search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Smart fhir admin enable / disable management (#4142)
[openemr.git] / _rest_routes.inc.php
blob20bff48a2e88b088f9de4de2a119fd93fa3bd9eb
1 <?php
2
3 /**
4 * Routes
5 * (All REST routes)
6 *
7 * @package OpenEMR
8 * @link http://www.open-emr.org
9 * @author Matthew Vita <matthewvita48@gmail.com>
10 * @author Jerry Padgett <sjpadgett@gmail.com>
11 * @author Brady Miller <brady.g.miller@gmail.com>
12 * @author Yash Raj Bothra <yashrajbothra786@gmail.com>
13 * @copyright Copyright (c) 2018 Matthew Vita <matthewvita48@gmail.com>
14 * @copyright Copyright (c) 2018-2020 Jerry Padgett <sjpadgett@gmail.com>
15 * @copyright Copyright (c) 2019 Brady Miller <brady.g.miller@gmail.com>
16 * @copyright Copyright (c) 2020 Yash Raj Bothra <yashrajbothra786@gmail.com>
17 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
18 */
19
20 // Lets keep our controller classes with the routes.
21 //
22 use OpenEMR\Common\Uuid\UuidRegistry;
23 use OpenEMR\RestControllers\AllergyIntoleranceRestController;
24 use OpenEMR\RestControllers\FacilityRestController;
25 use OpenEMR\RestControllers\VersionRestController;
26 use OpenEMR\RestControllers\ProductRegistrationRestController;
27 use OpenEMR\RestControllers\PatientRestController;
28 use OpenEMR\RestControllers\EncounterRestController;
29 use OpenEMR\RestControllers\PractitionerRestController;
30 use OpenEMR\RestControllers\ListRestController;
31 use OpenEMR\RestControllers\InsuranceCompanyRestController;
32 use OpenEMR\RestControllers\AppointmentRestController;
33 use OpenEMR\RestControllers\ConditionRestController;
34 use OpenEMR\RestControllers\ONoteRestController;
35 use OpenEMR\RestControllers\DocumentRestController;
36 use OpenEMR\RestControllers\DrugRestController;
37 use OpenEMR\RestControllers\ImmunizationRestController;
38 use OpenEMR\RestControllers\InsuranceRestController;
39 use OpenEMR\RestControllers\MessageRestController;
40 use OpenEMR\RestControllers\PrescriptionRestController;
41 use OpenEMR\RestControllers\ProcedureRestController;
42
43 // Note some Http clients may not send auth as json so a function
44 // is implemented to determine and parse encoding on auth route's.
45 //
46 RestConfig::$ROUTE_MAP = array(
47 "GET /api/facility" => function () {
48 RestConfig::scope_check("user", "facility", "read");
49 RestConfig::authorization_check("admin", "users");
50 $return = (new FacilityRestController())->getAll($_GET);
51 RestConfig::apiLog($return);
52 return $return;
53 },
54 "GET /api/facility/:fuuid" => function ($fuuid) {
55 RestConfig::scope_check("user", "facility", "read");
56 RestConfig::authorization_check("admin", "users");
57 $return = (new FacilityRestController())->getOne($fuuid);
58 RestConfig::apiLog($return);
59 return $return;
60 },
61 "POST /api/facility" => function () {
62 RestConfig::scope_check("user", "facility", "write");
63 RestConfig::authorization_check("admin", "super");
64 $data = (array) (json_decode(file_get_contents("php://input")));
65 $return = (new FacilityRestController())->post($data);
66 RestConfig::apiLog($return, $data);
67 return $return;
68 },
69 "PUT /api/facility/:fuuid" => function ($fuuid) {
70 RestConfig::scope_check("user", "facility", "write");
71 RestConfig::authorization_check("admin", "super");
72 $data = (array) (json_decode(file_get_contents("php://input")));
73 $return = (new FacilityRestController())->patch($fuuid, $data);
74 RestConfig::apiLog($return, $data);
75 return $return;
76 },
77 "GET /api/patient" => function () {
78 RestConfig::scope_check("user", "patient", "read");
79 RestConfig::authorization_check("patients", "demo");
80 $return = (new PatientRestController())->getAll($_GET);
81 RestConfig::apiLog($return);
82 return $return;
83 },
84 "POST /api/patient" => function () {
85 RestConfig::scope_check("user", "patient", "write");
86 RestConfig::authorization_check("patients", "demo");
87 $data = (array) (json_decode(file_get_contents("php://input")));
88 $return = (new PatientRestController())->post($data);
89 RestConfig::apiLog($return, $data);
90 return $return;
91 },
92 "PUT /api/patient/:puuid" => function ($puuid) {
93 RestConfig::scope_check("user", "patient", "write");
94 RestConfig::authorization_check("patients", "demo");
95 $data = (array) (json_decode(file_get_contents("php://input")));
96 $return = (new PatientRestController())->put($puuid, $data);
97 RestConfig::apiLog($return, $data);
98 return $return;
99 },
100 "GET /api/patient/:puuid" => function ($puuid) {
101 RestConfig::scope_check("user", "patient", "read");
102 RestConfig::authorization_check("patients", "demo");
103 $return = (new PatientRestController())->getOne($puuid);
104 RestConfig::apiLog($return);
105 return $return;
106 },
107 "GET /api/patient/:puuid/encounter" => function ($puuid) {
108 RestConfig::scope_check("user", "encounter", "read");
109 RestConfig::authorization_check("encounters", "auth_a");
110 $return = (new EncounterRestController())->getAll($puuid);
111 RestConfig::apiLog($return);
112 return $return;
113 },
114 "POST /api/patient/:puuid/encounter" => function ($puuid) {
115 RestConfig::scope_check("user", "encounter", "write");
116 RestConfig::authorization_check("encounters", "auth_a");
117 $data = (array) (json_decode(file_get_contents("php://input")));
118 $return = (new EncounterRestController())->post($puuid, $data);
119 RestConfig::apiLog($return, $data);
120 return $return;
121 },
122 "PUT /api/patient/:puuid/encounter/:euuid" => function ($puuid, $euuid) {
123 RestConfig::scope_check("user", "encounter", "write");
124 RestConfig::authorization_check("encounters", "auth_a");
125 $data = (array) (json_decode(file_get_contents("php://input")));
126 $return = (new EncounterRestController())->put($puuid, $euuid, $data);
127 RestConfig::apiLog($return, $data);
128 return $return;
129 },
130 "GET /api/patient/:puuid/encounter/:euuid" => function ($puuid, $euuid) {
131 RestConfig::scope_check("user", "encounter", "read");
132 RestConfig::authorization_check("encounters", "auth_a");
133 $return = (new EncounterRestController())->getOne($puuid, $euuid);
134 RestConfig::apiLog($return);
135 return $return;
136 },
137 "GET /api/patient/:pid/encounter/:eid/soap_note" => function ($pid, $eid) {
138 RestConfig::scope_check("user", "soap_note", "read");
139 RestConfig::authorization_check("encounters", "notes");
140 $return = (new EncounterRestController())->getSoapNotes($pid, $eid);
141 RestConfig::apiLog($return);
142 return $return;
143 },
144 "POST /api/patient/:pid/encounter/:eid/vital" => function ($pid, $eid) {
145 RestConfig::scope_check("user", "vital", "write");
146 RestConfig::authorization_check("encounters", "notes");
147 $data = (array) (json_decode(file_get_contents("php://input")));
148 $return = (new EncounterRestController())->postVital($pid, $eid, $data);
149 RestConfig::apiLog($return, $data);
150 return $return;
151 },
152 "PUT /api/patient/:pid/encounter/:eid/vital/:vid" => function ($pid, $eid, $vid) {
153 RestConfig::scope_check("user", "vital", "write");
154 RestConfig::authorization_check("encounters", "notes");
155 $data = (array) (json_decode(file_get_contents("php://input")));
156 $return = (new EncounterRestController())->putVital($pid, $eid, $vid, $data);
157 RestConfig::apiLog($return, $data);
158 return $return;
159 },
160 "GET /api/patient/:pid/encounter/:eid/vital" => function ($pid, $eid) {
161 RestConfig::scope_check("user", "vital", "read");
162 RestConfig::authorization_check("encounters", "notes");
163 $return = (new EncounterRestController())->getVitals($pid, $eid);
164 RestConfig::apiLog($return);
165 return $return;
166 },
167 "GET /api/patient/:pid/encounter/:eid/vital/:vid" => function ($pid, $eid, $vid) {
168 RestConfig::scope_check("user", "vital", "read");
169 RestConfig::authorization_check("encounters", "notes");
170 $return = (new EncounterRestController())->getVital($pid, $eid, $vid);
171 RestConfig::apiLog($return);
172 return $return;
173 },
174 "GET /api/patient/:pid/encounter/:eid/soap_note/:sid" => function ($pid, $eid, $sid) {
175 RestConfig::scope_check("user", "soap_note", "read");
176 RestConfig::authorization_check("encounters", "notes");
177 $return = (new EncounterRestController())->getSoapNote($pid, $eid, $sid);
178 RestConfig::apiLog($return);
179 return $return;
180 },
181 "POST /api/patient/:pid/encounter/:eid/soap_note" => function ($pid, $eid) {
182 RestConfig::scope_check("user", "soap_note", "write");
183 RestConfig::authorization_check("encounters", "notes");
184 $data = (array) (json_decode(file_get_contents("php://input")));
185 $return = (new EncounterRestController())->postSoapNote($pid, $eid, $data);
186 RestConfig::apiLog($return, $data);
187 return $return;
188 },
189 "PUT /api/patient/:pid/encounter/:eid/soap_note/:sid" => function ($pid, $eid, $sid) {
190 RestConfig::scope_check("user", "soap_note", "write");
191 RestConfig::authorization_check("encounters", "notes");
192 $data = (array) (json_decode(file_get_contents("php://input")));
193 $return = (new EncounterRestController())->putSoapNote($pid, $eid, $sid, $data);
194 RestConfig::apiLog($return, $data);
195 return $return;
196 },
197 "GET /api/practitioner" => function () {
198 RestConfig::scope_check("user", "practitioner", "read");
199 RestConfig::authorization_check("admin", "users");
200 $return = (new PractitionerRestController())->getAll($_GET);
201 RestConfig::apiLog($return);
202 return $return;
203 },
204 "GET /api/practitioner/:prid" => function ($prid) {
205 RestConfig::scope_check("user", "practitioner", "read");
206 RestConfig::authorization_check("admin", "users");
207 $return = (new PractitionerRestController())->getOne($prid);
208 RestConfig::apiLog($return);
209 return $return;
210 },
211 "POST /api/practitioner" => function () {
212 RestConfig::scope_check("user", "practitioner", "write");
213 RestConfig::authorization_check("admin", "users");
214 $data = (array) (json_decode(file_get_contents("php://input")));
215 $return = (new PractitionerRestController())->post($data);
216 RestConfig::apiLog($return, $data);
217 return $return;
218 },
219 "PUT /api/practitioner/:prid" => function ($prid) {
220 RestConfig::scope_check("user", "practitioner", "write");
221 RestConfig::authorization_check("admin", "users");
222 $data = (array) (json_decode(file_get_contents("php://input")));
223 $return = (new PractitionerRestController())->patch($prid, $data);
224 RestConfig::apiLog($return, $data);
225 return $return;
226 },
227 "GET /api/medical_problem" => function () {
228 RestConfig::scope_check("user", "medical_problem", "read");
229 RestConfig::authorization_check("encounters", "notes");
230 $return = (new ConditionRestController())->getAll();
231 RestConfig::apiLog($return);
232 return $return;
233 },
234 "GET /api/medical_problem/:muuid" => function ($muuid) {
235 RestConfig::scope_check("user", "medical_problem", "read");
236 RestConfig::authorization_check("encounters", "notes");
237 $return = (new ConditionRestController())->getOne($muuid);
238 RestConfig::apiLog($return);
239 return $return;
240 },
241 "GET /api/patient/:puuid/medical_problem" => function ($puuid) {
242 RestConfig::scope_check("user", "medical_problem", "read");
243 RestConfig::authorization_check("encounters", "notes");
244 $return = (new ConditionRestController())->getAll($puuid, "medical_problem");
245 RestConfig::apiLog($return);
246 return $return;
247 },
248 "GET /api/patient/:puuid/medical_problem/:muuid" => function ($puuid, $muuid) {
249 RestConfig::scope_check("user", "medical_problem", "read");
250 RestConfig::authorization_check("patients", "med");
251 $return = (new ConditionRestController())->getAll(['lists.pid' => $puuid, 'lists.id' => $muuid]);
252 RestConfig::apiLog($return);
253 return $return;
254 },
255 "POST /api/patient/:puuid/medical_problem" => function ($puuid) {
256 RestConfig::scope_check("user", "medical_problem", "write");
257 RestConfig::authorization_check("patients", "med");
258 $data = (array) (json_decode(file_get_contents("php://input")));
259 $return = (new ConditionRestController())->post($puuid, $data);
260 RestConfig::apiLog($return, $data);
261 return $return;
262 },
263 "PUT /api/patient/:puuid/medical_problem/:muuid" => function ($puuid, $muuid) {
264 RestConfig::scope_check("user", "medical_problem", "write");
265 RestConfig::authorization_check("patients", "med");
266 $data = (array) (json_decode(file_get_contents("php://input")));
267 $return = (new ConditionRestController())->put($puuid, $muuid, $data);
268 RestConfig::apiLog($return, $data);
269 return $return;
270 },
271 "DELETE /api/patient/:puuid/medical_problem/:muuid" => function ($puuid, $muuid) {
272 RestConfig::scope_check("user", "medical_problem", "write");
273 RestConfig::authorization_check("patients", "med");
274 $return = (new ConditionRestController())->delete($puuid, $muuid);
275 RestConfig::apiLog($return);
276 return $return;
277 },
278 "GET /api/allergy" => function () {
279 RestConfig::scope_check("user", "allergy", "read");
280 RestConfig::authorization_check("patients", "med");
281 $return = (new AllergyIntoleranceRestController())->getAll();
282 RestConfig::apiLog($return);
283 return $return;
284 },
285 "GET /api/allergy/:auuid" => function ($auuid) {
286 RestConfig::scope_check("user", "allergy", "read");
287 RestConfig::authorization_check("patients", "med");
288 $return = (new AllergyIntoleranceRestController())->getOne($auuid);
289 RestConfig::apiLog($return);
290 return $return;
291 },
292 "GET /api/patient/:puuid/allergy" => function ($puuid) {
293 RestConfig::scope_check("user", "allergy", "read");
294 RestConfig::authorization_check("patients", "med");
295 $return = (new AllergyIntoleranceRestController())->getAll(['lists.pid' => $puuid]);
296 RestConfig::apiLog($return);
297 return $return;
298 },
299 "GET /api/patient/:puuid/allergy/:auuid" => function ($puuid, $auuid) {
300 RestConfig::scope_check("user", "allergy", "read");
301 RestConfig::authorization_check("patients", "med");
302 $return = (new AllergyIntoleranceRestController())->getAll(['lists.pid' => $puuid, 'lists.id' => $auuid]);
303 RestConfig::apiLog($return);
304 return $return;
305 },
306 "POST /api/patient/:puuid/allergy" => function ($puuid) {
307 RestConfig::scope_check("user", "allergy", "write");
308 RestConfig::authorization_check("patients", "med");
309 $data = (array) (json_decode(file_get_contents("php://input")));
310 $return = (new AllergyIntoleranceRestController())->post($puuid, $data);
311 RestConfig::apiLog($return, $data);
312 return $return;
313 },
314 "PUT /api/patient/:puuid/allergy/:auuid" => function ($puuid, $auuid) {
315 RestConfig::scope_check("user", "allergy", "write");
316 RestConfig::authorization_check("patients", "med");
317 $data = (array) (json_decode(file_get_contents("php://input")));
318 $return = (new AllergyIntoleranceRestController())->put($puuid, $auuid, $data);
319 RestConfig::apiLog($return, $data);
320 return $return;
321 },
322 "DELETE /api/patient/:puuid/allergy/:auuid" => function ($puuid, $auuid) {
323 RestConfig::scope_check("user", "allergy", "write");
324 RestConfig::authorization_check("patients", "med");
325 $return = (new AllergyIntoleranceRestController())->delete($puuid, $auuid);
326 RestConfig::apiLog($return);
327 return $return;
328 },
329 "GET /api/patient/:pid/medication" => function ($pid) {
330 RestConfig::scope_check("user", "medication", "read");
331 RestConfig::authorization_check("patients", "med");
332 $return = (new ListRestController())->getAll($pid, "medication");
333 RestConfig::apiLog($return);
334 return $return;
335 },
336 "POST /api/patient/:pid/medication" => function ($pid) {
337 RestConfig::scope_check("user", "medication", "write");
338 RestConfig::authorization_check("patients", "med");
339 $data = (array) (json_decode(file_get_contents("php://input")));
340 $return = (new ListRestController())->post($pid, "medication", $data);
341 RestConfig::apiLog($return, $data);
342 return $return;
343 },
344 "PUT /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
345 RestConfig::scope_check("user", "medication", "write");
346 RestConfig::authorization_check("patients", "med");
347 $data = (array) (json_decode(file_get_contents("php://input")));
348 $return = (new ListRestController())->put($pid, $mid, "medication", $data);
349 RestConfig::apiLog($return, $data);
350 return $return;
351 },
352 "GET /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
353 RestConfig::scope_check("user", "medication", "read");
354 RestConfig::authorization_check("patients", "med");
355 $return = (new ListRestController())->getOne($pid, "medication", $mid);
356 RestConfig::apiLog($return);
357 return $return;
358 },
359 "DELETE /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
360 RestConfig::scope_check("user", "medication", "write");
361 RestConfig::authorization_check("patients", "med");
362 $return = (new ListRestController())->delete($pid, $mid, "medication");
363 RestConfig::apiLog($return);
364 return $return;
365 },
366 "GET /api/patient/:pid/surgery" => function ($pid) {
367 RestConfig::scope_check("user", "surgery", "read");
368 RestConfig::authorization_check("patients", "med");
369 $return = (new ListRestController())->getAll($pid, "surgery");
370 RestConfig::apiLog($return);
371 return $return;
372 },
373 "GET /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
374 RestConfig::scope_check("user", "surgery", "read");
375 RestConfig::authorization_check("patients", "med");
376 $return = (new ListRestController())->getOne($pid, "surgery", $sid);
377 RestConfig::apiLog($return);
378 return $return;
379 },
380 "DELETE /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
381 RestConfig::scope_check("user", "surgery", "write");
382 RestConfig::authorization_check("patients", "med");
383 $return = (new ListRestController())->delete($pid, $sid, "surgery");
384 RestConfig::apiLog($return);
385 return $return;
386 },
387 "POST /api/patient/:pid/surgery" => function ($pid) {
388 RestConfig::scope_check("user", "surgery", "write");
389 RestConfig::authorization_check("patients", "med");
390 $data = (array) (json_decode(file_get_contents("php://input")));
391 $return = (new ListRestController())->post($pid, "surgery", $data);
392 RestConfig::apiLog($return, $data);
393 return $return;
394 },
395 "PUT /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
396 RestConfig::scope_check("user", "surgery", "write");
397 RestConfig::authorization_check("patients", "med");
398 $data = (array) (json_decode(file_get_contents("php://input")));
399 $return = (new ListRestController())->put($pid, $sid, "surgery", $data);
400 RestConfig::apiLog($return, $data);
401 return $return;
402 },
403 "GET /api/patient/:pid/dental_issue" => function ($pid) {
404 RestConfig::scope_check("user", "dental_issue", "read");
405 RestConfig::authorization_check("patients", "med");
406 $return = (new ListRestController())->getAll($pid, "dental");
407 RestConfig::apiLog($return);
408 return $return;
409 },
410 "GET /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
411 RestConfig::scope_check("user", "dental_issue", "read");
412 RestConfig::authorization_check("patients", "med");
413 $return = (new ListRestController())->getOne($pid, "dental", $did);
414 RestConfig::apiLog($return);
415 return $return;
416 },
417 "DELETE /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
418 RestConfig::scope_check("user", "dental_issue", "write");
419 RestConfig::authorization_check("patients", "med");
420 $return = (new ListRestController())->delete($pid, $did, "dental");
421 RestConfig::apiLog($return);
422 return $return;
423 },
424 "POST /api/patient/:pid/dental_issue" => function ($pid) {
425 RestConfig::scope_check("user", "dental_issue", "write");
426 RestConfig::authorization_check("patients", "med");
427 $data = (array) (json_decode(file_get_contents("php://input")));
428 $return = (new ListRestController())->post($pid, "dental", $data);
429 RestConfig::apiLog($return, $data);
430 return $return;
431 },
432 "PUT /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
433 RestConfig::scope_check("user", "dental_issue", "write");
434 RestConfig::authorization_check("patients", "med");
435 $data = (array) (json_decode(file_get_contents("php://input")));
436 $return = (new ListRestController())->put($pid, $did, "dental", $data);
437 RestConfig::apiLog($return, $data);
438 return $return;
439 },
440 "GET /api/patient/:pid/appointment" => function ($pid) {
441 RestConfig::scope_check("user", "appointment", "read");
442 RestConfig::authorization_check("patients", "appt");
443 $return = (new AppointmentRestController())->getAllForPatient($pid);
444 RestConfig::apiLog($return);
445 return $return;
446 },
447 "POST /api/patient/:pid/appointment" => function ($pid) {
448 RestConfig::scope_check("user", "appointment", "write");
449 RestConfig::authorization_check("patients", "appt");
450 $data = (array) (json_decode(file_get_contents("php://input")));
451 $return = (new AppointmentRestController())->post($pid, $data);
452 RestConfig::apiLog($return, $data);
453 return $return;
454 },
455 "GET /api/appointment" => function () {
456 RestConfig::scope_check("user", "appointment", "read");
457 RestConfig::authorization_check("patients", "appt");
458 $return = (new AppointmentRestController())->getAll();
459 RestConfig::apiLog($return);
460 return $return;
461 },
462 "GET /api/appointment/:eid" => function ($eid) {
463 RestConfig::scope_check("user", "appointment", "read");
464 RestConfig::authorization_check("patients", "appt");
465 $return = (new AppointmentRestController())->getOne($eid);
466 RestConfig::apiLog($return);
467 return $return;
468 },
469 "DELETE /api/patient/:pid/appointment/:eid" => function ($pid, $eid) {
470 RestConfig::scope_check("user", "appointment", "write");
471 RestConfig::authorization_check("patients", "appt");
472 $return = (new AppointmentRestController())->delete($eid);
473 RestConfig::apiLog($return);
474 return $return;
475 },
476 "GET /api/patient/:pid/appointment/:eid" => function ($pid, $eid) {
477 RestConfig::scope_check("user", "appointment", "read");
478 RestConfig::authorization_check("patients", "appt");
479 $return = (new AppointmentRestController())->getOne($eid);
480 RestConfig::apiLog($return);
481 return $return;
482 },
483 "GET /api/list/:list_name" => function ($list_name) {
484 RestConfig::scope_check("user", "list", "read");
485 RestConfig::authorization_check("lists", "default");
486 $return = (new ListRestController())->getOptions($list_name);
487 RestConfig::apiLog($return);
488 return $return;
489 },
490 "GET /api/version" => function () {
491 $return = (new VersionRestController())->getOne();
492 RestConfig::apiLog($return);
493 return $return;
494 },
495 "GET /api/product" => function () {
496 $return = (new ProductRegistrationRestController())->getOne();
497 RestConfig::apiLog($return);
498 return $return;
499 },
500 "GET /api/insurance_company" => function () {
501 RestConfig::scope_check("user", "insurance_company", "read");
502 $return = (new InsuranceCompanyRestController())->getAll();
503 RestConfig::apiLog($return);
504 return $return;
505 },
506 "GET /api/insurance_company/:iid" => function ($iid) {
507 RestConfig::scope_check("user", "insurance_company", "read");
508 $return = (new InsuranceCompanyRestController())->getOne($iid);
509 RestConfig::apiLog($return);
510 return $return;
511 },
512 "GET /api/insurance_type" => function () {
513 RestConfig::scope_check("user", "insurance_type", "read");
514 $return = (new InsuranceCompanyRestController())->getInsuranceTypes();
515 RestConfig::apiLog($return);
516 return $return;
517 },
518 "POST /api/insurance_company" => function () {
519 RestConfig::scope_check("user", "insurance_company", "write");
520 $data = (array) (json_decode(file_get_contents("php://input")));
521 $return = (new InsuranceCompanyRestController())->post($data);
522 RestConfig::apiLog($return, $data);
523 return $return;
524 },
525 "PUT /api/insurance_company/:iid" => function ($iid) {
526 RestConfig::scope_check("user", "insurance_company", "write");
527 $data = (array) (json_decode(file_get_contents("php://input")));
528 $return = (new InsuranceCompanyRestController())->put($iid, $data);
529 RestConfig::apiLog($return, $data);
530 return $return;
531 },
532 "POST /api/patient/:pid/document" => function ($pid) {
533 RestConfig::scope_check("user", "document", "write");
534 $return = (new DocumentRestController())->postWithPath($pid, $_GET['path'], $_FILES['document']);
535 RestConfig::apiLog($return);
536 return $return;
537 },
538 "GET /api/patient/:pid/document" => function ($pid) {
539 RestConfig::scope_check("user", "document", "read");
540 $return = (new DocumentRestController())->getAllAtPath($pid, $_GET['path']);
541 RestConfig::apiLog($return);
542 return $return;
543 },
544 "GET /api/patient/:pid/document/:did" => function ($pid, $did) {
545 RestConfig::scope_check("user", "document", "read");
546 $return = (new DocumentRestController())->downloadFile($pid, $did);
547 RestConfig::apiLog($return);
548 return $return;
549 },
550 "GET /api/patient/:pid/insurance" => function ($pid) {
551 RestConfig::scope_check("user", "insurance", "read");
552 $return = (new InsuranceRestController())->getAll($pid);
553 RestConfig::apiLog($return);
554 return $return;
555 },
556 "GET /api/patient/:pid/insurance/:type" => function ($pid, $type) {
557 RestConfig::scope_check("user", "insurance", "read");
558 $return = (new InsuranceRestController())->getOne($pid, $type);
559 RestConfig::apiLog($return);
560 return $return;
561 },
562 "POST /api/patient/:pid/insurance/:type" => function ($pid, $type) {
563 RestConfig::scope_check("user", "insurance", "write");
564 $data = (array) (json_decode(file_get_contents("php://input")));
565 $return = (new InsuranceRestController())->post($pid, $type, $data);
566 RestConfig::apiLog($return, $data);
567 return $return;
568 },
569 "PUT /api/patient/:pid/insurance/:type" => function ($pid, $type) {
570 RestConfig::scope_check("user", "insurance", "write");
571 $data = (array) (json_decode(file_get_contents("php://input")));
572 $return = (new InsuranceRestController())->put($pid, $type, $data);
573 RestConfig::apiLog($return, $data);
574 return $return;
575 },
576 "POST /api/patient/:pid/message" => function ($pid) {
577 RestConfig::scope_check("user", "message", "write");
578 RestConfig::authorization_check("patients", "notes");
579 $data = (array) (json_decode(file_get_contents("php://input")));
580 $return = (new MessageRestController())->post($pid, $data);
581 RestConfig::apiLog($return, $data);
582 return $return;
583 },
584 "PUT /api/patient/:pid/message/:mid" => function ($pid, $mid) {
585 RestConfig::scope_check("user", "message", "write");
586 RestConfig::authorization_check("patients", "notes");
587 $data = (array) (json_decode(file_get_contents("php://input")));
588 $return = (new MessageRestController())->put($pid, $mid, $data);
589 RestConfig::apiLog($return, $data);
590 return $return;
591 },
592 "DELETE /api/patient/:pid/message/:mid" => function ($pid, $mid) {
593 RestConfig::scope_check("user", "message", "write");
594 RestConfig::authorization_check("patients", "notes");
595 $return = (new MessageRestController())->delete($pid, $mid);
596 RestConfig::apiLog($return);
597 return $return;
598 },
599 "GET /api/immunization" => function () {
600 RestConfig::scope_check("user", "immunization", "read");
601 RestConfig::authorization_check("patients", "med");
602 $return = (new ImmunizationRestController())->getAll($_GET);
603 RestConfig::apiLog($return);
604 return $return;
605 },
606 "GET /api/immunization/:uuid" => function ($uuid) {
607 RestConfig::scope_check("user", "immunization", "read");
608 RestConfig::authorization_check("patients", "med");
609 $return = (new ImmunizationRestController())->getOne($uuid);
610 RestConfig::apiLog($return);
611 return $return;
612 },
613 "GET /api/procedure" => function () {
614 RestConfig::scope_check("user", "procedure", "read");
615 RestConfig::authorization_check("patients", "med");
616 $return = (new ProcedureRestController())->getAll();
617 RestConfig::apiLog($return);
618 return $return;
619 },
620 "GET /api/procedure/:uuid" => function ($uuid) {
621 RestConfig::scope_check("user", "procedure", "read");
622 RestConfig::authorization_check("patients", "med");
623 $return = (new ProcedureRestController())->getOne($uuid);
624 RestConfig::apiLog($return);
625 return $return;
626 },
627 "GET /api/drug" => function () {
628 RestConfig::scope_check("user", "drug", "read");
629 RestConfig::authorization_check("patients", "med");
630 $return = (new DrugRestController())->getAll();
631 RestConfig::apiLog($return);
632 return $return;
633 },
634 "GET /api/drug/:uuid" => function ($uuid) {
635 RestConfig::scope_check("user", "drug", "read");
636 RestConfig::authorization_check("patients", "med");
637 $return = (new DrugRestController())->getOne($uuid);
638 RestConfig::apiLog($return);
639 return $return;
640 },
641 "GET /api/prescription" => function () {
642 RestConfig::scope_check("user", "prescription", "read");
643 RestConfig::authorization_check("patients", "med");
644 $return = (new PrescriptionRestController())->getAll();
645 RestConfig::apiLog($return);
646 return $return;
647 },
648 "GET /api/prescription/:uuid" => function ($uuid) {
649 RestConfig::scope_check("user", "prescription", "read");
650 RestConfig::authorization_check("patients", "med");
651 $return = (new PrescriptionRestController())->getOne($uuid);
652 RestConfig::apiLog($return);
653 return $return;
654 },
655
656 );
657
658 use OpenEMR\RestControllers\FHIR\FhirAllergyIntoleranceRestController;
659 use OpenEMR\RestControllers\FHIR\FhirCareTeamRestController;
660 use OpenEMR\RestControllers\FHIR\FhirConditionRestController;
661 use OpenEMR\RestControllers\FHIR\FhirEncounterRestController;
662 use OpenEMR\RestControllers\FHIR\FhirObservationRestController;
663 use OpenEMR\RestControllers\FHIR\FhirImmunizationRestController;
664 use OpenEMR\RestControllers\FHIR\FhirLocationRestController;
665 use OpenEMR\RestControllers\FHIR\FhirMedicationRestController;
666 use OpenEMR\RestControllers\FHIR\FhirMedicationRequestRestController;
667 use OpenEMR\RestControllers\FHIR\FhirOrganizationRestController;
668 use OpenEMR\RestControllers\FHIR\FhirPatientRestController;
669 use OpenEMR\RestControllers\FHIR\FhirPractitionerRoleRestController;
670 use OpenEMR\RestControllers\FHIR\FhirPractitionerRestController;
671 use OpenEMR\RestControllers\FHIR\FhirProcedureRestController;
672 use OpenEMR\RestControllers\FHIR\FhirMetaDataRestController;
673
674 RestConfig::$FHIR_ROUTE_MAP = array(
675 "GET /fhir/metadata" => function () {
676 $return = (new FhirMetaDataRestController())->getMetaData();
677 RestConfig::apiLog($return);
678 return $return;
679 },
680 "GET /fhir/.well-known/smart-configuration" => function () {
681 $authController = new \OpenEMR\RestControllers\AuthorizationController();
682 $return = (new \OpenEMR\RestControllers\SMART\SMARTConfigurationController($authController))->getConfig();
683 RestConfig::apiLog($return);
684 return $return;
685 },
686 "POST /fhir/Patient" => function () {
687 RestConfig::scope_check("user", "Patient", "write");
688 RestConfig::authorization_check("patients", "demo");
689 $data = (array) (json_decode(file_get_contents("php://input"), true));
690 $return = (new FhirPatientRestController())->post($data);
691 RestConfig::apiLog($return, $data);
692 return $return;
693 },
694 "PUT /fhir/Patient/:id" => function ($id) {
695 RestConfig::scope_check("user", "Patient", "write");
696 RestConfig::authorization_check("patients", "demo");
697 $data = (array) (json_decode(file_get_contents("php://input"), true));
698 $return = (new FhirPatientRestController())->put($id, $data);
699 RestConfig::apiLog($return, $data);
700 return $return;
701 },
702 "GET /fhir/Patient" => function () {
703 RestConfig::scope_check("user", "Patient", "read");
704 RestConfig::authorization_check("patients", "demo");
705 $return = (new FhirPatientRestController())->getAll($_GET);
706 RestConfig::apiLog($return);
707 return $return;
708 },
709 "GET /fhir/Patient/:id" => function ($id) {
710 RestConfig::scope_check("user", "Patient", "read");
711 RestConfig::authorization_check("patients", "demo");
712 $return = (new FhirPatientRestController())->getOne($id);
713 RestConfig::apiLog($return);
714 return $return;
715 },
716 "GET /fhir/Encounter" => function () {
717 RestConfig::scope_check("user", "Encounter", "read");
718 RestConfig::authorization_check("encounters", "auth_a");
719 $return = (new FhirEncounterRestController(null))->getAll($_GET);
720 RestConfig::apiLog($return);
721 return $return;
722 },
723 "GET /fhir/Encounter/:id" => function ($id) {
724 RestConfig::scope_check("user", "Encounter", "read");
725 RestConfig::authorization_check("encounters", "auth_a");
726 $return = (new FhirEncounterRestController())->getOne($id);
727 RestConfig::apiLog($return);
728 return $return;
729 },
730 "GET /fhir/Practitioner" => function () {
731 RestConfig::scope_check("user", "Practitioner", "read");
732 RestConfig::authorization_check("admin", "users");
733 $return = (new FhirPractitionerRestController())->getAll($_GET);
734 RestConfig::apiLog($return);
735 return $return;
736 },
737 "GET /fhir/Practitioner/:id" => function ($id) {
738 RestConfig::scope_check("user", "Practitioner", "read");
739 RestConfig::authorization_check("admin", "users");
740 $return = (new FhirPractitionerRestController())->getOne($id);
741 RestConfig::apiLog($return);
742 return $return;
743 },
744 "POST /fhir/Practitioner" => function () {
745 RestConfig::scope_check("user", "Practitioner", "write");
746 RestConfig::authorization_check("admin", "users");
747 $data = (array) (json_decode(file_get_contents("php://input"), true));
748 $return = (new FhirPractitionerRestController())->post($data);
749 RestConfig::apiLog($return, $data);
750 return $return;
751 },
752 "PUT /fhir/Practitioner/:id" => function ($id) {
753 RestConfig::scope_check("user", "Practitioner", "write");
754 RestConfig::authorization_check("admin", "users");
755 $data = (array) (json_decode(file_get_contents("php://input"), true));
756 $return = (new FhirPractitionerRestController())->patch($id, $data);
757 RestConfig::apiLog($return, $data);
758 return $return;
759 },
760 "GET /fhir/Organization" => function () {
761 RestConfig::scope_check("user", "Organization", "read");
762 RestConfig::authorization_check("admin", "users");
763 $return = (new FhirOrganizationRestController())->getAll($_GET);
764 RestConfig::apiLog($return);
765 return $return;
766 },
767 "GET /fhir/Organization/:id" => function ($id) {
768 RestConfig::scope_check("user", "Organization", "read");
769 RestConfig::authorization_check("admin", "users");
770 $return = (new FhirOrganizationRestController())->getOne($id);
771 RestConfig::apiLog($return);
772 return $return;
773 },
774 "POST /fhir/Organization" => function () {
775 RestConfig::scope_check("user", "Organization", "write");
776 RestConfig::authorization_check("admin", "super");
777 $data = (array) (json_decode(file_get_contents("php://input"), true));
778 $return = (new FhirOrganizationRestController())->post($data);
779 RestConfig::apiLog($return, $data);
780 return $return;
781 },
782 "PUT /fhir/Organization/:id" => function ($id) {
783 RestConfig::scope_check("user", "Organization", "write");
784 RestConfig::authorization_check("admin", "super");
785 $data = (array) (json_decode(file_get_contents("php://input"), true));
786 $return = (new FhirOrganizationRestController())->patch($id, $data);
787 RestConfig::apiLog($return, $data);
788 return $return;
789 },
790 "GET /fhir/PractitionerRole" => function () {
791 RestConfig::scope_check("user", "PractitionerRole", "read");
792 RestConfig::authorization_check("admin", "users");
793 $return = (new FhirPractitionerRoleRestController())->getAll($_GET);
794 RestConfig::apiLog($return);
795 return $return;
796 },
797 "GET /fhir/PractitionerRole/:id" => function ($id) {
798 RestConfig::scope_check("user", "PractitionerRole", "read");
799 RestConfig::authorization_check("admin", "users");
800 $return = (new FhirPractitionerRoleRestController())->getOne($id);
801 RestConfig::apiLog($return);
802 return $return;
803 },
804 "GET /fhir/AllergyIntolerance" => function () {
805 RestConfig::scope_check("user", "AllergyIntolerance", "read");
806 RestConfig::authorization_check("patients", "med");
807 $return = (new FhirAllergyIntoleranceRestController(null))->getAll($_GET);
808 RestConfig::apiLog($return);
809 return $return;
810 },
811 "GET /fhir/AllergyIntolerance/:id" => function ($id) {
812 RestConfig::scope_check("user", "AllergyIntolerance", "read");
813 RestConfig::authorization_check("patients", "med");
814 $return = (new FhirAllergyIntoleranceRestController(null))->getOne($id);
815 RestConfig::apiLog($return);
816 return $return;
817 },
818 "GET /fhir/Observation" => function () {
819 RestConfig::scope_check("user", "Observation", "read");
820 RestConfig::authorization_check("patients", "med");
821 $return = (new FhirObservationRestController())->getAll($_GET);
822 RestConfig::apiLog($return);
823 return $return;
824 },
825 "GET /fhir/Observation/:uuid" => function ($uuid) {
826 RestConfig::scope_check("user", "Observation", "read");
827 RestConfig::authorization_check("patients", "med");
828 $return = (new FhirObservationRestController())->getOne($uuid);
829 RestConfig::apiLog($return);
830 return $return;
831 },
832 "GET /fhir/Immunization" => function () {
833 RestConfig::scope_check("user", "Immunization", "read");
834 RestConfig::authorization_check("patients", "med");
835 $return = (new FhirImmunizationRestController())->getAll($_GET);
836 RestConfig::apiLog($return);
837 return $return;
838 },
839 "GET /fhir/Immunization/:id" => function ($id) {
840 RestConfig::scope_check("user", "Immunization", "read");
841 RestConfig::authorization_check("patients", "med");
842 $return = (new FhirImmunizationRestController())->getOne($id);
843 RestConfig::apiLog($return);
844 return $return;
845 },
846 "GET /fhir/Condition" => function () {
847 RestConfig::scope_check("user", "Condition", "read");
848 RestConfig::authorization_check("patients", "med");
849 $return = (new FhirConditionRestController())->getAll($_GET);
850 RestConfig::apiLog($return);
851 return $return;
852 },
853 "GET /fhir/Condition/:id" => function ($uuid) {
854 RestConfig::scope_check("user", "Condition", "read");
855 RestConfig::authorization_check("patients", "med");
856 $return = (new FhirConditionRestController())->getOne($uuid);
857 RestConfig::apiLog($return);
858 return $return;
859 },
860 "GET /fhir/Procedure" => function () {
861 RestConfig::scope_check("user", "Procedure", "read");
862 RestConfig::authorization_check("patients", "med");
863 $return = (new FhirProcedureRestController())->getAll($_GET);
864 RestConfig::apiLog($return);
865 return $return;
866 },
867 "GET /fhir/Procedure/:uuid" => function ($uuid) {
868 RestConfig::scope_check("user", "Procedure", "read");
869 RestConfig::authorization_check("patients", "med");
870 $return = (new FhirProcedureRestController())->getOne($uuid);
871 RestConfig::apiLog($return);
872 return $return;
873 },
874 "GET /fhir/MedicationRequest" => function () {
875 RestConfig::scope_check("user", "MedicationRequest", "read");
876 RestConfig::authorization_check("patients", "med");
877 $return = (new FhirMedicationRequestRestController())->getAll($_GET);
878 RestConfig::apiLog($return);
879 return $return;
880 },
881 "GET /fhir/MedicationRequest/:uuid" => function ($uuid) {
882 RestConfig::scope_check("user", "MedicationRequest", "read");
883 RestConfig::authorization_check("patients", "med");
884 $return = (new FhirMedicationRequestRestController())->getOne($uuid);
885 RestConfig::apiLog($return);
886 return $return;
887 },
888 "GET /fhir/Medication" => function () {
889 RestConfig::scope_check("user", "Medication", "read");
890 RestConfig::authorization_check("patients", "med");
891 $return = (new FhirMedicationRestController())->getAll($_GET);
892 RestConfig::apiLog($return);
893 return $return;
894 },
895 "GET /fhir/Medication/:uuid" => function ($uuid) {
896 RestConfig::scope_check("user", "Medication", "read");
897 RestConfig::authorization_check("patients", "med");
898 $return = (new FhirMedicationRestController())->getOne($uuid);
899 RestConfig::apiLog($return);
900 return $return;
901 },
902 "GET /fhir/Location" => function () {
903 RestConfig::scope_check("user", "Location", "read");
904 RestConfig::authorization_check("patients", "med");
905 $return = (new FhirLocationRestController())->getAll($_GET);
906 RestConfig::apiLog($return);
907 return $return;
908 },
909 "GET /fhir/Location/:uuid" => function ($uuid) {
910 RestConfig::scope_check("user", "Location", "read");
911 RestConfig::authorization_check("patients", "med");
912 $return = (new FhirLocationRestController())->getOne($uuid);
913 RestConfig::apiLog($return);
914 return $return;
915 },
916 "GET /fhir/CareTeam" => function () {
917 RestConfig::scope_check("user", "CareTeam", "read");
918 RestConfig::authorization_check("patients", "med");
919 $return = (new FhirCareTeamRestController())->getAll($_GET);
920 RestConfig::apiLog($return);
921 return $return;
922 },
923 "GET /fhir/CareTeam/:uuid" => function ($uuid) {
924 RestConfig::scope_check("user", "CareTeam", "read");
925 RestConfig::authorization_check("patients", "med");
926 $return = (new FhirCareTeamRestController())->getOne($uuid);
927 RestConfig::apiLog($return);
928 return $return;
929 }
930 );
931
932 // Patient portal api routes
933 RestConfig::$PORTAL_ROUTE_MAP = array(
934 "GET /portal/patient" => function () {
935 RestConfig::scope_check("patient", "patient", "read");
936 $return = (new PatientRestController())->getOne(UuidRegistry::uuidToString($_SESSION['puuid']));
937 RestConfig::apiLog($return);
938 return $return;
939 },
940 "GET /portal/patient/encounter" => function () {
941 RestConfig::scope_check("patient", "encounter", "read");
942 $return = (new EncounterRestController())->getAll(UuidRegistry::uuidToString($_SESSION['puuid']));
943 RestConfig::apiLog($return);
944 return $return;
945 },
946 "GET /portal/patient/encounter/:euuid" => function ($euuid) {
947 RestConfig::scope_check("patient", "encounter", "read");
948 $return = (new EncounterRestController())->getOne(UuidRegistry::uuidToString($_SESSION['puuid']), $euuid);
949 RestConfig::apiLog($return);
950 return $return;
951 }
952 );
953
954 // Patient portal fhir api routes
955 RestConfig::$PORTAL_FHIR_ROUTE_MAP = array(
956 "GET /portalfhir/Patient" => function () {
957 RestConfig::scope_check("patient", "Patient", "read");
958 $return = (new FhirPatientRestController())->getOne(UuidRegistry::uuidToString($_SESSION['puuid']));
959 RestConfig::apiLog($return);
960 return $return;
961 },
962 "GET /portalfhir/Encounter" => function () {
963 RestConfig::scope_check("patient", "Encounter", "read");
964 $return = (new FhirEncounterRestController(null))->getAll(['patient' => UuidRegistry::uuidToString($_SESSION['puuid'])]);
965 RestConfig::apiLog($return);
966 return $return;
967 },
968 "GET /portalfhir/Encounter/:id" => function ($id) {
969 RestConfig::scope_check("patient", "Encounter", "read");
970 $return = (new FhirEncounterRestController(null))->getAll(['_id' => $id, 'patient' => UuidRegistry::uuidToString($_SESSION['puuid'])]);
971 RestConfig::apiLog($return);
972 return $return;
973 }
974 );
Mirror of official OpenEMR Sourceforge repository