8 * @link http://www.open-emr.org
9 * @author Matthew Vita <matthewvita48@gmail.com>
10 * @author Jerry Padgett <sjpadgett@gmail.com>
11 * @author Brady Miller <brady.g.miller@gmail.com>
12 * @author Yash Raj Bothra <yashrajbothra786@gmail.com>
13 * @copyright Copyright (c) 2018 Matthew Vita <matthewvita48@gmail.com>
14 * @copyright Copyright (c) 2018-2020 Jerry Padgett <sjpadgett@gmail.com>
15 * @copyright Copyright (c) 2019 Brady Miller <brady.g.miller@gmail.com>
16 * @copyright Copyright (c) 2020 Yash Raj Bothra <yashrajbothra786@gmail.com>
17 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
20 // Lets keep our controller classes with the routes.
22 use OpenEMR\Common\Uuid\UuidRegistry
;
23 use OpenEMR\RestControllers\AllergyIntoleranceRestController
;
24 use OpenEMR\RestControllers\FacilityRestController
;
25 use OpenEMR\RestControllers\VersionRestController
;
26 use OpenEMR\RestControllers\ProductRegistrationRestController
;
27 use OpenEMR\RestControllers\PatientRestController
;
28 use OpenEMR\RestControllers\EncounterRestController
;
29 use OpenEMR\RestControllers\PractitionerRestController
;
30 use OpenEMR\RestControllers\ListRestController
;
31 use OpenEMR\RestControllers\InsuranceCompanyRestController
;
32 use OpenEMR\RestControllers\AppointmentRestController
;
33 use OpenEMR\RestControllers\ConditionRestController
;
34 use OpenEMR\RestControllers\ONoteRestController
;
35 use OpenEMR\RestControllers\DocumentRestController
;
36 use OpenEMR\RestControllers\DrugRestController
;
37 use OpenEMR\RestControllers\ImmunizationRestController
;
38 use OpenEMR\RestControllers\InsuranceRestController
;
39 use OpenEMR\RestControllers\MessageRestController
;
40 use OpenEMR\RestControllers\PrescriptionRestController
;
41 use OpenEMR\RestControllers\ProcedureRestController
;
43 // Note some Http clients may not send auth as json so a function
44 // is implemented to determine and parse encoding on auth route's.
46 RestConfig
::$ROUTE_MAP = array(
47 "GET /api/facility" => function () {
48 RestConfig
::scope_check("user", "facility", "read");
49 RestConfig
::authorization_check("admin", "users");
50 $return = (new FacilityRestController())->getAll($_GET);
51 RestConfig
::apiLog($return);
54 "GET /api/facility/:fuuid" => function ($fuuid) {
55 RestConfig
::scope_check("user", "facility", "read");
56 RestConfig
::authorization_check("admin", "users");
57 $return = (new FacilityRestController())->getOne($fuuid);
58 RestConfig
::apiLog($return);
61 "POST /api/facility" => function () {
62 RestConfig
::scope_check("user", "facility", "write");
63 RestConfig
::authorization_check("admin", "super");
64 $data = (array) (json_decode(file_get_contents("php://input")));
65 $return = (new FacilityRestController())->post($data);
66 RestConfig
::apiLog($return, $data);
69 "PUT /api/facility/:fuuid" => function ($fuuid) {
70 RestConfig
::scope_check("user", "facility", "write");
71 RestConfig
::authorization_check("admin", "super");
72 $data = (array) (json_decode(file_get_contents("php://input")));
73 $return = (new FacilityRestController())->patch($fuuid, $data);
74 RestConfig
::apiLog($return, $data);
77 "GET /api/patient" => function () {
78 RestConfig
::scope_check("user", "patient", "read");
79 RestConfig
::authorization_check("patients", "demo");
80 $return = (new PatientRestController())->getAll($_GET);
81 RestConfig
::apiLog($return);
84 "POST /api/patient" => function () {
85 RestConfig
::scope_check("user", "patient", "write");
86 RestConfig
::authorization_check("patients", "demo");
87 $data = (array) (json_decode(file_get_contents("php://input")));
88 $return = (new PatientRestController())->post($data);
89 RestConfig
::apiLog($return, $data);
92 "PUT /api/patient/:puuid" => function ($puuid) {
93 RestConfig
::scope_check("user", "patient", "write");
94 RestConfig
::authorization_check("patients", "demo");
95 $data = (array) (json_decode(file_get_contents("php://input")));
96 $return = (new PatientRestController())->put($puuid, $data);
97 RestConfig
::apiLog($return, $data);
100 "GET /api/patient/:puuid" => function ($puuid) {
101 RestConfig
::scope_check("user", "patient", "read");
102 RestConfig
::authorization_check("patients", "demo");
103 $return = (new PatientRestController())->getOne($puuid);
104 RestConfig
::apiLog($return);
107 "GET /api/patient/:puuid/encounter" => function ($puuid) {
108 RestConfig
::scope_check("user", "encounter", "read");
109 RestConfig
::authorization_check("encounters", "auth_a");
110 $return = (new EncounterRestController())->getAll($puuid);
111 RestConfig
::apiLog($return);
114 "POST /api/patient/:puuid/encounter" => function ($puuid) {
115 RestConfig
::scope_check("user", "encounter", "write");
116 RestConfig
::authorization_check("encounters", "auth_a");
117 $data = (array) (json_decode(file_get_contents("php://input")));
118 $return = (new EncounterRestController())->post($puuid, $data);
119 RestConfig
::apiLog($return, $data);
122 "PUT /api/patient/:puuid/encounter/:euuid" => function ($puuid, $euuid) {
123 RestConfig
::scope_check("user", "encounter", "write");
124 RestConfig
::authorization_check("encounters", "auth_a");
125 $data = (array) (json_decode(file_get_contents("php://input")));
126 $return = (new EncounterRestController())->put($puuid, $euuid, $data);
127 RestConfig
::apiLog($return, $data);
130 "GET /api/patient/:puuid/encounter/:euuid" => function ($puuid, $euuid) {
131 RestConfig
::scope_check("user", "encounter", "read");
132 RestConfig
::authorization_check("encounters", "auth_a");
133 $return = (new EncounterRestController())->getOne($puuid, $euuid);
134 RestConfig
::apiLog($return);
137 "GET /api/patient/:pid/encounter/:eid/soap_note" => function ($pid, $eid) {
138 RestConfig
::scope_check("user", "soap_note", "read");
139 RestConfig
::authorization_check("encounters", "notes");
140 $return = (new EncounterRestController())->getSoapNotes($pid, $eid);
141 RestConfig
::apiLog($return);
144 "POST /api/patient/:pid/encounter/:eid/vital" => function ($pid, $eid) {
145 RestConfig
::scope_check("user", "vital", "write");
146 RestConfig
::authorization_check("encounters", "notes");
147 $data = (array) (json_decode(file_get_contents("php://input")));
148 $return = (new EncounterRestController())->postVital($pid, $eid, $data);
149 RestConfig
::apiLog($return, $data);
152 "PUT /api/patient/:pid/encounter/:eid/vital/:vid" => function ($pid, $eid, $vid) {
153 RestConfig
::scope_check("user", "vital", "write");
154 RestConfig
::authorization_check("encounters", "notes");
155 $data = (array) (json_decode(file_get_contents("php://input")));
156 $return = (new EncounterRestController())->putVital($pid, $eid, $vid, $data);
157 RestConfig
::apiLog($return, $data);
160 "GET /api/patient/:pid/encounter/:eid/vital" => function ($pid, $eid) {
161 RestConfig
::scope_check("user", "vital", "read");
162 RestConfig
::authorization_check("encounters", "notes");
163 $return = (new EncounterRestController())->getVitals($pid, $eid);
164 RestConfig
::apiLog($return);
167 "GET /api/patient/:pid/encounter/:eid/vital/:vid" => function ($pid, $eid, $vid) {
168 RestConfig
::scope_check("user", "vital", "read");
169 RestConfig
::authorization_check("encounters", "notes");
170 $return = (new EncounterRestController())->getVital($pid, $eid, $vid);
171 RestConfig
::apiLog($return);
174 "GET /api/patient/:pid/encounter/:eid/soap_note/:sid" => function ($pid, $eid, $sid) {
175 RestConfig
::scope_check("user", "soap_note", "read");
176 RestConfig
::authorization_check("encounters", "notes");
177 $return = (new EncounterRestController())->getSoapNote($pid, $eid, $sid);
178 RestConfig
::apiLog($return);
181 "POST /api/patient/:pid/encounter/:eid/soap_note" => function ($pid, $eid) {
182 RestConfig
::scope_check("user", "soap_note", "write");
183 RestConfig
::authorization_check("encounters", "notes");
184 $data = (array) (json_decode(file_get_contents("php://input")));
185 $return = (new EncounterRestController())->postSoapNote($pid, $eid, $data);
186 RestConfig
::apiLog($return, $data);
189 "PUT /api/patient/:pid/encounter/:eid/soap_note/:sid" => function ($pid, $eid, $sid) {
190 RestConfig
::scope_check("user", "soap_note", "write");
191 RestConfig
::authorization_check("encounters", "notes");
192 $data = (array) (json_decode(file_get_contents("php://input")));
193 $return = (new EncounterRestController())->putSoapNote($pid, $eid, $sid, $data);
194 RestConfig
::apiLog($return, $data);
197 "GET /api/practitioner" => function () {
198 RestConfig
::scope_check("user", "practitioner", "read");
199 RestConfig
::authorization_check("admin", "users");
200 $return = (new PractitionerRestController())->getAll($_GET);
201 RestConfig
::apiLog($return);
204 "GET /api/practitioner/:prid" => function ($prid) {
205 RestConfig
::scope_check("user", "practitioner", "read");
206 RestConfig
::authorization_check("admin", "users");
207 $return = (new PractitionerRestController())->getOne($prid);
208 RestConfig
::apiLog($return);
211 "POST /api/practitioner" => function () {
212 RestConfig
::scope_check("user", "practitioner", "write");
213 RestConfig
::authorization_check("admin", "users");
214 $data = (array) (json_decode(file_get_contents("php://input")));
215 $return = (new PractitionerRestController())->post($data);
216 RestConfig
::apiLog($return, $data);
219 "PUT /api/practitioner/:prid" => function ($prid) {
220 RestConfig
::scope_check("user", "practitioner", "write");
221 RestConfig
::authorization_check("admin", "users");
222 $data = (array) (json_decode(file_get_contents("php://input")));
223 $return = (new PractitionerRestController())->patch($prid, $data);
224 RestConfig
::apiLog($return, $data);
227 "GET /api/medical_problem" => function () {
228 RestConfig
::scope_check("user", "medical_problem", "read");
229 RestConfig
::authorization_check("encounters", "notes");
230 $return = (new ConditionRestController())->getAll();
231 RestConfig
::apiLog($return);
234 "GET /api/medical_problem/:muuid" => function ($muuid) {
235 RestConfig
::scope_check("user", "medical_problem", "read");
236 RestConfig
::authorization_check("encounters", "notes");
237 $return = (new ConditionRestController())->getOne($muuid);
238 RestConfig
::apiLog($return);
241 "GET /api/patient/:puuid/medical_problem" => function ($puuid) {
242 RestConfig
::scope_check("user", "medical_problem", "read");
243 RestConfig
::authorization_check("encounters", "notes");
244 $return = (new ConditionRestController())->getAll($puuid, "medical_problem");
245 RestConfig
::apiLog($return);
248 "GET /api/patient/:puuid/medical_problem/:muuid" => function ($puuid, $muuid) {
249 RestConfig
::scope_check("user", "medical_problem", "read");
250 RestConfig
::authorization_check("patients", "med");
251 $return = (new ConditionRestController())->getAll(['lists.pid' => $puuid, 'lists.id' => $muuid]);
252 RestConfig
::apiLog($return);
255 "POST /api/patient/:puuid/medical_problem" => function ($puuid) {
256 RestConfig
::scope_check("user", "medical_problem", "write");
257 RestConfig
::authorization_check("patients", "med");
258 $data = (array) (json_decode(file_get_contents("php://input")));
259 $return = (new ConditionRestController())->post($puuid, $data);
260 RestConfig
::apiLog($return, $data);
263 "PUT /api/patient/:puuid/medical_problem/:muuid" => function ($puuid, $muuid) {
264 RestConfig
::scope_check("user", "medical_problem", "write");
265 RestConfig
::authorization_check("patients", "med");
266 $data = (array) (json_decode(file_get_contents("php://input")));
267 $return = (new ConditionRestController())->put($puuid, $muuid, $data);
268 RestConfig
::apiLog($return, $data);
271 "DELETE /api/patient/:puuid/medical_problem/:muuid" => function ($puuid, $muuid) {
272 RestConfig
::scope_check("user", "medical_problem", "write");
273 RestConfig
::authorization_check("patients", "med");
274 $return = (new ConditionRestController())->delete($puuid, $muuid);
275 RestConfig
::apiLog($return);
278 "GET /api/allergy" => function () {
279 RestConfig
::scope_check("user", "allergy", "read");
280 RestConfig
::authorization_check("patients", "med");
281 $return = (new AllergyIntoleranceRestController())->getAll();
282 RestConfig
::apiLog($return);
285 "GET /api/allergy/:auuid" => function ($auuid) {
286 RestConfig
::scope_check("user", "allergy", "read");
287 RestConfig
::authorization_check("patients", "med");
288 $return = (new AllergyIntoleranceRestController())->getOne($auuid);
289 RestConfig
::apiLog($return);
292 "GET /api/patient/:puuid/allergy" => function ($puuid) {
293 RestConfig
::scope_check("user", "allergy", "read");
294 RestConfig
::authorization_check("patients", "med");
295 $return = (new AllergyIntoleranceRestController())->getAll(['lists.pid' => $puuid]);
296 RestConfig
::apiLog($return);
299 "GET /api/patient/:puuid/allergy/:auuid" => function ($puuid, $auuid) {
300 RestConfig
::scope_check("user", "allergy", "read");
301 RestConfig
::authorization_check("patients", "med");
302 $return = (new AllergyIntoleranceRestController())->getAll(['lists.pid' => $puuid, 'lists.id' => $auuid]);
303 RestConfig
::apiLog($return);
306 "POST /api/patient/:puuid/allergy" => function ($puuid) {
307 RestConfig
::scope_check("user", "allergy", "write");
308 RestConfig
::authorization_check("patients", "med");
309 $data = (array) (json_decode(file_get_contents("php://input")));
310 $return = (new AllergyIntoleranceRestController())->post($puuid, $data);
311 RestConfig
::apiLog($return, $data);
314 "PUT /api/patient/:puuid/allergy/:auuid" => function ($puuid, $auuid) {
315 RestConfig
::scope_check("user", "allergy", "write");
316 RestConfig
::authorization_check("patients", "med");
317 $data = (array) (json_decode(file_get_contents("php://input")));
318 $return = (new AllergyIntoleranceRestController())->put($puuid, $auuid, $data);
319 RestConfig
::apiLog($return, $data);
322 "DELETE /api/patient/:puuid/allergy/:auuid" => function ($puuid, $auuid) {
323 RestConfig
::scope_check("user", "allergy", "write");
324 RestConfig
::authorization_check("patients", "med");
325 $return = (new AllergyIntoleranceRestController())->delete($puuid, $auuid);
326 RestConfig
::apiLog($return);
329 "GET /api/patient/:pid/medication" => function ($pid) {
330 RestConfig
::scope_check("user", "medication", "read");
331 RestConfig
::authorization_check("patients", "med");
332 $return = (new ListRestController())->getAll($pid, "medication");
333 RestConfig
::apiLog($return);
336 "POST /api/patient/:pid/medication" => function ($pid) {
337 RestConfig
::scope_check("user", "medication", "write");
338 RestConfig
::authorization_check("patients", "med");
339 $data = (array) (json_decode(file_get_contents("php://input")));
340 $return = (new ListRestController())->post($pid, "medication", $data);
341 RestConfig
::apiLog($return, $data);
344 "PUT /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
345 RestConfig
::scope_check("user", "medication", "write");
346 RestConfig
::authorization_check("patients", "med");
347 $data = (array) (json_decode(file_get_contents("php://input")));
348 $return = (new ListRestController())->put($pid, $mid, "medication", $data);
349 RestConfig
::apiLog($return, $data);
352 "GET /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
353 RestConfig
::scope_check("user", "medication", "read");
354 RestConfig
::authorization_check("patients", "med");
355 $return = (new ListRestController())->getOne($pid, "medication", $mid);
356 RestConfig
::apiLog($return);
359 "DELETE /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
360 RestConfig
::scope_check("user", "medication", "write");
361 RestConfig
::authorization_check("patients", "med");
362 $return = (new ListRestController())->delete($pid, $mid, "medication");
363 RestConfig
::apiLog($return);
366 "GET /api/patient/:pid/surgery" => function ($pid) {
367 RestConfig
::scope_check("user", "surgery", "read");
368 RestConfig
::authorization_check("patients", "med");
369 $return = (new ListRestController())->getAll($pid, "surgery");
370 RestConfig
::apiLog($return);
373 "GET /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
374 RestConfig
::scope_check("user", "surgery", "read");
375 RestConfig
::authorization_check("patients", "med");
376 $return = (new ListRestController())->getOne($pid, "surgery", $sid);
377 RestConfig
::apiLog($return);
380 "DELETE /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
381 RestConfig
::scope_check("user", "surgery", "write");
382 RestConfig
::authorization_check("patients", "med");
383 $return = (new ListRestController())->delete($pid, $sid, "surgery");
384 RestConfig
::apiLog($return);
387 "POST /api/patient/:pid/surgery" => function ($pid) {
388 RestConfig
::scope_check("user", "surgery", "write");
389 RestConfig
::authorization_check("patients", "med");
390 $data = (array) (json_decode(file_get_contents("php://input")));
391 $return = (new ListRestController())->post($pid, "surgery", $data);
392 RestConfig
::apiLog($return, $data);
395 "PUT /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
396 RestConfig
::scope_check("user", "surgery", "write");
397 RestConfig
::authorization_check("patients", "med");
398 $data = (array) (json_decode(file_get_contents("php://input")));
399 $return = (new ListRestController())->put($pid, $sid, "surgery", $data);
400 RestConfig
::apiLog($return, $data);
403 "GET /api/patient/:pid/dental_issue" => function ($pid) {
404 RestConfig
::scope_check("user", "dental_issue", "read");
405 RestConfig
::authorization_check("patients", "med");
406 $return = (new ListRestController())->getAll($pid, "dental");
407 RestConfig
::apiLog($return);
410 "GET /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
411 RestConfig
::scope_check("user", "dental_issue", "read");
412 RestConfig
::authorization_check("patients", "med");
413 $return = (new ListRestController())->getOne($pid, "dental", $did);
414 RestConfig
::apiLog($return);
417 "DELETE /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
418 RestConfig
::scope_check("user", "dental_issue", "write");
419 RestConfig
::authorization_check("patients", "med");
420 $return = (new ListRestController())->delete($pid, $did, "dental");
421 RestConfig
::apiLog($return);
424 "POST /api/patient/:pid/dental_issue" => function ($pid) {
425 RestConfig
::scope_check("user", "dental_issue", "write");
426 RestConfig
::authorization_check("patients", "med");
427 $data = (array) (json_decode(file_get_contents("php://input")));
428 $return = (new ListRestController())->post($pid, "dental", $data);
429 RestConfig
::apiLog($return, $data);
432 "PUT /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
433 RestConfig
::scope_check("user", "dental_issue", "write");
434 RestConfig
::authorization_check("patients", "med");
435 $data = (array) (json_decode(file_get_contents("php://input")));
436 $return = (new ListRestController())->put($pid, $did, "dental", $data);
437 RestConfig
::apiLog($return, $data);
440 "GET /api/patient/:pid/appointment" => function ($pid) {
441 RestConfig
::scope_check("user", "appointment", "read");
442 RestConfig
::authorization_check("patients", "appt");
443 $return = (new AppointmentRestController())->getAllForPatient($pid);
444 RestConfig
::apiLog($return);
447 "POST /api/patient/:pid/appointment" => function ($pid) {
448 RestConfig
::scope_check("user", "appointment", "write");
449 RestConfig
::authorization_check("patients", "appt");
450 $data = (array) (json_decode(file_get_contents("php://input")));
451 $return = (new AppointmentRestController())->post($pid, $data);
452 RestConfig
::apiLog($return, $data);
455 "GET /api/appointment" => function () {
456 RestConfig
::scope_check("user", "appointment", "read");
457 RestConfig
::authorization_check("patients", "appt");
458 $return = (new AppointmentRestController())->getAll();
459 RestConfig
::apiLog($return);
462 "GET /api/appointment/:eid" => function ($eid) {
463 RestConfig
::scope_check("user", "appointment", "read");
464 RestConfig
::authorization_check("patients", "appt");
465 $return = (new AppointmentRestController())->getOne($eid);
466 RestConfig
::apiLog($return);
469 "DELETE /api/patient/:pid/appointment/:eid" => function ($pid, $eid) {
470 RestConfig
::scope_check("user", "appointment", "write");
471 RestConfig
::authorization_check("patients", "appt");
472 $return = (new AppointmentRestController())->delete($eid);
473 RestConfig
::apiLog($return);
476 "GET /api/patient/:pid/appointment/:eid" => function ($pid, $eid) {
477 RestConfig
::scope_check("user", "appointment", "read");
478 RestConfig
::authorization_check("patients", "appt");
479 $return = (new AppointmentRestController())->getOne($eid);
480 RestConfig
::apiLog($return);
483 "GET /api/list/:list_name" => function ($list_name) {
484 RestConfig
::scope_check("user", "list", "read");
485 RestConfig
::authorization_check("lists", "default");
486 $return = (new ListRestController())->getOptions($list_name);
487 RestConfig
::apiLog($return);
490 "GET /api/version" => function () {
491 $return = (new VersionRestController())->getOne();
492 RestConfig
::apiLog($return);
495 "GET /api/product" => function () {
496 $return = (new ProductRegistrationRestController())->getOne();
497 RestConfig
::apiLog($return);
500 "GET /api/insurance_company" => function () {
501 RestConfig
::scope_check("user", "insurance_company", "read");
502 $return = (new InsuranceCompanyRestController())->getAll();
503 RestConfig
::apiLog($return);
506 "GET /api/insurance_company/:iid" => function ($iid) {
507 RestConfig
::scope_check("user", "insurance_company", "read");
508 $return = (new InsuranceCompanyRestController())->getOne($iid);
509 RestConfig
::apiLog($return);
512 "GET /api/insurance_type" => function () {
513 RestConfig
::scope_check("user", "insurance_type", "read");
514 $return = (new InsuranceCompanyRestController())->getInsuranceTypes();
515 RestConfig
::apiLog($return);
518 "POST /api/insurance_company" => function () {
519 RestConfig
::scope_check("user", "insurance_company", "write");
520 $data = (array) (json_decode(file_get_contents("php://input")));
521 $return = (new InsuranceCompanyRestController())->post($data);
522 RestConfig
::apiLog($return, $data);
525 "PUT /api/insurance_company/:iid" => function ($iid) {
526 RestConfig
::scope_check("user", "insurance_company", "write");
527 $data = (array) (json_decode(file_get_contents("php://input")));
528 $return = (new InsuranceCompanyRestController())->put($iid, $data);
529 RestConfig
::apiLog($return, $data);
532 "POST /api/patient/:pid/document" => function ($pid) {
533 RestConfig
::scope_check("user", "document", "write");
534 $return = (new DocumentRestController())->postWithPath($pid, $_GET['path'], $_FILES['document']);
535 RestConfig
::apiLog($return);
538 "GET /api/patient/:pid/document" => function ($pid) {
539 RestConfig
::scope_check("user", "document", "read");
540 $return = (new DocumentRestController())->getAllAtPath($pid, $_GET['path']);
541 RestConfig
::apiLog($return);
544 "GET /api/patient/:pid/document/:did" => function ($pid, $did) {
545 RestConfig
::scope_check("user", "document", "read");
546 $return = (new DocumentRestController())->downloadFile($pid, $did);
547 RestConfig
::apiLog($return);
550 "GET /api/patient/:pid/insurance" => function ($pid) {
551 RestConfig
::scope_check("user", "insurance", "read");
552 $return = (new InsuranceRestController())->getAll($pid);
553 RestConfig
::apiLog($return);
556 "GET /api/patient/:pid/insurance/:type" => function ($pid, $type) {
557 RestConfig
::scope_check("user", "insurance", "read");
558 $return = (new InsuranceRestController())->getOne($pid, $type);
559 RestConfig
::apiLog($return);
562 "POST /api/patient/:pid/insurance/:type" => function ($pid, $type) {
563 RestConfig
::scope_check("user", "insurance", "write");
564 $data = (array) (json_decode(file_get_contents("php://input")));
565 $return = (new InsuranceRestController())->post($pid, $type, $data);
566 RestConfig
::apiLog($return, $data);
569 "PUT /api/patient/:pid/insurance/:type" => function ($pid, $type) {
570 RestConfig
::scope_check("user", "insurance", "write");
571 $data = (array) (json_decode(file_get_contents("php://input")));
572 $return = (new InsuranceRestController())->put($pid, $type, $data);
573 RestConfig
::apiLog($return, $data);
576 "POST /api/patient/:pid/message" => function ($pid) {
577 RestConfig
::scope_check("user", "message", "write");
578 RestConfig
::authorization_check("patients", "notes");
579 $data = (array) (json_decode(file_get_contents("php://input")));
580 $return = (new MessageRestController())->post($pid, $data);
581 RestConfig
::apiLog($return, $data);
584 "PUT /api/patient/:pid/message/:mid" => function ($pid, $mid) {
585 RestConfig
::scope_check("user", "message", "write");
586 RestConfig
::authorization_check("patients", "notes");
587 $data = (array) (json_decode(file_get_contents("php://input")));
588 $return = (new MessageRestController())->put($pid, $mid, $data);
589 RestConfig
::apiLog($return, $data);
592 "DELETE /api/patient/:pid/message/:mid" => function ($pid, $mid) {
593 RestConfig
::scope_check("user", "message", "write");
594 RestConfig
::authorization_check("patients", "notes");
595 $return = (new MessageRestController())->delete($pid, $mid);
596 RestConfig
::apiLog($return);
599 "GET /api/immunization" => function () {
600 RestConfig
::scope_check("user", "immunization", "read");
601 RestConfig
::authorization_check("patients", "med");
602 $return = (new ImmunizationRestController())->getAll($_GET);
603 RestConfig
::apiLog($return);
606 "GET /api/immunization/:uuid" => function ($uuid) {
607 RestConfig
::scope_check("user", "immunization", "read");
608 RestConfig
::authorization_check("patients", "med");
609 $return = (new ImmunizationRestController())->getOne($uuid);
610 RestConfig
::apiLog($return);
613 "GET /api/procedure" => function () {
614 RestConfig
::scope_check("user", "procedure", "read");
615 RestConfig
::authorization_check("patients", "med");
616 $return = (new ProcedureRestController())->getAll();
617 RestConfig
::apiLog($return);
620 "GET /api/procedure/:uuid" => function ($uuid) {
621 RestConfig
::scope_check("user", "procedure", "read");
622 RestConfig
::authorization_check("patients", "med");
623 $return = (new ProcedureRestController())->getOne($uuid);
624 RestConfig
::apiLog($return);
627 "GET /api/drug" => function () {
628 RestConfig
::scope_check("user", "drug", "read");
629 RestConfig
::authorization_check("patients", "med");
630 $return = (new DrugRestController())->getAll();
631 RestConfig
::apiLog($return);
634 "GET /api/drug/:uuid" => function ($uuid) {
635 RestConfig
::scope_check("user", "drug", "read");
636 RestConfig
::authorization_check("patients", "med");
637 $return = (new DrugRestController())->getOne($uuid);
638 RestConfig
::apiLog($return);
641 "GET /api/prescription" => function () {
642 RestConfig
::scope_check("user", "prescription", "read");
643 RestConfig
::authorization_check("patients", "med");
644 $return = (new PrescriptionRestController())->getAll();
645 RestConfig
::apiLog($return);
648 "GET /api/prescription/:uuid" => function ($uuid) {
649 RestConfig
::scope_check("user", "prescription", "read");
650 RestConfig
::authorization_check("patients", "med");
651 $return = (new PrescriptionRestController())->getOne($uuid);
652 RestConfig
::apiLog($return);
658 use OpenEMR\RestControllers\FHIR\FhirAllergyIntoleranceRestController
;
659 use OpenEMR\RestControllers\FHIR\FhirCareTeamRestController
;
660 use OpenEMR\RestControllers\FHIR\FhirConditionRestController
;
661 use OpenEMR\RestControllers\FHIR\FhirEncounterRestController
;
662 use OpenEMR\RestControllers\FHIR\FhirObservationRestController
;
663 use OpenEMR\RestControllers\FHIR\FhirImmunizationRestController
;
664 use OpenEMR\RestControllers\FHIR\FhirLocationRestController
;
665 use OpenEMR\RestControllers\FHIR\FhirMedicationRestController
;
666 use OpenEMR\RestControllers\FHIR\FhirMedicationRequestRestController
;
667 use OpenEMR\RestControllers\FHIR\FhirOrganizationRestController
;
668 use OpenEMR\RestControllers\FHIR\FhirPatientRestController
;
669 use OpenEMR\RestControllers\FHIR\FhirPractitionerRoleRestController
;
670 use OpenEMR\RestControllers\FHIR\FhirPractitionerRestController
;
671 use OpenEMR\RestControllers\FHIR\FhirProcedureRestController
;
672 use OpenEMR\RestControllers\FHIR\FhirMetaDataRestController
;
674 RestConfig
::$FHIR_ROUTE_MAP = array(
675 "GET /fhir/metadata" => function () {
676 $return = (new FhirMetaDataRestController())->getMetaData();
677 RestConfig
::apiLog($return);
680 "GET /fhir/.well-known/smart-configuration" => function () {
681 $authController = new \OpenEMR\RestControllers\
AuthorizationController();
682 $return = (new \OpenEMR\RestControllers\SMART\
SMARTConfigurationController($authController))->getConfig();
683 RestConfig
::apiLog($return);
686 "POST /fhir/Patient" => function () {
687 RestConfig
::scope_check("user", "Patient", "write");
688 RestConfig
::authorization_check("patients", "demo");
689 $data = (array) (json_decode(file_get_contents("php://input"), true));
690 $return = (new FhirPatientRestController())->post($data);
691 RestConfig
::apiLog($return, $data);
694 "PUT /fhir/Patient/:id" => function ($id) {
695 RestConfig
::scope_check("user", "Patient", "write");
696 RestConfig
::authorization_check("patients", "demo");
697 $data = (array) (json_decode(file_get_contents("php://input"), true));
698 $return = (new FhirPatientRestController())->put($id, $data);
699 RestConfig
::apiLog($return, $data);
702 "GET /fhir/Patient" => function () {
703 RestConfig
::scope_check("user", "Patient", "read");
704 RestConfig
::authorization_check("patients", "demo");
705 $return = (new FhirPatientRestController())->getAll($_GET);
706 RestConfig
::apiLog($return);
709 "GET /fhir/Patient/:id" => function ($id) {
710 RestConfig
::scope_check("user", "Patient", "read");
711 RestConfig
::authorization_check("patients", "demo");
712 $return = (new FhirPatientRestController())->getOne($id);
713 RestConfig
::apiLog($return);
716 "GET /fhir/Encounter" => function () {
717 RestConfig
::scope_check("user", "Encounter", "read");
718 RestConfig
::authorization_check("encounters", "auth_a");
719 $return = (new FhirEncounterRestController(null))->getAll($_GET);
720 RestConfig
::apiLog($return);
723 "GET /fhir/Encounter/:id" => function ($id) {
724 RestConfig
::scope_check("user", "Encounter", "read");
725 RestConfig
::authorization_check("encounters", "auth_a");
726 $return = (new FhirEncounterRestController())->getOne($id);
727 RestConfig
::apiLog($return);
730 "GET /fhir/Practitioner" => function () {
731 RestConfig
::scope_check("user", "Practitioner", "read");
732 RestConfig
::authorization_check("admin", "users");
733 $return = (new FhirPractitionerRestController())->getAll($_GET);
734 RestConfig
::apiLog($return);
737 "GET /fhir/Practitioner/:id" => function ($id) {
738 RestConfig
::scope_check("user", "Practitioner", "read");
739 RestConfig
::authorization_check("admin", "users");
740 $return = (new FhirPractitionerRestController())->getOne($id);
741 RestConfig
::apiLog($return);
744 "POST /fhir/Practitioner" => function () {
745 RestConfig
::scope_check("user", "Practitioner", "write");
746 RestConfig
::authorization_check("admin", "users");
747 $data = (array) (json_decode(file_get_contents("php://input"), true));
748 $return = (new FhirPractitionerRestController())->post($data);
749 RestConfig
::apiLog($return, $data);
752 "PUT /fhir/Practitioner/:id" => function ($id) {
753 RestConfig
::scope_check("user", "Practitioner", "write");
754 RestConfig
::authorization_check("admin", "users");
755 $data = (array) (json_decode(file_get_contents("php://input"), true));
756 $return = (new FhirPractitionerRestController())->patch($id, $data);
757 RestConfig
::apiLog($return, $data);
760 "GET /fhir/Organization" => function () {
761 RestConfig
::scope_check("user", "Organization", "read");
762 RestConfig
::authorization_check("admin", "users");
763 $return = (new FhirOrganizationRestController())->getAll($_GET);
764 RestConfig
::apiLog($return);
767 "GET /fhir/Organization/:id" => function ($id) {
768 RestConfig
::scope_check("user", "Organization", "read");
769 RestConfig
::authorization_check("admin", "users");
770 $return = (new FhirOrganizationRestController())->getOne($id);
771 RestConfig
::apiLog($return);
774 "POST /fhir/Organization" => function () {
775 RestConfig
::scope_check("user", "Organization", "write");
776 RestConfig
::authorization_check("admin", "super");
777 $data = (array) (json_decode(file_get_contents("php://input"), true));
778 $return = (new FhirOrganizationRestController())->post($data);
779 RestConfig
::apiLog($return, $data);
782 "PUT /fhir/Organization/:id" => function ($id) {
783 RestConfig
::scope_check("user", "Organization", "write");
784 RestConfig
::authorization_check("admin", "super");
785 $data = (array) (json_decode(file_get_contents("php://input"), true));
786 $return = (new FhirOrganizationRestController())->patch($id, $data);
787 RestConfig
::apiLog($return, $data);
790 "GET /fhir/PractitionerRole" => function () {
791 RestConfig
::scope_check("user", "PractitionerRole", "read");
792 RestConfig
::authorization_check("admin", "users");
793 $return = (new FhirPractitionerRoleRestController())->getAll($_GET);
794 RestConfig
::apiLog($return);
797 "GET /fhir/PractitionerRole/:id" => function ($id) {
798 RestConfig
::scope_check("user", "PractitionerRole", "read");
799 RestConfig
::authorization_check("admin", "users");
800 $return = (new FhirPractitionerRoleRestController())->getOne($id);
801 RestConfig
::apiLog($return);
804 "GET /fhir/AllergyIntolerance" => function () {
805 RestConfig
::scope_check("user", "AllergyIntolerance", "read");
806 RestConfig
::authorization_check("patients", "med");
807 $return = (new FhirAllergyIntoleranceRestController(null))->getAll($_GET);
808 RestConfig
::apiLog($return);
811 "GET /fhir/AllergyIntolerance/:id" => function ($id) {
812 RestConfig
::scope_check("user", "AllergyIntolerance", "read");
813 RestConfig
::authorization_check("patients", "med");
814 $return = (new FhirAllergyIntoleranceRestController(null))->getOne($id);
815 RestConfig
::apiLog($return);
818 "GET /fhir/Observation" => function () {
819 RestConfig
::scope_check("user", "Observation", "read");
820 RestConfig
::authorization_check("patients", "med");
821 $return = (new FhirObservationRestController())->getAll($_GET);
822 RestConfig
::apiLog($return);
825 "GET /fhir/Observation/:uuid" => function ($uuid) {
826 RestConfig
::scope_check("user", "Observation", "read");
827 RestConfig
::authorization_check("patients", "med");
828 $return = (new FhirObservationRestController())->getOne($uuid);
829 RestConfig
::apiLog($return);
832 "GET /fhir/Immunization" => function () {
833 RestConfig
::scope_check("user", "Immunization", "read");
834 RestConfig
::authorization_check("patients", "med");
835 $return = (new FhirImmunizationRestController())->getAll($_GET);
836 RestConfig
::apiLog($return);
839 "GET /fhir/Immunization/:id" => function ($id) {
840 RestConfig
::scope_check("user", "Immunization", "read");
841 RestConfig
::authorization_check("patients", "med");
842 $return = (new FhirImmunizationRestController())->getOne($id);
843 RestConfig
::apiLog($return);
846 "GET /fhir/Condition" => function () {
847 RestConfig
::scope_check("user", "Condition", "read");
848 RestConfig
::authorization_check("patients", "med");
849 $return = (new FhirConditionRestController())->getAll($_GET);
850 RestConfig
::apiLog($return);
853 "GET /fhir/Condition/:id" => function ($uuid) {
854 RestConfig
::scope_check("user", "Condition", "read");
855 RestConfig
::authorization_check("patients", "med");
856 $return = (new FhirConditionRestController())->getOne($uuid);
857 RestConfig
::apiLog($return);
860 "GET /fhir/Procedure" => function () {
861 RestConfig
::scope_check("user", "Procedure", "read");
862 RestConfig
::authorization_check("patients", "med");
863 $return = (new FhirProcedureRestController())->getAll($_GET);
864 RestConfig
::apiLog($return);
867 "GET /fhir/Procedure/:uuid" => function ($uuid) {
868 RestConfig
::scope_check("user", "Procedure", "read");
869 RestConfig
::authorization_check("patients", "med");
870 $return = (new FhirProcedureRestController())->getOne($uuid);
871 RestConfig
::apiLog($return);
874 "GET /fhir/MedicationRequest" => function () {
875 RestConfig
::scope_check("user", "MedicationRequest", "read");
876 RestConfig
::authorization_check("patients", "med");
877 $return = (new FhirMedicationRequestRestController())->getAll($_GET);
878 RestConfig
::apiLog($return);
881 "GET /fhir/MedicationRequest/:uuid" => function ($uuid) {
882 RestConfig
::scope_check("user", "MedicationRequest", "read");
883 RestConfig
::authorization_check("patients", "med");
884 $return = (new FhirMedicationRequestRestController())->getOne($uuid);
885 RestConfig
::apiLog($return);
888 "GET /fhir/Medication" => function () {
889 RestConfig
::scope_check("user", "Medication", "read");
890 RestConfig
::authorization_check("patients", "med");
891 $return = (new FhirMedicationRestController())->getAll($_GET);
892 RestConfig
::apiLog($return);
895 "GET /fhir/Medication/:uuid" => function ($uuid) {
896 RestConfig
::scope_check("user", "Medication", "read");
897 RestConfig
::authorization_check("patients", "med");
898 $return = (new FhirMedicationRestController())->getOne($uuid);
899 RestConfig
::apiLog($return);
902 "GET /fhir/Location" => function () {
903 RestConfig
::scope_check("user", "Location", "read");
904 RestConfig
::authorization_check("patients", "med");
905 $return = (new FhirLocationRestController())->getAll($_GET);
906 RestConfig
::apiLog($return);
909 "GET /fhir/Location/:uuid" => function ($uuid) {
910 RestConfig
::scope_check("user", "Location", "read");
911 RestConfig
::authorization_check("patients", "med");
912 $return = (new FhirLocationRestController())->getOne($uuid);
913 RestConfig
::apiLog($return);
916 "GET /fhir/CareTeam" => function () {
917 RestConfig
::scope_check("user", "CareTeam", "read");
918 RestConfig
::authorization_check("patients", "med");
919 $return = (new FhirCareTeamRestController())->getAll($_GET);
920 RestConfig
::apiLog($return);
923 "GET /fhir/CareTeam/:uuid" => function ($uuid) {
924 RestConfig
::scope_check("user", "CareTeam", "read");
925 RestConfig
::authorization_check("patients", "med");
926 $return = (new FhirCareTeamRestController())->getOne($uuid);
927 RestConfig
::apiLog($return);
932 // Patient portal api routes
933 RestConfig
::$PORTAL_ROUTE_MAP = array(
934 "GET /portal/patient" => function () {
935 RestConfig
::scope_check("patient", "patient", "read");
936 $return = (new PatientRestController())->getOne(UuidRegistry
::uuidToString($_SESSION['puuid']));
937 RestConfig
::apiLog($return);
940 "GET /portal/patient/encounter" => function () {
941 RestConfig
::scope_check("patient", "encounter", "read");
942 $return = (new EncounterRestController())->getAll(UuidRegistry
::uuidToString($_SESSION['puuid']));
943 RestConfig
::apiLog($return);
946 "GET /portal/patient/encounter/:euuid" => function ($euuid) {
947 RestConfig
::scope_check("patient", "encounter", "read");
948 $return = (new EncounterRestController())->getOne(UuidRegistry
::uuidToString($_SESSION['puuid']), $euuid);
949 RestConfig
::apiLog($return);
954 // Patient portal fhir api routes
955 RestConfig
::$PORTAL_FHIR_ROUTE_MAP = array(
956 "GET /portalfhir/Patient" => function () {
957 RestConfig
::scope_check("patient", "Patient", "read");
958 $return = (new FhirPatientRestController())->getOne(UuidRegistry
::uuidToString($_SESSION['puuid']));
959 RestConfig
::apiLog($return);
962 "GET /portalfhir/Encounter" => function () {
963 RestConfig
::scope_check("patient", "Encounter", "read");
964 $return = (new FhirEncounterRestController(null))->getAll(['patient' => UuidRegistry
::uuidToString($_SESSION['puuid'])]);
965 RestConfig
::apiLog($return);
968 "GET /portalfhir/Encounter/:id" => function ($id) {
969 RestConfig
::scope_check("patient", "Encounter", "read");
970 $return = (new FhirEncounterRestController(null))->getAll(['_id' => $id, 'patient' => UuidRegistry
::uuidToString($_SESSION['puuid'])]);
971 RestConfig
::apiLog($return);