Merge pull request #2297 from sjpadgett/calendar-fix
[openemr.git] / _rest_routes.inc.php
blob8c3f708b0a656e0ef9017b9b1e7f9d65e0a1f111
1 <?php
2 /**
3 * Routes
4 * (All REST routes)
6 * @package OpenEMR
7 * @link http://www.open-emr.org
8 * @author Matthew Vita <matthewvita48@gmail.com>
9 * @author Jerry Padgett <sjpadgett@gmail.com>
10 * @copyright Copyright (c) 2018 Matthew Vita <matthewvita48@gmail.com>
11 * @copyright Copyright (c) 2018 Jerry Padgett <sjpadgett@gmail.com>
12 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
15 // Lets keep our controller classes with the routes.
17 use OpenEMR\RestControllers\FacilityRestController;
18 use OpenEMR\RestControllers\VersionRestController;
19 use OpenEMR\RestControllers\ProductRegistrationRestController;
20 use OpenEMR\RestControllers\PatientRestController;
21 use OpenEMR\RestControllers\EncounterRestController;
22 use OpenEMR\RestControllers\ProviderRestController;
23 use OpenEMR\RestControllers\ListRestController;
24 use OpenEMR\RestControllers\InsuranceCompanyRestController;
25 use OpenEMR\RestControllers\AppointmentRestController;
26 use OpenEMR\RestControllers\AuthRestController;
27 use OpenEMR\RestControllers\ONoteRestController;
28 use OpenEMR\RestControllers\DocumentRestController;
29 use OpenEMR\RestControllers\InsuranceRestController;
30 use OpenEMR\RestControllers\MessageRestController;
32 // Note some Http clients may not send auth as json so a function
33 // is implemented to determine and parse encoding on auth route's.
35 RestConfig::$ROUTE_MAP = array(
36 "POST /api/auth" => function () {
37 $data = (array) RestConfig::getPostData((file_get_contents("php://input")));
38 return (new AuthRestController())->authenticate($data);
40 "GET /api/facility" => function () {
41 authorization_check("admin", "users");
42 return (new FacilityRestController())->getAll();
44 "GET /api/facility/:fid" => function ($fid) {
45 authorization_check("admin", "users");
46 return (new FacilityRestController())->getOne($fid);
48 "POST /api/facility" => function () {
49 authorization_check("admin", "super");
50 $data = (array)(json_decode(file_get_contents("php://input")));
51 return (new FacilityRestController())->post($data);
53 "PUT /api/facility/:fid" => function ($fid) {
54 authorization_check("admin", "super");
55 $data = (array)(json_decode(file_get_contents("php://input")));
56 $data["fid"] = $fid;
57 return (new FacilityRestController())->put($data);
59 "GET /api/provider" => function () {
60 authorization_check("admin", "users");
61 return (new ProviderRestController())->getAll();
63 "GET /api/provider/:prid" => function ($prid) {
64 authorization_check("admin", "users");
65 return (new ProviderRestController())->getOne($prid);
67 "GET /api/patient" => function () {
68 authorization_check("patients", "demo");
69 return (new PatientRestController(null))->getAll($_GET);
71 "POST /api/patient" => function () {
72 authorization_check("patients", "demo");
73 $data = (array)(json_decode(file_get_contents("php://input")));
74 return (new PatientRestController(null))->post($data);
76 "PUT /api/patient/:pid" => function ($pid) {
77 authorization_check("patients", "demo");
78 $data = (array)(json_decode(file_get_contents("php://input")));
79 return (new PatientRestController(null))->put($pid, $data);
81 "GET /api/patient/:pid" => function ($pid) {
82 authorization_check("patients", "demo");
83 return (new PatientRestController($pid))->getOne();
85 "GET /api/patient/:pid/encounter" => function ($pid) {
86 authorization_check("encounters", "auth_a");
87 return (new EncounterRestController())->getAll($pid);
89 "GET /api/patient/:pid/encounter/:eid" => function ($pid, $eid) {
90 authorization_check("encounters", "auth_a");
91 return (new EncounterRestController())->getOne($pid, $eid);
93 "GET /api/patient/:pid/encounter/:eid/soap_note" => function ($pid, $eid) {
94 authorization_check("encounters", "notes");
95 return (new EncounterRestController())->getSoapNotes($pid, $eid);
97 "POST /api/patient/:pid/encounter/:eid/vital" => function ($pid, $eid) {
98 authorization_check("encounters", "notes");
99 $data = (array)(json_decode(file_get_contents("php://input")));
100 return (new EncounterRestController())->postVital($pid, $eid, $data);
102 "PUT /api/patient/:pid/encounter/:eid/vital/:vid" => function ($pid, $eid, $vid) {
103 authorization_check("encounters", "notes");
104 $data = (array)(json_decode(file_get_contents("php://input")));
105 return (new EncounterRestController())->putVital($pid, $eid, $vid, $data);
107 "GET /api/patient/:pid/encounter/:eid/vital" => function ($pid, $eid) {
108 authorization_check("encounters", "notes");
109 return (new EncounterRestController())->getVitals($pid, $eid);
111 "GET /api/patient/:pid/encounter/:eid/vital/:vid" => function ($pid, $eid, $vid) {
112 authorization_check("encounters", "notes");
113 return (new EncounterRestController())->getVital($pid, $eid, $vid);
115 "GET /api/patient/:pid/encounter/:eid/soap_note/:sid" => function ($pid, $eid, $sid) {
116 authorization_check("encounters", "notes");
117 return (new EncounterRestController())->getSoapNote($pid, $eid, $sid);
119 "POST /api/patient/:pid/encounter/:eid/soap_note" => function ($pid, $eid) {
120 authorization_check("encounters", "notes");
121 $data = (array)(json_decode(file_get_contents("php://input")));
122 return (new EncounterRestController())->postSoapNote($pid, $eid, $data);
124 "PUT /api/patient/:pid/encounter/:eid/soap_note/:sid" => function ($pid, $eid, $sid) {
125 authorization_check("encounters", "notes");
126 $data = (array)(json_decode(file_get_contents("php://input")));
127 return (new EncounterRestController())->putSoapNote($pid, $eid, $sid, $data);
129 "GET /api/patient/:pid/medical_problem" => function ($pid) {
130 authorization_check("encounters", "notes");
131 return (new ListRestController())->getAll($pid, "medical_problem");
133 "GET /api/patient/:pid/medical_problem/:mid" => function ($pid, $mid) {
134 authorization_check("patients", "med");
135 return (new ListRestController())->getOne($pid, "medical_problem", $mid);
137 "POST /api/patient/:pid/medical_problem" => function ($pid) {
138 authorization_check("patients", "med");
139 $data = (array)(json_decode(file_get_contents("php://input")));
140 return (new ListRestController())->post($pid, "medical_problem", $data);
142 "PUT /api/patient/:pid/medical_problem/:mid" => function ($pid, $mid) {
143 authorization_check("patients", "med");
144 $data = (array)(json_decode(file_get_contents("php://input")));
145 return (new ListRestController())->put($pid, $mid, "medical_problem", $data);
147 "DELETE /api/patient/:pid/medical_problem/:mid" => function ($pid, $mid) {
148 authorization_check("patients", "med");
149 return (new ListRestController())->delete($pid, $mid, "medical_problem");
151 "GET /api/patient/:pid/allergy" => function ($pid) {
152 authorization_check("patients", "med");
153 return (new ListRestController())->getAll($pid, "allergy");
155 "GET /api/patient/:pid/allergy/:aid" => function ($pid, $aid) {
156 authorization_check("patients", "med");
157 return (new ListRestController())->getOne($pid, "allergy", $aid);
159 "DELETE /api/patient/:pid/allergy/:aid" => function ($pid, $aid) {
160 authorization_check("patients", "med");
161 return (new ListRestController())->delete($pid, $aid, "allergy");
163 "POST /api/patient/:pid/allergy" => function ($pid) {
164 authorization_check("patients", "med");
165 $data = (array)(json_decode(file_get_contents("php://input")));
166 return (new ListRestController())->post($pid, "allergy", $data);
168 "PUT /api/patient/:pid/allergy/:aid" => function ($pid, $aid) {
169 authorization_check("patients", "med");
170 $data = (array)(json_decode(file_get_contents("php://input")));
171 return (new ListRestController())->put($pid, $aid, "allergy", $data);
173 "GET /api/patient/:pid/medication" => function ($pid) {
174 authorization_check("patients", "med");
175 return (new ListRestController())->getAll($pid, "medication");
177 "POST /api/patient/:pid/medication" => function ($pid) {
178 authorization_check("patients", "med");
179 $data = (array)(json_decode(file_get_contents("php://input")));
180 return (new ListRestController())->post($pid, "medication", $data);
182 "PUT /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
183 authorization_check("patients", "med");
184 $data = (array)(json_decode(file_get_contents("php://input")));
185 return (new ListRestController())->put($pid, $mid, "medication", $data);
187 "GET /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
188 authorization_check("patients", "med");
189 return (new ListRestController())->getOne($pid, "medication", $mid);
191 "DELETE /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
192 authorization_check("patients", "med");
193 return (new ListRestController())->delete($pid, $mid, "medication");
195 "GET /api/patient/:pid/surgery" => function ($pid) {
196 authorization_check("patients", "med");
197 return (new ListRestController())->getAll($pid, "surgery");
199 "GET /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
200 authorization_check("patients", "med");
201 return (new ListRestController())->getOne($pid, "surgery", $sid);
203 "DELETE /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
204 authorization_check("patients", "med");
205 return (new ListRestController())->delete($pid, $sid, "surgery");
207 "POST /api/patient/:pid/surgery" => function ($pid) {
208 authorization_check("patients", "med");
209 $data = (array)(json_decode(file_get_contents("php://input")));
210 return (new ListRestController())->post($pid, "surgery", $data);
212 "PUT /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
213 authorization_check("patients", "med");
214 $data = (array)(json_decode(file_get_contents("php://input")));
215 return (new ListRestController())->put($pid, $sid, "surgery", $data);
217 "GET /api/patient/:pid/dental_issue" => function ($pid) {
218 authorization_check("patients", "med");
219 return (new ListRestController())->getAll($pid, "dental");
221 "GET /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
222 authorization_check("patients", "med");
223 return (new ListRestController())->getOne($pid, "dental", $did);
225 "DELETE /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
226 authorization_check("patients", "med");
227 return (new ListRestController())->delete($pid, $did, "dental");
229 "POST /api/patient/:pid/dental_issue" => function ($pid) {
230 authorization_check("patients", "med");
231 $data = (array)(json_decode(file_get_contents("php://input")));
232 return (new ListRestController())->post($pid, "dental", $data);
234 "PUT /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
235 authorization_check("patients", "med");
236 $data = (array)(json_decode(file_get_contents("php://input")));
237 return (new ListRestController())->put($pid, $did, "dental", $data);
239 "GET /api/patient/:pid/appointment" => function ($pid) {
240 authorization_check("patients", "appt");
241 return (new AppointmentRestController())->getAllForPatient($pid);
243 "POST /api/patient/:pid/appointment" => function ($pid) {
244 authorization_check("patients", "appt");
245 $data = (array)(json_decode(file_get_contents("php://input")));
246 return (new AppointmentRestController())->post($pid, $data);
248 "GET /api/appointment" => function () {
249 authorization_check("patients", "appt");
250 return (new AppointmentRestController())->getAll();
252 "GET /api/appointment/:eid" => function ($eid) {
253 authorization_check("patients", "appt");
254 return (new AppointmentRestController())->getOne($eid);
256 "DELETE /api/patient/:pid/appointment/:eid" => function ($pid, $eid) {
257 authorization_check("patients", "appt");
258 return (new AppointmentRestController())->delete($eid);
260 "GET /api/patient/:pid/appointment/:eid" => function ($pid, $eid) {
261 authorization_check("patients", "appt");
262 return (new AppointmentRestController())->getOne($eid);
264 "GET /api/list/:list_name" => function ($list_name) {
265 authorization_check("lists", "default");
266 return (new ListRestController())->getOptions($list_name);
268 "GET /api/version" => function () {
269 return (new VersionRestController())->getOne();
271 "GET /api/product" => function () {
272 return (new ProductRegistrationRestController())->getOne();
274 "GET /api/insurance_company" => function () {
275 return (new InsuranceCompanyRestController())->getAll();
277 "GET /api/insurance_type" => function () {
278 return (new InsuranceCompanyRestController())->getInsuranceTypes();
280 "POST /api/insurance_company" => function () {
281 $data = (array)(json_decode(file_get_contents("php://input")));
282 return (new InsuranceCompanyRestController())->post($data);
284 "PUT /api/insurance_company/:iid" => function ($iid) {
285 $data = (array)(json_decode(file_get_contents("php://input")));
286 return (new InsuranceCompanyRestController())->put($iid, $data);
288 "POST /api/patient/:pid/document" => function ($pid) {
289 return (new DocumentRestController())->postWithPath($pid, $_GET['path'], $_FILES['document']);
291 "GET /api/patient/:pid/document" => function ($pid) {
292 return (new DocumentRestController())->getAllAtPath($pid, $_GET['path']);
294 "GET /api/patient/:pid/document/:did" => function ($pid, $did) {
295 return (new DocumentRestController())->downloadFile($pid, $did);
297 "GET /api/patient/:pid/insurance" => function ($pid) {
298 return (new InsuranceRestController())->getAll($pid);
300 "GET /api/patient/:pid/insurance/:type" => function ($pid, $type) {
301 return (new InsuranceRestController())->getOne($pid, $type);
303 "POST /api/patient/:pid/insurance/:type" => function ($pid, $type) {
304 $data = (array)(json_decode(file_get_contents("php://input")));
305 return (new InsuranceRestController())->post($pid, $type, $data);
307 "PUT /api/patient/:pid/insurance/:type" => function ($pid, $type) {
308 $data = (array)(json_decode(file_get_contents("php://input")));
309 return (new InsuranceRestController())->put($pid, $type, $data);
311 "POST /api/patient/:pid/message" => function ($pid) {
312 authorization_check("patients", "notes");
313 $data = (array)(json_decode(file_get_contents("php://input")));
314 return (new MessageRestController())->post($pid, $data);
316 "PUT /api/patient/:pid/message/:mid" => function ($pid, $mid) {
317 authorization_check("patients", "notes");
318 $data = (array)(json_decode(file_get_contents("php://input")));
319 return (new MessageRestController())->put($pid, $mid, $data);
321 "DELETE /api/patient/:pid/message/:mid" => function ($pid, $mid) {
322 authorization_check("patients", "notes");
323 return (new MessageRestController())->delete($pid, $mid);
328 use OpenEMR\RestControllers\FhirPatientRestController;
329 use OpenEMR\RestControllers\FhirEncounterRestController;
331 RestConfig::$FHIR_ROUTE_MAP = array(
332 "POST /fhir/auth" => function () {
333 $data = (array) RestConfig::getPostData((file_get_contents("php://input")));
334 return (new AuthRestController())->authenticate($data);
336 "GET /fhir/Patient" => function () {
337 authorization_check("patients", "demo");
338 return (new FhirPatientRestController(null))->getAll($_GET);
340 "GET /fhir/Patient/:pid" => function ($pid) {
341 authorization_check("patients", "demo");
342 return (new FhirPatientRestController($pid))->getOne();
344 "GET /fhir/Encounter" => function () {
345 authorization_check("encounters", "auth_a");
346 return (new FhirEncounterRestController(null))->getAll($_GET);
348 "GET /fhir/Encounter/:eid" => function ($eid) {
349 authorization_check("encounters", "auth_a");
350 return (new FhirEncounterRestController())->getOne($eid);