search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Portal cleanups and fixes (#4833)
[openemr.git] / portal / patient / libs / Controller / OnsiteDocumentController.php
blobcfed5f9213ec3c406cf344f904fba6e692043f17
1 <?php
2
3 /**
4 * OnsiteDocumentController.php
5 *
6 * @package OpenEMR
7 * @link https://www.open-emr.org
8 * @author Jerry Padgett <sjpadgett@gmail.com>
9 * @copyright Copyright (c) 2016-2019 Jerry Padgett <sjpadgett@gmail.com>
10 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
11 */
12
13 /** import supporting libraries */
14 require_once("AppBasePortalController.php");
15 require_once("Model/OnsiteDocument.php");
16
17 /**
18 * OnsiteDocumentController is the controller class for the OnsiteDocument object. The
19 * controller is responsible for processing input from the user, reading/updating
20 * the model as necessary and displaying the appropriate view.
21 *
22 * @package Patient Portal::Controller
23 * @author ClassBuilder
24 * @version 1.0
25 */
26 class OnsiteDocumentController extends AppBasePortalController
27 {
28 /**
29 * Override here for any controller-specific functionality
30 *
31 * @inheritdocs
32 */
33 protected function Init()
34 {
35 parent::Init();
36 }
37
38 /**
39 * Displays a list view of OnsiteDocument objects
40 */
41 public function ListView()
42 {
43 $recid = $pid = $user = $encounter = 0;
44 $is_module = $catid = 0;
45 $is_portal = GlobalConfig::$PORTAL;
46 $docid = $new_filename = "";
47 // get latest help template id
48 $help_id = sqlQuery('SELECT * FROM `document_templates` WHERE `template_name` = ? Order By modified_date DESC Limit 1', array('Help'))['id'] ?? 0;
49
50 if (isset($_GET['pid'])) {
51 $pid = (int) $_GET['pid'];
52 }
53
54 // only allow patient to see themselves
55 if (!empty($GLOBALS['bootstrap_pid'])) {
56 $pid = $GLOBALS['bootstrap_pid'];
57 }
58
59 if (isset($_GET['user'])) {
60 $user = $_GET['user'];
61 }
62
63 if (isset($_GET['docid'])) {
64 $docid = $_GET['docid'];
65 }
66
67 if (isset($_GET['enc'])) {
68 $encounter = (int) $_GET['enc'];
69 }
70
71 if (isset($_GET['recid'])) {
72 $recid = (int) $_GET['recid'];
73 }
74
75 if (isset($_GET['is_module'])) {
76 $is_module = $_GET['is_module'];
77 }
78
79 if (isset($_GET['catid'])) {
80 $catid = $_GET['catid'];
81 }
82 if (isset($_GET['new'])) {
83 $new_filename = $_GET['new'];
84 }
85 $this->Assign('recid', $recid);
86 $this->Assign('help_id', $help_id);
87 $this->Assign('cpid', $pid);
88 $this->Assign('cuser', $user);
89 $this->Assign('encounter', $encounter);
90 $this->Assign('docid', $docid);
91 $this->Assign('is_module', $is_module);
92 $this->Assign('is_portal', $is_portal);
93 $this->Assign('save_catid', $catid);
94 $this->Assign('new_filename', $new_filename);
95 $this->Render();
96 }
97
98 /**
99 * API Method queries for OnsiteDocument records and render as JSON
100 */
101 public function Query()
102 {
103 try {
104 $criteria = new OnsiteDocumentCriteria();
105 $pid = RequestUtil::Get('patientId');
106
107 // only allow patient to see themself
108 if (!empty($GLOBALS['bootstrap_pid'])) {
109 $pid = $GLOBALS['bootstrap_pid'];
110 }
111
112 $criteria->Pid_Equals = $pid;
113 $recid = RequestUtil::Get('recid');
114 if ($recid > 0) {
115 $criteria->Id_Equals = $recid;
116 }
117
118 $filter = RequestUtil::Get('filter');
119 if ($filter) {
120 $criteria->AddFilter(
121 new CriteriaFilter('Id,Pid,Facility,Provider,Encounter,CreateDate,DocType,PatientSignedStatus,PatientSignedTime,AuthorizeSignedTime,
122 AcceptSignedStatus,AuthorizingSignator,ReviewDate,DenialReason,AuthorizedSignature,PatientSignature,FullDocument,FileName,FilePath', '%' . $filter . '%')
123 );
124 }
125
126 // TODO: this is generic query filtering based only on criteria properties
127 foreach (array_keys($_REQUEST) as $prop) {
128 $prop_normal = ucfirst($prop);
129 $prop_equals = $prop_normal . '_Equals';
130
131 if (property_exists($criteria, $prop_normal)) {
132 $criteria->$prop_normal = RequestUtil::Get($prop);
133 } elseif (property_exists($criteria, $prop_equals)) {
134 // this is a convenience so that the _Equals suffix is not needed
135 $criteria->$prop_equals = RequestUtil::Get($prop);
136 }
137 }
138
139 $output = new stdClass();
140
141 // if a sort order was specified then specify in the criteria
142 $output->orderBy = RequestUtil::Get('orderBy');
143 $output->orderDesc = RequestUtil::Get('orderDesc') != '';
144 if ($output->orderBy) {
145 $criteria->SetOrder($output->orderBy, $output->orderDesc);
146 }
147
148 $page = RequestUtil::Get('page');
149
150 if ($page != '') {
151 // if page is specified, use this instead (at the expense of one extra count query)
152 $pagesize = $this->GetDefaultPageSize();
153
154 $onsitedocuments = $this->Phreezer->Query('OnsiteDocument', $criteria)->GetDataPage($page, $pagesize);
155 $output->rows = $onsitedocuments->ToObjectArray(true, $this->SimpleObjectParams());
156 $output->totalResults = $onsitedocuments->TotalResults;
157 $output->totalPages = $onsitedocuments->TotalPages;
158 $output->pageSize = $onsitedocuments->PageSize;
159 $output->currentPage = $onsitedocuments->CurrentPage;
160 } else {
161 // return all results
162 $onsitedocuments = $this->Phreezer->Query('OnsiteDocument', $criteria);
163 $output->rows = $onsitedocuments->ToObjectArray(true, $this->SimpleObjectParams());
164 $output->totalResults = count($output->rows);
165 $output->totalPages = 1;
166 $output->pageSize = $output->totalResults;
167 $output->currentPage = 1;
168 }
169
170
171 $this->RenderJSON($output, $this->JSONPCallback());
172 } catch (Exception $ex) {
173 $this->RenderExceptionJSON($ex);
174 }
175 }
176 public function SingleView()
177 {
178 $rid = $pid = $user = $encounter = 0;
179 if (isset($_GET['id'])) {
180 $rid = (int) $_GET['id'];
181 }
182
183 if (isset($_GET['pid'])) {
184 $pid = (int) $_GET['pid'];
185 }
186
187 // only allow patient to see themself
188 if (!empty($GLOBALS['bootstrap_pid'])) {
189 $pid = $GLOBALS['bootstrap_pid'];
190 }
191
192 if (isset($_GET['user'])) {
193 $user = $_GET['user'];
194 }
195
196 if (isset($_GET['enc'])) {
197 $encounter = $_GET['enc'];
198 }
199
200 $this->Assign('recid', $rid);
201 $this->Assign('cpid', $pid);
202 $this->Assign('cuser', $user);
203 $this->Assign('encounter', $encounter);
204 $this->Render();
205 }
206 /**
207 * API Method retrieves a single OnsiteDocument record and render as JSON
208 */
209 public function Read()
210 {
211 try {
212 $pk = $this->GetRouter()->GetUrlParam('id');
213 $onsitedocument = $this->Phreezer->Get('OnsiteDocument', $pk);
214
215 // only allow patient to see themself
216 if (!empty($GLOBALS['bootstrap_pid'])) {
217 if ($GLOBALS['bootstrap_pid'] !== $onsitedocument->Pid) {
218 $error = 'Unauthorized';
219 throw new Exception($error);
220 }
221 }
222
223 $this->RenderJSON($onsitedocument, $this->JSONPCallback(), true, $this->SimpleObjectParams());
224 } catch (Exception $ex) {
225 $this->RenderExceptionJSON($ex);
226 }
227 }
228
229 /**
230 * API Method inserts a new OnsiteDocument record and render response as JSON
231 */
232 public function Create()
233 {
234 try {
235 $json = json_decode(RequestUtil::GetBody());
236
237 if (!$json) {
238 throw new Exception('The request body does not contain valid JSON');
239 }
240
241 $onsitedocument = new OnsiteDocument($this->Phreezer);
242
243 // TODO: any fields that should not be inserted by the user should be commented out
244
245 // this is an auto-increment. uncomment if updating is allowed
246 // $onsitedocument->Id = $this->SafeGetVal($json, 'id');
247
248 // only allow patient to add to themself
249 if (!empty($GLOBALS['bootstrap_pid'])) {
250 $onsitedocument->Pid = $GLOBALS['bootstrap_pid'];
251 } else {
252 $onsitedocument->Pid = $this->SafeGetVal($json, 'pid');
253 }
254
255 $onsitedocument->Facility = $this->SafeGetVal($json, 'facility');
256 $onsitedocument->Provider = $this->SafeGetVal($json, 'provider');
257 $onsitedocument->Encounter = $this->SafeGetVal($json, 'encounter');
258 $onsitedocument->CreateDate = date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'createDate')));
259 $onsitedocument->DocType = $this->SafeGetVal($json, 'docType');
260 $onsitedocument->PatientSignedStatus = $this->SafeGetVal($json, 'patientSignedStatus');
261 $onsitedocument->PatientSignedTime = date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'patientSignedTime')));
262 $onsitedocument->AuthorizeSignedTime = date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'authorizeSignedTime')));
263 $onsitedocument->AcceptSignedStatus = $this->SafeGetVal($json, 'acceptSignedStatus');
264 $onsitedocument->AuthorizingSignator = $this->SafeGetVal($json, 'authorizingSignator');
265 $onsitedocument->ReviewDate = date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'reviewDate')));
266 $onsitedocument->DenialReason = $this->SafeGetVal($json, 'denialReason');
267 $onsitedocument->AuthorizedSignature = $this->SafeGetVal($json, 'authorizedSignature');
268 $onsitedocument->PatientSignature = $this->SafeGetVal($json, 'patientSignature');
269 $onsitedocument->FullDocument = $this->SafeGetVal($json, 'fullDocument');
270 $onsitedocument->FileName = $this->SafeGetVal($json, 'fileName');
271 $onsitedocument->FilePath = $this->SafeGetVal($json, 'filePath');
272
273 $onsitedocument->Validate();
274 $errors = $onsitedocument->GetValidationErrors();
275
276 if (count($errors) > 0) {
277 $this->RenderErrorJSON('Please check the form for errors', $errors);
278 } else {
279 $onsitedocument->Save();
280 $this->RenderJSON($onsitedocument, $this->JSONPCallback(), true, $this->SimpleObjectParams());
281 }
282 } catch (Exception $ex) {
283 $this->RenderExceptionJSON($ex);
284 }
285 }
286
287 /**
288 * API Method updates an existing OnsiteDocument record and render response as JSON
289 */
290 public function Update()
291 {
292 try {
293 $json = json_decode(RequestUtil::GetBody());
294
295 if (!$json) {
296 throw new Exception('The request body does not contain valid JSON');
297 }
298
299 $pk = $this->GetRouter()->GetUrlParam('id');
300 $onsitedocument = $this->Phreezer->Get('OnsiteDocument', $pk);
301
302 // only allow patient to update themself (part 1)
303 if (!empty($GLOBALS['bootstrap_pid'])) {
304 if ($GLOBALS['bootstrap_pid'] !== $onsitedocument->Pid) {
305 $error = 'Unauthorized';
306 throw new Exception($error);
307 }
308 }
309
310 // TODO: any fields that should not be updated by the user should be commented out
311
312 // this is a primary key. uncomment if updating is allowed
313 // $onsitedocument->Id = $this->SafeGetVal($json, 'id', $onsitedocument->Id);
314
315 // only allow patient to update themself (part 2)
316 if (!empty($GLOBALS['bootstrap_pid'])) {
317 $onsitedocument->Pid = $GLOBALS['bootstrap_pid'];
318 } else {
319 $onsitedocument->Pid = $this->SafeGetVal($json, 'pid', $onsitedocument->Pid);
320 }
321
322 $onsitedocument->Facility = $this->SafeGetVal($json, 'facility', $onsitedocument->Facility);
323 $onsitedocument->Provider = $this->SafeGetVal($json, 'provider', $onsitedocument->Provider);
324 $onsitedocument->Encounter = $this->SafeGetVal($json, 'encounter', $onsitedocument->Encounter);
325 $onsitedocument->CreateDate = date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'createDate', $onsitedocument->CreateDate)));
326 $onsitedocument->DocType = $this->SafeGetVal($json, 'docType', $onsitedocument->DocType);
327 $onsitedocument->PatientSignedStatus = $this->SafeGetVal($json, 'patientSignedStatus', $onsitedocument->PatientSignedStatus);
328 $onsitedocument->PatientSignedTime = date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'patientSignedTime', $onsitedocument->PatientSignedTime)));
329 $onsitedocument->AuthorizeSignedTime = date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'authorizeSignedTime', $onsitedocument->AuthorizeSignedTime)));
330 $onsitedocument->AcceptSignedStatus = $this->SafeGetVal($json, 'acceptSignedStatus', $onsitedocument->AcceptSignedStatus);
331 $onsitedocument->AuthorizingSignator = $this->SafeGetVal($json, 'authorizingSignator', $onsitedocument->AuthorizingSignator);
332 $onsitedocument->ReviewDate = date('Y-m-d H:i:s', strtotime($this->SafeGetVal($json, 'reviewDate', $onsitedocument->ReviewDate)));
333 $onsitedocument->DenialReason = $this->SafeGetVal($json, 'denialReason', $onsitedocument->DenialReason);
334 $onsitedocument->AuthorizedSignature = $this->SafeGetVal($json, 'authorizedSignature', $onsitedocument->AuthorizedSignature);
335 $onsitedocument->PatientSignature = $this->SafeGetVal($json, 'patientSignature', $onsitedocument->PatientSignature);
336 $onsitedocument->FullDocument = $this->SafeGetVal($json, 'fullDocument', $onsitedocument->FullDocument);
337 $onsitedocument->FileName = $this->SafeGetVal($json, 'fileName', $onsitedocument->FileName);
338 $onsitedocument->FilePath = $this->SafeGetVal($json, 'filePath', $onsitedocument->FilePath);
339
340 $onsitedocument->Validate();
341 $errors = $onsitedocument->GetValidationErrors();
342
343 if (count($errors) > 0) {
344 $this->RenderErrorJSON('Please check the form for errors', $errors);
345 } else {
346 $onsitedocument->Save();
347 $this->RenderJSON($onsitedocument, $this->JSONPCallback(), true, $this->SimpleObjectParams());
348 }
349 } catch (Exception $ex) {
350 $this->RenderExceptionJSON($ex);
351 }
352 }
353
354 /**
355 * API Method deletes an existing OnsiteDocument record and render response as JSON
356 */
357 public function Delete()
358 {
359 try {
360 // TODO: if a soft delete is prefered, change this to update the deleted flag instead of hard-deleting
361
362 $pk = $this->GetRouter()->GetUrlParam('id');
363 $onsitedocument = $this->Phreezer->Get('OnsiteDocument', $pk);
364
365 // only allow patient to delete themself
366 if (!empty($GLOBALS['bootstrap_pid'])) {
367 if ($GLOBALS['bootstrap_pid'] !== $onsitedocument->Pid) {
368 $error = 'Unauthorized';
369 throw new Exception($error);
370 }
371 }
372
373 $onsitedocument->Delete();
374
375 $output = new stdClass();
376
377 $this->RenderJSON($output, $this->JSONPCallback());
378 } catch (Exception $ex) {
379 $this->RenderExceptionJSON($ex);
380 }
381 }
382 }
Mirror of official OpenEMR Sourceforge repository