search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Rest dispatch
[openemr.git] / rest_router.php
blobf7395347ff17773dd80af5f386ab667849cb039d
1 <?php
2 /**
3 * rest_router
4 *
5 * LICENSE: This program is free software; you can redistribute it and/or
6 * modify it under the terms of the GNU General Public License
7 * as published by the Free Software Foundation; either version 2
8 * of the License, or (at your option) any later version.
9 * This program is distributed in the hope that it will be useful,
10 * but WITHOUT ANY WARRANTY; without even the implied warranty of
11 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 * GNU General Public License for more details.
13 * You should have received a copy of the GNU General Public License
14 * along with this program. If not, see <http://opensource.org/licenses/gpl-license.php>;.
15 *
16 * @package OpenEMR
17 * @author Matthew Vita <matthewvita48@gmail.com>
18 * @link http://www.open-emr.org
19 */
20
21
22 $ignoreAuth = true;
23
24 require_once("interface/globals.php");
25
26 use OpenEMR\Common\Http\HttpRestRouteHandler;
27 use OpenEMR\RestControllers\FacilityRestController;
28 use OpenEMR\RestControllers\VersionRestController;
29 use OpenEMR\RestControllers\ProductRegistrationRestController;
30 use OpenEMR\RestControllers\PatientRestController;
31 use OpenEMR\RestControllers\EncounterRestController;
32 use OpenEMR\RestControllers\ProviderRestController;
33 use OpenEMR\RestControllers\ListRestController;
34 use OpenEMR\RestControllers\InsuranceCompanyRestController;
35 use OpenEMR\RestControllers\AppointmentRestController;
36 use OpenEMR\RestControllers\AuthRestController;
37 use OpenEMR\RestControllers\ONoteRestController;
38 use OpenEMR\RestControllers\DocumentRestController;
39 use OpenEMR\RestControllers\InsuranceRestController;
40 use OpenEMR\RestControllers\MessageRestController;
41
42 function authentication_check() {
43 $authRestController = new AuthRestController();
44 if ($_GET["resource"] !== "/api/auth") {
45 if (!$authRestController->isValidToken($_SERVER["HTTP_X_API_TOKEN"])) {
46 http_response_code(401);
47 exit;
48 } else {
49 $authRestController->optionallyAddMoreTokenTime($token);
50 }
51 }
52 }
53
54 function authorization_check($section, $value) {
55 $authRestController = new AuthRestController();
56 $result = $authRestController->aclCheck($_SERVER["HTTP_X_API_TOKEN"], $section, $value);
57
58 if (!$result) {
59 http_response_code(401);
60 exit;
61 }
62 }
63
64 $routes = array(
65 "POST /api/auth" => function() {
66 $data = (array)(json_decode(file_get_contents("php://input")));
67 return (new AuthRestController())->authenticate($data);
68 },
69 "GET /api/facility" => function() {
70 authorization_check("admin", "users");
71 return (new FacilityRestController())->getAll();
72 },
73 "GET /api/facility/:fid" => function($fid) {
74 authorization_check("admin", "users");
75 return (new FacilityRestController())->getOne($fid);
76 },
77 "POST /api/facility" => function() {
78 authorization_check("admin", "super");
79 $data = (array)(json_decode(file_get_contents("php://input")));
80 return (new FacilityRestController())->post($data);
81 },
82 "PUT /api/facility/:fid" => function($fid) {
83 authorization_check("admin", "super");
84 $data = (array)(json_decode(file_get_contents("php://input")));
85 $data["fid"] = $fid;
86 return (new FacilityRestController())->put($data);
87 },
88 "GET /api/provider" => function() {
89 authorization_check("admin", "users");
90 return (new ProviderRestController())->getAll();
91 },
92 "GET /api/provider/:prid" => function($prid) {
93 authorization_check("admin", "users");
94 return (new ProviderRestController())->getOne($prid);
95 },
96 "GET /api/patient" => function() {
97 authorization_check("patients", "demo");
98 return (new PatientRestController(null))->getAll($_GET);
99 },
100 "POST /api/patient" => function() {
101 authorization_check("patients", "demo");
102 $data = (array)(json_decode(file_get_contents("php://input")));
103 return (new PatientRestController(null))->post($data);
104 },
105 "PUT /api/patient/:pid" => function($pid) {
106 authorization_check("patients", "demo");
107 $data = (array)(json_decode(file_get_contents("php://input")));
108 return (new PatientRestController(null))->put($pid, $data);
109 },
110 "GET /api/patient/:pid" => function($pid) {
111 authorization_check("patients", "demo");
112 return (new PatientRestController($pid))->getOne();
113 },
114 "GET /api/patient/:pid/encounter" => function($pid) {
115 authorization_check("encounters", "auth_a");
116 return (new EncounterRestController())->getAll($pid);
117 },
118 "GET /api/patient/:pid/encounter/:eid" => function($pid, $eid) {
119 authorization_check("encounters", "auth_a");
120 return (new EncounterRestController())->getOne($pid, $eid);
121 },
122 "GET /api/patient/:pid/encounter/:eid/soap_note" => function($pid, $eid) {
123 authorization_check("encounters", "notes");
124 return (new EncounterRestController())->getSoapNotes($pid, $eid);
125 },
126 "POST /api/patient/:pid/encounter/:eid/vital" => function($pid, $eid) {
127 authorization_check("encounters", "notes");
128 $data = (array)(json_decode(file_get_contents("php://input")));
129 return (new EncounterRestController())->postVital($pid, $eid, $data);
130 },
131 "PUT /api/patient/:pid/encounter/:eid/vital/:vid" => function($pid, $eid, $vid) {
132 authorization_check("encounters", "notes");
133 $data = (array)(json_decode(file_get_contents("php://input")));
134 return (new EncounterRestController())->putVital($pid, $eid, $vid, $data);
135 },
136 "GET /api/patient/:pid/encounter/:eid/vital" => function($pid, $eid) {
137 authorization_check("encounters", "notes");
138 return (new EncounterRestController())->getVitals($pid, $eid);
139 },
140 "GET /api/patient/:pid/encounter/:eid/vital/:vid" => function($pid, $eid, $vid) {
141 authorization_check("encounters", "notes");
142 return (new EncounterRestController())->getVital($pid, $eid, $vid);
143 },
144 "GET /api/patient/:pid/encounter/:eid/soap_note/:sid" => function($pid, $eid, $sid) {
145 authorization_check("encounters", "notes");
146 return (new EncounterRestController())->getSoapNote($pid, $eid, $sid);
147 },
148 "POST /api/patient/:pid/encounter/:eid/soap_note" => function($pid, $eid) {
149 authorization_check("encounters", "notes");
150 $data = (array)(json_decode(file_get_contents("php://input")));
151 return (new EncounterRestController())->postSoapNote($pid, $eid, $data);
152 },
153 "PUT /api/patient/:pid/encounter/:eid/soap_note/:sid" => function($pid, $eid, $sid) {
154 authorization_check("encounters", "notes");
155 $data = (array)(json_decode(file_get_contents("php://input")));
156 return (new EncounterRestController())->putSoapNote($pid, $eid, $sid, $data);
157 },
158 "GET /api/patient/:pid/medical_problem" => function($pid) {
159 authorization_check("encounters", "notes");
160 return (new ListRestController())->getAll($pid, "medical_problem");
161 },
162 "GET /api/patient/:pid/medical_problem/:mid" => function($pid, $mid) {
163 authorization_check("patients", "med");
164 return (new ListRestController())->getOne($pid, "medical_problem", $mid);
165 },
166 "POST /api/patient/:pid/medical_problem" => function($pid) {
167 authorization_check("patients", "med");
168 $data = (array)(json_decode(file_get_contents("php://input")));
169 return (new ListRestController())->post($pid, "medical_problem", $data);
170 },
171 "PUT /api/patient/:pid/medical_problem/:mid" => function($pid, $mid) {
172 authorization_check("patients", "med");
173 $data = (array)(json_decode(file_get_contents("php://input")));
174 return (new ListRestController())->put($pid, $mid, "medical_problem", $data);
175 },
176 "DELETE /api/patient/:pid/medical_problem/:mid" => function($pid, $mid) {
177 authorization_check("patients", "med");
178 return (new ListRestController())->delete($pid, $mid, "medical_problem");
179 },
180 "GET /api/patient/:pid/allergy" => function($pid) {
181 authorization_check("patients", "med");
182 return (new ListRestController())->getAll($pid, "allergy");
183 },
184 "GET /api/patient/:pid/allergy/:aid" => function($pid, $aid) {
185 authorization_check("patients", "med");
186 return (new ListRestController())->getOne($pid, "allergy", $aid);
187 },
188 "DELETE /api/patient/:pid/allergy/:aid" => function($pid, $aid) {
189 authorization_check("patients", "med");
190 return (new ListRestController())->delete($pid, $aid, "allergy");
191 },
192 "POST /api/patient/:pid/allergy" => function($pid) {
193 authorization_check("patients", "med");
194 $data = (array)(json_decode(file_get_contents("php://input")));
195 return (new ListRestController())->post($pid, "allergy", $data);
196 },
197 "PUT /api/patient/:pid/allergy/:aid" => function($pid, $aid) {
198 authorization_check("patients", "med");
199 $data = (array)(json_decode(file_get_contents("php://input")));
200 return (new ListRestController())->put($pid, $aid, "allergy", $data);
201 },
202 "GET /api/patient/:pid/medication" => function($pid) {
203 authorization_check("patients", "med");
204 return (new ListRestController())->getAll($pid, "medication");
205 },
206 "POST /api/patient/:pid/medication" => function($pid) {
207 authorization_check("patients", "med");
208 $data = (array)(json_decode(file_get_contents("php://input")));
209 return (new ListRestController())->post($pid, "medication", $data);
210 },
211 "PUT /api/patient/:pid/medication/:mid" => function($pid, $mid) {
212 authorization_check("patients", "med");
213 $data = (array)(json_decode(file_get_contents("php://input")));
214 return (new ListRestController())->put($pid, $mid, "medication", $data);
215 },
216 "GET /api/patient/:pid/medication/:mid" => function($pid, $mid) {
217 authorization_check("patients", "med");
218 return (new ListRestController())->getOne($pid, "medication", $mid);
219 },
220 "DELETE /api/patient/:pid/medication/:mid" => function($pid, $mid) {
221 authorization_check("patients", "med");
222 return (new ListRestController())->delete($pid, $mid, "medication");
223 },
224 "GET /api/patient/:pid/surgery" => function($pid) {
225 authorization_check("patients", "med");
226 return (new ListRestController())->getAll($pid, "surgery");
227 },
228 "GET /api/patient/:pid/surgery/:sid" => function($pid, $sid) {
229 authorization_check("patients", "med");
230 return (new ListRestController())->getOne($pid, "surgery", $sid);
231 },
232 "DELETE /api/patient/:pid/surgery/:sid" => function($pid, $sid) {
233 authorization_check("patients", "med");
234 return (new ListRestController())->delete($pid, $sid, "surgery");
235 },
236 "POST /api/patient/:pid/surgery" => function($pid) {
237 authorization_check("patients", "med");
238 $data = (array)(json_decode(file_get_contents("php://input")));
239 return (new ListRestController())->post($pid, "surgery", $data);
240 },
241 "PUT /api/patient/:pid/surgery/:sid" => function($pid, $sid) {
242 authorization_check("patients", "med");
243 $data = (array)(json_decode(file_get_contents("php://input")));
244 return (new ListRestController())->put($pid, $sid, "surgery", $data);
245 },
246 "GET /api/patient/:pid/dental_issue" => function($pid) {
247 authorization_check("patients", "med");
248 return (new ListRestController())->getAll($pid, "dental");
249 },
250 "GET /api/patient/:pid/dental_issue/:did" => function($pid, $did) {
251 authorization_check("patients", "med");
252 return (new ListRestController())->getOne($pid, "dental", $did);
253 },
254 "DELETE /api/patient/:pid/dental_issue/:did" => function($pid, $did) {
255 authorization_check("patients", "med");
256 return (new ListRestController())->delete($pid, $did, "dental");
257 },
258 "POST /api/patient/:pid/dental_issue" => function($pid) {
259 authorization_check("patients", "med");
260 $data = (array)(json_decode(file_get_contents("php://input")));
261 return (new ListRestController())->post($pid, "dental", $data);
262 },
263 "PUT /api/patient/:pid/dental_issue/:did" => function($pid, $did) {
264 authorization_check("patients", "med");
265 $data = (array)(json_decode(file_get_contents("php://input")));
266 return (new ListRestController())->put($pid, $did, "dental", $data);
267 },
268 "GET /api/patient/:pid/appointment" => function($pid) {
269 authorization_check("patients", "appt");
270 return (new AppointmentRestController())->getAllForPatient($pid);
271 },
272 "POST /api/patient/:pid/appointment" => function($pid) {
273 authorization_check("patients", "appt");
274 $data = (array)(json_decode(file_get_contents("php://input")));
275 return (new AppointmentRestController())->post($pid, $data);
276 },
277 "GET /api/appointment" => function() {
278 authorization_check("patients", "appt");
279 return (new AppointmentRestController())->getAll();
280 },
281 "GET /api/appointment/:eid" => function($eid) {
282 authorization_check("patients", "appt");
283 return (new AppointmentRestController())->getOne($eid);
284 },
285 "DELETE /api/patient/:pid/appointment/:eid" => function($pid, $eid) {
286 authorization_check("patients", "appt");
287 return (new AppointmentRestController())->delete($eid);
288 },
289 "GET /api/patient/:pid/appointment/:eid" => function($pid, $eid) {
290 authorization_check("patients", "appt");
291 return (new AppointmentRestController())->getOne($eid);
292 },
293 "GET /api/list/:list_name" => function($list_name) {
294 authorization_check("lists", "default");
295 return (new ListRestController())->getOptions($list_name);
296 },
297 "GET /api/version" => function() {
298 return (new VersionRestController())->getOne();
299 },
300 "GET /api/product" => function() {
301 return (new ProductRegistrationRestController())->getOne();
302 },
303 "GET /api/insurance_company" => function() {
304 return (new InsuranceCompanyRestController())->getAll();
305 },
306 "GET /api/insurance_type" => function() {
307 return (new InsuranceCompanyRestController())->getInsuranceTypes();
308 },
309 "POST /api/insurance_company" => function() {
310 $data = (array)(json_decode(file_get_contents("php://input")));
311 return (new InsuranceCompanyRestController())->post($data);
312 },
313 "PUT /api/insurance_company/:iid" => function($iid) {
314 $data = (array)(json_decode(file_get_contents("php://input")));
315 return (new InsuranceCompanyRestController())->put($iid, $data);
316 },
317 "POST /api/patient/:pid/document" => function($pid) {
318 return (new DocumentRestController())->postWithPath($pid, $_GET['path'], $_FILES['document']);
319 },
320 "GET /api/patient/:pid/document" => function($pid) {
321 return (new DocumentRestController())->getAllAtPath($pid, $_GET['path']);
322 },
323 "GET /api/patient/:pid/document/:did" => function($pid, $did) {
324 return (new DocumentRestController())->downloadFile($pid, $did);
325 },
326 "GET /api/patient/:pid/insurance" => function($pid) {
327 return (new InsuranceRestController())->getAll($pid);
328 },
329 "GET /api/patient/:pid/insurance/:type" => function($pid, $type) {
330 return (new InsuranceRestController())->getOne($pid, $type);
331 },
332 "POST /api/patient/:pid/insurance/:type" => function($pid, $type) {
333 $data = (array)(json_decode(file_get_contents("php://input")));
334 return (new InsuranceRestController())->post($pid, $type, $data);
335 },
336 "PUT /api/patient/:pid/insurance/:type" => function($pid, $type) {
337 $data = (array)(json_decode(file_get_contents("php://input")));
338 return (new InsuranceRestController())->put($pid, $type, $data);
339 },
340 "POST /api/patient/:pid/message" => function($pid) {
341 authorization_check("patients", "notes");
342 $data = (array)(json_decode(file_get_contents("php://input")));
343 return (new MessageRestController())->post($pid, $data);
344 },
345 "PUT /api/patient/:pid/message/:mid" => function($pid, $mid) {
346 authorization_check("patients", "notes");
347 $data = (array)(json_decode(file_get_contents("php://input")));
348 return (new MessageRestController())->put($pid, $mid, $data);
349 },
350 "DELETE /api/patient/:pid/message/:mid" => function($pid, $mid) {
351 authorization_check("patients", "notes");
352 return (new MessageRestController())->delete($pid, $mid, $data);
353 }
354 );
355
356 authentication_check();
357
358 HttpRestRouteHandler::dispatch($routes, $_GET["resource"], $_SERVER["REQUEST_METHOD"]);
Mirror of official OpenEMR Sourceforge repository