $this->failValidationErrors('Expected array of items'); }
+        
+        $results = ['success' => [], 'failed' => []];
+        $this->db->transStart();
+        
+        foreach ($items as $index => $item) {
+            if (!$this->validateData($item, $this->rules)) {
+                $results['failed'][] = ['index' => $index, 'errors' => $this->validator->getErrors()];
+                continue;
+            }
+            try {
+                $id = $this->model->insert($item);
+                $results['success'][] = ['index' => $index, 'TestMapID' => $id];
+            } catch (\Exception $e) {
+                $results['failed'][] = ['index' => $index, 'error' => $e->getMessage()];
+            }
+        }
+        
+        $this->db->transComplete();
+        return $this->respond([
+            'status' => empty($results['failed']) ? 'success' : 'partial',
+            'message' => 'Batch create completed',
+            'data' => $results
+        ], 200);
+    }
+
+    public function batchUpdate() {
+        $items = $this->request->getJSON(true);
+        if (!is_array($items)) { return $this->failValidationErrors('Expected array of items'); }
+        
+        $results = ['success' => [], 'failed' => []];
+        $this->db->transStart();
+        
+        foreach ($items as $index => $item) {
+            $id = $item['TestMapID'] ?? null;
+            if (!$id) {
+                $results['failed'][] = ['index' => $index, 'error' => 'TestMapID required'];
+                continue;
+            }
+            if (!$this->validateData($item, $this->rules)) {
+                $results['failed'][] = ['index' => $index, 'errors' => $this->validator->getErrors()];
+                continue;
+            }
+            try {
+                $this->model->update($id, $item);
+                $results['success'][] = ['index' => $index, 'TestMapID' => $id];
+            } catch (\Exception $e) {
+                $results['failed'][] = ['index' => $index, 'error' => $e->getMessage()];
+            }
+        }
+        
+        $this->db->transComplete();
+        return $this->respond([
+            'status' => empty($results['failed']) ? 'success' : 'partial',
+            'message' => 'Batch update completed',
+            'data' => $results
+        ], 200);
+    }
+
+    public function batchDelete() {
+        $ids = $this->request->getJSON(true);
+        if (!is_array($ids)) { return $this->failValidationErrors('Expected array of TestMapIDs'); }
+        
+        $results = ['success' => [], 'failed' => []];
+        $this->db->transStart();
+        
+        foreach ($ids as $id) {
+            try {
+            $row = $this->model->where('TestMapID', $id)->where('EndDate', null)->first();
+                if (empty($row)) {
+                    $results['failed'][] = ['TestMapID' => $id, 'error' => 'Not found or already deleted'];
+                    continue;
+                }
+                $this->model->update($id, ['EndDate' => date('Y-m-d H:i:s')]);
+                $results['success'][] = $id;
+            } catch (\Exception $e) {
+                $results['failed'][] = ['TestMapID' => $id, 'error' => $e->getMessage()];
+            }
+        }
+        
+        $this->db->transComplete();
+        return $this->respond([
+            'status' => empty($results['failed']) ? 'success' : 'partial',
+            'message' => 'Batch delete completed',
+            'data' => $results
+        ], 200);
     }
 
 }

app/Controllers/Test/TestMapDetailController.php

@@ -0,0 +1,286 @@
+<?php
+
+namespace App\Controllers\Test;
+
+use App\Controllers\BaseController;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
+use App\Models\Test\TestMapDetailModel;
+
+class TestMapDetailController extends BaseController {
+    use ResponseTrait;
+    use PatchValidationTrait;
+
+    protected $db;
+    protected $rules;
+    protected $patchRules;
+    protected $model;
+
+    public function __construct() {
+        $this->db = \Config\Database::connect();
+        $this->model = new TestMapDetailModel;
+        $this->rules = [
+            'TestMapID' => 'required|integer',
+            'HostTestCode' => 'permit_empty|max_length[10]',
+            'HostTestName' => 'permit_empty|max_length[100]',
+            'ConDefID' => 'permit_empty|integer',
+            'ClientTestCode' => 'permit_empty|max_length[10]',
+            'ClientTestName' => 'permit_empty|max_length[100]',
+        ];
+        $this->patchRules = [
+            'TestMapID' => 'permit_empty|integer',
+            'HostTestCode' => 'permit_empty|max_length[10]',
+            'HostTestName' => 'permit_empty|max_length[100]',
+            'ConDefID' => 'permit_empty|integer',
+            'ClientTestCode' => 'permit_empty|max_length[10]',
+            'ClientTestName' => 'permit_empty|max_length[100]',
+        ];
+    }
+
+    public function index() {
+        $testMapID = $this->request->getGet('TestMapID');
+        
+        if ($testMapID) {
+            $rows = $this->model->getDetailsByTestMap($testMapID);
+        } else {
+            $rows = $this->model->where('EndDate', null)->findAll();
+        }
+        
+        if (empty($rows)) { 
+            return $this->respond([ 'status'  => 'success', 'message' => "no Data.", 'data' => [] ], 200); 
+        }
+
+        return $this->respond([ 'status' => 'success', 'message'=> "Data fetched successfully", 'data' => $rows ], 200);
+    }
+
+    public function show($id = null) {
+        if (!$id) {
+            return $this->failValidationErrors('TestMapDetailID is required.');
+        }
+        
+                $row = $this->model->where('TestMapDetailID', $id)->where('EndDate', null)->first();
+        
+        if (empty($row)) { 
+            return $this->respond([ 'status'  => 'success', 'message' => "no Data.", 'data' => null ], 200); 
+        }
+
+        return $this->respond([ 'status' => 'success', 'message'=> "Data fetched successfully", 'data' => $row ], 200);
+    }
+
+    public function showByTestMap($testMapID = null) {
+        if (!$testMapID) { 
+            return $this->failValidationErrors('TestMapID is required.'); 
+        }
+        
+        $rows = $this->model->getDetailsByTestMap($testMapID);
+        
+        if (empty($rows)) { 
+            return $this->respond([ 'status'  => 'success', 'message' => "no Data.", 'data' => [] ], 200); 
+        }
+
+        return $this->respond([ 'status' => 'success', 'message'=> "Data fetched successfully", 'data' => $rows ], 200);
+    }
+
+    public function create() {
+        $input = $this->request->getJSON(true);
+        
+        if (!$this->validateData($input, $this->rules)) { 
+            return $this->failValidationErrors($this->validator->getErrors()); 
+        }
+        
+        try {
+            $id = $this->model->insert($input);
+            return $this->respondCreated([ 
+                'status'  => 'success', 
+                'message' => "data created successfully", 
+                'data' => $id 
+            ]);
+        } catch (\Exception $e) {
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function update($TestMapDetailID = null) {
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
+        if ($input === null) {
+            return;
+        }
+
+        $id = $this->requirePatchId($TestMapDetailID, 'TestMapDetailID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->where('TestMapDetailID', $id)->where('EndDate', null)->first();
+        if (!$existing) {
+            return $this->respond([ 'status' => 'failed', 'message' => 'Test map detail not found', 'data' => [] ], 404);
+        }
+
+        if (isset($input['TestMapDetailID']) && (string) $input['TestMapDetailID'] !== (string) $id) {
+            return $this->failValidationErrors('TestMapDetailID in URL does not match body.');
+        }
+
+        $input['TestMapDetailID'] = $id;
+        $validationInput = array_intersect_key($input, $this->patchRules);
+        if (!empty($validationInput) && !$this->validateData($validationInput, $this->patchRules)) { 
+            return $this->failValidationErrors($this->validator->getErrors()); 
+        }
+
+        try {
+            $this->model->update($id, $input);
+            return $this->respond([
+                'status'  => 'success', 
+                'message' => 'data updated successfully', 
+                'data' => $id 
+            ], 200);
+        } catch (\Exception $e) {
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function delete() {
+        $input = $this->request->getJSON(true);
+        $id = $input["TestMapDetailID"] ?? null;
+        
+        if (!$id) { 
+            return $this->failValidationErrors('TestMapDetailID is required.'); 
+        }
+        
+        try {
+            $row = $this->model->where('TestMapDetailID', $id)->where('EndDate', null)->first();
+            
+            if (empty($row)) { 
+                return $this->respond([ 
+                    'status'  => 'failed', 
+                    'message' => "Data not found or already deleted.", 
+                    'data' => null 
+                ], 404); 
+            }
+            
+            $this->model->update($id, ['EndDate' => date('Y-m-d H:i:s')]);
+            
+            return $this->respond([ 
+                'status'  => 'success', 
+                'message' => "data deleted successfully", 
+                'data' => $id 
+            ], 200);
+        } catch (\Exception $e) {
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function batchCreate() {
+        $items = $this->request->getJSON(true);
+        
+        if (!is_array($items)) { 
+            return $this->failValidationErrors('Expected array of items'); 
+        }
+        
+        $results = ['success' => [], 'failed' => []];
+        $this->db->transStart();
+        
+        foreach ($items as $index => $item) {
+            if (!$this->validateData($item, $this->rules)) {
+                $results['failed'][] = ['index' => $index, 'errors' => $this->validator->getErrors()];
+                continue;
+            }
+            try {
+                $id = $this->model->insert($item);
+                $results['success'][] = ['index' => $index, 'TestMapDetailID' => $id];
+            } catch (\Exception $e) {
+                $results['failed'][] = ['index' => $index, 'error' => $e->getMessage()];
+            }
+        }
+        
+        $this->db->transComplete();
+        
+        return $this->respond([
+            'status' => empty($results['failed']) ? 'success' : 'partial',
+            'message' => 'Batch create completed',
+            'data' => $results
+        ], 200);
+    }
+
+    public function batchUpdate() {
+        $items = $this->request->getJSON(true);
+        
+        if (!is_array($items)) { 
+            return $this->failValidationErrors('Expected array of items'); 
+        }
+        
+        $results = ['success' => [], 'failed' => []];
+        $this->db->transStart();
+        
+        foreach ($items as $index => $item) {
+            $id = $item['TestMapDetailID'] ?? null;
+            
+            if (!$id) {
+                $results['failed'][] = ['index' => $index, 'error' => 'TestMapDetailID required'];
+                continue;
+            }
+
+            $updateData = $item;
+            unset($updateData['TestMapDetailID']);
+
+            if ($updateData === []) {
+                $results['failed'][] = ['index' => $index, 'error' => 'No fields to update'];
+                continue;
+            }
+            
+            if (!$this->validateData($updateData, $this->patchRules)) {
+                $results['failed'][] = ['index' => $index, 'errors' => $this->validator->getErrors()];
+                continue;
+            }
+            
+            try {
+                $this->model->update($id, $updateData);
+                $results['success'][] = ['index' => $index, 'TestMapDetailID' => $id];
+            } catch (\Exception $e) {
+                $results['failed'][] = ['index' => $index, 'error' => $e->getMessage()];
+            }
+        }
+        
+        $this->db->transComplete();
+        
+        return $this->respond([
+            'status' => empty($results['failed']) ? 'success' : 'partial',
+            'message' => 'Batch update completed',
+            'data' => $results
+        ], 200);
+    }
+
+    public function batchDelete() {
+        $ids = $this->request->getJSON(true);
+        
+        if (!is_array($ids)) { 
+            return $this->failValidationErrors('Expected array of TestMapDetailIDs'); 
+        }
+        
+        $results = ['success' => [], 'failed' => []];
+        $this->db->transStart();
+        
+        foreach ($ids as $id) {
+            try {
+        $row = $this->model->where('TestMapDetailID', $id)->where('EndDate', null)->first();
+                
+                if (empty($row)) {
+                    $results['failed'][] = ['TestMapDetailID' => $id, 'error' => 'Not found or already deleted'];
+                    continue;
+                }
+                
+                $this->model->update($id, ['EndDate' => date('Y-m-d H:i:s')]);
+                $results['success'][] = $id;
+            } catch (\Exception $e) {
+                $results['failed'][] = ['TestMapDetailID' => $id, 'error' => $e->getMessage()];
+            }
+        }
+        
+        $this->db->transComplete();
+        
+        return $this->respond([
+            'status' => empty($results['failed']) ? 'success' : 'partial',
+            'message' => 'Batch delete completed',
+            'data' => $results
+        ], 200);
+    }
+}

app/Controllers/Test/TestsController.php

@@ -0,0 +1,735 @@
+<?php
+
+namespace App\Controllers\Test;
+
+use App\Controllers\BaseController;
+use App\Libraries\TestValidationService;
+use App\Libraries\ValueSet;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
+
+class TestsController extends BaseController
+{
+    use ResponseTrait;
+    use PatchValidationTrait;
+
+    protected $model;
+    protected $modelCal;
+    protected $modelGrp;
+    protected $modelMap;
+    protected $modelMapDetail;
+    protected $modelRefNum;
+    protected $modelRefTxt;
+    protected $rules;
+
+    public function __construct()
+    {
+        $this->model = new \App\Models\Test\TestDefSiteModel;
+        $this->modelCal = new \App\Models\Test\TestDefCalModel;
+        $this->modelGrp = new \App\Models\Test\TestDefGrpModel;
+        $this->modelMap = new \App\Models\Test\TestMapModel;
+        $this->modelMapDetail = new \App\Models\Test\TestMapDetailModel;
+        $this->modelRefNum = new \App\Models\RefRange\RefNumModel;
+        $this->modelRefTxt = new \App\Models\RefRange\RefTxtModel;
+
+        $this->rules = [
+            'TestSiteCode' => 'required',
+            'TestSiteName' => 'required',
+            'TestType'     => 'required',
+        ];
+    }
+
+    public function index()
+    {
+        $search = $this->request->getGet('search');
+        
+        $filters = [
+            'SiteID' => $this->request->getGet('SiteID'),
+            'TestType' => $this->request->getGet('TestType'),
+            'isVisibleScr' => $this->request->getGet('isVisibleScr'),
+            'isVisibleRpt' => $this->request->getGet('isVisibleRpt'),
+            'TestSiteName' => $this->request->getGet('TestSiteName'),
+            'TestSiteCode' => $this->request->getGet('TestSiteCode'),
+            'search' => $search,
+        ];
+
+        $rows = $this->model->getTestsWithRelations($filters);
+
+        if (empty($rows)) {
+            return $this->respond([
+                'status'  => 'success',
+                'message' => 'No data.',
+                'data'    => [],
+            ], 200);
+        }
+
+        $rows = ValueSet::transformLabels($rows, [
+            'TestType' => 'test_type',
+        ]);
+
+        return $this->respond([
+            'status'  => 'success',
+            'message' => 'Data fetched successfully',
+            'data'    => $rows,
+        ], 200);
+    }
+
+    public function show($id = null)
+    {
+        if (!$id) {
+            return $this->failValidationErrors('TestSiteID is required');
+        }
+
+        $row = $this->model->getTestById($id);
+
+        if (!$row) {
+            return $this->respond([
+                'status'  => 'success',
+                'message' => 'No data.',
+                'data'    => null,
+            ], 200);
+        }
+
+        $typeCode = $row['TestType'] ?? '';
+
+        if ($typeCode === 'CALC') {
+            $row['testdefcal'] = $this->modelCal->getByTestSiteID($id);
+            $row['testdefgrp'] = [
+                'members' => $this->modelGrp->getGroupMembers($id),
+            ];
+        } elseif ($typeCode === 'GROUP') {
+            $row['testdefgrp'] = [
+                'members' => $this->modelGrp->getGroupMembers($id),
+            ];
+        } elseif ($typeCode !== 'TITLE') {
+            $refType = $row['RefType'] ?? '';
+            $resultType = $row['ResultType'] ?? '';
+
+            if (TestValidationService::usesRefNum($resultType, $refType)) {
+                $row['refnum'] = $this->modelRefNum->getFormattedByTestSiteID($id);
+            }
+
+            if (TestValidationService::usesRefTxt($resultType, $refType)) {
+                $row['reftxt'] = $this->modelRefTxt->getFormattedByTestSiteID($id);
+            }
+        }
+
+        // Keep /api/test payload focused on test definition fields.
+        unset($row['testmap']);
+
+        return $this->respond([
+            'status'  => 'success',
+            'message' => 'Data fetched successfully',
+            'data'    => $row,
+        ], 200);
+    }
+
+    public function create()
+    {
+        $input = $this->request->getJSON(true);
+
+        if (!$this->validateData($input, $this->rules)) {
+            return $this->failValidationErrors($this->validator->getErrors());
+        }
+
+        $testType = $input['TestType'] ?? '';
+        $details = $input['details'] ?? $input;
+        $resultType = $details['ResultType'] ?? '';
+        $refType = $details['RefType'] ?? '';
+
+        if (TestValidationService::isCalc($testType)) {
+            $resultType = 'NMRIC';
+            $refType = $refType ?: 'RANGE';
+        } elseif (TestValidationService::isGroup($testType) || TestValidationService::isTitle($testType)) {
+            $resultType = 'NORES';
+            $refType = 'NOREF';
+        }
+
+        if ($resultType && $refType) {
+            $validation = TestValidationService::validate($testType, $resultType, $refType);
+            if (!$validation['valid']) {
+                return $this->failValidationErrors(['type_validation' => $validation['error']]);
+            }
+        }
+
+        $db = \Config\Database::connect();
+        $db->transStart();
+
+        try {
+            $testSiteData = [
+                'SiteID'      => array_key_exists('SiteID', $input) ? $input['SiteID'] : null,
+                'TestSiteCode'=> $input['TestSiteCode'],
+                'TestSiteName'=> $input['TestSiteName'],
+                'TestType'    => $input['TestType'],
+                'Description' => $input['Description'] ?? null,
+                'SeqScr'      => array_key_exists('SeqScr', $input) ? $input['SeqScr'] : null,
+                'SeqRpt'      => array_key_exists('SeqRpt', $input) ? $input['SeqRpt'] : null,
+                'IndentLeft'  => $input['IndentLeft'] ?? 0,
+                'FontStyle'   => $input['FontStyle'] ?? null,
+                'isVisibleScr'  => $input['isVisibleScr'] ?? 1,
+                'isVisibleRpt'  => $input['isVisibleRpt'] ?? 1,
+                'isCountStat'   => $input['isCountStat'] ?? 1,
+                'isRequestable' => $input['isRequestable'] ?? 1,
+                'StartDate'   => $input['StartDate'] ?? date('Y-m-d H:i:s'),
+            ];
+
+            $id = $this->model->insert($testSiteData);
+            if (!$id) {
+                $dbError = $db->error();
+                log_message('error', 'Test insert failed: ' . json_encode($dbError, JSON_UNESCAPED_SLASHES));
+                $message = $dbError['message'] ?? 'Failed to insert main test definition';
+                throw new \Exception('Failed to insert main test definition: ' . $message);
+            }
+
+            $this->handleDetails($id, $input, 'insert');
+
+            $db->transComplete();
+
+            if ($db->transStatus() === false) {
+                $dbError = $db->error();
+                $lastQuery = $db->showLastQuery();
+                log_message('error', 'TestController transaction failed: ' . json_encode([
+                    'error' => $dbError,
+                    'last_query' => $lastQuery,
+                ], JSON_UNESCAPED_SLASHES));
+                return $this->failServerError('Transaction failed');
+            }
+
+            return $this->respondCreated([
+                'status'  => 'success',
+                'message' => 'Test created successfully',
+                'data'    => ['TestSiteId' => $id],
+            ]);
+        } catch (\Exception $e) {
+            $db->transRollback();
+
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function update($id = null)
+    {
+        $input = $this->requirePatchPayload($this->request->getJSON(true));
+        if ($input === null) {
+            return;
+        }
+
+        if (!$id && isset($input['TestSiteID'])) {
+            $id = $input['TestSiteID'];
+        }
+
+        $id = $this->requirePatchId($id, 'TestSiteID');
+        if ($id === null) {
+            return;
+        }
+
+        $existing = $this->model->find($id);
+        if (!$existing) {
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Test not found',
+                'data' => []
+            ], 404);
+        }
+
+        $testType = $input['TestType'] ?? $existing['TestType'] ?? '';
+        $details = $input['details'] ?? $input;
+        $resultType = $details['ResultType'] ?? $existing['ResultType'] ?? '';
+        $refType = $details['RefType'] ?? $existing['RefType'] ?? '';
+
+        if (TestValidationService::isCalc($testType)) {
+            $resultType = 'NMRIC';
+            $refType = $refType ?: 'RANGE';
+        } elseif (TestValidationService::isGroup($testType) || TestValidationService::isTitle($testType)) {
+            $resultType = 'NORES';
+            $refType = 'NOREF';
+        }
+
+        if ($resultType && $refType) {
+            $validation = TestValidationService::validate($testType, $resultType, $refType);
+            if (!$validation['valid']) {
+                return $this->failValidationErrors(['type_validation' => $validation['error']]);
+            }
+        }
+
+        $db = \Config\Database::connect();
+        $db->transStart();
+
+        try {
+            $testSiteData = [];
+            $allowedUpdateFields = [
+                'TestSiteCode',
+                'TestSiteName',
+                'TestType',
+                'Description',
+                'SeqScr',
+                'SeqRpt',
+                'IndentLeft',
+                'FontStyle',
+            'isVisibleScr',
+            'isVisibleRpt',
+            'isCountStat',
+            'isRequestable',
+            'StartDate',
+        ];
+
+            foreach ($allowedUpdateFields as $field) {
+                if (array_key_exists($field, $input)) {
+                    $testSiteData[$field] = $input[$field];
+                }
+            }
+
+            if (!empty($testSiteData)) {
+                $this->model->update($id, $testSiteData);
+            }
+
+            $this->handleDetails($id, $input, 'update');
+
+            $db->transComplete();
+
+            if ($db->transStatus() === false) {
+                return $this->failServerError('Transaction failed');
+            }
+
+            return $this->respond([
+                'status'  => 'success',
+                'message' => 'Test updated successfully',
+                'data'    => ['TestSiteId' => $id],
+            ]);
+        } catch (\Exception $e) {
+            $db->transRollback();
+
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    public function delete($id = null)
+    {
+        $input = $this->request->getJSON(true);
+
+        if (!$id && isset($input['TestSiteID'])) {
+            $id = $input['TestSiteID'];
+        }
+        if (!$id) {
+            return $this->failValidationErrors('TestSiteID is required.');
+        }
+
+        $existing = $this->model->find($id);
+        if (!$existing) {
+            return $this->failNotFound('Test not found');
+        }
+
+        if (!empty($existing['EndDate'])) {
+            return $this->failValidationErrors('Test is already disabled');
+        }
+
+        $db = \Config\Database::connect();
+        $db->transStart();
+
+        try {
+            $now = date('Y-m-d H:i:s');
+
+            $this->model->update($id, ['EndDate' => $now]);
+
+            $testType = $existing['TestType'];
+            $typeCode = $testType;
+
+            if (TestValidationService::isCalc($typeCode)) {
+                $this->modelCal->disableByTestSiteID($id);
+                $this->modelGrp->disableByTestSiteID($id);
+            } elseif (TestValidationService::isGroup($typeCode)) {
+                $this->modelGrp->disableByTestSiteID($id);
+            } elseif (TestValidationService::isTechnicalTest($typeCode)) {
+                $this->modelRefNum->disableByTestSiteID($id);
+                $this->modelRefTxt->disableByTestSiteID($id);
+            }
+
+            // Disable testmap by test code
+            $testSiteCode = $existing['TestSiteCode'] ?? null;
+            if ($testSiteCode) {
+                $existingMaps = $this->modelMap->getMappingsByTestCode($testSiteCode);
+                foreach ($existingMaps as $existingMap) {
+                    $this->modelMapDetail->disableByTestMapID($existingMap['TestMapID']);
+                    $this->modelMap->update($existingMap['TestMapID'], ['EndDate' => $now]);
+                }
+            }
+
+            $db->transComplete();
+
+            if ($db->transStatus() === false) {
+                return $this->failServerError('Transaction failed');
+            }
+
+            return $this->respond([
+                'status'  => 'success',
+                'message' => 'Test disabled successfully',
+                'data'    => ['TestSiteId' => $id, 'EndDate' => $now],
+            ]);
+        } catch (\Exception $e) {
+            $db->transRollback();
+
+            return $this->failServerError('Something went wrong: ' . $e->getMessage());
+        }
+    }
+
+    private function handleDetails($testSiteID, $input, $action)
+    {
+        $testTypeID = $input['TestType'] ?? null;
+        $testSiteCode = null;
+
+        if (!$testTypeID && $action === 'update') {
+            $existing = $this->model->find($testSiteID);
+            $testTypeID = $existing['TestType'] ?? null;
+            $testSiteCode = $existing['TestSiteCode'] ?? null;
+        }
+
+        if (!$testTypeID) {
+            return;
+        }
+
+        $typeCode = $testTypeID;
+
+        $details = $input['details'] ?? $input;
+        $details['TestSiteID'] = $testSiteID;
+        $details['SiteID'] = array_key_exists('SiteID', $input) ? $input['SiteID'] : null;
+
+        switch ($typeCode) {
+            case 'CALC':
+                $this->saveCalcDetails($testSiteID, $details, $input, $action);
+
+                break;
+
+            case 'GROUP':
+                $this->saveGroupDetails($testSiteID, $details, $input, $action);
+
+                break;
+
+            case 'TITLE':
+                break;
+
+            case 'TEST':
+            case 'PARAM':
+            default:
+                $this->saveTechDetails($testSiteID, $details, $action, $typeCode);
+
+                if (in_array($typeCode, ['TEST', 'PARAM']) && isset($details['RefType'])) {
+                    $refType = (string) $details['RefType'];
+                    $resultType = $details['ResultType'] ?? '';
+
+                    if (TestValidationService::usesRefNum($resultType, $refType) && isset($input['refnum']) && is_array($input['refnum'])) {
+                        $this->saveRefNumRanges($testSiteID, $input['refnum'], $action, array_key_exists('SiteID', $input) ? $input['SiteID'] : null);
+                    }
+
+                    if (TestValidationService::usesRefTxt($resultType, $refType) && isset($input['reftxt']) && is_array($input['reftxt'])) {
+                        $this->saveRefTxtRanges($testSiteID, $input['reftxt'], $action, array_key_exists('SiteID', $input) ? $input['SiteID'] : null);
+                    }
+                }
+
+                break;
+        }
+
+    }
+
+    private function saveTechDetails($testSiteID, $data, $action, $typeCode)
+    {
+        $allowedFields = [
+            'DisciplineID',
+            'DepartmentID',
+            'ResultType',
+            'RefType',
+            'VSet',
+            'ReqQty',
+            'ReqQtyUnit',
+            'Unit1',
+            'Factor',
+            'Unit2',
+            'Decimal',
+            'CollReq',
+            'Method',
+            'ExpectedTAT',
+        ];
+
+        $techData = [];
+        foreach ($allowedFields as $field) {
+            if (array_key_exists($field, $data)) {
+                $techData[$field] = $data[$field];
+            }
+        }
+
+        if ($techData !== []) {
+            $this->model->update($testSiteID, $techData);
+        }
+    }
+
+    private function saveRefNumRanges($testSiteID, $ranges, $action, $siteID)
+    {
+        if ($action === 'update') {
+            $this->modelRefNum->disableByTestSiteID($testSiteID);
+        }
+
+        $this->modelRefNum->batchInsert($testSiteID, $siteID, $ranges);
+    }
+
+    private function saveRefTxtRanges($testSiteID, $ranges, $action, $siteID)
+    {
+        if ($action === 'update') {
+            $this->modelRefTxt->disableByTestSiteID($testSiteID);
+        }
+
+        $this->modelRefTxt->batchInsert($testSiteID, $siteID, $ranges);
+    }
+
+    private function saveCalcDetails($testSiteID, $data, $input, $action)
+    {
+        $calcData = [];
+        $fieldMap = [
+            'DisciplineID' => 'DisciplineID',
+            'DepartmentID' => 'DepartmentID',
+            'Factor' => 'Factor',
+            'Unit2' => 'Unit2',
+            'Decimal' => 'Decimal',
+            'Method' => 'Method',
+        ];
+
+        foreach ($fieldMap as $source => $target) {
+            if (array_key_exists($source, $data)) {
+                $calcData[$target] = $data[$source];
+            }
+        }
+
+        if (array_key_exists('FormulaCode', $data) || array_key_exists('Formula', $data)) {
+            $calcData['FormulaCode'] = $data['FormulaCode'] ?? $data['Formula'] ?? null;
+        }
+
+        if (array_key_exists('RefType', $data)) {
+            $calcData['RefType'] = $data['RefType'];
+        }
+
+        if (array_key_exists('Unit1', $data) || array_key_exists('ResultUnit', $data)) {
+            $calcData['Unit1'] = $data['Unit1'] ?? $data['ResultUnit'] ?? null;
+        }
+
+        $hasMemberPayload = isset($input['testdefgrp'])
+            && is_array($input['testdefgrp'])
+            && array_key_exists('members', $input['testdefgrp']);
+
+        if ($action === 'insert' && !array_key_exists('ResultType', $calcData)) {
+            $calcData['ResultType'] = 'NMRIC';
+        }
+
+        if ($action === 'insert' && !array_key_exists('RefType', $calcData)) {
+            $calcData['RefType'] = 'RANGE';
+        }
+
+        if ($calcData !== []) {
+            $calcData['TestSiteID'] = $testSiteID;
+            if ($action === 'update') {
+                $exists = $this->modelCal->existsByTestSiteID($testSiteID);
+
+                if ($exists) {
+                    unset($calcData['TestSiteID']);
+                    $this->modelCal->update($exists['TestCalID'], $calcData);
+                } else {
+                    if (!array_key_exists('ResultType', $calcData)) {
+                        $calcData['ResultType'] = 'NMRIC';
+                    }
+                    if (!array_key_exists('RefType', $calcData)) {
+                        $calcData['RefType'] = 'RANGE';
+                    }
+                    $this->modelCal->insert($calcData);
+                }
+            } else {
+                $this->modelCal->insert($calcData);
+            }
+        }
+
+        if ($action === 'update' && !$hasMemberPayload) {
+            return;
+        }
+
+        if ($action === 'update') {
+            $this->modelGrp->disableByTestSiteID($testSiteID);
+        }
+
+        $memberIDs = $this->resolveMemberIDs($input);
+
+        $validation = $this->validateMemberIDs($memberIDs);
+        if (!$validation['valid']) {
+            throw new \Exception('Invalid member TestSiteID(s): ' . implode(', ', $validation['invalid']) . '. Make sure to use TestSiteID, not SeqScr or other values.');
+        }
+
+        foreach ($memberIDs as $memberID) {
+            $this->modelGrp->insert([
+                'TestSiteID' => $testSiteID,
+                'Member'     => $memberID,
+            ]);
+        }
+    }
+
+    private function resolveMemberIDs(array $input): array
+    {
+        $memberIDs = [];
+
+        $rawMembers = $input['testdefgrp']['members'] ?? [];
+        if (is_array($rawMembers)) {
+            foreach ($rawMembers as $member) {
+                if (is_array($member)) {
+                    $rawID = $member['TestSiteID'] ?? null;
+                } else {
+                    $rawID = is_numeric($member) ? $member : null;
+                }
+
+                if ($rawID !== null && is_numeric($rawID)) {
+                    $memberIDs[] = (int) $rawID;
+                }
+            }
+        }
+
+        $memberIDs = array_values(array_unique(array_filter($memberIDs)));
+
+        return $memberIDs;
+    }
+
+    /**
+     * Validate that member IDs exist in testdefsite table
+     *
+     * @param array $memberIDs Array of TestSiteID values to validate
+     * @return array ['valid' => bool, 'invalid' => array]
+     */
+    private function validateMemberIDs(array $memberIDs): array
+    {
+        if (empty($memberIDs)) {
+            return ['valid' => true, 'invalid' => []];
+        }
+
+        $existing = $this->model->whereIn('TestSiteID', $memberIDs)
+                                ->where('EndDate IS NULL')
+                                ->findAll();
+
+        $existingIDs = array_column($existing, 'TestSiteID');
+        $invalidIDs = array_diff($memberIDs, $existingIDs);
+
+        return [
+            'valid' => empty($invalidIDs),
+            'invalid' => array_values($invalidIDs)
+        ];
+    }
+
+    private function saveGroupDetails($testSiteID, $data, $input, $action)
+    {
+        $hasMemberPayload = isset($input['testdefgrp'])
+            && is_array($input['testdefgrp'])
+            && array_key_exists('members', $input['testdefgrp']);
+
+        if ($action === 'update' && !$hasMemberPayload) {
+            return;
+        }
+
+        if ($action === 'update') {
+            $this->modelGrp->disableByTestSiteID($testSiteID);
+        }
+
+        $memberIDs = $this->resolveMemberIDs($input);
+
+        // Validate member IDs before insertion
+        $validation = $this->validateMemberIDs($memberIDs);
+        if (!$validation['valid']) {
+            throw new \Exception('Invalid member TestSiteID(s): ' . implode(', ', $validation['invalid']) . '. Make sure to use TestSiteID, not SeqScr or other values.');
+        }
+
+        foreach ($memberIDs as $memberID) {
+            $this->modelGrp->insert([
+                'TestSiteID' => $testSiteID,
+                'Member'     => $memberID,
+            ]);
+        }
+    }
+
+    private function saveTestMap($testSiteID, $testSiteCode, $mappings, $action)
+    {
+        if ($action === 'update' && $testSiteCode) {
+            // Find existing mappings by test code through testmapdetail
+            $existingMaps = $this->modelMap->getMappingsByTestCode($testSiteCode);
+
+            foreach ($existingMaps as $existingMap) {
+                $this->modelMapDetail->disableByTestMapID($existingMap['TestMapID']);
+            }
+
+            // Soft delete the testmap headers
+            foreach ($existingMaps as $existingMap) {
+                $this->modelMap->update($existingMap['TestMapID'], ['EndDate' => date('Y-m-d H:i:s')]);
+            }
+        }
+
+        foreach ($this->normalizeTestMapPayload($mappings) as $map) {
+            $mapData = [
+                'HostType'   => $map['HostType'] ?? null,
+                'HostID'     => $map['HostID'] ?? null,
+                'ClientType' => $map['ClientType'] ?? null,
+                'ClientID'   => $map['ClientID'] ?? null,
+            ];
+
+            $testMapID = $this->modelMap->insert($mapData);
+            if (!$testMapID) {
+                continue;
+            }
+
+            foreach ($this->extractTestMapDetails($map) as $detail) {
+                $detailData = [
+                    'TestMapID'      => $testMapID,
+                    'HostTestCode'   => $detail['HostTestCode'] ?? null,
+                    'HostTestName'   => $detail['HostTestName'] ?? null,
+                    'ConDefID'       => $detail['ConDefID'] ?? null,
+                    'ClientTestCode' => $detail['ClientTestCode'] ?? null,
+                    'ClientTestName' => $detail['ClientTestName'] ?? null,
+                ];
+                $this->modelMapDetail->insert($detailData);
+            }
+        }
+    }
+
+    private function normalizeTestMapPayload($mappings): array
+    {
+        if (!is_array($mappings)) {
+            return [];
+        }
+
+        if ($this->isAssoc($mappings)) {
+            return [$mappings];
+        }
+
+        return array_values(array_filter($mappings, static fn ($map) => is_array($map)));
+    }
+
+    private function extractTestMapDetails(array $map): array
+    {
+        if (isset($map['details']) && is_array($map['details'])) {
+            return array_values(array_filter($map['details'], static fn ($detail) => is_array($detail)));
+        }
+
+        $flatDetail = [
+            'HostTestCode'   => $map['HostTestCode'] ?? null,
+            'HostTestName'   => $map['HostTestName'] ?? null,
+            'ConDefID'       => $map['ConDefID'] ?? null,
+            'ClientTestCode' => $map['ClientTestCode'] ?? null,
+            'ClientTestName' => $map['ClientTestName'] ?? null,
+        ];
+
+        foreach ($flatDetail as $value) {
+            if ($value !== null && $value !== '') {
+                return [$flatDetail];
+            }
+        }
+
+        return [];
+    }
+
+    private function isAssoc(array $array): bool
+    {
+        if ($array === []) {
+            return false;
+        }
+
+        return array_keys($array) !== range(0, count($array) - 1);
+    }
+}

app/Controllers/TestsController.php

@@ -1,619 +0,0 @@
-<?php
-namespace App\Controllers;
-
-use CodeIgniter\API\ResponseTrait;
-use App\Controllers\BaseController;
-use App\Libraries\ValueSet;
-
-class TestsController extends BaseController
-{
-    use ResponseTrait;
-
-    protected $db;
-    protected $rules;
-    protected $model;
-    protected $modelCal;
-    protected $modelTech;
-    protected $modelGrp;
-    protected $modelMap;
-    protected $modelRefNum;
-    protected $modelRefTxt;
-
-    public function __construct()
-    {
-        $this->db = \Config\Database::connect();
-        $this->model = new \App\Models\Test\TestDefSiteModel;
-        $this->modelCal = new \App\Models\Test\TestDefCalModel;
-        $this->modelTech = new \App\Models\Test\TestDefTechModel;
-        $this->modelGrp = new \App\Models\Test\TestDefGrpModel;
-        $this->modelMap = new \App\Models\Test\TestMapModel;
-        $this->modelRefNum = new \App\Models\RefRange\RefNumModel;
-        $this->modelRefTxt = new \App\Models\RefRange\RefTxtModel;
-
-        $this->rules = [
-            'TestSiteCode' => 'required|min_length[3]|max_length[6]',
-            'TestSiteName' => 'required',
-            'TestType' => 'required',
-            'SiteID' => 'required'
-        ];
-    }
-
-    public function index()
-    {
-        $siteId = $this->request->getGet('SiteID');
-        $testType = $this->request->getGet('TestType');
-        $visibleScr = $this->request->getGet('VisibleScr');
-        $visibleRpt = $this->request->getGet('VisibleRpt');
-        $keyword = $this->request->getGet('TestSiteName');
-
-        $builder = $this->db->table('testdefsite')
-            ->select("testdefsite.TestSiteID, testdefsite.TestSiteCode, testdefsite.TestSiteName, testdefsite.TestType, 
-                  testdefsite.SeqScr, testdefsite.SeqRpt, testdefsite.VisibleScr, testdefsite.VisibleRpt,
-                  testdefsite.CountStat, testdefsite.StartDate, testdefsite.EndDate")
-            ->where('testdefsite.EndDate IS NULL');
-
-        if ($siteId) {
-            $builder->where('testdefsite.SiteID', $siteId);
-        }
-
-        if ($testType) {
-            $builder->where('testdefsite.TestType', $testType);
-        }
-
-        if ($visibleScr !== null) {
-            $builder->where('testdefsite.VisibleScr', $visibleScr);
-        }
-
-        if ($visibleRpt !== null) {
-            $builder->where('testdefsite.VisibleRpt', $visibleRpt);
-        }
-
-        if ($keyword) {
-            $builder->like('testdefsite.TestSiteName', $keyword);
-        }
-
-        $rows = $builder->orderBy('testdefsite.SeqScr', 'ASC')->get()->getResultArray();
-
-        if (empty($rows)) {
-            return $this->respond(['status' => 'success', 'message' => "No data.", 'data' => []], 200);
-        }
-
-        $rows = ValueSet::transformLabels($rows, [
-            'TestType' => 'test_type',
-        ]);
-
-        return $this->respond(['status' => 'success', 'message' => "Data fetched successfully", 'data' => $rows], 200);
-    }
-
-    public function show($id = null)
-    {
-        if (!$id)
-            return $this->failValidationErrors('TestSiteID is required');
-
-        $row = $this->model->select("testdefsite.*")
-            ->where("testdefsite.TestSiteID", $id)
-            ->find($id);
-
-        if (!$row) {
-            return $this->respond(['status' => 'success', 'message' => "No data.", 'data' => null], 200);
-        }
-
-        $row = ValueSet::transformLabels([$row], [
-            'TestType' => 'test_type',
-        ])[0];
-
-        $typeCode = $row['TestType'] ?? '';
-
-        if ($typeCode === 'CALC') {
-            $row['testdefcal'] = $this->db->table('testdefcal')
-                ->select('testdefcal.*, d.DisciplineName, dept.DepartmentName')
-                ->join('discipline d', 'd.DisciplineID=testdefcal.DisciplineID', 'left')
-                ->join('department dept', 'dept.DepartmentID=testdefcal.DepartmentID', 'left')
-                ->where('testdefcal.TestSiteID', $id)
-                ->where('testdefcal.EndDate IS NULL')
-                ->get()->getResultArray();
-
-            $row['testmap'] = $this->modelMap->where('TestSiteID', $id)->where('EndDate IS NULL')->findAll();
-
-        } elseif ($typeCode === 'GROUP') {
-            $row['testdefgrp'] = $this->db->table('testdefgrp')
-                ->select('testdefgrp.*, t.TestSiteCode, t.TestSiteName, t.TestType')
-                ->join('testdefsite t', 't.TestSiteID=testdefgrp.Member', 'left')
-                ->where('testdefgrp.TestSiteID', $id)
-                ->where('testdefgrp.EndDate IS NULL')
-                ->orderBy('testdefgrp.TestGrpID', 'ASC')
-                ->get()->getResultArray();
-
-            $row['testdefgrp'] = ValueSet::transformLabels($row['testdefgrp'], [
-                'TestType' => 'test_type',
-            ]);
-
-            $row['testmap'] = $this->modelMap->where('TestSiteID', $id)->where('EndDate IS NULL')->findAll();
-
-        } elseif ($typeCode === 'TITLE') {
-            $row['testmap'] = $this->modelMap->where('TestSiteID', $id)->where('EndDate IS NULL')->findAll();
-
-        } else {
-            $row['testdeftech'] = $this->db->table('testdeftech')
-                ->select('testdeftech.*, d.DisciplineName, dept.DepartmentName')
-                ->join('discipline d', 'd.DisciplineID=testdeftech.DisciplineID', 'left')
-                ->join('department dept', 'dept.DepartmentID=testdeftech.DepartmentID', 'left')
-                ->where('testdeftech.TestSiteID', $id)
-                ->where('testdeftech.EndDate IS NULL')
-                ->get()->getResultArray();
-
-            $row['testmap'] = $this->modelMap->where('TestSiteID', $id)->where('EndDate IS NULL')->findAll();
-
-            if (!empty($row['testdeftech'])) {
-                $techData = $row['testdeftech'][0];
-                $refType = $techData['RefType'];
-
-                if ($refType === '1') {
-                    $refnumData = $this->modelRefNum
-                        ->where('TestSiteID', $id)
-                        ->where('EndDate IS NULL')
-                        ->orderBy('Display', 'ASC')
-                        ->findAll();
-
-                    $row['refnum'] = array_map(function ($r) {
-                        return [
-                            'RefNumID' => $r['RefNumID'],
-                            'NumRefType' => $r['NumRefType'],
-                            'NumRefTypeVValue' => ValueSet::getLabel('numeric_ref_type', $r['NumRefType']),
-                            'RangeTypeVValue' => ValueSet::getLabel('range_type', $r['RangeType']),
-                            'SexVValue' => ValueSet::getLabel('gender', $r['Sex']),
-                            'LowSignVValue' => ValueSet::getLabel('math_sign', $r['LowSign']),
-                            'HighSignVValue' => ValueSet::getLabel('math_sign', $r['HighSign']),
-                            'High' => $r['High'] !== null ? (int) $r['High'] : null,
-                            'Flag' => $r['Flag']
-                        ];
-                    }, $refnumData ?? []);
-
-                    // $row['numRefTypeOptions'] = ValueSet::getOptions('numeric_ref_type');
-                    $row['rangeTypeOptions'] = ValueSet::getOptions('range_type');
-                }
-
-                if ($refType === '2') {
-                    $reftxtData = $this->modelRefTxt
-                        ->where('TestSiteID', $id)
-                        ->where('EndDate IS NULL')
-                        ->orderBy('RefTxtID', 'ASC')
-                        ->findAll();
-
-                    $row['reftxt'] = array_map(function ($r) {
-                        return [
-                            'RefTxtID' => $r['RefTxtID'],
-                            'TxtRefType' => $r['TxtRefType'],
-                            'TxtRefTypeVValue' => ValueSet::getLabel('text_ref_type', $r['TxtRefType']),
-                            'Sex' => $r['Sex'],
-                            'SexVValue' => ValueSet::getLabel('gender', $r['Sex']),
-                            'AgeStart' => (int) $r['AgeStart'],
-                            'AgeEnd' => (int) $r['AgeEnd'],
-                            'RefTxt' => $r['RefTxt'],
-                            'Flag' => $r['Flag']
-                        ];
-                    }, $reftxtData ?? []);
-
-                    // $row['txtRefTypeOptions'] = ValueSet::getOptions('text_ref_type');
-                }
-            }
-        }
-
-        // $row['refTypeOptions'] = ValueSet::getOptions('reference_type');
-        // $row['sexOptions'] = ValueSet::getOptions('gender');
-        // $row['mathSignOptions'] = ValueSet::getOptions('math_sign');
-
-        return $this->respond(['status' => 'success', 'message' => "Data fetched successfully", 'data' => $row], 200);
-    }
-
-    public function create()
-    {
-        $input = $this->request->getJSON(true);
-
-        if (!$this->validateData($input, $this->rules)) {
-            return $this->failValidationErrors($this->validator->getErrors());
-        }
-
-        $this->db->transStart();
-
-        try {
-            $testSiteData = [
-                'SiteID' => $input['SiteID'],
-                'TestSiteCode' => $input['TestSiteCode'],
-                'TestSiteName' => $input['TestSiteName'],
-                'TestType' => $input['TestType'],
-                'Description' => $input['Description'] ?? null,
-                'SeqScr' => $input['SeqScr'] ?? 0,
-                'SeqRpt' => $input['SeqRpt'] ?? 0,
-                'IndentLeft' => $input['IndentLeft'] ?? 0,
-                'FontStyle' => $input['FontStyle'] ?? null,
-                'VisibleScr' => $input['VisibleScr'] ?? 1,
-                'VisibleRpt' => $input['VisibleRpt'] ?? 1,
-                'CountStat' => $input['CountStat'] ?? 1,
-                'StartDate' => $input['StartDate'] ?? date('Y-m-d H:i:s')
-            ];
-
-            $id = $this->model->insert($testSiteData);
-            if (!$id) {
-                throw new \Exception("Failed to insert main test definition");
-            }
-
-            $this->handleDetails($id, $input, 'insert');
-
-            $this->db->transComplete();
-
-            if ($this->db->transStatus() === false) {
-                return $this->failServerError('Transaction failed');
-            }
-
-            return $this->respondCreated([
-                'status' => 'created',
-                'message' => "Test created successfully",
-                'data' => ['TestSiteId' => $id]
-            ]);
-        } catch (\Exception $e) {
-            $this->db->transRollback();
-            return $this->failServerError('Something went wrong: ' . $e->getMessage());
-        }
-    }
-
-    public function update($id = null)
-    {
-        $input = $this->request->getJSON(true);
-
-        if (!$id && isset($input["TestSiteID"])) {
-            $id = $input["TestSiteID"];
-        }
-        if (!$id) {
-            return $this->failValidationErrors('TestSiteID is required.');
-        }
-
-        $existing = $this->model->find($id);
-        if (!$existing) {
-            return $this->failNotFound('Test not found');
-        }
-
-        $this->db->transStart();
-
-        try {
-            $testSiteData = [];
-            $allowedUpdateFields = [
-                'TestSiteCode',
-                'TestSiteName',
-                'TestType',
-                'Description',
-                'SeqScr',
-                'SeqRpt',
-                'IndentLeft',
-                'FontStyle',
-                'VisibleScr',
-                'VisibleRpt',
-                'CountStat',
-                'StartDate'
-            ];
-
-            foreach ($allowedUpdateFields as $field) {
-                if (isset($input[$field])) {
-                    $testSiteData[$field] = $input[$field];
-                }
-            }
-
-            if (!empty($testSiteData)) {
-                $this->model->update($id, $testSiteData);
-            }
-
-            $this->handleDetails($id, $input, 'update');
-
-            $this->db->transComplete();
-
-            if ($this->db->transStatus() === false) {
-                return $this->failServerError('Transaction failed');
-            }
-
-            return $this->respond([
-                'status' => 'success',
-                'message' => "Test updated successfully",
-                'data' => ['TestSiteId' => $id]
-            ]);
-        } catch (\Exception $e) {
-            $this->db->transRollback();
-            return $this->failServerError('Something went wrong: ' . $e->getMessage());
-        }
-    }
-
-    public function delete($id = null)
-    {
-        $input = $this->request->getJSON(true);
-
-        if (!$id && isset($input["TestSiteID"])) {
-            $id = $input["TestSiteID"];
-        }
-        if (!$id) {
-            return $this->failValidationErrors('TestSiteID is required.');
-        }
-
-        $existing = $this->model->find($id);
-        if (!$existing) {
-            return $this->failNotFound('Test not found');
-        }
-
-        if (!empty($existing['EndDate'])) {
-            return $this->failValidationErrors('Test is already disabled');
-        }
-
-        $this->db->transStart();
-
-        try {
-            $now = date('Y-m-d H:i:s');
-
-            $this->model->update($id, ['EndDate' => $now]);
-
-            $testType = $existing['TestType'];
-            $typeCode = $testType;
-
-            if ($typeCode === 'CALC') {
-                $this->db->table('testdefcal')
-                    ->where('TestSiteID', $id)
-                    ->update(['EndDate' => $now]);
-            } elseif ($typeCode === 'GROUP') {
-                $this->db->table('testdefgrp')
-                    ->where('TestSiteID', $id)
-                    ->update(['EndDate' => $now]);
-            } elseif (in_array($typeCode, ['TEST', 'PARAM'])) {
-                $this->db->table('testdeftech')
-                    ->where('TestSiteID', $id)
-                    ->update(['EndDate' => $now]);
-
-                $this->modelRefNum->where('TestSiteID', $id)->set('EndDate', $now)->update();
-                $this->modelRefTxt->where('TestSiteID', $id)->set('EndDate', $now)->update();
-            }
-
-            $this->db->table('testmap')
-                ->where('TestSiteID', $id)
-                ->update(['EndDate' => $now]);
-
-            $this->db->transComplete();
-
-            if ($this->db->transStatus() === false) {
-                return $this->failServerError('Transaction failed');
-            }
-
-            return $this->respond([
-                'status' => 'success',
-                'message' => "Test disabled successfully",
-                'data' => ['TestSiteId' => $id, 'EndDate' => $now]
-            ]);
-        } catch (\Exception $e) {
-            $this->db->transRollback();
-            return $this->failServerError('Something went wrong: ' . $e->getMessage());
-        }
-    }
-
-    private function handleDetails($testSiteID, $input, $action)
-    {
-        $testTypeID = $input['TestType'] ?? null;
-
-        if (!$testTypeID && $action === 'update') {
-            $existing = $this->model->find($testSiteID);
-            $testTypeID = $existing['TestType'] ?? null;
-        }
-
-        if (!$testTypeID)
-            return;
-
-        $typeCode = $testTypeID;
-
-        $details = $input['details'] ?? $input;
-        $details['TestSiteID'] = $testSiteID;
-        $details['SiteID'] = $input['SiteID'] ?? 1;
-
-        switch ($typeCode) {
-            case 'CALC':
-                $this->saveCalcDetails($testSiteID, $details, $action);
-                break;
-
-            case 'GROUP':
-                $this->saveGroupDetails($testSiteID, $details, $input, $action);
-                break;
-
-            case 'TITLE':
-                if (isset($input['testmap']) && is_array($input['testmap'])) {
-                    $this->saveTestMap($testSiteID, $input['testmap'], $action);
-                }
-                break;
-
-            case 'TEST':
-            case 'PARAM':
-            default:
-                $this->saveTechDetails($testSiteID, $details, $action, $typeCode);
-
-                if (in_array($typeCode, ['TEST', 'PARAM']) && isset($details['RefType'])) {
-                    $refType = $details['RefType'];
-
-                    if ($refType === '1' && isset($input['refnum']) && is_array($input['refnum'])) {
-                        $this->saveRefNumRanges($testSiteID, $input['refnum'], $action, $input['SiteID'] ?? 1);
-                    }
-
-                    if ($refType === '2' && isset($input['reftxt']) && is_array($input['reftxt'])) {
-                        $this->saveRefTxtRanges($testSiteID, $input['reftxt'], $action, $input['SiteID'] ?? 1);
-                    }
-                }
-                break;
-        }
-
-        if (in_array($typeCode, ['TEST', 'CALC']) && isset($input['testmap']) && is_array($input['testmap'])) {
-            $this->saveTestMap($testSiteID, $input['testmap'], $action);
-        }
-    }
-
-    private function saveTechDetails($testSiteID, $data, $action, $typeCode)
-    {
-        $techData = [
-            'TestSiteID' => $testSiteID,
-            'DisciplineID' => $data['DisciplineID'] ?? null,
-            'DepartmentID' => $data['DepartmentID'] ?? null,
-            'ResultType' => $data['ResultType'] ?? null,
-            'RefType' => $data['RefType'] ?? null,
-            'VSet' => $data['VSet'] ?? null,
-            'ReqQty' => $data['ReqQty'] ?? null,
-            'ReqQtyUnit' => $data['ReqQtyUnit'] ?? null,
-            'Unit1' => $data['Unit1'] ?? null,
-            'Factor' => $data['Factor'] ?? null,
-            'Unit2' => $data['Unit2'] ?? null,
-            'Decimal' => $data['Decimal'] ?? 2,
-            'CollReq' => $data['CollReq'] ?? null,
-            'Method' => $data['Method'] ?? null,
-            'ExpectedTAT' => $data['ExpectedTAT'] ?? null
-        ];
-
-        if ($action === 'update') {
-            $exists = $this->db->table('testdeftech')
-                ->where('TestSiteID', $testSiteID)
-                ->where('EndDate IS NULL')
-                ->get()->getRowArray();
-
-            if ($exists) {
-                $this->modelTech->update($exists['TestTechID'], $techData);
-            } else {
-                $this->modelTech->insert($techData);
-            }
-        } else {
-            $this->modelTech->insert($techData);
-        }
-    }
-
-    private function saveRefNumRanges($testSiteID, $ranges, $action, $siteID)
-    {
-        if ($action === 'update') {
-            $this->modelRefNum->where('TestSiteID', $testSiteID)
-                ->set('EndDate', date('Y-m-d H:i:s'))
-                ->update();
-        }
-
-        foreach ($ranges as $index => $range) {
-            $this->modelRefNum->insert([
-                'TestSiteID' => $testSiteID,
-                'SiteID' => $siteID,
-                'NumRefType' => $range['NumRefType'],
-                'RangeType' => $range['RangeType'],
-                'Sex' => $range['Sex'],
-                'AgeStart' => (int) ($range['AgeStart'] ?? 0),
-                'AgeEnd' => (int) ($range['AgeEnd'] ?? 150),
-                'LowSign' => !empty($range['LowSign']) ? $range['LowSign'] : null,
-                'Low' => !empty($range['Low']) ? (int) $range['Low'] : null,
-                'HighSign' => !empty($range['HighSign']) ? $range['HighSign'] : null,
-                'High' => !empty($range['High']) ? (int) $range['High'] : null,
-                'Flag' => $range['Flag'] ?? null,
-                'Display' => $index,
-                'CreateDate' => date('Y-m-d H:i:s')
-            ]);
-        }
-    }
-
-    private function saveRefTxtRanges($testSiteID, $ranges, $action, $siteID)
-    {
-        if ($action === 'update') {
-            $this->modelRefTxt->where('TestSiteID', $testSiteID)
-                ->set('EndDate', date('Y-m-d H:i:s'))
-                ->update();
-        }
-
-        foreach ($ranges as $range) {
-            $this->modelRefTxt->insert([
-                'TestSiteID' => $testSiteID,
-                'SiteID' => $siteID,
-                'TxtRefType' => $range['TxtRefType'],
-                'Sex' => $range['Sex'],
-                'AgeStart' => (int) ($range['AgeStart'] ?? 0),
-                'AgeEnd' => (int) ($range['AgeEnd'] ?? 150),
-                'RefTxt' => $range['RefTxt'] ?? '',
-                'Flag' => $range['Flag'] ?? null,
-                'CreateDate' => date('Y-m-d H:i:s')
-            ]);
-        }
-    }
-
-    private function saveCalcDetails($testSiteID, $data, $action)
-    {
-        $calcData = [
-            'TestSiteID' => $testSiteID,
-            'DisciplineID' => $data['DisciplineID'] ?? null,
-            'DepartmentID' => $data['DepartmentID'] ?? null,
-            'FormulaInput' => $data['FormulaInput'] ?? null,
-            'FormulaCode' => $data['FormulaCode'] ?? $data['Formula'] ?? null,
-            'RefType' => $data['RefType'] ?? 'NMRC',
-            'Unit1' => $data['Unit1'] ?? $data['ResultUnit'] ?? null,
-            'Factor' => $data['Factor'] ?? null,
-            'Unit2' => $data['Unit2'] ?? null,
-            'Decimal' => $data['Decimal'] ?? 2,
-            'Method' => $data['Method'] ?? null
-        ];
-
-        if ($action === 'update') {
-            $exists = $this->db->table('testdefcal')
-                ->where('TestSiteID', $testSiteID)
-                ->where('EndDate IS NULL')
-                ->get()->getRowArray();
-
-            if ($exists) {
-                $this->modelCal->update($exists['TestCalID'], $calcData);
-            } else {
-                $this->modelCal->insert($calcData);
-            }
-        } else {
-            $this->modelCal->insert($calcData);
-        }
-    }
-
-    private function saveGroupDetails($testSiteID, $data, $input, $action)
-    {
-        if ($action === 'update') {
-            $this->db->table('testdefgrp')
-                ->where('TestSiteID', $testSiteID)
-                ->update(['EndDate' => date('Y-m-d H:i:s')]);
-        }
-
-        $members = $data['members'] ?? ($input['Members'] ?? []);
-
-        if (is_array($members)) {
-            foreach ($members as $m) {
-                $memberID = is_array($m) ? ($m['Member'] ?? ($m['TestSiteID'] ?? null)) : $m;
-                if ($memberID) {
-                    $this->modelGrp->insert([
-                        'TestSiteID' => $testSiteID,
-                        'Member' => $memberID
-                    ]);
-                }
-            }
-        }
-    }
-
-    private function saveTestMap($testSiteID, $mappings, $action)
-    {
-        if ($action === 'update') {
-            $this->db->table('testmap')
-                ->where('TestSiteID', $testSiteID)
-                ->update(['EndDate' => date('Y-m-d H:i:s')]);
-        }
-
-        if (is_array($mappings)) {
-            foreach ($mappings as $map) {
-                $mapData = [
-                    'TestSiteID' => $testSiteID,
-                    'HostType' => $map['HostType'] ?? null,
-                    'HostID' => $map['HostID'] ?? null,
-                    'HostDataSource' => $map['HostDataSource'] ?? null,
-                    'HostTestCode' => $map['HostTestCode'] ?? null,
-                    'HostTestName' => $map['HostTestName'] ?? null,
-                    'ClientType' => $map['ClientType'] ?? null,
-                    'ClientID' => $map['ClientID'] ?? null,
-                    'ClientDataSource' => $map['ClientDataSource'] ?? null,
-                    'ConDefID' => $map['ConDefID'] ?? null,
-                    'ClientTestCode' => $map['ClientTestCode'] ?? null,
-                    'ClientTestName' => $map['ClientTestName'] ?? null
-                ];
-                $this->modelMap->insert($mapData);
-            }
-        }
-    }
-}

app/Controllers/User/UserController.php

@@ -0,0 +1,306 @@
+<?php
+
+namespace App\Controllers\User;
+
+use App\Controllers\BaseController;
+use App\Models\User\UserModel;
+use App\Traits\PatchValidationTrait;
+use App\Traits\ResponseTrait;
+
+/**
+ * User Management Controller
+ * Handles CRUD operations for users
+ */
+class UserController extends BaseController
+{
+    use ResponseTrait;
+    use PatchValidationTrait;
+
+    protected $model;
+    protected $db;
+
+    public function __construct()
+    {
+        $this->db = \Config\Database::connect();
+        $this->model = new UserModel();
+    }
+
+    /**
+     * List users with pagination and search
+     * GET /api/user?page=1&per_page=20&search=term
+     */
+    public function index()
+    {
+        try {
+            $page = (int)($this->request->getGet('page') ?? 1);
+            $perPage = (int)($this->request->getGet('per_page') ?? 20);
+            $search = $this->request->getGet('search');
+
+            // Build query
+            $builder = $this->model->where('DelDate', null);
+
+            // Apply search if provided
+            if ($search) {
+                $builder->groupStart()
+                    ->like('Username', $search)
+                    ->orLike('Email', $search)
+                    ->orLike('Name', $search)
+                    ->groupEnd();
+            }
+
+            // Get total count for pagination
+            $total = $builder->countAllResults(false);
+
+            // Get paginated results
+            $users = $builder
+                ->orderBy('UserID', 'DESC')
+                ->limit($perPage, ($page - 1) * $perPage)
+                ->findAll();
+
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'Users retrieved successfully',
+                'data' => [
+                    'users' => $users,
+                    'pagination' => [
+                        'current_page' => $page,
+                        'per_page' => $perPage,
+                        'total' => $total,
+                        'total_pages' => ceil($total / $perPage)
+                    ]
+                ]
+            ], 200);
+
+        } catch (\Exception $e) {
+            log_message('error', 'UserController::index error: ' . $e->getMessage());
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Failed to retrieve users',
+                'data' => null
+            ], 500);
+        }
+    }
+
+    /**
+     * Get single user by ID
+     * GET /api/user/(:num)
+     */
+    public function show($id)
+    {
+        try {
+            $user = $this->model->where('UserID', $id)
+                ->where('DelDate', null)
+                ->first();
+
+            if (empty($user)) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'User not found',
+                    'data' => null
+                ], 404);
+            }
+
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'User retrieved successfully',
+                'data' => $user
+            ], 200);
+
+        } catch (\Exception $e) {
+            log_message('error', 'UserController::show error: ' . $e->getMessage());
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Failed to retrieve user',
+                'data' => null
+            ], 500);
+        }
+    }
+
+    /**
+     * Create new user
+     * POST /api/user
+     */
+    public function create()
+    {
+        try {
+            $data = $this->request->getJSON(true);
+
+            // Validation rules
+            $rules = [
+                'Username' => 'required|min_length[3]|max_length[50]|is_unique[users.Username]',
+                'Email' => 'required|valid_email|is_unique[users.Email]',
+            ];
+
+            if (!$this->validateData($data, $rules)) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'Validation failed',
+                    'data' => $this->validator->getErrors()
+                ], 400);
+            }
+
+            // Set default values
+            $data['IsActive'] = $data['IsActive'] ?? true;
+            $data['CreatedAt'] = date('Y-m-d H:i:s');
+
+            $userId = $this->model->insert($data);
+
+            if (!$userId) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'Failed to create user',
+                    'data' => null
+                ], 500);
+            }
+
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'User created successfully',
+                'data' => [
+                    'UserID' => $userId,
+                    'Username' => $data['Username'],
+                    'Email' => $data['Email']
+                ]
+            ], 201);
+
+        } catch (\Exception $e) {
+            log_message('error', 'UserController::create error: ' . $e->getMessage());
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Failed to create user',
+                'data' => null
+            ], 500);
+        }
+    }
+
+    /**
+     * Update existing user
+     * PATCH /api/user/(:num)
+     */
+    public function update($id)
+    {
+        try {
+            $data = $this->requirePatchPayload($this->request->getJSON(true));
+            if ($data === null) {
+                return;
+            }
+
+            if (empty($id) || !ctype_digit((string) $id)) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'UserID is required',
+                    'data' => null
+                ], 400);
+            }
+
+            if (isset($data['UserID']) && (string) $data['UserID'] !== (string) $id) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'UserID in URL does not match body',
+                    'data' => null
+                ], 400);
+            }
+
+            $userId = (int) $id;
+
+            // Check if user exists
+            $user = $this->model->where('UserID', $userId)
+                ->where('DelDate', null)
+                ->first();
+
+            if (empty($user)) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'User not found',
+                    'data' => null
+                ], 404);
+            }
+
+            // Remove UserID from data array
+            unset($data['UserID']);
+
+            // Don't allow updating these fields
+            unset($data['CreatedAt']);
+            unset($data['Username']); // Username should not change
+
+            $data['UpdatedAt'] = date('Y-m-d H:i:s');
+
+            $updated = $this->model->update($userId, $data);
+
+            if (!$updated) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'Failed to update user',
+                    'data' => null
+                ], 500);
+            }
+
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'User updated successfully',
+                'data' => [
+                    'UserID' => $userId,
+                    'updated_fields' => array_keys($data)
+                ]
+            ], 200);
+
+        } catch (\Exception $e) {
+            log_message('error', 'UserController::update error: ' . $e->getMessage());
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Failed to update user',
+                'data' => null
+            ], 500);
+        }
+    }
+
+    /**
+     * Delete user (soft delete)
+     * DELETE /api/user/(:num)
+     */
+    public function delete($id)
+    {
+        try {
+            // Check if user exists
+            $user = $this->model->where('UserID', $id)
+                ->where('DelDate', null)
+                ->first();
+
+            if (empty($user)) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'User not found',
+                    'data' => null
+                ], 404);
+            }
+
+            // Soft delete by setting DelDate
+            $deleted = $this->model->update($id, [
+                'DelDate' => date('Y-m-d H:i:s'),
+                'IsActive' => false
+            ]);
+
+            if (!$deleted) {
+                return $this->respond([
+                    'status' => 'failed',
+                    'message' => 'Failed to delete user',
+                    'data' => null
+                ], 500);
+            }
+
+            return $this->respond([
+                'status' => 'success',
+                'message' => 'User deleted successfully',
+                'data' => ['UserID' => $id]
+            ], 200);
+
+        } catch (\Exception $e) {
+            log_message('error', 'UserController::delete error: ' . $e->getMessage());
+            return $this->respond([
+                'status' => 'failed',
+                'message' => 'Failed to delete user',
+                'data' => null
+            ], 500);
+        }
+    }
+}

app/Controllers/ValueSetController.php

@@ -4,7 +4,7 @@ namespace App\Controllers;
 
 use App\Libraries\ValueSet;
 use App\Models\ValueSet\ValueSetModel;
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 
 class ValueSetController extends \CodeIgniter\Controller
 {
@@ -19,12 +19,26 @@ class ValueSetController extends \CodeIgniter\Controller
 
     public function index(?string $lookupName = null)
     {
+        $search = $this->request->getGet('search') ?? null;
+        
         if ($lookupName === null) {
             $all = ValueSet::getAll();
             $result = [];
             foreach ($all as $name => $entry) {
+                if ($search) {
+                    $nameLower = strtolower($name);
+                    $labelLower = strtolower($entry['VSName'] ?? '');
+                    $searchLower = strtolower($search);
+                    if (strpos($nameLower, $searchLower) === false && strpos($labelLower, $searchLower) === false) {
+                        continue;
+                    }
+                }
                 $count = count($entry['values'] ?? []);
-                $result[$name] = $count;
+                $result[] = [
+                    'value' => $name,
+                    'label' => $entry['VSName'] ?? '',
+                    'count' => $count
+                ];
             }
             return $this->respond([
                 'status' => 'success',

app/Controllers/ValueSetDefController.php

@@ -3,7 +3,7 @@
 namespace App\Controllers;
 
 use App\Models\ValueSet\ValueSetDefModel;
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 
 class ValueSetDefController extends \CodeIgniter\Controller
 {

app/Controllers/ZonesController.php

@@ -2,7 +2,7 @@
 /*
 namespace App\Controllers;
 
-use CodeIgniter\API\ResponseTrait;
+use App\Traits\ResponseTrait;
 use App\Controllers\BaseController;
 use App\Models\SyncCRM\ZonesModel;