4 * OnsiteDocumentController.php
7 * @link https://www.open-emr.org
8 * @author Jerry Padgett <sjpadgett@gmail.com>
9 * @copyright Copyright (c) 2016-2019 Jerry Padgett <sjpadgett@gmail.com>
10 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
13 /** import supporting libraries */
14 require_once("AppBasePortalController.php");
15 require_once("Model/OnsiteDocument.php");
18 * OnsiteDocumentController is the controller class for the OnsiteDocument object. The
19 * controller is responsible for processing input from the user, reading/updating
20 * the model as necessary and displaying the appropriate view.
22 * @package Patient Portal::Controller
23 * @author ClassBuilder
26 class OnsiteDocumentController
extends AppBasePortalController
29 * Override here for any controller-specific functionality
33 protected function Init()
39 * Displays a list view of OnsiteDocument objects
41 public function ListView()
43 $recid = $pid = $user = $encounter = 0;
44 $is_module = $catid = 0;
45 $is_portal = GlobalConfig
::$PORTAL;
46 $docid = $new_filename = "";
47 // get latest help template id
48 $help_id = sqlQuery('SELECT * FROM `document_templates` WHERE `template_name` = ? Order By modified_date DESC Limit 1', array('Help'))['id'] ??
0;
50 if (isset($_GET['pid'])) {
51 $pid = (int) $_GET['pid'];
54 // only allow patient to see themselves
55 if (!empty($GLOBALS['bootstrap_pid'])) {
56 $pid = $GLOBALS['bootstrap_pid'];
59 if (isset($_GET['user'])) {
60 $user = $_GET['user'];
63 if (isset($_GET['docid'])) {
64 $docid = $_GET['docid'];
67 if (isset($_GET['enc'])) {
68 $encounter = (int) $_GET['enc'];
71 if (isset($_GET['recid'])) {
72 $recid = (int) $_GET['recid'];
75 if (isset($_GET['is_module'])) {
76 $is_module = $_GET['is_module'];
79 if (isset($_GET['catid'])) {
80 $catid = $_GET['catid'];
82 if (isset($_GET['new'])) {
83 $new_filename = $_GET['new'];
85 $this->Assign('recid', $recid);
86 $this->Assign('help_id', $help_id);
87 $this->Assign('cpid', $pid);
88 $this->Assign('cuser', $user);
89 $this->Assign('encounter', $encounter);
90 $this->Assign('docid', $docid);
91 $this->Assign('is_module', $is_module);
92 $this->Assign('is_portal', $is_portal);
93 $this->Assign('save_catid', $catid);
94 $this->Assign('new_filename', $new_filename);
99 * API Method queries for OnsiteDocument records and render as JSON
101 public function Query()
104 $criteria = new OnsiteDocumentCriteria();
105 $pid = RequestUtil
::Get('patientId');
107 // only allow patient to see themself
108 if (!empty($GLOBALS['bootstrap_pid'])) {
109 $pid = $GLOBALS['bootstrap_pid'];
112 $criteria->Pid_Equals
= $pid;
113 $recid = RequestUtil
::Get('recid');
115 $criteria->Id_Equals
= $recid;
118 $filter = RequestUtil
::Get('filter');
120 $criteria->AddFilter(
121 new CriteriaFilter('Id,Pid,Facility,Provider,Encounter,CreateDate,DocType,PatientSignedStatus,PatientSignedTime,AuthorizeSignedTime,
122 AcceptSignedStatus,AuthorizingSignator,ReviewDate,DenialReason,AuthorizedSignature,PatientSignature,FullDocument,FileName,FilePath', '%' . $filter . '%')
126 // TODO: this is generic query filtering based only on criteria properties
127 foreach (array_keys($_REQUEST) as $prop) {
128 $prop_normal = ucfirst($prop);
129 $prop_equals = $prop_normal . '_Equals';
131 if (property_exists($criteria, $prop_normal)) {
132 $criteria->$prop_normal = RequestUtil
::Get($prop);
133 } elseif (property_exists($criteria, $prop_equals)) {
134 // this is a convenience so that the _Equals suffix is not needed
135 $criteria->$prop_equals = RequestUtil
::Get($prop);
139 $output = new stdClass();
141 // if a sort order was specified then specify in the criteria
142 $output->orderBy
= RequestUtil
::Get('orderBy');
143 $output->orderDesc
= RequestUtil
::Get('orderDesc') != '';
144 if ($output->orderBy
) {
145 $criteria->SetOrder($output->orderBy
, $output->orderDesc
);
148 $page = RequestUtil
::Get('page');
151 // if page is specified, use this instead (at the expense of one extra count query)
152 $pagesize = $this->GetDefaultPageSize();
154 $onsitedocuments = $this->Phreezer
->Query('OnsiteDocument', $criteria)->GetDataPage($page, $pagesize);
155 $output->rows
= $onsitedocuments->ToObjectArray(true, $this->SimpleObjectParams());
156 $output->totalResults
= $onsitedocuments->TotalResults
;
157 $output->totalPages
= $onsitedocuments->TotalPages
;
158 $output->pageSize
= $onsitedocuments->PageSize
;
159 $output->currentPage
= $onsitedocuments->CurrentPage
;
161 // return all results
162 $onsitedocuments = $this->Phreezer
->Query('OnsiteDocument', $criteria);
163 $output->rows
= $onsitedocuments->ToObjectArray(true, $this->SimpleObjectParams());
164 $output->totalResults
= count($output->rows
);
165 $output->totalPages
= 1;
166 $output->pageSize
= $output->totalResults
;
167 $output->currentPage
= 1;
171 $this->RenderJSON($output, $this->JSONPCallback());
172 } catch (Exception
$ex) {
173 $this->RenderExceptionJSON($ex);
176 public function SingleView()
178 $rid = $pid = $user = $encounter = 0;
179 if (isset($_GET['id'])) {
180 $rid = (int) $_GET['id'];
183 if (isset($_GET['pid'])) {
184 $pid = (int) $_GET['pid'];
187 // only allow patient to see themself
188 if (!empty($GLOBALS['bootstrap_pid'])) {
189 $pid = $GLOBALS['bootstrap_pid'];
192 if (isset($_GET['user'])) {
193 $user = $_GET['user'];
196 if (isset($_GET['enc'])) {
197 $encounter = $_GET['enc'];
200 $this->Assign('recid', $rid);
201 $this->Assign('cpid', $pid);
202 $this->Assign('cuser', $user);
203 $this->Assign('encounter', $encounter);
207 * API Method retrieves a single OnsiteDocument record and render as JSON
209 public function Read()
212 $pk = $this->GetRouter()->GetUrlParam('id');
213 $onsitedocument = $this->Phreezer
->Get('OnsiteDocument', $pk);
215 // only allow patient to see themself
216 if (!empty($GLOBALS['bootstrap_pid'])) {
217 if ($GLOBALS['bootstrap_pid'] !== $onsitedocument->Pid
) {
218 $error = 'Unauthorized';
219 throw new Exception($error);
223 $this->RenderJSON($onsitedocument, $this->JSONPCallback(), true, $this->SimpleObjectParams());
224 } catch (Exception
$ex) {
225 $this->RenderExceptionJSON($ex);
230 * API Method inserts a new OnsiteDocument record and render response as JSON
232 public function Create()
235 $json = json_decode(RequestUtil
::GetBody());
238 throw new Exception('The request body does not contain valid JSON');
241 $onsitedocument = new OnsiteDocument($this->Phreezer
);
243 // TODO: any fields that should not be inserted by the user should be commented out
245 // this is an auto-increment. uncomment if updating is allowed
246 // $onsitedocument->Id = $this->SafeGetVal($json, 'id');
248 // only allow patient to add to themself
249 if (!empty($GLOBALS['bootstrap_pid'])) {
250 $onsitedocument->Pid
= $GLOBALS['bootstrap_pid'];
252 $onsitedocument->Pid
= $this->SafeGetVal($json, 'pid');
255 $onsitedocument->Facility
= $this->SafeGetVal($json, 'facility');
256 $onsitedocument->Provider
= $this->SafeGetVal($json, 'provider');
257 $onsitedocument->Encounter
= $this->SafeGetVal($json, 'encounter');
258 $onsitedocument->CreateDate
= date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'createDate')));
259 $onsitedocument->DocType
= $this->SafeGetVal($json, 'docType');
260 $onsitedocument->PatientSignedStatus
= $this->SafeGetVal($json, 'patientSignedStatus');
261 $onsitedocument->PatientSignedTime
= date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'patientSignedTime')));
262 $onsitedocument->AuthorizeSignedTime
= date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'authorizeSignedTime')));
263 $onsitedocument->AcceptSignedStatus
= $this->SafeGetVal($json, 'acceptSignedStatus');
264 $onsitedocument->AuthorizingSignator
= $this->SafeGetVal($json, 'authorizingSignator');
265 $onsitedocument->ReviewDate
= date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'reviewDate')));
266 $onsitedocument->DenialReason
= $this->SafeGetVal($json, 'denialReason');
267 $onsitedocument->AuthorizedSignature
= $this->SafeGetVal($json, 'authorizedSignature');
268 $onsitedocument->PatientSignature
= $this->SafeGetVal($json, 'patientSignature');
269 $onsitedocument->FullDocument
= $this->SafeGetVal($json, 'fullDocument');
270 $onsitedocument->FileName
= $this->SafeGetVal($json, 'fileName');
271 $onsitedocument->FilePath
= $this->SafeGetVal($json, 'filePath');
273 $onsitedocument->Validate();
274 $errors = $onsitedocument->GetValidationErrors();
276 if (count($errors) > 0) {
277 $this->RenderErrorJSON('Please check the form for errors', $errors);
279 $onsitedocument->Save();
280 $this->RenderJSON($onsitedocument, $this->JSONPCallback(), true, $this->SimpleObjectParams());
282 } catch (Exception
$ex) {
283 $this->RenderExceptionJSON($ex);
288 * API Method updates an existing OnsiteDocument record and render response as JSON
290 public function Update()
293 $json = json_decode(RequestUtil
::GetBody());
296 throw new Exception('The request body does not contain valid JSON');
299 $pk = $this->GetRouter()->GetUrlParam('id');
300 $onsitedocument = $this->Phreezer
->Get('OnsiteDocument', $pk);
302 // only allow patient to update themself (part 1)
303 if (!empty($GLOBALS['bootstrap_pid'])) {
304 if ($GLOBALS['bootstrap_pid'] !== $onsitedocument->Pid
) {
305 $error = 'Unauthorized';
306 throw new Exception($error);
310 // TODO: any fields that should not be updated by the user should be commented out
312 // this is a primary key. uncomment if updating is allowed
313 // $onsitedocument->Id = $this->SafeGetVal($json, 'id', $onsitedocument->Id);
315 // only allow patient to update themself (part 2)
316 if (!empty($GLOBALS['bootstrap_pid'])) {
317 $onsitedocument->Pid
= $GLOBALS['bootstrap_pid'];
319 $onsitedocument->Pid
= $this->SafeGetVal($json, 'pid', $onsitedocument->Pid
);
322 $onsitedocument->Facility
= $this->SafeGetVal($json, 'facility', $onsitedocument->Facility
);
323 $onsitedocument->Provider
= $this->SafeGetVal($json, 'provider', $onsitedocument->Provider
);
324 $onsitedocument->Encounter
= $this->SafeGetVal($json, 'encounter', $onsitedocument->Encounter
);
325 $onsitedocument->CreateDate
= date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'createDate', $onsitedocument->CreateDate
)));
326 $onsitedocument->DocType
= $this->SafeGetVal($json, 'docType', $onsitedocument->DocType
);
327 $onsitedocument->PatientSignedStatus
= $this->SafeGetVal($json, 'patientSignedStatus', $onsitedocument->PatientSignedStatus
);
328 $onsitedocument->PatientSignedTime
= date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'patientSignedTime', $onsitedocument->PatientSignedTime
)));
329 $onsitedocument->AuthorizeSignedTime
= date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'authorizeSignedTime', $onsitedocument->AuthorizeSignedTime
)));
330 $onsitedocument->AcceptSignedStatus
= $this->SafeGetVal($json, 'acceptSignedStatus', $onsitedocument->AcceptSignedStatus
);
331 $onsitedocument->AuthorizingSignator
= $this->SafeGetVal($json, 'authorizingSignator', $onsitedocument->AuthorizingSignator
);
332 $onsitedocument->ReviewDate
= date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'reviewDate', $onsitedocument->ReviewDate
)));
333 $onsitedocument->DenialReason
= $this->SafeGetVal($json, 'denialReason', $onsitedocument->DenialReason
);
334 $onsitedocument->AuthorizedSignature
= $this->SafeGetVal($json, 'authorizedSignature', $onsitedocument->AuthorizedSignature
);
335 $onsitedocument->PatientSignature
= $this->SafeGetVal($json, 'patientSignature', $onsitedocument->PatientSignature
);
336 $onsitedocument->FullDocument
= $this->SafeGetVal($json, 'fullDocument', $onsitedocument->FullDocument
);
337 $onsitedocument->FileName
= $this->SafeGetVal($json, 'fileName', $onsitedocument->FileName
);
338 $onsitedocument->FilePath
= $this->SafeGetVal($json, 'filePath', $onsitedocument->FilePath
);
340 $onsitedocument->Validate();
341 $errors = $onsitedocument->GetValidationErrors();
343 if (count($errors) > 0) {
344 $this->RenderErrorJSON('Please check the form for errors', $errors);
346 $onsitedocument->Save();
347 $this->RenderJSON($onsitedocument, $this->JSONPCallback(), true, $this->SimpleObjectParams());
349 } catch (Exception
$ex) {
350 $this->RenderExceptionJSON($ex);
355 * API Method deletes an existing OnsiteDocument record and render response as JSON
357 public function Delete()
360 // TODO: if a soft delete is prefered, change this to update the deleted flag instead of hard-deleting
362 $pk = $this->GetRouter()->GetUrlParam('id');
363 $onsitedocument = $this->Phreezer
->Get('OnsiteDocument', $pk);
365 // only allow patient to delete themself
366 if (!empty($GLOBALS['bootstrap_pid'])) {
367 if ($GLOBALS['bootstrap_pid'] !== $onsitedocument->Pid
) {
368 $error = 'Unauthorized';
369 throw new Exception($error);
373 $onsitedocument->Delete();
375 $output = new stdClass();
377 $this->RenderJSON($output, $this->JSONPCallback());
378 } catch (Exception
$ex) {
379 $this->RenderExceptionJSON($ex);