8 * @link http://www.open-emr.org
9 * @author Matthew Vita <matthewvita48@gmail.com>
10 * @author Jerry Padgett <sjpadgett@gmail.com>
11 * @author Brady Miller <brady.g.miller@gmail.com>
12 * @author Yash Raj Bothra <yashrajbothra786@gmail.com>
13 * @copyright Copyright (c) 2018 Matthew Vita <matthewvita48@gmail.com>
14 * @copyright Copyright (c) 2018-2020 Jerry Padgett <sjpadgett@gmail.com>
15 * @copyright Copyright (c) 2019-2021 Brady Miller <brady.g.miller@gmail.com>
16 * @copyright Copyright (c) 2020 Yash Raj Bothra <yashrajbothra786@gmail.com>
17 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
21 * @OA\Info(title="OpenEMR API", version="7.0.0")
22 * @OA\Server(url="/apis/default/")
24 * securityScheme="openemr_auth",
27 * authorizationUrl="/oauth2/default/authorize",
28 * tokenUrl="/oauth2/default/token",
29 * refreshUrl="/oauth2/default/token",
30 * flow="authorizationCode",
32 * "openid": "Generic mandatory scope",
33 * "offline_access": "Will signal server to provide a refresh token",
34 * "launch/patient": "Will provide a patient selector when logging in as an OpenEMR user (required for testing patient/* scopes in swagger if not logging in as a patient)",
35 * "api:fhir": "FHIR R4 API",
36 * "patient/AllergyIntolerance.read": "Read allergy intolerance resources for the current patient (api:fhir)",
37 * "patient/Appointment.read": "Read appointment resources for the current patient (api:fhir)",
38 * "patient/Binary.read": "Read binary document resources for the current patient (api:fhir)",
39 * "patient/CarePlan.read": "Read care plan resources for the current patient (api:fhir)",
40 * "patient/CareTeam.read": "Read care team resources for the current patient (api:fhir)",
41 * "patient/Condition.read": "Read condition resources for the current patient (api:fhir)",
42 * "patient/Coverage.read": "Read coverage resources for the current patient (api:fhir)",
43 * "patient/Device.read": "Read device resources for the current patient (api:fhir)",
44 * "patient/DiagnosticReport.read": "Read diagnostic report resources for the current patient (api:fhir)",
45 * "patient/DocumentReference.read": "Read document reference resources for the current patient (api:fhir)",
46 * "patient/DocumentReference.$docref" : "Generate a document for the current patient or returns the most current Clinical Summary of Care Document (CCD)",
47 * "patient/Encounter.read": "Read encounter resources for the current patient (api:fhir)",
48 * "patient/Goal.read": "Read goal resources for the current patient (api:fhir)",
49 * "patient/Immunization.read": "Read immunization resources for the current patient (api:fhir)",
50 * "patient/Location.read": "Read location resources for the current patient (api:fhir)",
51 * "patient/Medication.read": "Read medication resources for the current patient (api:fhir)",
52 * "patient/MedicationRequest.read": "Read medication request resources for the current patient (api:fhir)",
53 * "patient/Observation.read": "Read observation resources for the current patient (api:fhir)",
54 * "patient/Organization.read": "Read organization resources for the current patient (api:fhir)",
55 * "patient/Patient.read": "Read patient resource for the current patient (api:fhir)",
56 * "patient/Person.read": "Read person resources for the current patient (api:fhir)",
57 * "patient/Practitioner.read": "Read practitioner resources for the current patient (api:fhir)",
58 * "patient/Procedure.read": "Read procedure resources for the current patient (api:fhir)",
59 * "patient/Provenance.read": "Read provenance resources for the current patient (api:fhir)",
60 * "system/AllergyIntolerance.read": "Read all allergy intolerance resources in the system (api:fhir)",
61 * "system/Binary.read": "Read all binary document resources in the system (api:fhir)",
62 * "system/CarePlan.read": "Read all care plan resources in the system (api:fhir)",
63 * "system/CareTeam.read": "Read all care team resources in the system (api:fhir)",
64 * "system/Condition.read": "Read all condition resources in the system (api:fhir)",
65 * "system/Coverage.read": "Read all coverage resources in the system (api:fhir)",
66 * "system/Device.read": "Read all device resources in the system (api:fhir)",
67 * "system/DiagnosticReport.read": "Read all diagnostic report resources in the system (api:fhir)",
68 * "system/DocumentReference.read": "Read all document reference resources in the system (api:fhir)",
69 * "system/DocumentReference.$docref" : "Generate a document for any patient in the system or returns the most current Clinical Summary of Care Document (CCD)",
70 * "system/Encounter.read": "Read all encounter resources in the system (api:fhir)",
71 * "system/Goal.read": "Read all goal resources in the system (api:fhir)",
72 * "system/Group.read": "Read all group resources in the system (api:fhir)",
73 * "system/Immunization.read": "Read all immunization resources in the system (api:fhir)",
74 * "system/Location.read": "Read all location resources in the system (api:fhir)",
75 * "system/Medication.read": "Read all medication resources in the system (api:fhir)",
76 * "system/MedicationRequest.read": "Read all medication request resources in the system (api:fhir)",
77 * "system/Observation.read": "Read all observation resources in the system (api:fhir)",
78 * "system/Organization.read": "Read all organization resources in the system (api:fhir)",
79 * "system/Patient.read": "Read all patient resources in the system (api:fhir)",
80 * "system/Person.read": "Read all person resources in the system (api:fhir)",
81 * "system/Practitioner.read": "Read all practitioner resources in the system (api:fhir)",
82 * "system/PractitionerRole.read": "Read all practitioner role resources in the system (api:fhir)",
83 * "system/Procedure.read": "Read all procedure resources in the system (api:fhir)",
84 * "system/Provenance.read": "Read all provenance resources in the system (api:fhir)",
85 * "user/AllergyIntolerance.read": "Read all allergy intolerance resources the user has access to (api:fhir)",
86 * "user/Binary.read" : "Read all binary documents the user has access to (api:fhir)",
87 * "user/CarePlan.read": "Read all care plan resources the user has access to (api:fhir)",
88 * "user/CareTeam.read": "Read all care team resources the user has access to (api:fhir)",
89 * "user/Condition.read": "Read all condition resources the user has access to (api:fhir)",
90 * "user/Coverage.read": "Read all coverage resources the user has access to (api:fhir)",
91 * "user/Device.read": "Read all device resources the user has access to (api:fhir)",
92 * "user/DiagnosticReport.read": "Read all diagnostic report resources the user has access to (api:fhir)",
93 * "user/DocumentReference.read": "Read all document reference resources the user has access to (api:fhir)",
94 * "user/DocumentReference.$docref" : "Generate a document for any patient the user has access to or returns the most current Clinical Summary of Care Document (CCD) (api:fhir)",
95 * "user/Encounter.read": "Read all encounter resources the user has access to (api:fhir)",
96 * "user/Goal.read": "Read all goal resources the user has access to (api:fhir)",
97 * "user/Immunization.read": "Read all immunization resources the user has access to (api:fhir)",
98 * "user/Location.read": "Read all location resources the user has access to (api:fhir)",
99 * "user/Medication.read": "Read all medication resources the user has access to (api:fhir)",
100 * "user/MedicationRequest.read": "Read all medication request resources the user has access to (api:fhir)",
101 * "user/Observation.read": "Read all observation resources the user has access to (api:fhir)",
102 * "user/Organization.read": "Read all organization resources the user has access to (api:fhir)",
103 * "user/Organization.write": "Write all organization resources the user has access to (api:fhir)",
104 * "user/Patient.read": "Read all patient resources the user has access to (api:fhir)",
105 * "user/Patient.write": "Write all patient resources the user has access to (api:fhir)",
106 * "user/Person.read": "Read all person resources the user has access to (api:fhir)",
107 * "user/Practitioner.read": "Read all practitioner resources the user has access to (api:fhir)",
108 * "user/Practitioner.write": "Write all practitioner resources the user has access to (api:fhir)",
109 * "user/PractitionerRole.read": "Read all practitioner role resources the user has access to (api:fhir)",
110 * "user/Procedure.read": "Read all procedure resources the user has access to (api:fhir)",
111 * "user/Provenance.read": "Read all provenance resources the user has access to (api:fhir)",
112 * "api:oemr": "Standard OpenEMR API",
113 * "user/allergy.read": "Read allergies the user has access to (api:oemr)",
114 * "user/allergy.write": "Write allergies the user has access to for (api:oemr)",
115 * "user/appointment.read": "Read appointments the user has access to (api:oemr)",
116 * "user/appointment.write": "Write appointments the user has access to for (api:oemr)",
117 * "user/dental_issue.read": "Read dental issues the user has access to (api:oemr)",
118 * "user/dental_issue.write": "Write dental issues the user has access to (api:oemr)",
119 * "user/document.read": "Read documents the user has access to (api:oemr)",
120 * "user/document.write": "Write documents the user has access to (api:oemr)",
121 * "user/drug.read": "Read drugs the user has access to (api:oemr)",
122 * "user/encounter.read": "Read encounters the user has access to (api:oemr)",
123 * "user/encounter.write": "Write encounters the user has access to (api:oemr)",
124 * "user/facility.read": "Read facilities the user has access to (api:oemr)",
125 * "user/facility.write": "Write facilities the user has access to (api:oemr)",
126 * "user/immunization.read": "Read immunizations the user has access to (api:oemr)",
127 * "user/insurance.read": "Read insurances the user has access to (api:oemr)",
128 * "user/insurance.write": "Write insurances the user has access to (api:oemr)",
129 * "user/insurance_company.read": "Read insurance companies the user has access to (api:oemr)",
130 * "user/insurance_company.write": "Write insurance companies the user has access to (api:oemr)",
131 * "user/insurance_type.read": "Read insurance types the user has access to (api:oemr)",
132 * "user/list.read": "Read lists the user has access to (api:oemr)",
133 * "user/medical_problem.read": "Read medical problems the user has access to (api:oemr)",
134 * "user/medical_problem.write": "Write medical problems the user has access to (api:oemr)",
135 * "user/medication.read": "Read medications the user has access to (api:oemr)",
136 * "user/medication.write": "Write medications the user has access to (api:oemr)",
137 * "user/message.write": "Read messages the user has access to (api:oemr)",
138 * "user/patient.read": "Read patients the user has access to (api:oemr)",
139 * "user/patient.write": "Write patients the user has access to (api:oemr)",
140 * "user/practitioner.read": "Read practitioners the user has access to (api:oemr)",
141 * "user/practitioner.write": "Write practitioners the user has access to (api:oemr)",
142 * "user/prescription.read": "Read prescriptions the user has access to (api:oemr)",
143 * "user/procedure.read": "Read procedures the user has access to (api:oemr)",
144 * "user/soap_note.read": "Read soap notes the user has access to (api:oemr)",
145 * "user/soap_note.write": "Write soap notes the user has access to (api:oemr)",
146 * "user/surgery.read": "Read surgeries the user has access to (api:oemr)",
147 * "user/surgery.write": "Write surgeries the user has access to (api:oemr)",
148 * "user/transaction.read": "Read transactions the user has access to (api:oemr)",
149 * "user/transaction.write": "Write transactions the user has access to (api:oemr)",
150 * "user/vital.read": "Read vitals the user has access to (api:oemr)",
151 * "user/vital.write": "Write vitals the user has access to (api:oemr)",
152 * "api:port": "Standard Patient Portal OpenEMR API",
153 * "patient/encounter.read": "Read encounters the patient has access to (api:port)",
154 * "patient/patient.read": "Write encounters the patient has access to (api:port)",
155 * "patient/appointment.read": "Read appointments the patient has access to (api:port)"
161 * description="FHIR R4 API"
165 * description="Standard OpenEMR API"
168 * name="standard-patient",
169 * description="Standard Patient Portal OpenEMR API"
172 * response="standard",
173 * description="Standard Response",
175 * mediaType="application/json",
178 * property="validationErrors",
179 * description="Validation errors.",
186 * property="internalErrors",
187 * description="Internal errors.",
195 * description="Returned data.",
202 * "validationErrors": {},
203 * "error_description": {},
210 * response="badrequest",
211 * description="Bad Request",
213 * mediaType="application/json",
216 * property="validationErrors",
217 * description="Validation errors.",
221 * "validationErrors":
223 * "_id": "The search field argument was invalid, improperly formatted, or could not be parsed. Inner message: UUID columns must be a valid UUID string"
230 * response="unauthorized",
231 * description="Unauthorized",
233 * mediaType="application/json",
237 * description="The error.",
241 * property="error_description",
242 * description="The description of the error.",
247 * description="More specific information on the error.",
251 * property="message",
252 * description="Message regarding the error.",
256 * "error": "access_denied",
257 * "error_description": "The resource owner or authorization server denied the request.",
258 * "hint": "Missing ""Authorization"" header",
259 * "message": "The resource owner or authorization server denied the request."
265 * response="uuidnotfound",
266 * description="Not Found",
268 * mediaType="application/json",
272 * description="empty",
281 // Lets keep our controller classes with the routes.
283 use OpenEMR\Common\Acl\AccessDeniedException
;
284 use OpenEMR\Common\Http\HttpRestRequest
;
285 use OpenEMR\RestControllers\AllergyIntoleranceRestController
;
286 use OpenEMR\RestControllers\FacilityRestController
;
287 use OpenEMR\RestControllers\VersionRestController
;
288 use OpenEMR\RestControllers\ProductRegistrationRestController
;
289 use OpenEMR\RestControllers\PatientRestController
;
290 use OpenEMR\RestControllers\EncounterRestController
;
291 use OpenEMR\RestControllers\PractitionerRestController
;
292 use OpenEMR\RestControllers\ListRestController
;
293 use OpenEMR\RestControllers\InsuranceCompanyRestController
;
294 use OpenEMR\RestControllers\AppointmentRestController
;
295 use OpenEMR\RestControllers\ConditionRestController
;
296 use OpenEMR\RestControllers\ONoteRestController
;
297 use OpenEMR\RestControllers\DocumentRestController
;
298 use OpenEMR\RestControllers\DrugRestController
;
299 use OpenEMR\RestControllers\ImmunizationRestController
;
300 use OpenEMR\RestControllers\InsuranceRestController
;
301 use OpenEMR\RestControllers\MessageRestController
;
302 use OpenEMR\RestControllers\PrescriptionRestController
;
303 use OpenEMR\RestControllers\ProcedureRestController
;
304 use OpenEMR\RestControllers\TransactionRestController
;
306 // Note some Http clients may not send auth as json so a function
307 // is implemented to determine and parse encoding on auth route's.
309 // Note that the api route is only for users role
310 // (there is a mechanism in place to ensure only user role can access the api route)
311 RestConfig
::$ROUTE_MAP = array(
314 * path="/api/facility",
315 * description="Returns a single facility.",
320 * description="The name for the facility.",
327 * name="facility_npi",
329 * description="The facility_npi for the facility.",
338 * description="The phone for the facility.",
347 * description="The fax for the facility.",
356 * description="The street for the facility.",
365 * description="The city for the facility.",
374 * description="The state for the facility.",
381 * name="postal_code",
383 * description="The postal_code for the facility.",
390 * name="country_code",
392 * description="The country_code for the facility.",
399 * name="federal_ein",
401 * description="The federal_ein for the facility.",
410 * description="The website for the facility.",
419 * description="The email for the facility.",
426 * name="domain_identifier",
428 * description="The domain_identifier for the facility.",
435 * name="facility_taxonomy",
437 * description="The facility_taxonomy for the facility.",
444 * name="facility_code",
446 * description="The facility_code for the facility.",
453 * name="billing_location",
455 * description="The billing_location setting for the facility.",
462 * name="accepts_assignment",
464 * description="The accepts_assignment setting for the facility.",
473 * description="The oid for the facility.",
480 * name="service_location",
482 * description="The service_location setting for the facility.",
490 * ref="#/components/responses/standard"
494 * ref="#/components/responses/badrequest"
498 * ref="#/components/responses/unauthorized"
500 * security={{"openemr_auth":{}}}
503 "GET /api/facility" => function () {
504 RestConfig
::authorization_check("admin", "users");
505 $return = (new FacilityRestController())->getAll($_GET);
506 RestConfig
::apiLog($return);
512 * path="/api/facility/{fuuid}",
513 * description="Returns a single facility.",
518 * description="The uuid for the facility.",
526 * ref="#/components/responses/standard"
530 * ref="#/components/responses/badrequest"
534 * ref="#/components/responses/unauthorized"
536 * security={{"openemr_auth":{}}}
539 "GET /api/facility/:fuuid" => function ($fuuid) {
540 RestConfig
::authorization_check("admin", "users");
541 $return = (new FacilityRestController())->getOne($fuuid);
542 RestConfig
::apiLog($return);
548 * path="/api/facility",
549 * description="Creates a facility in the system",
554 * mediaType="application/json",
558 * description="The name for the facility.",
562 * property="facility_npi",
563 * description="The facility_npi for the facility.",
568 * description="The phone for the facility.",
573 * description="The fax for the facility.",
578 * description="The street for the facility.",
583 * description="The city for the facility.",
588 * description="The state for the facility.",
592 * property="postal_code",
593 * description="The postal_code for the facility.",
597 * property="country_code",
598 * description="The country_code for the facility.",
602 * property="federal_ein",
603 * description="The federal_ein for the facility.",
607 * property="website",
608 * description="The website for the facility.",
613 * description="The email for the facility.",
617 * property="domain_identifier",
618 * description="The domain_identifier for the facility.",
622 * property="facility_taxonomy",
623 * description="The facility_taxonomy for the facility.",
627 * property="facility_code",
628 * description="The facility_code for the facility.",
632 * property="billing_location",
633 * description="The billing_location setting for the facility.",
637 * property="accepts_assignment",
638 * description="The accepts_assignment setting for the facility.",
643 * description="The oid for the facility.",
647 * property="service_location",
648 * description="The service_location setting for the facility.",
651 * required={"name", "facility_npi"},
654 * "facility_npi": "123456789123",
655 * "phone": "808-606-3030",
656 * "fax": "808-606-3031",
657 * "street": "1337 Bit Shifter Ln",
658 * "city": "San Lorenzo",
660 * "postal_code": "54321",
661 * "country_code": "US",
662 * "federal_ein": "4343434",
663 * "website": "https://example.com",
664 * "email": "foo@bar.com",
665 * "domain_identifier": "",
666 * "facility_taxonomy": "",
667 * "facility_code": "",
668 * "billing_location": "1",
669 * "accepts_assignment": "1",
671 * "service_location": "1"
678 * ref="#/components/responses/standard"
682 * ref="#/components/responses/badrequest"
686 * ref="#/components/responses/unauthorized"
688 * security={{"openemr_auth":{}}}
691 "POST /api/facility" => function () {
692 RestConfig
::authorization_check("admin", "super");
693 $data = (array) (json_decode(file_get_contents("php://input")));
694 $return = (new FacilityRestController())->post($data);
695 RestConfig
::apiLog($return, $data);
701 * path="/api/facility/{fuuid}",
702 * description="Updates a facility in the system",
707 * description="The uuid for the facility.",
716 * mediaType="application/json",
720 * description="The name for the facility.",
724 * property="facility_npi",
725 * description="The facility_npi for the facility.",
730 * description="The phone for the facility.",
735 * description="The fax for the facility.",
740 * description="The street for the facility.",
745 * description="The city for the facility.",
750 * description="The state for the facility.",
754 * property="postal_code",
755 * description="The postal_code for the facility.",
759 * property="country_code",
760 * description="The country_code for the facility.",
764 * property="federal_ein",
765 * description="The federal_ein for the facility.",
769 * property="website",
770 * description="The website for the facility.",
775 * description="The email for the facility.",
779 * property="domain_identifier",
780 * description="The domain_identifier for the facility.",
784 * property="facility_taxonomy",
785 * description="The facility_taxonomy for the facility.",
789 * property="facility_code",
790 * description="The facility_code for the facility.",
794 * property="billing_location",
795 * description="The billing_location setting for the facility.",
799 * property="accepts_assignment",
800 * description="The accepts_assignment setting for the facility.",
805 * description="The oid for the facility.",
809 * property="service_location",
810 * description="The service_location setting for the facility.",
815 * "facility_npi": "123456789123",
816 * "phone": "808-606-3030",
817 * "fax": "808-606-3031",
818 * "street": "1337 Bit Shifter Ln",
819 * "city": "San Lorenzo",
821 * "postal_code": "54321",
822 * "country_code": "US",
823 * "federal_ein": "4343434",
824 * "website": "https://example.com",
825 * "email": "foo@bar.com",
826 * "domain_identifier": "",
827 * "facility_taxonomy": "",
828 * "facility_code": "",
829 * "billing_location": "1",
830 * "accepts_assignment": "1",
832 * "service_location": "1"
839 * ref="#/components/responses/standard"
843 * ref="#/components/responses/badrequest"
847 * ref="#/components/responses/unauthorized"
849 * security={{"openemr_auth":{}}}
852 "PUT /api/facility/:fuuid" => function ($fuuid) {
853 RestConfig
::authorization_check("admin", "super");
854 $data = (array) (json_decode(file_get_contents("php://input")));
855 $return = (new FacilityRestController())->patch($fuuid, $data);
856 RestConfig
::apiLog($return, $data);
862 * path="/api/patient",
863 * description="Retrieves a list of patients",
868 * description="The first name for the patient.",
877 * description="The last name for the patient.",
886 * description="The social security number for the patient.",
895 * description="The street for the patient.",
902 * name="postal_code",
904 * description="The postal code for the patient.",
913 * description="The city for the patient.",
922 * description="The state for the patient.",
931 * description="The home phone for the patient.",
940 * description="The business phone for the patient.",
949 * description="The cell phone for the patient.",
956 * name="postal_contact",
958 * description="The postal_contact for the patient.",
967 * description="The gender for the patient.",
974 * name="country_code",
976 * description="The country code for the patient.",
985 * description="The email for the patient.",
994 * description="The DOB for the patient.",
1002 * ref="#/components/responses/standard"
1006 * ref="#/components/responses/badrequest"
1010 * ref="#/components/responses/unauthorized"
1012 * security={{"openemr_auth":{}}}
1015 "GET /api/patient" => function () {
1016 RestConfig
::authorization_check("patients", "demo");
1017 $return = (new PatientRestController())->getAll($_GET);
1018 RestConfig
::apiLog($return);
1023 * Schema for the patient request
1026 * schema="api_patient_request",
1029 * description="The title of patient.",
1034 * description="The fname of patient.",
1039 * description="The mname of patient.",
1044 * description="The lname of patient.",
1048 * property="street",
1049 * description="The street address of patient.",
1053 * property="postal_code",
1054 * description="The postal code of patient.",
1059 * description="The city of patient.",
1064 * description="The state of patient.",
1068 * property="country_code",
1069 * description="The country code of patient.",
1073 * property="phone_contact",
1074 * description="The phone contact of patient.",
1079 * description="The DOB of patient.",
1084 * description="The lname of patient.",
1089 * description="The race of patient.",
1093 * property="ethnicity",
1094 * description="The ethnicity of patient.",
1097 * required={"fname", "lname", "DOB", "sex"},
1103 * "street": "456 Tree Lane",
1104 * "postal_code": "08642",
1105 * "city": "FooTown",
1107 * "country_code": "US",
1108 * "phone_contact": "123-456-7890",
1109 * "DOB": "1992-02-02",
1118 * path="/api/patient",
1119 * description="Creates a new patient",
1120 * tags={"standard"},
1124 * mediaType="application/json",
1125 * @OA\Schema(ref="#/components/schemas/api_patient_request")
1130 * description="Standard response",
1132 * mediaType="application/json",
1135 * property="validationErrors",
1136 * description="Validation errors.",
1143 * property="internalErrors",
1144 * description="Internal errors.",
1152 * description="Returned data.",
1157 * description="patient pid",
1163 * "validationErrors": {},
1164 * "error_description": {},
1174 * ref="#/components/responses/unauthorized"
1176 * security={{"openemr_auth":{}}}
1179 "POST /api/patient" => function () {
1180 RestConfig
::authorization_check("patients", "demo");
1181 $data = (array) (json_decode(file_get_contents("php://input")));
1182 $return = (new PatientRestController())->post($data);
1183 RestConfig
::apiLog($return, $data);
1188 * Schema for the patient response
1191 * schema="api_patient_response",
1193 * property="validationErrors",
1194 * description="Validation errors.",
1201 * property="internalErrors",
1202 * description="Internal errors.",
1210 * description="Returned data.",
1215 * description="patient id",
1220 * description="patient pid",
1224 * property="pubpid",
1225 * description="patient public id",
1230 * description="patient title",
1235 * description="patient first name",
1240 * description="patient middle name",
1245 * description="patient last name",
1250 * description="patient social security number",
1254 * property="street",
1255 * description="patient street address",
1259 * property="postal_code",
1260 * description="patient postal code",
1265 * description="patient city",
1270 * description="patient state",
1274 * property="county",
1275 * description="patient county",
1279 * property="country_code",
1280 * description="patient country code",
1284 * property="drivers_license",
1285 * description="patient drivers license id",
1289 * property="contact_relationship",
1290 * description="patient contact relationship",
1294 * property="phone_contact",
1295 * description="patient phone contact",
1299 * property="phone_home",
1300 * description="patient home phone",
1304 * property="phone_biz",
1305 * description="patient work phone",
1309 * property="phone_cell",
1310 * description="patient mobile phone",
1315 * description="patient email",
1320 * description="patient DOB",
1325 * description="patient sex (gender)",
1330 * description="patient race",
1334 * property="ethnicity",
1335 * description="patient ethnicity",
1339 * property="status",
1340 * description="patient status",
1346 * "validationErrors": {},
1347 * "error_description": {},
1357 * "street": "456 Tree Lane",
1358 * "postal_code": "08642",
1359 * "city": "FooTown",
1362 * "country_code": "US",
1363 * "drivers_license": "",
1364 * "contact_relationship": "",
1365 * "phone_contact": "123-456-7890",
1370 * "DOB": "1992-02-03",
1381 * path="/api/patient/{puuid}",
1382 * description="Updates a patient",
1383 * tags={"standard"},
1387 * description="The uuid for the patient.",
1396 * mediaType="application/json",
1397 * @OA\Schema(ref="#/components/schemas/api_patient_request")
1402 * description="Standard response",
1404 * mediaType="application/json",
1405 * @OA\Schema(ref="#/components/schemas/api_patient_response")
1410 * ref="#/components/responses/unauthorized"
1412 * security={{"openemr_auth":{}}}
1415 "PUT /api/patient/:puuid" => function ($puuid) {
1416 RestConfig
::authorization_check("patients", "demo");
1417 $data = (array) (json_decode(file_get_contents("php://input")));
1418 $return = (new PatientRestController())->put($puuid, $data);
1419 RestConfig
::apiLog($return, $data);
1425 * path="/api/patient/{puuid}",
1426 * description="Retrieves a single patient by their uuid",
1427 * tags={"standard"},
1431 * description="The uuid for the patient.",
1439 * description="Standard response",
1441 * mediaType="application/json",
1442 * @OA\Schema(ref="#/components/schemas/api_patient_response")
1447 * ref="#/components/responses/unauthorized"
1449 * security={{"openemr_auth":{}}}
1452 "GET /api/patient/:puuid" => function ($puuid) {
1453 RestConfig
::authorization_check("patients", "demo");
1454 $return = (new PatientRestController())->getOne($puuid);
1455 RestConfig
::apiLog($return);
1461 * path="/api/patient/{puuid}/encounter",
1462 * description="Retrieves a list of encounters for a single patient",
1463 * tags={"standard"},
1467 * description="The uuid for the patient.",
1475 * ref="#/components/responses/standard"
1479 * ref="#/components/responses/badrequest"
1483 * ref="#/components/responses/unauthorized"
1485 * security={{"openemr_auth":{}}}
1488 "GET /api/patient/:puuid/encounter" => function ($puuid) {
1489 RestConfig
::authorization_check("encounters", "auth_a");
1490 $return = (new EncounterRestController())->getAll($puuid);
1491 RestConfig
::apiLog($return);
1496 * Schema for the encounter request
1499 * schema="api_encounter_request",
1502 * description="The date of encounter.",
1506 * property="onset_date",
1507 * description="The onset date of encounter.",
1511 * property="reason",
1512 * description="The reason of encounter.",
1516 * property="facility",
1517 * description="The facility of encounter.",
1521 * property="pc_catid",
1522 * description="The pc_catid of encounter.",
1526 * property="facility_id",
1527 * description="The facility id of encounter.",
1531 * property="billing_facility",
1532 * description="The billing facility id of encounter.",
1536 * property="sensitivity",
1537 * description="The sensitivity of encounter.",
1541 * property="referral_source",
1542 * description="The referral source of encounter.",
1546 * property="pos_code",
1547 * description="The pos_code of encounter.",
1551 * property="external_id",
1552 * description="The external id of encounter.",
1556 * property="provider_id",
1557 * description="The provider id of encounter.",
1561 * property="class_code",
1562 * description="The class_code of encounter.",
1565 * required={"pc_catid", "class_code"},
1567 * "date":"2020-11-10",
1569 * "reason": "Pregnancy Test",
1570 * "facility": "Owerri General Hospital",
1572 * "facility_id": "3",
1573 * "billing_facility": "3",
1574 * "sensitivity": "normal",
1575 * "referral_source": "",
1577 * "external_id": "",
1578 * "provider_id": "1",
1579 * "class_code" : "AMB"
1585 * path="/api/patient/{puuid}/encounter",
1586 * description="Creates a new encounter",
1587 * tags={"standard"},
1591 * description="The uuid for the patient.",
1600 * mediaType="application/json",
1601 * @OA\Schema(ref="#/components/schemas/api_encounter_request")
1606 * description="Standard response",
1608 * mediaType="application/json",
1611 * property="validationErrors",
1612 * description="Validation errors.",
1619 * property="internalErrors",
1620 * description="Internal errors.",
1628 * description="Returned data.",
1632 * property="encounter",
1633 * description="encounter id",
1638 * description="encounter uuid",
1644 * "validationErrors": {},
1645 * "error_description": {},
1648 * "uuid": "90c196f2-51cc-4655-8858-3a80aebff3ef"
1656 * ref="#/components/responses/unauthorized"
1658 * security={{"openemr_auth":{}}}
1661 "POST /api/patient/:puuid/encounter" => function ($puuid) {
1662 RestConfig
::authorization_check("encounters", "auth_a");
1663 $data = (array) (json_decode(file_get_contents("php://input")));
1664 $return = (new EncounterRestController())->post($puuid, $data);
1665 RestConfig
::apiLog($return, $data);
1670 * Schema for the encounter response
1673 * schema="api_encounter_response",
1675 * property="validationErrors",
1676 * description="Validation errors.",
1683 * property="internalErrors",
1684 * description="Internal errors.",
1692 * description="Returned data.",
1697 * description="encounter id",
1702 * description="encounter uuid",
1707 * description="encounter date",
1711 * property="reason",
1712 * description="encounter reason",
1716 * property="facility",
1717 * description="encounter facility name",
1721 * property="facility_id",
1722 * description="encounter facility id name",
1727 * description="encounter for patient pid",
1731 * property="onset_date",
1732 * description="encounter onset date",
1736 * property="sensitivity",
1737 * description="encounter sensitivity",
1741 * property="billing_note",
1742 * description="encounter billing note",
1746 * property="pc_catid",
1747 * description="encounter pc_catid",
1751 * property="last_level_billed",
1752 * description="encounter last_level_billed",
1756 * property="last_level_closed",
1757 * description="encounter last_level_closed",
1761 * property="last_stmt_date",
1762 * description="encounter last_stmt_date",
1766 * property="stmt_count",
1767 * description="encounter stmt_count",
1771 * property="provider_id",
1772 * description="provider id",
1776 * property="supervisor_id",
1777 * description="encounter supervisor id",
1781 * property="invoice_refno",
1782 * description="encounter invoice_refno",
1786 * property="referral_source",
1787 * description="encounter referral source",
1791 * property="billing_facility",
1792 * description="encounter billing facility id",
1796 * property="external_id",
1797 * description="encounter external id",
1801 * property="pos_code",
1802 * description="encounter pos_code",
1806 * property="class_code",
1807 * description="encounter class_code",
1811 * property="class_title",
1812 * description="encounter class_title",
1816 * property="pc_catname",
1817 * description="encounter pc_catname",
1821 * property="billing_facility_name",
1822 * description="encounter billing facility name",
1828 * "validationErrors": {},
1829 * "error_description": {},
1832 * "uuid": "90c196f2-51cc-4655-8858-3a80aebff3ef",
1833 * "date": "2019-09-14 00:00:00",
1834 * "reason": "Pregnancy Test",
1835 * "facility": "Owerri General Hospital",
1836 * "facility_id": "3",
1838 * "onset_date": "2019-04-20 00:00:00",
1839 * "sensitivity": "normal",
1840 * "billing_note": null,
1842 * "last_level_billed": "0",
1843 * "last_level_closed": "0",
1844 * "last_stmt_date": null,
1845 * "stmt_count": "0",
1846 * "provider_id": "1",
1847 * "supervisor_id": "0",
1848 * "invoice_refno": "",
1849 * "referral_source": "",
1850 * "billing_facility": "3",
1851 * "external_id": "",
1853 * "class_code": "AMB",
1854 * "class_title": "ambulatory",
1855 * "pc_catname": "Office Visit",
1856 * "billing_facility_name": "Owerri General Hospital"
1863 * path="/api/patient/{puuid}/encounter/{euuid}",
1864 * description="Modify a encounter",
1865 * tags={"standard"},
1869 * description="The uuid for the patient.",
1878 * description="The uuid for the encounter.",
1887 * mediaType="application/json",
1888 * @OA\Schema(ref="#/components/schemas/api_encounter_request")
1893 * description="Standard response",
1895 * mediaType="application/json",
1896 * @OA\Schema(ref="#/components/schemas/api_encounter_response")
1901 * ref="#/components/responses/unauthorized"
1903 * security={{"openemr_auth":{}}}
1906 "PUT /api/patient/:puuid/encounter/:euuid" => function ($puuid, $euuid) {
1907 RestConfig
::authorization_check("encounters", "auth_a");
1908 $data = (array) (json_decode(file_get_contents("php://input")));
1909 $return = (new EncounterRestController())->put($puuid, $euuid, $data);
1910 RestConfig
::apiLog($return, $data);
1916 * path="/api/patient/{puuid}/encounter/{euuid}",
1917 * description="Retrieves a single encounter for a patient",
1918 * tags={"standard"},
1922 * description="The uuid for the patient.",
1931 * description="The uuid for the encounter.",
1939 * description="Standard response",
1941 * mediaType="application/json",
1942 * @OA\Schema(ref="#/components/schemas/api_encounter_response")
1947 * ref="#/components/responses/unauthorized"
1949 * security={{"openemr_auth":{}}}
1952 "GET /api/patient/:puuid/encounter/:euuid" => function ($puuid, $euuid) {
1953 RestConfig
::authorization_check("encounters", "auth_a");
1954 $return = (new EncounterRestController())->getOne($puuid, $euuid);
1955 RestConfig
::apiLog($return);
1961 * path="/api/patient/{pid}/encounter/{eid}/soap_note",
1962 * description="Retrieves soap notes from an encounter for a patient",
1963 * tags={"standard"},
1967 * description="The pid for the patient.",
1976 * description="The id for the encounter.",
1984 * ref="#/components/responses/standard"
1988 * ref="#/components/responses/badrequest"
1992 * ref="#/components/responses/unauthorized"
1994 * security={{"openemr_auth":{}}}
1997 "GET /api/patient/:pid/encounter/:eid/soap_note" => function ($pid, $eid) {
1998 RestConfig
::authorization_check("encounters", "notes");
1999 $return = (new EncounterRestController())->getSoapNotes($pid, $eid);
2000 RestConfig
::apiLog($return);
2005 * Schema for the vital request
2008 * schema="api_vital_request",
2011 * description="The bps of vitals.",
2016 * description="The bpd of vitals.",
2020 * property="weight",
2021 * description="The weight of vitals. (unit is lb)",
2025 * property="height",
2026 * description="The height of vitals. (unit is inches)",
2030 * property="temperature",
2031 * description="The temperature of temperature. (unit is F)",
2035 * property="temp_method",
2036 * description="The temp_method of vitals.",
2041 * description="The pulse of vitals.",
2045 * property="respiration",
2046 * description="The respiration of vitals.",
2051 * description="The note (ie. comments) of vitals.",
2055 * property="waist_circ",
2056 * description="The waist circumference of vitals. (unit is inches)",
2060 * property="head_circ",
2061 * description="The head circumference of vitals. (unit is inches)",
2065 * property="oxygen_saturation",
2066 * description="The oxygen_saturation of vitals.",
2074 * "temperature": "98",
2075 * "temp_method": "Oral",
2077 * "respiration": "20",
2078 * "note": "Patient with difficulty standing, which made weight measurement difficult.",
2079 * "waist_circ": "37",
2080 * "head_circ": "22.2",
2081 * "oxygen_saturation": "96"
2087 * path="/api/patient/{pid}/encounter/{eid}/vital",
2088 * description="Submits a new vitals form",
2089 * tags={"standard"},
2093 * description="The id for the patient.",
2102 * description="The id for the encounter.",
2111 * mediaType="application/json",
2112 * @OA\Schema(ref="#/components/schemas/api_vital_request")
2117 * ref="#/components/responses/standard"
2121 * ref="#/components/responses/badrequest"
2125 * ref="#/components/responses/unauthorized"
2127 * security={{"openemr_auth":{}}}
2130 "POST /api/patient/:pid/encounter/:eid/vital" => function ($pid, $eid) {
2131 RestConfig
::authorization_check("encounters", "notes");
2132 $data = json_decode(file_get_contents("php://input"), true) ??
[];
2133 $return = (new EncounterRestController())->postVital($pid, $eid, $data);
2134 RestConfig
::apiLog($return, $data);
2140 * path="/api/patient/{pid}/encounter/{eid}/vital/{vid}",
2141 * description="Edit a vitals form",
2142 * tags={"standard"},
2146 * description="The id for the patient.",
2155 * description="The id for the encounter.",
2164 * description="The id for the vitalss form.",
2173 * mediaType="application/json",
2174 * @OA\Schema(ref="#/components/schemas/api_vital_request")
2179 * ref="#/components/responses/standard"
2183 * ref="#/components/responses/badrequest"
2187 * ref="#/components/responses/unauthorized"
2189 * security={{"openemr_auth":{}}}
2192 "PUT /api/patient/:pid/encounter/:eid/vital/:vid" => function ($pid, $eid, $vid) {
2193 RestConfig
::authorization_check("encounters", "notes");
2194 $data = json_decode(file_get_contents("php://input"), true) ??
[];
2195 $return = (new EncounterRestController())->putVital($pid, $eid, $vid, $data);
2196 RestConfig
::apiLog($return, $data);
2202 * path="/api/patient/{pid}/encounter/{eid}/vital",
2203 * description="Retrieves all vitals from an encounter for a patient",
2204 * tags={"standard"},
2208 * description="The pid for the patient.",
2217 * description="The id for the encounter.",
2225 * ref="#/components/responses/standard"
2229 * ref="#/components/responses/badrequest"
2233 * ref="#/components/responses/unauthorized"
2235 * security={{"openemr_auth":{}}}
2238 "GET /api/patient/:pid/encounter/:eid/vital" => function ($pid, $eid) {
2239 RestConfig
::authorization_check("encounters", "notes");
2240 $return = (new EncounterRestController())->getVitals($pid, $eid);
2241 RestConfig
::apiLog($return);
2247 * path="/api/patient/{pid}/encounter/{eid}/vital/{vid}",
2248 * description="Retrieves a vitals form from an encounter for a patient",
2249 * tags={"standard"},
2253 * description="The pid for the patient.",
2262 * description="The id for the encounter.",
2271 * description="The id for the vitals form.",
2279 * ref="#/components/responses/standard"
2283 * ref="#/components/responses/badrequest"
2287 * ref="#/components/responses/unauthorized"
2289 * security={{"openemr_auth":{}}}
2292 "GET /api/patient/:pid/encounter/:eid/vital/:vid" => function ($pid, $eid, $vid) {
2293 RestConfig
::authorization_check("encounters", "notes");
2294 $return = (new EncounterRestController())->getVital($pid, $eid, $vid);
2295 RestConfig
::apiLog($return);
2301 * path="/api/patient/{pid}/encounter/{eid}/soap_note/{sid}",
2302 * description="Retrieves a soap note from an encounter for a patient",
2303 * tags={"standard"},
2307 * description="The pid for the patient.",
2316 * description="The id for the encounter.",
2325 * description="The id for the soap note.",
2333 * ref="#/components/responses/standard"
2337 * ref="#/components/responses/badrequest"
2341 * ref="#/components/responses/unauthorized"
2343 * security={{"openemr_auth":{}}}
2346 "GET /api/patient/:pid/encounter/:eid/soap_note/:sid" => function ($pid, $eid, $sid) {
2347 RestConfig
::authorization_check("encounters", "notes");
2348 $return = (new EncounterRestController())->getSoapNote($pid, $eid, $sid);
2349 RestConfig
::apiLog($return);
2354 * Schema for the soap_note request
2357 * schema="api_soap_note_request",
2359 * property="subjective",
2360 * description="The subjective of soap note.",
2364 * property="objective",
2365 * description="The objective of soap note.",
2369 * property="assessment",
2370 * description="The assessment of soap note.",
2375 * description="The plan of soap note.",
2379 * "subjective": "The patient with mechanical fall and cut finger.",
2380 * "objective": "The patient with finger laceration on exam.",
2381 * "assessment": "The patient with finger laceration requiring sutures.",
2382 * "plan": "Sutured finger laceration."
2388 * path="/api/patient/{pid}/encounter/{eid}/soap_note",
2389 * description="Submits a new soap note",
2390 * tags={"standard"},
2394 * description="The id for the patient.",
2403 * description="The id for the encounter.",
2412 * mediaType="application/json",
2413 * @OA\Schema(ref="#/components/schemas/api_soap_note_request")
2418 * ref="#/components/responses/standard"
2422 * ref="#/components/responses/badrequest"
2426 * ref="#/components/responses/unauthorized"
2428 * security={{"openemr_auth":{}}}
2431 "POST /api/patient/:pid/encounter/:eid/soap_note" => function ($pid, $eid) {
2432 RestConfig
::authorization_check("encounters", "notes");
2433 $data = (array) (json_decode(file_get_contents("php://input")));
2434 $return = (new EncounterRestController())->postSoapNote($pid, $eid, $data);
2435 RestConfig
::apiLog($return, $data);
2441 * path="/api/patient/{pid}/encounter/{eid}/soap_note/{sid}",
2442 * description="Edit a soap note",
2443 * tags={"standard"},
2447 * description="The id for the patient.",
2456 * description="The id for the encounter.",
2465 * description="The id for the soap noted.",
2474 * mediaType="application/json",
2475 * @OA\Schema(ref="#/components/schemas/api_soap_note_request")
2480 * ref="#/components/responses/standard"
2484 * ref="#/components/responses/badrequest"
2488 * ref="#/components/responses/unauthorized"
2490 * security={{"openemr_auth":{}}}
2493 "PUT /api/patient/:pid/encounter/:eid/soap_note/:sid" => function ($pid, $eid, $sid) {
2494 RestConfig
::authorization_check("encounters", "notes");
2495 $data = (array) (json_decode(file_get_contents("php://input")));
2496 $return = (new EncounterRestController())->putSoapNote($pid, $eid, $sid, $data);
2497 RestConfig
::apiLog($return, $data);
2504 * path="/api/practitioner",
2505 * description="Retrieves a list of practitioners",
2506 * tags={"standard"},
2510 * description="The title for the practitioner.",
2519 * description="The first name for the practitioner.",
2528 * description="The last name for the practitioner.",
2537 * description="The middle name for the practitioner.",
2544 * name="federaltaxid",
2546 * description="The federal tax id for the practitioner.",
2553 * name="federaldrugid",
2555 * description="The federal drug id for the practitioner.",
2564 * description="The upin for the practitioner.",
2571 * name="facility_id",
2573 * description="The facility id for the practitioner.",
2582 * description="The facility for the practitioner.",
2591 * description="The npi for the practitioner.",
2600 * description="The email for the practitioner.",
2609 * description="The specialty for the practitioner.",
2618 * description="The billname for the practitioner.",
2627 * description="The url for the practitioner.",
2636 * description="The assistant for the practitioner.",
2643 * name="organization",
2645 * description="The organization for the practitioner.",
2652 * name="valedictory",
2654 * description="The valedictory for the practitioner.",
2663 * description="The street for the practitioner.",
2672 * description="The street (line 2) for the practitioner.",
2681 * description="The city for the practitioner.",
2690 * description="The state for the practitioner.",
2699 * description="The zip for the practitioner.",
2708 * description="The phone for the practitioner.",
2717 * description="The fax for the practitioner.",
2726 * description="The phonew1 for the practitioner.",
2735 * description="The phonecell for the practitioner.",
2744 * description="The notes for the practitioner.",
2751 * name="state_license_number2",
2753 * description="The state license number for the practitioner.",
2762 * description="The username for the practitioner.",
2770 * ref="#/components/responses/standard"
2774 * ref="#/components/responses/badrequest"
2778 * ref="#/components/responses/unauthorized"
2780 * security={{"openemr_auth":{}}}
2783 "GET /api/practitioner" => function () {
2784 RestConfig
::authorization_check("admin", "users");
2785 $return = (new PractitionerRestController())->getAll($_GET);
2786 RestConfig
::apiLog($return);
2792 * path="/api/practitioner/{pruuid}",
2793 * description="Retrieves a single practitioner by their uuid",
2794 * tags={"standard"},
2798 * description="The uuid for the practitioner.",
2806 * ref="#/components/responses/standard"
2810 * ref="#/components/responses/badrequest"
2814 * ref="#/components/responses/unauthorized"
2816 * security={{"openemr_auth":{}}}
2819 "GET /api/practitioner/:pruuid" => function ($pruuid) {
2820 RestConfig
::authorization_check("admin", "users");
2821 $return = (new PractitionerRestController())->getOne($pruuid);
2822 RestConfig
::apiLog($return);
2828 * path="/api/practitioner",
2829 * description="Submits a new practitioner",
2830 * tags={"standard"},
2834 * mediaType="application/json",
2838 * description="The title for the practitioner.",
2843 * description="The first name for the practitioner.",
2848 * description="The middle name for the practitioner.",
2853 * description="The last name for the practitioner.",
2857 * property="federaltaxid",
2858 * description="The federal tax id for the practitioner.",
2862 * property="federaldrugid",
2863 * description="The federal drug id for the practitioner.",
2868 * description="The upin for the practitioner.",
2872 * property="facility_id",
2873 * description="The facility_id for the practitioner.",
2877 * property="facility",
2878 * description="The facility name for the practitioner.",
2883 * description="The npi for the practitioner.",
2888 * description="The email for the practitioner.",
2892 * property="specialty",
2893 * description="The specialty for the practitioner.",
2897 * property="billname",
2898 * description="The billname for the practitioner.",
2903 * description="The url for the practitioner.",
2907 * property="assistant",
2908 * description="The assistant for the practitioner.",
2912 * property="valedictory",
2913 * description="The valedictory for the practitioner.",
2917 * property="street",
2918 * description="The street address for the practitioner.",
2922 * property="streetb",
2923 * description="The streetb address for the practitioner.",
2928 * description="The city for the practitioner.",
2933 * description="The state for the practitioner.",
2938 * description="The zip for the practitioner.",
2943 * description="The phone for the practitioner.",
2948 * description="The fax for the practitioner.",
2952 * property="phonew1",
2953 * description="The phonew1 for the practitioner.",
2957 * property="phonecell",
2958 * description="The phonecell for the practitioner.",
2963 * description="The notes for the practitioner.",
2967 * property="state_license_number",
2968 * description="The state license number for the practitioner.",
2972 * property="username",
2973 * description="The username for the practitioner.",
2976 * required={"fname", "lname", "npi"},
2979 * "fname": "Eduardo",
2982 * "federaltaxid": "",
2983 * "federaldrugid": "",
2985 * "facility_id": "3",
2986 * "facility": "Your Clinic Name Here",
2987 * "npi": "12345678901",
2988 * "email": "info@pennfirm.com",
2992 * "assistant": null,
2993 * "organization": null,
2994 * "valedictory": null,
2995 * "street": "789 Third Avenue",
2996 * "streetb": "123 Cannaut Street",
2997 * "city": "San Diego",
3000 * "phone": "(619) 555-9827",
3002 * "phonew1": "(619) 555-7822",
3003 * "phonecell": "(619) 555-7821",
3005 * "state_license_number": "123456",
3006 * "username": "eduardoperez"
3013 * description="Standard response",
3015 * mediaType="application/json",
3018 * property="validationErrors",
3019 * description="Validation errors.",
3026 * property="internalErrors",
3027 * description="Internal errors.",
3035 * description="Returned data.",
3040 * description="practitioner id",
3045 * description="practitioner uuid",
3051 * "validationErrors": {},
3052 * "error_description": {},
3055 * "uuid": "90d453fb-0248-4c0d-9575-d99d02b169f5"
3063 * ref="#/components/responses/unauthorized"
3065 * security={{"openemr_auth":{}}}
3068 "POST /api/practitioner" => function () {
3069 RestConfig
::authorization_check("admin", "users");
3070 $data = (array) (json_decode(file_get_contents("php://input")));
3071 $return = (new PractitionerRestController())->post($data);
3072 RestConfig
::apiLog($return, $data);
3078 * path="/api/practitioner/{pruuid}",
3079 * description="Edit a practitioner",
3080 * tags={"standard"},
3084 * description="The uuid for the practitioner.",
3093 * mediaType="application/json",
3097 * description="The title for the practitioner.",
3102 * description="The first name for the practitioner.",
3107 * description="The middle name for the practitioner.",
3112 * description="The last name for the practitioner.",
3116 * property="federaltaxid",
3117 * description="The federal tax id for the practitioner.",
3121 * property="federaldrugid",
3122 * description="The federal drug id for the practitioner.",
3127 * description="The upin for the practitioner.",
3131 * property="facility_id",
3132 * description="The facility_id for the practitioner.",
3136 * property="facility",
3137 * description="The facility name for the practitioner.",
3142 * description="The npi for the practitioner.",
3147 * description="The email for the practitioner.",
3151 * property="specialty",
3152 * description="The specialty for the practitioner.",
3156 * property="billname",
3157 * description="The billname for the practitioner.",
3162 * description="The url for the practitioner.",
3166 * property="assistant",
3167 * description="The assistant for the practitioner.",
3171 * property="valedictory",
3172 * description="The valedictory for the practitioner.",
3176 * property="street",
3177 * description="The street address for the practitioner.",
3181 * property="streetb",
3182 * description="The streetb address for the practitioner.",
3187 * description="The city for the practitioner.",
3192 * description="The state for the practitioner.",
3197 * description="The zip for the practitioner.",
3202 * description="The phone for the practitioner.",
3207 * description="The fax for the practitioner.",
3211 * property="phonew1",
3212 * description="The phonew1 for the practitioner.",
3216 * property="phonecell",
3217 * description="The phonecell for the practitioner.",
3222 * description="The notes for the practitioner.",
3226 * property="state_license_number",
3227 * description="The state license number for the practitioner.",
3231 * property="username",
3232 * description="The username for the practitioner.",
3240 * "street": "456 Tree Lane",
3242 * "city": "FooTown",
3244 * "phone": "123-456-7890"
3251 * description="Standard response",
3253 * mediaType="application/json",
3256 * property="validationErrors",
3257 * description="Validation errors.",
3264 * property="internalErrors",
3265 * description="Internal errors.",
3273 * description="Returned data.",
3278 * description="practitioner id",
3283 * description="practitioner uuid",
3288 * description="practitioner title",
3293 * description="practitioner fname",
3298 * description="practitioner lname",
3303 * description="practitioner mname",
3307 * property="federaltaxid",
3308 * description="practitioner federaltaxid",
3312 * property="federaldrugid",
3313 * description="practitioner federaldrugid",
3318 * description="practitioner upin",
3322 * property="facility_id",
3323 * description="practitioner facility_id",
3327 * property="facility",
3328 * description="practitioner facility",
3333 * description="practitioner npi",
3338 * description="practitioner email",
3342 * property="active",
3343 * description="practitioner active setting",
3347 * property="specialty",
3348 * description="practitioner specialty",
3352 * property="billname",
3353 * description="practitioner billname",
3358 * description="practitioner url",
3362 * property="assistant",
3363 * description="practitioner assistant",
3367 * property="organization",
3368 * description="practitioner organization",
3372 * property="valedictory",
3373 * description="practitioner valedictory",
3377 * property="street",
3378 * description="practitioner street",
3382 * property="streetb",
3383 * description="practitioner streetb",
3388 * description="practitioner city",
3393 * description="practitioner state",
3398 * description="practitioner zip",
3403 * description="practitioner phone",
3408 * description="fax",
3412 * property="phonew1",
3413 * description="practitioner phonew1",
3417 * property="phonecell",
3418 * description="practitioner phonecell",
3423 * description="practitioner notes",
3427 * property="state_license_number",
3428 * description="practitioner state license number",
3432 * property="abook_title",
3433 * description="practitioner abook title",
3437 * property="physician_title",
3438 * description="practitioner physician title",
3442 * property="physician_code",
3443 * description="practitioner physician code",
3449 * "validationErrors": {},
3450 * "error_description": {},
3453 * "uuid": "90d453fb-0248-4c0d-9575-d99d02b169f5",
3458 * "federaltaxid": "",
3459 * "federaldrugid": "",
3461 * "facility_id": "3",
3462 * "facility": "Your Clinic Name Here",
3463 * "npi": "0123456789",
3464 * "email": "info@pennfirm.com",
3470 * "organization": "",
3471 * "valedictory": "",
3472 * "street": "456 Tree Lane",
3473 * "streetb": "123 Cannaut Street",
3474 * "city": "FooTown",
3477 * "phone": "123-456-7890",
3479 * "phonew1": "(619) 555-7822",
3480 * "phonecell": "(619) 555-7821",
3482 * "state_license_number": "123456",
3483 * "abook_title": null,
3484 * "physician_title": null,
3485 * "physician_code": null
3493 * ref="#/components/responses/unauthorized"
3495 * security={{"openemr_auth":{}}}
3498 "PUT /api/practitioner/:pruuid" => function ($pruuid) {
3499 RestConfig
::authorization_check("admin", "users");
3500 $data = (array) (json_decode(file_get_contents("php://input")));
3501 $return = (new PractitionerRestController())->patch($pruuid, $data);
3502 RestConfig
::apiLog($return, $data);
3508 * path="/api/medical_problem",
3509 * description="Retrieves a list of medical problems",
3510 * tags={"standard"},
3514 * description="The uuid for the patient.",
3521 * name="condition_uuid",
3523 * description="The uuid for the medical problem.",
3532 * description="The title for the medical problem.",
3541 * description="The start date for the medical problem.",
3550 * description="The end date for the medical problem.",
3559 * description="The diagnosis for the medical problem.",
3567 * ref="#/components/responses/standard"
3571 * ref="#/components/responses/badrequest"
3575 * ref="#/components/responses/unauthorized"
3577 * security={{"openemr_auth":{}}}
3580 "GET /api/medical_problem" => function () {
3581 RestConfig
::authorization_check("encounters", "notes");
3582 $return = (new ConditionRestController())->getAll();
3583 RestConfig
::apiLog($return);
3589 * path="/api/medical_problem/{muuid}",
3590 * description="Retrieves a single medical problem by their uuid",
3591 * tags={"standard"},
3595 * description="The uuid for the medical problem.",
3603 * ref="#/components/responses/standard"
3607 * ref="#/components/responses/badrequest"
3611 * ref="#/components/responses/unauthorized"
3613 * security={{"openemr_auth":{}}}
3616 "GET /api/medical_problem/:muuid" => function ($muuid) {
3617 RestConfig
::authorization_check("encounters", "notes");
3618 $return = (new ConditionRestController())->getOne($muuid);
3619 RestConfig
::apiLog($return);
3625 * path="/api/patient/{puuid}/medical_problem",
3626 * description="Retrieves all medical problems for a patient",
3627 * tags={"standard"},
3631 * description="The uuid for the patient.",
3639 * ref="#/components/responses/standard"
3643 * ref="#/components/responses/badrequest"
3647 * ref="#/components/responses/unauthorized"
3649 * security={{"openemr_auth":{}}}
3652 "GET /api/patient/:puuid/medical_problem" => function ($puuid) {
3653 RestConfig
::authorization_check("encounters", "notes");
3654 $return = (new ConditionRestController())->getAll($puuid, "medical_problem");
3655 RestConfig
::apiLog($return);
3661 * path="/api/patient/{puuid}/medical_problem/{muuid}",
3662 * description="Retrieves a medical problem for a patient",
3663 * tags={"standard"},
3667 * description="The uuid for the patient.",
3676 * description="The uuid for the medical problem.",
3684 * ref="#/components/responses/standard"
3688 * ref="#/components/responses/badrequest"
3692 * ref="#/components/responses/unauthorized"
3694 * security={{"openemr_auth":{}}}
3697 "GET /api/patient/:puuid/medical_problem/:muuid" => function ($puuid, $muuid) {
3698 RestConfig
::authorization_check("patients", "med");
3699 $return = (new ConditionRestController())->getAll(['puuid' => $puuid, 'condition_uuid' => $muuid]);
3700 RestConfig
::apiLog($return);
3705 * Schema for the medical_problem request
3708 * schema="api_medical_problem_request",
3711 * description="The title of medical problem.",
3715 * property="begdate",
3716 * description="The beginning date of medical problem.",
3720 * property="enddate",
3721 * description="The end date of medical problem.",
3725 * property="diagnosis",
3726 * description="The diagnosis of medical problem. In format `<codetype>:<code>`",
3729 * required={"title", "begdate"},
3731 * "title": "Dermatochalasis",
3732 * "begdate": "2010-10-13",
3734 * "diagnosis": "ICD10:H02.839"
3740 * path="/api/patient/{puuid}/medical_problem",
3741 * description="Submits a new medical problem",
3742 * tags={"standard"},
3746 * description="The uuid for the patient.",
3755 * mediaType="application/json",
3756 * @OA\Schema(ref="#/components/schemas/api_medical_problem_request")
3761 * ref="#/components/responses/standard"
3765 * ref="#/components/responses/badrequest"
3769 * ref="#/components/responses/unauthorized"
3771 * security={{"openemr_auth":{}}}
3774 "POST /api/patient/:puuid/medical_problem" => function ($puuid) {
3775 RestConfig
::authorization_check("patients", "med");
3776 $data = (array) (json_decode(file_get_contents("php://input")));
3777 $return = (new ConditionRestController())->post($puuid, $data);
3778 RestConfig
::apiLog($return, $data);
3784 * path="/api/patient/{puuid}/medical_problem/{muuid}",
3785 * description="Edit a medical problem",
3786 * tags={"standard"},
3790 * description="The uuid for the patient.",
3799 * description="The uuid for the medical problem.",
3808 * mediaType="application/json",
3809 * @OA\Schema(ref="#/components/schemas/api_medical_problem_request")
3814 * ref="#/components/responses/standard"
3818 * ref="#/components/responses/badrequest"
3822 * ref="#/components/responses/unauthorized"
3824 * security={{"openemr_auth":{}}}
3827 "PUT /api/patient/:puuid/medical_problem/:muuid" => function ($puuid, $muuid) {
3828 RestConfig
::authorization_check("patients", "med");
3829 $data = (array) (json_decode(file_get_contents("php://input")));
3830 $return = (new ConditionRestController())->put($puuid, $muuid, $data);
3831 RestConfig
::apiLog($return, $data);
3837 * path="/api/patient/{puuid}/medical_problem/{muuid}",
3838 * description="Delete a medical problem",
3839 * tags={"standard"},
3843 * description="The uuid for the patient.",
3852 * description="The uuid for the medical problem.",
3860 * ref="#/components/responses/standard"
3864 * ref="#/components/responses/badrequest"
3868 * ref="#/components/responses/unauthorized"
3870 * security={{"openemr_auth":{}}}
3873 "DELETE /api/patient/:puuid/medical_problem/:muuid" => function ($puuid, $muuid) {
3874 RestConfig
::authorization_check("patients", "med");
3875 $return = (new ConditionRestController())->delete($puuid, $muuid);
3876 RestConfig
::apiLog($return);
3882 * path="/api/allergy",
3883 * description="Retrieves a list of allergies",
3884 * tags={"standard"},
3888 * description="The uuid for the patient.",
3897 * description="The uuid for the allergy.",
3906 * description="The title for the allergy.",
3915 * description="The start date for the allergy.",
3924 * description="The end date for the allergy.",
3933 * description="The diagnosis for the allergy.",
3941 * ref="#/components/responses/standard"
3945 * ref="#/components/responses/badrequest"
3949 * ref="#/components/responses/unauthorized"
3951 * security={{"openemr_auth":{}}}
3954 "GET /api/allergy" => function () {
3955 RestConfig
::authorization_check("patients", "med");
3956 $return = (new AllergyIntoleranceRestController())->getAll();
3957 RestConfig
::apiLog($return);
3963 * path="/api/allergy/{auuid}",
3964 * description="Retrieves a single allergy by their uuid",
3965 * tags={"standard"},
3969 * description="The uuid for the allergy.",
3977 * ref="#/components/responses/standard"
3981 * ref="#/components/responses/badrequest"
3985 * ref="#/components/responses/unauthorized"
3987 * security={{"openemr_auth":{}}}
3990 "GET /api/allergy/:auuid" => function ($auuid) {
3991 RestConfig
::authorization_check("patients", "med");
3992 $return = (new AllergyIntoleranceRestController())->getOne($auuid);
3993 RestConfig
::apiLog($return);
3999 * path="/api/patient/{puuid}/allergy",
4000 * description="Retrieves all allergies for a patient",
4001 * tags={"standard"},
4005 * description="The uuid for the patient.",
4013 * ref="#/components/responses/standard"
4017 * ref="#/components/responses/badrequest"
4021 * ref="#/components/responses/unauthorized"
4023 * security={{"openemr_auth":{}}}
4026 "GET /api/patient/:puuid/allergy" => function ($puuid) {
4027 RestConfig
::authorization_check("patients", "med");
4028 $return = (new AllergyIntoleranceRestController())->getAll(['lists.pid' => $puuid]);
4029 RestConfig
::apiLog($return);
4035 * path="/api/patient/{puuid}/allergy/{auuid}",
4036 * description="Retrieves a allergy for a patient",
4037 * tags={"standard"},
4041 * description="The uuid for the patient.",
4050 * description="The uuid for the allergy.",
4058 * ref="#/components/responses/standard"
4062 * ref="#/components/responses/badrequest"
4066 * ref="#/components/responses/unauthorized"
4068 * security={{"openemr_auth":{}}}
4071 "GET /api/patient/:puuid/allergy/:auuid" => function ($puuid, $auuid) {
4072 RestConfig
::authorization_check("patients", "med");
4073 $return = (new AllergyIntoleranceRestController())->getAll(['lists.pid' => $puuid, 'lists.id' => $auuid]);
4074 RestConfig
::apiLog($return);
4079 * Schema for the allergy request
4082 * schema="api_allergy_request",
4085 * description="The title of allergy.",
4089 * property="begdate",
4090 * description="The beginning date of allergy.",
4094 * property="enddate",
4095 * description="The end date of allergy.",
4099 * property="diagnosis",
4100 * description="The diagnosis of allergy. In format `<codetype>:<code>`",
4103 * required={"title", "begdate"},
4105 * "title": "Iodine",
4106 * "begdate": "2010-10-13",
4113 * path="/api/patient/{puuid}/allergy",
4114 * description="Submits a new allergy",
4115 * tags={"standard"},
4119 * description="The uuid for the patient.",
4128 * mediaType="application/json",
4129 * @OA\Schema(ref="#/components/schemas/api_allergy_request")
4134 * ref="#/components/responses/standard"
4138 * ref="#/components/responses/badrequest"
4142 * ref="#/components/responses/unauthorized"
4144 * security={{"openemr_auth":{}}}
4147 "POST /api/patient/:puuid/allergy" => function ($puuid) {
4148 RestConfig
::authorization_check("patients", "med");
4149 $data = (array) (json_decode(file_get_contents("php://input")));
4150 $return = (new AllergyIntoleranceRestController())->post($puuid, $data);
4151 RestConfig
::apiLog($return, $data);
4157 * path="/api/patient/{puuid}/allergy/{auuid}",
4158 * description="Edit a allergy",
4159 * tags={"standard"},
4163 * description="The uuid for the patient.",
4172 * description="The uuid for the allergy.",
4181 * mediaType="application/json",
4182 * @OA\Schema(ref="#/components/schemas/api_allergy_request")
4187 * ref="#/components/responses/standard"
4191 * ref="#/components/responses/badrequest"
4195 * ref="#/components/responses/unauthorized"
4197 * security={{"openemr_auth":{}}}
4200 "PUT /api/patient/:puuid/allergy/:auuid" => function ($puuid, $auuid) {
4201 RestConfig
::authorization_check("patients", "med");
4202 $data = (array) (json_decode(file_get_contents("php://input")));
4203 $return = (new AllergyIntoleranceRestController())->put($puuid, $auuid, $data);
4204 RestConfig
::apiLog($return, $data);
4210 * path="/api/patient/{puuid}/allergy/{auuid}",
4211 * description="Delete a medical problem",
4212 * tags={"standard"},
4216 * description="The uuid for the patient.",
4225 * description="The uuid for the allergy.",
4233 * ref="#/components/responses/standard"
4237 * ref="#/components/responses/badrequest"
4241 * ref="#/components/responses/unauthorized"
4243 * security={{"openemr_auth":{}}}
4246 "DELETE /api/patient/:puuid/allergy/:auuid" => function ($puuid, $auuid) {
4247 RestConfig
::authorization_check("patients", "med");
4248 $return = (new AllergyIntoleranceRestController())->delete($puuid, $auuid);
4249 RestConfig
::apiLog($return);
4255 * path="/api/patient/{pid}/medication",
4256 * description="Retrieves all medications for a patient",
4257 * tags={"standard"},
4261 * description="The pid for the patient.",
4269 * ref="#/components/responses/standard"
4273 * ref="#/components/responses/badrequest"
4277 * ref="#/components/responses/unauthorized"
4279 * security={{"openemr_auth":{}}}
4282 "GET /api/patient/:pid/medication" => function ($pid) {
4283 RestConfig
::authorization_check("patients", "med");
4284 $return = (new ListRestController())->getAll($pid, "medication");
4285 RestConfig
::apiLog($return);
4290 * Schema for the medication request
4293 * schema="api_medication_request",
4296 * description="The title of medication.",
4300 * property="begdate",
4301 * description="The beginning date of medication.",
4305 * property="enddate",
4306 * description="The end date of medication.",
4310 * property="diagnosis",
4311 * description="The diagnosis of medication. In format `<codetype>:<code>`",
4314 * required={"title", "begdate"},
4316 * "title": "Norvasc",
4317 * "begdate": "2013-04-13",
4324 * path="/api/patient/{pid}/medication",
4325 * description="Submits a new medication",
4326 * tags={"standard"},
4330 * description="The pid for the patient.",
4339 * mediaType="application/json",
4340 * @OA\Schema(ref="#/components/schemas/api_medication_request")
4345 * ref="#/components/responses/standard"
4349 * ref="#/components/responses/badrequest"
4353 * ref="#/components/responses/unauthorized"
4355 * security={{"openemr_auth":{}}}
4358 "POST /api/patient/:pid/medication" => function ($pid) {
4359 RestConfig
::authorization_check("patients", "med");
4360 $data = (array) (json_decode(file_get_contents("php://input")));
4361 $return = (new ListRestController())->post($pid, "medication", $data);
4362 RestConfig
::apiLog($return, $data);
4368 * path="/api/patient/{pid}/medication/{mid}",
4369 * description="Edit a medication",
4370 * tags={"standard"},
4374 * description="The pid for the patient.",
4383 * description="The id for the medication.",
4392 * mediaType="application/json",
4393 * @OA\Schema(ref="#/components/schemas/api_medication_request")
4398 * ref="#/components/responses/standard"
4402 * ref="#/components/responses/badrequest"
4406 * ref="#/components/responses/unauthorized"
4408 * security={{"openemr_auth":{}}}
4411 "PUT /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
4412 RestConfig
::authorization_check("patients", "med");
4413 $data = (array) (json_decode(file_get_contents("php://input")));
4414 $return = (new ListRestController())->put($pid, $mid, "medication", $data);
4415 RestConfig
::apiLog($return, $data);
4421 * path="/api/patient/{pid}/medication/{mid}",
4422 * description="Retrieves a medication for a patient",
4423 * tags={"standard"},
4427 * description="The id for the patient.",
4436 * description="The id for the medication.",
4444 * ref="#/components/responses/standard"
4448 * ref="#/components/responses/badrequest"
4452 * ref="#/components/responses/unauthorized"
4454 * security={{"openemr_auth":{}}}
4457 "GET /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
4458 RestConfig
::authorization_check("patients", "med");
4459 $return = (new ListRestController())->getOne($pid, "medication", $mid);
4460 RestConfig
::apiLog($return);
4466 * path="/api/patient/{pid}/medication/{mid}",
4467 * description="Delete a medication",
4468 * tags={"standard"},
4472 * description="The id for the patient.",
4481 * description="The id for the medication.",
4489 * ref="#/components/responses/standard"
4493 * ref="#/components/responses/badrequest"
4497 * ref="#/components/responses/unauthorized"
4499 * security={{"openemr_auth":{}}}
4502 "DELETE /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
4503 RestConfig
::authorization_check("patients", "med");
4504 $return = (new ListRestController())->delete($pid, $mid, "medication");
4505 RestConfig
::apiLog($return);
4511 * path="/api/patient/{pid}/surgery",
4512 * description="Retrieves all surgeries for a patient",
4513 * tags={"standard"},
4517 * description="The pid for the patient.",
4525 * ref="#/components/responses/standard"
4529 * ref="#/components/responses/badrequest"
4533 * ref="#/components/responses/unauthorized"
4535 * security={{"openemr_auth":{}}}
4538 "GET /api/patient/:pid/surgery" => function ($pid) {
4539 RestConfig
::authorization_check("patients", "med");
4540 $return = (new ListRestController())->getAll($pid, "surgery");
4541 RestConfig
::apiLog($return);
4547 * path="/api/patient/{pid}/surgery/{sid}",
4548 * description="Retrieves a surgery for a patient",
4549 * tags={"standard"},
4553 * description="The id for the patient.",
4562 * description="The id for the surgery.",
4570 * ref="#/components/responses/standard"
4574 * ref="#/components/responses/badrequest"
4578 * ref="#/components/responses/unauthorized"
4580 * security={{"openemr_auth":{}}}
4583 "GET /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
4584 RestConfig
::authorization_check("patients", "med");
4585 $return = (new ListRestController())->getOne($pid, "surgery", $sid);
4586 RestConfig
::apiLog($return);
4592 * path="/api/patient/{pid}/surgery/{sid}",
4593 * description="Delete a surgery",
4594 * tags={"standard"},
4598 * description="The id for the patient.",
4607 * description="The id for the surgery.",
4615 * ref="#/components/responses/standard"
4619 * ref="#/components/responses/badrequest"
4623 * ref="#/components/responses/unauthorized"
4625 * security={{"openemr_auth":{}}}
4628 "DELETE /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
4629 RestConfig
::authorization_check("patients", "med");
4630 $return = (new ListRestController())->delete($pid, $sid, "surgery");
4631 RestConfig
::apiLog($return);
4636 * Schema for the surgery request
4639 * schema="api_surgery_request",
4642 * description="The title of surgery.",
4646 * property="begdate",
4647 * description="The beginning date of surgery.",
4651 * property="enddate",
4652 * description="The end date of surgery.",
4656 * property="diagnosis",
4657 * description="The diagnosis of surgery. In format `<codetype>:<code>`",
4660 * required={"title", "begdate"},
4662 * "title": "Blepharoplasty",
4663 * "begdate": "2013-10-14",
4665 * "diagnosis": "CPT4:15823-50"
4671 * path="/api/patient/{pid}/surgery",
4672 * description="Submits a new surgery",
4673 * tags={"standard"},
4677 * description="The pid for the patient.",
4686 * mediaType="application/json",
4687 * @OA\Schema(ref="#/components/schemas/api_surgery_request")
4692 * ref="#/components/responses/standard"
4696 * ref="#/components/responses/badrequest"
4700 * ref="#/components/responses/unauthorized"
4702 * security={{"openemr_auth":{}}}
4705 "POST /api/patient/:pid/surgery" => function ($pid) {
4706 RestConfig
::authorization_check("patients", "med");
4707 $data = (array) (json_decode(file_get_contents("php://input")));
4708 $return = (new ListRestController())->post($pid, "surgery", $data);
4709 RestConfig
::apiLog($return, $data);
4715 * path="/api/patient/{pid}/surgery/{sid}",
4716 * description="Edit a surgery",
4717 * tags={"standard"},
4721 * description="The pid for the patient.",
4730 * description="The id for the surgery.",
4739 * mediaType="application/json",
4740 * @OA\Schema(ref="#/components/schemas/api_surgery_request")
4745 * ref="#/components/responses/standard"
4749 * ref="#/components/responses/badrequest"
4753 * ref="#/components/responses/unauthorized"
4755 * security={{"openemr_auth":{}}}
4758 "PUT /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
4759 RestConfig
::authorization_check("patients", "med");
4760 $data = (array) (json_decode(file_get_contents("php://input")));
4761 $return = (new ListRestController())->put($pid, $sid, "surgery", $data);
4762 RestConfig
::apiLog($return, $data);
4768 * path="/api/patient/{pid}/dental_issue",
4769 * description="Retrieves all dental issues for a patient",
4770 * tags={"standard"},
4774 * description="The pid for the patient.",
4782 * ref="#/components/responses/standard"
4786 * ref="#/components/responses/badrequest"
4790 * ref="#/components/responses/unauthorized"
4792 * security={{"openemr_auth":{}}}
4795 "GET /api/patient/:pid/dental_issue" => function ($pid) {
4796 RestConfig
::authorization_check("patients", "med");
4797 $return = (new ListRestController())->getAll($pid, "dental");
4798 RestConfig
::apiLog($return);
4804 * path="/api/patient/{pid}/dental_issue/{did}",
4805 * description="Retrieves a dental issue for a patient",
4806 * tags={"standard"},
4810 * description="The id for the patient.",
4819 * description="The id for the dental issue.",
4827 * ref="#/components/responses/standard"
4831 * ref="#/components/responses/badrequest"
4835 * ref="#/components/responses/unauthorized"
4837 * security={{"openemr_auth":{}}}
4840 "GET /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
4841 RestConfig
::authorization_check("patients", "med");
4842 $return = (new ListRestController())->getOne($pid, "dental", $did);
4843 RestConfig
::apiLog($return);
4849 * path="/api/patient/{pid}/dental_issue/{did}",
4850 * description="Delete a dental issue",
4851 * tags={"standard"},
4855 * description="The id for the patient.",
4864 * description="The id for the dental issue.",
4872 * ref="#/components/responses/standard"
4876 * ref="#/components/responses/badrequest"
4880 * ref="#/components/responses/unauthorized"
4882 * security={{"openemr_auth":{}}}
4885 "DELETE /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
4886 RestConfig
::authorization_check("patients", "med");
4887 $return = (new ListRestController())->delete($pid, $did, "dental");
4888 RestConfig
::apiLog($return);
4893 * Schema for the dental_issue request
4896 * schema="api_dental_issue_request",
4899 * description="The title of dental issue.",
4903 * property="begdate",
4904 * description="The beginning date of dental issue.",
4908 * property="enddate",
4909 * description="The end date of dental issue.",
4913 * property="diagnosis",
4914 * description="The diagnosis of dental issue. In format `<codetype>:<code>`",
4917 * required={"title", "begdate"},
4919 * "title": "Halitosis",
4920 * "begdate": "2015-03-17",
4927 * path="/api/patient/{pid}/dental_issue",
4928 * description="Submits a new dental issue",
4929 * tags={"standard"},
4933 * description="The pid for the patient.",
4942 * mediaType="application/json",
4943 * @OA\Schema(ref="#/components/schemas/api_dental_issue_request")
4948 * ref="#/components/responses/standard"
4952 * ref="#/components/responses/badrequest"
4956 * ref="#/components/responses/unauthorized"
4958 * security={{"openemr_auth":{}}}
4961 "POST /api/patient/:pid/dental_issue" => function ($pid) {
4962 RestConfig
::authorization_check("patients", "med");
4963 $data = (array) (json_decode(file_get_contents("php://input")));
4964 $return = (new ListRestController())->post($pid, "dental", $data);
4965 RestConfig
::apiLog($return, $data);
4971 * path="/api/patient/{pid}/dental_issue/{did}",
4972 * description="Edit a dental issue",
4973 * tags={"standard"},
4977 * description="The pid for the patient.",
4986 * description="The id for the dental issue.",
4995 * mediaType="application/json",
4996 * @OA\Schema(ref="#/components/schemas/api_dental_issue_request")
5001 * ref="#/components/responses/standard"
5005 * ref="#/components/responses/badrequest"
5009 * ref="#/components/responses/unauthorized"
5011 * security={{"openemr_auth":{}}}
5014 "PUT /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
5015 RestConfig
::authorization_check("patients", "med");
5016 $data = (array) (json_decode(file_get_contents("php://input")));
5017 $return = (new ListRestController())->put($pid, $did, "dental", $data);
5018 RestConfig
::apiLog($return, $data);
5024 * path="/api/patient/{pid}/appointment",
5025 * description="Retrieves all appointments for a patient",
5026 * tags={"standard"},
5030 * description="The pid for the patient.",
5038 * ref="#/components/responses/standard"
5042 * ref="#/components/responses/badrequest"
5046 * ref="#/components/responses/unauthorized"
5048 * security={{"openemr_auth":{}}}
5051 "GET /api/patient/:pid/appointment" => function ($pid) {
5052 RestConfig
::authorization_check("patients", "appt");
5053 $return = (new AppointmentRestController())->getAllForPatient($pid);
5054 RestConfig
::apiLog($return);
5060 * path="/api/patient/{pid}/appointment",
5061 * description="Submits a new appointment",
5062 * tags={"standard"},
5066 * description="The id for the patient.",
5075 * mediaType="application/json",
5078 * property="pc_catid",
5079 * description="The category of the appointment.",
5083 * property="pc_title",
5084 * description="The title of the appointment.",
5088 * property="pc_duration",
5089 * description="The duration of the appointment.",
5093 * property="pc_hometext",
5094 * description="Comments for the appointment.",
5098 * property="pc_apptstatus",
5099 * description="use an option from resource=/api/list/apptstat",
5103 * property="pc_eventDate",
5104 * description="The date of the appointment.",
5108 * property="pc_startTime",
5109 * description="The time of the appointment.",
5113 * property="pc_facility",
5114 * description="The facility id of the appointment.",
5118 * property="pc_billing_location",
5119 * description="The billinag location id of the appointment.",
5123 * property="pc_aid",
5124 * description="The provider id for the appointment.",
5127 * required={"pc_catid", "pc_title", "pc_duration", "pc_hometext", "pc_apptstatus", "pc_eventDate", "pc_startTime", "pc_facility", "pc_billing_location"},
5130 * "pc_title": "Office Visit",
5131 * "pc_duration": "900",
5132 * "pc_hometext": "Test",
5133 * "pc_apptstatus": "-",
5134 * "pc_eventDate": "2018-10-19",
5135 * "pc_startTime": "09:00",
5136 * "pc_facility": "9",
5137 * "pc_billing_location": "10",
5145 * ref="#/components/responses/standard"
5149 * ref="#/components/responses/badrequest"
5153 * ref="#/components/responses/unauthorized"
5155 * security={{"openemr_auth":{}}}
5158 "POST /api/patient/:pid/appointment" => function ($pid) {
5159 RestConfig
::authorization_check("patients", "appt");
5160 $data = (array) (json_decode(file_get_contents("php://input")));
5161 $return = (new AppointmentRestController())->post($pid, $data);
5162 RestConfig
::apiLog($return, $data);
5168 * path="/api/appointment",
5169 * description="Retrieves all appointments",
5170 * tags={"standard"},
5173 * ref="#/components/responses/standard"
5177 * ref="#/components/responses/badrequest"
5181 * ref="#/components/responses/unauthorized"
5183 * security={{"openemr_auth":{}}}
5186 "GET /api/appointment" => function () {
5187 RestConfig
::authorization_check("patients", "appt");
5188 $return = (new AppointmentRestController())->getAll();
5189 RestConfig
::apiLog($return);
5195 * path="/api/appointment/{eid}",
5196 * description="Retrieves an appointment",
5197 * tags={"standard"},
5201 * description="The eid for the appointment.",
5209 * ref="#/components/responses/standard"
5213 * ref="#/components/responses/badrequest"
5217 * ref="#/components/responses/unauthorized"
5219 * security={{"openemr_auth":{}}}
5222 "GET /api/appointment/:eid" => function ($eid) {
5223 RestConfig
::authorization_check("patients", "appt");
5224 $return = (new AppointmentRestController())->getOne($eid);
5225 RestConfig
::apiLog($return);
5231 * path="/api/patient/{pid}/appointment/{eid}",
5232 * description="Delete a appointment",
5233 * tags={"standard"},
5237 * description="The id for the patient.",
5246 * description="The eid for the appointment.",
5254 * ref="#/components/responses/standard"
5258 * ref="#/components/responses/badrequest"
5262 * ref="#/components/responses/unauthorized"
5264 * security={{"openemr_auth":{}}}
5267 "DELETE /api/patient/:pid/appointment/:eid" => function ($pid, $eid) {
5268 RestConfig
::authorization_check("patients", "appt");
5269 $return = (new AppointmentRestController())->delete($eid);
5270 RestConfig
::apiLog($return);
5276 * path="/api/patient/{pid}/appointment/{eid}",
5277 * description="Retrieves a appointment for a patient",
5278 * tags={"standard"},
5282 * description="The id for the patient.",
5291 * description="The eid for the appointment.",
5299 * ref="#/components/responses/standard"
5303 * ref="#/components/responses/badrequest"
5307 * ref="#/components/responses/unauthorized"
5309 * security={{"openemr_auth":{}}}
5312 "GET /api/patient/:pid/appointment/:eid" => function ($pid, $eid) {
5313 RestConfig
::authorization_check("patients", "appt");
5314 $return = (new AppointmentRestController())->getOne($eid);
5315 RestConfig
::apiLog($return);
5321 * path="/api/list/{list_name}",
5322 * description="Retrieves a list",
5323 * tags={"standard"},
5327 * description="The list_id of the list.",
5335 * ref="#/components/responses/standard"
5339 * ref="#/components/responses/badrequest"
5343 * ref="#/components/responses/unauthorized"
5345 * security={{"openemr_auth":{}}}
5348 "GET /api/list/:list_name" => function ($list_name) {
5349 RestConfig
::authorization_check("lists", "default");
5350 $return = (new ListRestController())->getOptions($list_name);
5351 RestConfig
::apiLog($return);
5357 * path="/api/version",
5358 * description="Retrieves the OpenEMR version information",
5359 * tags={"standard"},
5362 * ref="#/components/responses/standard"
5366 * ref="#/components/responses/badrequest"
5370 * ref="#/components/responses/unauthorized"
5372 * security={{"openemr_auth":{}}}
5375 "GET /api/version" => function () {
5376 $return = (new VersionRestController())->getOne();
5377 RestConfig
::apiLog($return);
5383 * path="/api/product",
5384 * description="Retrieves the OpenEMR product registration information",
5385 * tags={"standard"},
5388 * ref="#/components/responses/standard"
5392 * ref="#/components/responses/badrequest"
5396 * ref="#/components/responses/unauthorized"
5398 * security={{"openemr_auth":{}}}
5401 "GET /api/product" => function () {
5402 $return = (new ProductRegistrationRestController())->getOne();
5403 RestConfig
::apiLog($return);
5409 * path="/api/insurance_company",
5410 * description="Retrieves all insurance companies",
5411 * tags={"standard"},
5414 * ref="#/components/responses/standard"
5418 * ref="#/components/responses/badrequest"
5422 * ref="#/components/responses/unauthorized"
5424 * security={{"openemr_auth":{}}}
5427 "GET /api/insurance_company" => function () {
5428 $return = (new InsuranceCompanyRestController())->getAll();
5429 RestConfig
::apiLog($return);
5435 * path="/api/insurance_company/{iid}",
5436 * description="Retrieves insurance company",
5437 * tags={"standard"},
5441 * description="The id of the insurance company.",
5449 * ref="#/components/responses/standard"
5453 * ref="#/components/responses/badrequest"
5457 * ref="#/components/responses/unauthorized"
5459 * security={{"openemr_auth":{}}}
5462 "GET /api/insurance_company/:iid" => function ($iid) {
5463 $return = (new InsuranceCompanyRestController())->getOne($iid);
5464 RestConfig
::apiLog($return);
5470 * path="/api/insurance_type",
5471 * description="Retrieves all insurance types",
5472 * tags={"standard"},
5475 * ref="#/components/responses/standard"
5479 * ref="#/components/responses/badrequest"
5483 * ref="#/components/responses/unauthorized"
5485 * security={{"openemr_auth":{}}}
5488 "GET /api/insurance_type" => function () {
5489 $return = (new InsuranceCompanyRestController())->getInsuranceTypes();
5490 RestConfig
::apiLog($return);
5495 * Schema for the insurance_company request
5498 * schema="api_insurance_company_request",
5501 * description="The name of insurance company.",
5506 * description="The attn of insurance company.",
5510 * property="cms_id",
5511 * description="The cms id of insurance company.",
5515 * property="ins_type_code",
5516 * description="The insurance type code of insurance company. The insurance type code can be found by inspecting the route at (/api/insurance_type).",
5520 * property="x12_receiver_id",
5521 * description="The x12 receiver id of insurance company.",
5525 * property="x12_default_partner_id",
5526 * description="The x12 default partner id of insurance company.",
5530 * property="alt_cms_id",
5531 * description="The alternate cms id of insurance company.",
5536 * description="The line1 address of insurance company.",
5541 * description="The line2 address of insurance company.",
5546 * description="The city of insurance company.",
5551 * description="The state of insurance company.",
5556 * description="The zip of insurance company.",
5560 * property="country",
5561 * description="The country of insurance company.",
5564 * required={"name"},
5566 * "name": "Cool Insurance Company",
5569 * "ins_type_code": "2",
5570 * "x12_receiver_id": null,
5571 * "x12_default_partner_id": null,
5573 * "line1": "123 Cool Lane",
5574 * "line2": "Suite 123",
5575 * "city": "Cooltown",
5584 * path="/api/insurance_company",
5585 * description="Submits a new insurance company",
5586 * tags={"standard"},
5590 * mediaType="application/json",
5591 * @OA\Schema(ref="#/components/schemas/api_insurance_company_request")
5596 * ref="#/components/responses/standard"
5600 * ref="#/components/responses/badrequest"
5604 * ref="#/components/responses/unauthorized"
5606 * security={{"openemr_auth":{}}}
5609 "POST /api/insurance_company" => function () {
5610 $data = (array) (json_decode(file_get_contents("php://input")));
5611 $return = (new InsuranceCompanyRestController())->post($data);
5612 RestConfig
::apiLog($return, $data);
5618 * path="/api/insurance_company/{iid}",
5619 * description="Edit a insurance company",
5620 * tags={"standard"},
5624 * description="The id for the insurance company.",
5633 * mediaType="application/json",
5634 * @OA\Schema(ref="#/components/schemas/api_insurance_company_request")
5639 * ref="#/components/responses/standard"
5643 * ref="#/components/responses/badrequest"
5647 * ref="#/components/responses/unauthorized"
5649 * security={{"openemr_auth":{}}}
5652 "PUT /api/insurance_company/:iid" => function ($iid) {
5653 $data = (array) (json_decode(file_get_contents("php://input")));
5654 $return = (new InsuranceCompanyRestController())->put($iid, $data);
5655 RestConfig
::apiLog($return, $data);
5661 * path="/api/patient/{pid}/document",
5662 * description="Submits a new patient document",
5663 * tags={"standard"},
5667 * description="The pid for the patient.",
5676 * description="The category of the document.",
5685 * mediaType="multipart/form-data",
5688 * property="document",
5689 * description="document",
5698 * ref="#/components/responses/standard"
5702 * ref="#/components/responses/badrequest"
5706 * ref="#/components/responses/unauthorized"
5708 * security={{"openemr_auth":{}}}
5711 "POST /api/patient/:pid/document" => function ($pid) {
5712 $return = (new DocumentRestController())->postWithPath($pid, $_GET['path'], $_FILES['document']);
5713 RestConfig
::apiLog($return);
5719 * path="/api/patient/{pid}/document",
5720 * description="Retrieves all file information of documents from a category for a patient",
5721 * tags={"standard"},
5725 * description="The pid for the patient.",
5734 * description="The category of the documents.",
5742 * ref="#/components/responses/standard"
5746 * ref="#/components/responses/badrequest"
5750 * ref="#/components/responses/unauthorized"
5752 * security={{"openemr_auth":{}}}
5755 "GET /api/patient/:pid/document" => function ($pid) {
5756 $return = (new DocumentRestController())->getAllAtPath($pid, $_GET['path']);
5757 RestConfig
::apiLog($return);
5763 * path="/api/patient/{pid}/document/{did}",
5764 * description="Retrieves a document for a patient",
5765 * tags={"standard"},
5769 * description="The pid for the patient.",
5778 * description="The id for the patient document.",
5786 * ref="#/components/responses/standard"
5790 * ref="#/components/responses/badrequest"
5794 * ref="#/components/responses/unauthorized"
5796 * security={{"openemr_auth":{}}}
5799 "GET /api/patient/:pid/document/:did" => function ($pid, $did) {
5800 $return = (new DocumentRestController())->downloadFile($pid, $did);
5801 RestConfig
::apiLog($return);
5807 * path="/api/patient/{pid}/insurance",
5808 * description="Retrieves all insurances for a patient",
5809 * tags={"standard"},
5813 * description="The pid for the patient.",
5821 * ref="#/components/responses/standard"
5825 * ref="#/components/responses/badrequest"
5829 * ref="#/components/responses/unauthorized"
5831 * security={{"openemr_auth":{}}}
5834 "GET /api/patient/:pid/insurance" => function ($pid) {
5835 $return = (new InsuranceRestController())->getAll($pid);
5836 RestConfig
::apiLog($return);
5842 * path="/api/patient/{pid}/insurance/{type}",
5843 * description="Retrieves a insurance (by type) for a patient",
5844 * tags={"standard"},
5848 * description="The pid for the patient.",
5857 * description="The insurance type for the patient. (options are 'primary', 'secondary', or 'tertiary')",
5865 * ref="#/components/responses/standard"
5869 * ref="#/components/responses/badrequest"
5873 * ref="#/components/responses/unauthorized"
5875 * security={{"openemr_auth":{}}}
5878 "GET /api/patient/:pid/insurance/:type" => function ($pid, $type) {
5879 $return = (new InsuranceRestController())->getOne($pid, $type);
5880 RestConfig
::apiLog($return);
5885 * Schema for the insurance request
5888 * schema="api_insurance_request",
5890 * property="provider",
5891 * description="The insurance company id.",
5895 * property="plan_name",
5896 * description="The plan name of insurance.",
5900 * property="policy_number",
5901 * description="The policy number of insurance.",
5905 * property="group_number",
5906 * description="The group number of insurance.",
5910 * property="subscriber_lname",
5911 * description="The subscriber last name of insurance.",
5915 * property="subscriber_mname",
5916 * description="The subscriber middle name of insurance.",
5920 * property="subscriber_fname",
5921 * description="The subscriber first name of insurance.",
5925 * property="subscriber_relationship",
5926 * description="The subscriber relationship of insurance.",
5930 * property="subscriber_ss",
5931 * description="The subscriber ss number of insurance.",
5935 * property="subscriber_DOB",
5936 * description="The subscriber DOB of insurance.",
5940 * property="subscriber_street",
5941 * description="The subscriber street address of insurance.",
5945 * property="subscriber_postal_code",
5946 * description="The subscriber postal code of insurance.",
5950 * property="subscriber_city",
5951 * description="The subscriber city of insurance.",
5955 * property="subscriber_state",
5956 * description="The subscriber state of insurance. `state` can be found by querying `resource=/api/list/state`",
5960 * property="subscriber_country",
5961 * description="The subscriber country of insurance. `country` can be found by querying `resource=/api/list/country`",
5965 * property="subscriber_phone",
5966 * description="The subscriber phone of insurance.",
5970 * property="subscriber_employer",
5971 * description="The subscriber employer of insurance.",
5975 * property="subscriber_employer_street",
5976 * description="The subscriber employer street of insurance.",
5980 * property="subscriber_employer_postal_code",
5981 * description="The subscriber employer postal code of insurance.",
5985 * property="subscriber_employer_state",
5986 * description="The subscriber employer state of insurance.",
5990 * property="subscriber_employer_country",
5991 * description="The subscriber employer country of insurance.",
5995 * property="subscriber_employer_city",
5996 * description="The subscriber employer city of insurance.",
6001 * description="The copay of insurance.",
6006 * description="The date of insurance.",
6010 * property="subscriber_sex",
6011 * description="The subscriber sex of insurance.",
6015 * property="accept_assignment",
6016 * description="The accept_assignment of insurance.",
6020 * property="policy_type",
6021 * description="The policy_type of insurance.",
6024 * required={"provider", "plan_name", "policy_number", "group_number", "subscriber_fname", "subscriber_lname", "subscriber_relationship", "subscriber_ss", "subscriber_DOB", "subscriber_street", "subscriber_postal_code", "subscriber_city", "subscriber_state", "subscriber_country", "subscriber_phone", "subscriber_sex", "accept_assignment", "policy_type"},
6027 * "plan_name": "Some Plan",
6028 * "policy_number": "12345",
6029 * "group_number": "252412",
6030 * "subscriber_lname": "Tester",
6031 * "subscriber_mname": "Xi",
6032 * "subscriber_fname": "Foo",
6033 * "subscriber_relationship": "other",
6034 * "subscriber_ss": "234231234",
6035 * "subscriber_DOB": "2018-10-03",
6036 * "subscriber_street": "183 Cool St",
6037 * "subscriber_postal_code": "23418",
6038 * "subscriber_city": "Cooltown",
6039 * "subscriber_state": "AZ",
6040 * "subscriber_country": "USA",
6041 * "subscriber_phone": "234-598-2123",
6042 * "subscriber_employer": "Some Employer",
6043 * "subscriber_employer_street": "123 Heather Lane",
6044 * "subscriber_employer_postal_code": "23415",
6045 * "subscriber_employer_state": "AZ",
6046 * "subscriber_employer_country": "USA",
6047 * "subscriber_employer_city": "Cooltown",
6049 * "date": "2018-10-15",
6050 * "subscriber_sex": "Female",
6051 * "accept_assignment": "TRUE",
6052 * "policy_type": "a"
6058 * path="/api/patient/{pid}/insurance/{type}",
6059 * description="Submits a new patient insurance (with type)",
6060 * tags={"standard"},
6064 * description="The pid for the patient.",
6073 * description="The insurance type for the patient. (options are 'primary', 'secondary', or 'tertiary')",
6082 * mediaType="application/json",
6083 * @OA\Schema(ref="#/components/schemas/api_insurance_request")
6088 * ref="#/components/responses/standard"
6092 * ref="#/components/responses/badrequest"
6096 * ref="#/components/responses/unauthorized"
6098 * security={{"openemr_auth":{}}}
6101 "POST /api/patient/:pid/insurance/:type" => function ($pid, $type) {
6102 $data = (array) (json_decode(file_get_contents("php://input")));
6103 $return = (new InsuranceRestController())->post($pid, $type, $data);
6104 RestConfig
::apiLog($return, $data);
6110 * path="/api/patient/{pid}/insurance/{type}",
6111 * description="Edit a patient insurance (by type)",
6112 * tags={"standard"},
6116 * description="The pid for the patient.",
6125 * description="The insurance type for the patient. (options are 'primary', 'secondary', or 'tertiary')",
6134 * mediaType="application/json",
6135 * @OA\Schema(ref="#/components/schemas/api_insurance_request")
6140 * ref="#/components/responses/standard"
6144 * ref="#/components/responses/badrequest"
6148 * ref="#/components/responses/unauthorized"
6150 * security={{"openemr_auth":{}}}
6153 "PUT /api/patient/:pid/insurance/:type" => function ($pid, $type) {
6154 $data = (array) (json_decode(file_get_contents("php://input")));
6155 $return = (new InsuranceRestController())->put($pid, $type, $data);
6156 RestConfig
::apiLog($return, $data);
6161 * Schema for the message request
6164 * schema="api_message_request",
6167 * description="The body of message.",
6171 * property="groupname",
6172 * description="The group name (usually is 'Default').",
6177 * description="The sender of the message.",
6182 * description="The recipient of the message.",
6187 * description="use an option from resource=/api/list/note_type",
6191 * property="message_status",
6192 * description="use an option from resource=/api/list/message_status",
6195 * required={"body", "groupname", "from", "to", "title", "message_status"},
6197 * "body": "Test 456",
6198 * "groupname": "Default",
6199 * "from": "Matthew",
6202 * "message_status": "New"
6208 * path="/api/patient/{pid}/message",
6209 * description="Submits a pnote message",
6210 * tags={"standard"},
6214 * description="The id for the patient.",
6223 * mediaType="application/json",
6224 * @OA\Schema(ref="#/components/schemas/api_message_request")
6229 * ref="#/components/responses/standard"
6233 * ref="#/components/responses/badrequest"
6237 * ref="#/components/responses/unauthorized"
6239 * security={{"openemr_auth":{}}}
6242 "POST /api/patient/:pid/message" => function ($pid) {
6243 RestConfig
::authorization_check("patients", "notes");
6244 $data = (array) (json_decode(file_get_contents("php://input")));
6245 $return = (new MessageRestController())->post($pid, $data);
6246 RestConfig
::apiLog($return, $data);
6252 * path="/api/patient/{pid}/transaction",
6253 * description="Get Transactions for a patient",
6254 * tags={"standard"},
6258 * description="The pid for the patient",
6266 * ref="#/components/responses/standard"
6270 * ref="#/components/responses/badrequest"
6274 * ref="#/components/responses/unauthorized"
6276 * security={{"openemr_auth":{}}}
6280 "GET /api/patient/:pid/transaction" => function ($pid) {
6281 RestConfig
::authorization_check("patients", "trans");
6282 $cont = new TransactionRestController();
6283 $return = (new TransactionRestController())->GetPatientTransactions($pid);
6284 RestConfig
::apiLog($return);
6289 * Schema for the transaction request
6292 * schema="api_transaction_request",
6294 * property="message",
6295 * description="The message of the transaction.",
6300 * description="The type of transaction. Use an option from resource=/api/transaction_type",
6304 * property="groupname",
6305 * description="The group name (usually is 'Default').",
6309 * property="referByNpi",
6310 * description="NPI of the person creating the referral.",
6314 * property="referToNpi",
6315 * description="NPI of the person getting the referral.",
6319 * property="referDiagnosis",
6320 * description="The referral diagnosis.",
6324 * property="riskLevel",
6325 * description="The risk level. (Low, Medium, High)",
6329 * property="includeVitals",
6330 * description="Are vitals included (0,1)",
6334 * property="referralDate",
6335 * description="The date of the referral",
6339 * property="authorization",
6340 * description="The authorization for the referral",
6344 * property="visits",
6345 * description="The number of vists for the referral",
6349 * property="validFrom",
6350 * description="The date the referral is valid from",
6354 * property="validThrough",
6355 * description="The date the referral is valid through",
6358 * required={"message", "groupname", "title"},
6360 * "message": "Message",
6362 * "groupname": "Default",
6363 * "referByNpi":"9999999999",
6364 * "referToNpi":"9999999999",
6365 * "referDiagnosis":"Diag 1",
6366 * "riskLevel":"Low",
6367 * "includeVitals":"1",
6368 * "referralDate":"2022-01-01",
6369 * "authorization":"Auth_123",
6371 * "validFrom": "2022-01-02",
6372 * "validThrough": "2022-01-03",
6373 * "body": "Reason 1"
6379 * path="/api/patient/{pid}/transaction",
6380 * description="Submits a transaction",
6381 * tags={"standard"},
6385 * description="The pid for the patient.",
6394 * mediaType="application/json",
6395 * @OA\Schema(ref="#/components/schemas/api_transaction_request")
6400 * ref="#/components/responses/standard"
6404 * ref="#/components/responses/badrequest"
6408 * ref="#/components/responses/unauthorized"
6410 * security={{"openemr_auth":{}}}
6413 "POST /api/patient/:pid/transaction" => function ($pid) {
6414 RestConfig
::authorization_check("patients", "trans");
6415 $data = (array) (json_decode(file_get_contents("php://input")));
6416 $return = (new TransactionRestController())->CreateTransaction($pid, $data);
6417 RestConfig
::apiLog($return, $data);
6423 * path="/api/transaction/{tid}",
6424 * description="Updates a transaction",
6425 * tags={"standard"},
6429 * description="The id for the transaction.",
6438 * mediaType="application/json",
6439 * @OA\Schema(ref="#/components/schemas/api_transaction_request")
6444 * ref="#/components/responses/standard"
6448 * ref="#/components/responses/badrequest"
6452 * ref="#/components/responses/unauthorized"
6454 * security={{"openemr_auth":{}}}
6457 "PUT /api/transaction/:tid" => function ($tid) {
6458 RestConfig
::authorization_check("patients", "trans");
6459 $data = (array) (json_decode(file_get_contents("php://input")));
6460 $return = (new TransactionRestController())->UpdateTransaction($tid, $data);
6461 RestConfig
::apiLog($return, $data);
6467 * path="/api/patient/{pid}/message/{mid}",
6468 * description="Edit a pnote message",
6469 * tags={"standard"},
6473 * description="The id for the patient.",
6482 * description="The id for the pnote message.",
6491 * mediaType="application/json",
6492 * @OA\Schema(ref="#/components/schemas/api_message_request")
6497 * ref="#/components/responses/standard"
6501 * ref="#/components/responses/badrequest"
6505 * ref="#/components/responses/unauthorized"
6507 * security={{"openemr_auth":{}}}
6510 "PUT /api/patient/:pid/message/:mid" => function ($pid, $mid) {
6511 RestConfig
::authorization_check("patients", "notes");
6512 $data = (array) (json_decode(file_get_contents("php://input")));
6513 $return = (new MessageRestController())->put($pid, $mid, $data);
6514 RestConfig
::apiLog($return, $data);
6520 * path="/api/patient/{pid}/message/{mid}",
6521 * description="Delete a pnote message",
6522 * tags={"standard"},
6526 * description="The id for the patient.",
6535 * description="The id for the pnote message.",
6543 * ref="#/components/responses/standard"
6547 * ref="#/components/responses/badrequest"
6551 * ref="#/components/responses/unauthorized"
6553 * security={{"openemr_auth":{}}}
6556 "DELETE /api/patient/:pid/message/:mid" => function ($pid, $mid) {
6557 RestConfig
::authorization_check("patients", "notes");
6558 $return = (new MessageRestController())->delete($pid, $mid);
6559 RestConfig
::apiLog($return);
6565 * path="/api/immunization",
6566 * description="Retrieves a list of immunizations",
6567 * tags={"standard"},
6569 * name="patient_id",
6571 * description="The pid for the patient.",
6580 * description="The id for the immunization.",
6589 * description="The uuid for the immunization.",
6596 * name="administered_date",
6598 * description="The administered date for the immunization.",
6605 * name="immunization_id",
6607 * description="The immunization list_id for the immunization.",
6616 * description="The cvx code for the immunization.",
6623 * name="manufacturer",
6625 * description="The manufacturer for the immunization.",
6632 * name="lot_number",
6634 * description="The lot number for the immunization.",
6641 * name="administered_by_id",
6643 * description="The administered by id for the immunization.",
6650 * name="administered_by",
6652 * description="The administered by for the immunization.",
6659 * name="education_date",
6661 * description="The education date for the immunization.",
6670 * description="The vis date for the immunization.",
6679 * description="The note for the immunization.",
6686 * name="create_date",
6688 * description="The create date for the immunization.",
6695 * name="update_date",
6697 * description="The update date for the immunization.",
6704 * name="created_by",
6706 * description="The created_by for the immunization.",
6713 * name="updated_by",
6715 * description="The updated_by for the immunization.",
6722 * name="amount_administered",
6724 * description="The amount administered for the immunization.",
6731 * name="amount_administered_unit",
6733 * description="The amount administered unit for the immunization.",
6740 * name="expiration_date",
6742 * description="The expiration date for the immunization.",
6751 * description="The route for the immunization.",
6758 * name="administration_site",
6760 * description="The administration site for the immunization.",
6767 * name="added_erroneously",
6769 * description="The added_erroneously for the immunization.",
6776 * name="external_id",
6778 * description="The external_id for the immunization.",
6785 * name="completion_status",
6787 * description="The completion status for the immunization.",
6794 * name="information_source",
6796 * description="The information source for the immunization.",
6803 * name="refusal_reason",
6805 * description="The refusal reason for the immunization.",
6812 * name="ordering_provider",
6814 * description="The ordering provider for the immunization.",
6822 * ref="#/components/responses/standard"
6826 * ref="#/components/responses/badrequest"
6830 * ref="#/components/responses/unauthorized"
6832 * security={{"openemr_auth":{}}}
6835 "GET /api/immunization" => function () {
6836 RestConfig
::authorization_check("patients", "med");
6837 $return = (new ImmunizationRestController())->getAll($_GET);
6838 RestConfig
::apiLog($return);
6844 * path="/api/immunization/{uuid}",
6845 * description="Retrieves a immunization",
6846 * tags={"standard"},
6850 * description="The uuid for the immunization.",
6858 * ref="#/components/responses/standard"
6862 * ref="#/components/responses/badrequest"
6866 * ref="#/components/responses/unauthorized"
6868 * security={{"openemr_auth":{}}}
6871 "GET /api/immunization/:uuid" => function ($uuid) {
6872 RestConfig
::authorization_check("patients", "med");
6873 $return = (new ImmunizationRestController())->getOne($uuid);
6874 RestConfig
::apiLog($return);
6880 * path="/api/procedure",
6881 * description="Retrieves a list of all procedures",
6882 * tags={"standard"},
6885 * ref="#/components/responses/standard"
6889 * ref="#/components/responses/badrequest"
6893 * ref="#/components/responses/unauthorized"
6895 * security={{"openemr_auth":{}}}
6898 "GET /api/procedure" => function () {
6899 RestConfig
::authorization_check("patients", "med");
6900 $return = (new ProcedureRestController())->getAll();
6901 RestConfig
::apiLog($return);
6907 * path="/api/procedure/{uuid}",
6908 * description="Retrieves a procedure",
6909 * tags={"standard"},
6913 * description="The uuid for the procedure.",
6921 * ref="#/components/responses/standard"
6925 * ref="#/components/responses/badrequest"
6929 * ref="#/components/responses/unauthorized"
6931 * security={{"openemr_auth":{}}}
6934 "GET /api/procedure/:uuid" => function ($uuid) {
6935 RestConfig
::authorization_check("patients", "med");
6936 $return = (new ProcedureRestController())->getOne($uuid);
6937 RestConfig
::apiLog($return);
6944 * description="Retrieves a list of all drugs",
6945 * tags={"standard"},
6948 * ref="#/components/responses/standard"
6952 * ref="#/components/responses/badrequest"
6956 * ref="#/components/responses/unauthorized"
6958 * security={{"openemr_auth":{}}}
6961 "GET /api/drug" => function () {
6962 RestConfig
::authorization_check("patients", "med");
6963 $return = (new DrugRestController())->getAll();
6964 RestConfig
::apiLog($return);
6970 * path="/api/drug/{uuid}",
6971 * description="Retrieves a drug",
6972 * tags={"standard"},
6976 * description="The uuid for the drug.",
6984 * ref="#/components/responses/standard"
6988 * ref="#/components/responses/badrequest"
6992 * ref="#/components/responses/unauthorized"
6994 * security={{"openemr_auth":{}}}
6997 "GET /api/drug/:uuid" => function ($uuid) {
6998 RestConfig
::authorization_check("patients", "med");
6999 $return = (new DrugRestController())->getOne($uuid);
7000 RestConfig
::apiLog($return);
7006 * path="/api/prescription",
7007 * description="Retrieves a list of all prescriptions",
7008 * tags={"standard"},
7011 * ref="#/components/responses/standard"
7015 * ref="#/components/responses/badrequest"
7019 * ref="#/components/responses/unauthorized"
7021 * security={{"openemr_auth":{}}}
7024 "GET /api/prescription" => function () {
7025 RestConfig
::authorization_check("patients", "med");
7026 $return = (new PrescriptionRestController())->getAll();
7027 RestConfig
::apiLog($return);
7033 * path="/api/prescription/{uuid}",
7034 * description="Retrieves a prescription",
7035 * tags={"standard"},
7039 * description="The uuid for the prescription.",
7047 * ref="#/components/responses/standard"
7051 * ref="#/components/responses/badrequest"
7055 * ref="#/components/responses/unauthorized"
7057 * security={{"openemr_auth":{}}}
7060 "GET /api/prescription/:uuid" => function ($uuid) {
7061 RestConfig
::authorization_check("patients", "med");
7062 $return = (new PrescriptionRestController())->getOne($uuid);
7063 RestConfig
::apiLog($return);
7068 use OpenEMR\Common\Http\StatusCode
;
7069 use OpenEMR\Common\Http\Psr17Factory
;
7070 use OpenEMR\RestControllers\FHIR\FhirAllergyIntoleranceRestController
;
7071 use OpenEMR\RestControllers\FHIR\FhirAppointmentRestController
;
7072 use OpenEMR\RestControllers\FHIR\FhirCarePlanRestController
;
7073 use OpenEMR\RestControllers\FHIR\FhirCareTeamRestController
;
7074 use OpenEMR\RestControllers\FHIR\FhirConditionRestController
;
7075 use OpenEMR\RestControllers\FHIR\FhirCoverageRestController
;
7076 use OpenEMR\RestControllers\FHIR\FhirDeviceRestController
;
7077 use OpenEMR\RestControllers\FHIR\FhirDiagnosticReportRestController
;
7078 use OpenEMR\RestControllers\FHIR\FhirDocumentReferenceRestController
;
7079 use OpenEMR\RestControllers\FHIR\FhirEncounterRestController
;
7080 use OpenEMR\RestControllers\FHIR\FhirObservationRestController
;
7081 use OpenEMR\RestControllers\FHIR\FhirImmunizationRestController
;
7082 use OpenEMR\RestControllers\FHIR\FhirGoalRestController
;
7083 use OpenEMR\RestControllers\FHIR\FhirGroupRestController
;
7084 use OpenEMR\RestControllers\FHIR\FhirLocationRestController
;
7085 use OpenEMR\RestControllers\FHIR\FhirMedicationRestController
;
7086 use OpenEMR\RestControllers\FHIR\FhirMedicationRequestRestController
;
7087 use OpenEMR\RestControllers\FHIR\FhirOrganizationRestController
;
7088 use OpenEMR\RestControllers\FHIR\FhirPatientRestController
;
7089 use OpenEMR\RestControllers\FHIR\FhirPersonRestController
;
7090 use OpenEMR\RestControllers\FHIR\FhirPractitionerRoleRestController
;
7091 use OpenEMR\RestControllers\FHIR\FhirPractitionerRestController
;
7092 use OpenEMR\RestControllers\FHIR\FhirProcedureRestController
;
7093 use OpenEMR\RestControllers\FHIR\FhirProvenanceRestController
;
7094 use OpenEMR\RestControllers\FHIR\FhirMetaDataRestController
;
7095 use OpenEMR\RestControllers\FHIR\Operations\FhirOperationExportRestController
;
7096 use OpenEMR\RestControllers\FHIR\Operations\FhirOperationDocRefRestController
;
7097 use OpenEMR\RestControllers\FHIR\Operations\FhirOperationDefinitionRestController
;
7099 // Note that the fhir route includes both user role and patient role
7100 // (there is a mechanism in place to ensure patient role is binded
7101 // to only see the data of the one patient)
7102 RestConfig
::$FHIR_ROUTE_MAP = array(
7105 * path="/fhir/AllergyIntolerance",
7106 * description="Returns a list of AllergyIntolerance resources.",
7111 * description="The uuid for the AllergyIntolerance resource.",
7120 * description="The uuid for the patient.",
7128 * description="Standard Response",
7130 * mediaType="application/json",
7133 * property="json object",
7134 * description="FHIR Json object.",
7139 * "lastUpdated": "2021-09-14T09:13:51"
7141 * "resourceType": "Bundle",
7142 * "type": "collection",
7146 * "relation": "self",
7147 * "url": "https://localhost:9300/apis/default/fhir/AllergyIntolerance"
7156 * ref="#/components/responses/badrequest"
7160 * ref="#/components/responses/unauthorized"
7162 * security={{"openemr_auth":{}}}
7165 "GET /fhir/AllergyIntolerance" => function (HttpRestRequest
$request) {
7166 $getParams = $request->getQueryParams();
7167 if ($request->isPatientRequest()) {
7168 // only allow access to data of binded patient
7169 $return = (new FhirAllergyIntoleranceRestController($request))->getAll($getParams, $request->getPatientUUIDString());
7171 RestConfig
::authorization_check("patients", "med");
7172 $return = (new FhirAllergyIntoleranceRestController($request))->getAll($getParams);
7174 RestConfig
::apiLog($return);
7180 * path="/fhir/AllergyIntolerance/{uuid}",
7181 * description="Returns a single AllergyIntolerance resource.",
7186 * description="The uuid for the AllergyIntolerance resource.",
7194 * description="Standard Response",
7196 * mediaType="application/json",
7199 * property="json object",
7200 * description="FHIR Json object.",
7204 * "id": "94682fe5-f383-4885-9505-64b02e34906f",
7207 * "lastUpdated": "2021-09-16T00:27:32+00:00"
7209 * "resourceType": "AllergyIntolerance",
7211 * "status": "additional",
7212 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'>penicillin</div>"
7214 * "clinicalStatus": {
7217 * "system": "http://terminology.hl7.org/CodeSystem/allergyintolerance-clinical",
7219 * "display": "Active"
7223 * "verificationStatus": {
7226 * "system": "http://terminology.hl7.org/CodeSystem/allergyintolerance-verification",
7227 * "code": "confirmed",
7228 * "display": "Confirmed"
7235 * "criticality": "low",
7239 * "system": "http://terminology.hl7.org/CodeSystem/data-absent-reason",
7240 * "code": "unknown",
7241 * "display": "Unknown"
7246 * "reference": "Patient/94682ef5-b0e3-4289-b19a-11b9592e9c92"
7250 * "manifestation": {
7254 * "system": "http://snomed.info/sct",
7255 * "code": "422587007",
7256 * "display": "Nausea"
7270 * ref="#/components/responses/badrequest"
7274 * ref="#/components/responses/unauthorized"
7278 * ref="#/components/responses/uuidnotfound"
7280 * security={{"openemr_auth":{}}}
7283 "GET /fhir/AllergyIntolerance/:uuid" => function ($uuid, HttpRestRequest
$request) {
7284 if ($request->isPatientRequest()) {
7285 // only allow access to data of binded patient
7286 $return = (new FhirAllergyIntoleranceRestController($request))->getOne($uuid, $request->getPatientUUIDString());
7288 RestConfig
::authorization_check("patients", "med");
7289 $return = (new FhirAllergyIntoleranceRestController($request))->getOne($uuid);
7291 RestConfig
::apiLog($return);
7297 * path="/fhir/Appointment",
7298 * description="Returns a list of Appointment resources.",
7303 * description="The uuid for the Appointment resource.",
7312 * description="The uuid for the patient.",
7320 * description="Standard Response",
7322 * mediaType="application/json",
7325 * property="json object",
7326 * description="FHIR Json object.",
7331 * "lastUpdated": "2021-09-14T09:13:51"
7333 * "resourceType": "Bundle",
7334 * "type": "collection",
7338 * "relation": "self",
7339 * "url": "https://localhost:9300/apis/default/fhir/AllergyIntolerance"
7348 * ref="#/components/responses/badrequest"
7352 * ref="#/components/responses/unauthorized"
7354 * security={{"openemr_auth":{}}}
7357 "GET /fhir/Appointment" => function (HttpRestRequest
$request) {
7358 $getParams = $request->getQueryParams();
7359 if ($request->isPatientRequest()) {
7360 // only allow access to data of binded patient
7361 $return = (new FhirAppointmentRestController($request))->getAll($getParams, $request->getPatientUUIDString());
7363 RestConfig
::authorization_check("patients", "appt");
7364 $return = (new FhirAppointmentRestController($request))->getAll($getParams);
7366 RestConfig
::apiLog($return);
7372 * path="/fhir/Appointment/{uuid}",
7373 * description="Returns a single Appointment resource.",
7378 * description="The uuid for the Appointment resource.",
7386 * description="Standard Response",
7388 * mediaType="application/json",
7391 * property="json object",
7392 * description="FHIR Json object.",
7401 * ref="#/components/responses/badrequest"
7405 * ref="#/components/responses/unauthorized"
7409 * ref="#/components/responses/uuidnotfound"
7411 * security={{"openemr_auth":{}}}
7414 "GET /fhir/Appointment/:uuid" => function ($uuid, HttpRestRequest
$request) {
7415 if ($request->isPatientRequest()) {
7416 // only allow access to data of binded patient
7417 $return = (new FhirAppointmentRestController($request))->getOne($uuid, $request->getPatientUUIDString());
7419 RestConfig
::authorization_check("patients", "appt");
7420 $return = (new FhirAppointmentRestController($request))->getOne($uuid);
7422 RestConfig
::apiLog($return);
7428 * path="/fhir/CarePlan",
7429 * description="Returns a list of CarePlan resources.",
7434 * description="The uuid for the CarePlan resource.",
7443 * description="The uuid for the patient.",
7452 * description="The category of the CarePlan resource.",
7460 * description="Standard Response",
7462 * mediaType="application/json",
7465 * property="json object",
7466 * description="FHIR Json object.",
7471 * "lastUpdated": "2021-09-14T09:13:51"
7473 * "resourceType": "Bundle",
7474 * "type": "collection",
7478 * "relation": "self",
7479 * "url": "https://localhost:9300/apis/default/fhir/CarePlan"
7488 * ref="#/components/responses/badrequest"
7492 * ref="#/components/responses/unauthorized"
7494 * security={{"openemr_auth":{}}}
7497 "GET /fhir/CarePlan" => function (HttpRestRequest
$request) {
7498 $getParams = $request->getQueryParams();
7499 if ($request->isPatientRequest()) {
7500 // only allow access to data of binded patient
7501 $return = (new FhirCarePlanRestController())->getAll($getParams, $request->getPatientUUIDString());
7503 RestConfig
::authorization_check("patients", "med");
7504 $return = (new FhirCarePlanRestController())->getAll($getParams);
7506 RestConfig
::apiLog($return);
7512 * path="/fhir/CarePlan/{uuid}",
7513 * description="Returns a single CarePlan resource.",
7518 * description="The uuid for the CarePlan resource.",
7526 * description="Standard Response",
7528 * mediaType="application/json",
7531 * property="json object",
7532 * description="FHIR Json object.",
7536 * "id": "94682f08-8fbc-451e-b1ec-f922d765c38f_1",
7539 * "lastUpdated": "2021-09-16T00:54:18+00:00"
7541 * "resourceType": "CarePlan",
7543 * "status": "generated",
7544 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""><p>Treat flu.</p></div>"
7546 * "status": "active",
7552 * "system": "http://hl7.org/fhir/us/core/CodeSystem/careplan-category",
7553 * "code": "assess-plan"
7558 * "description": "Treat flu.",
7560 * "reference": "Patient/94682ef5-b0e3-4289-b19a-11b9592e9c92",
7569 * ref="#/components/responses/badrequest"
7573 * ref="#/components/responses/unauthorized"
7577 * ref="#/components/responses/uuidnotfound"
7579 * security={{"openemr_auth":{}}}
7582 "GET /fhir/CarePlan/:uuid" => function ($uuid, HttpRestRequest
$request) {
7583 if ($request->isPatientRequest()) {
7584 // only allow access to data of binded patient
7585 $return = (new FhirCarePlanRestController())->getOne($uuid, $request->getPatientUUIDString());
7587 RestConfig
::authorization_check("patients", "med");
7588 $return = (new FhirCarePlanRestController())->getOne($uuid);
7590 RestConfig
::apiLog($return);
7596 * path="/fhir/CareTeam",
7597 * description="Returns a list of CareTeam resources.",
7602 * description="The uuid for the CareTeam resource.",
7611 * description="The uuid for the patient.",
7620 * description="The status of the CarePlan resource.",
7628 * description="Standard Response",
7630 * mediaType="application/json",
7633 * property="json object",
7634 * description="FHIR Json object.",
7639 * "lastUpdated": "2021-09-14T09:13:51"
7641 * "resourceType": "Bundle",
7642 * "type": "collection",
7646 * "relation": "self",
7647 * "url": "https://localhost:9300/apis/default/fhir/CareTeam"
7656 * ref="#/components/responses/badrequest"
7660 * ref="#/components/responses/unauthorized"
7662 * security={{"openemr_auth":{}}}
7665 "GET /fhir/CareTeam" => function (HttpRestRequest
$request) {
7666 $getParams = $request->getQueryParams();
7667 if ($request->isPatientRequest()) {
7668 // only allow access to data of binded patient
7669 $return = (new FhirCareTeamRestController())->getAll($getParams, $request->getPatientUUIDString());
7671 RestConfig
::authorization_check("patients", "med");
7672 $return = (new FhirCareTeamRestController())->getAll($getParams);
7674 RestConfig
::apiLog($return);
7680 * path="/fhir/CareTeam/{uuid}",
7681 * description="Returns a single CareTeam resource.",
7686 * description="The uuid for the CareTeam resource.",
7694 * description="Standard Response",
7696 * mediaType="application/json",
7699 * property="json object",
7700 * description="FHIR Json object.",
7704 * "id": "94682f09-69fe-4ada-8ea6-753a52bd1516",
7707 * "lastUpdated": "2021-09-16T01:07:22+00:00"
7709 * "resourceType": "CareTeam",
7710 * "status": "active",
7712 * "reference": "Patient/94682ef5-b0e3-4289-b19a-11b9592e9c92",
7721 * "system": "http://nucc.org/provider-taxonomy",
7722 * "code": "102L00000X",
7723 * "display": "Psychoanalyst"
7729 * "reference": "Practitioner/94682c68-f712-4c39-9158-ff132a08f26b",
7730 * "type": "Practitioner"
7733 * "reference": "Organization/94682c62-b801-4498-84a1-13f158bb2a18",
7734 * "type": "Organization"
7742 * "system": "http://terminology.hl7.org/CodeSystem/data-absent-reason",
7743 * "code": "unknown",
7744 * "display": "Unknown"
7750 * "reference": "Organization/94682c62-b801-4498-84a1-13f158bb2a18",
7751 * "type": "Organization"
7761 * ref="#/components/responses/badrequest"
7765 * ref="#/components/responses/unauthorized"
7769 * ref="#/components/responses/uuidnotfound"
7771 * security={{"openemr_auth":{}}}
7774 "GET /fhir/CareTeam/:uuid" => function ($uuid, HttpRestRequest
$request) {
7775 if ($request->isPatientRequest()) {
7776 // only allow access to data of binded patient
7777 $return = (new FhirCareTeamRestController())->getOne($uuid, $request->getPatientUUIDString());
7779 RestConfig
::authorization_check("patients", "med");
7780 $return = (new FhirCareTeamRestController())->getOne($uuid);
7782 RestConfig
::apiLog($return);
7788 * path="/fhir/Condition",
7789 * description="Returns a list of Condition resources.",
7794 * description="The uuid for the Condition resource.",
7803 * description="The uuid for the patient.",
7811 * description="Standard Response",
7813 * mediaType="application/json",
7816 * property="json object",
7817 * description="FHIR Json object.",
7822 * "lastUpdated": "2021-09-14T09:13:51"
7824 * "resourceType": "Bundle",
7825 * "type": "collection",
7829 * "relation": "self",
7830 * "url": "https://localhost:9300/apis/default/fhir/Condition"
7839 * ref="#/components/responses/badrequest"
7843 * ref="#/components/responses/unauthorized"
7845 * security={{"openemr_auth":{}}}
7848 "GET /fhir/Condition" => function (HttpRestRequest
$request) {
7849 $getParams = $request->getQueryParams();
7850 if ($request->isPatientRequest()) {
7851 // only allow access to data of binded patient
7852 $return = (new FhirConditionRestController())->getAll($getParams, $request->getPatientUUIDString());
7854 RestConfig
::authorization_check("patients", "med");
7855 $return = (new FhirConditionRestController())->getAll($getParams);
7857 RestConfig
::apiLog($return);
7863 * path="/fhir/Condition/{uuid}",
7864 * description="Returns a single Condition resource.",
7869 * description="The uuid for the Condition resource.",
7877 * description="Standard Response",
7879 * mediaType="application/json",
7882 * property="json object",
7883 * description="FHIR Json object.",
7887 * "id": "94682c68-e5bb-4c5c-859a-cebaa5a1e582",
7890 * "lastUpdated": "2021-09-16T02:41:53+00:00"
7892 * "resourceType": "Condition",
7893 * "clinicalStatus": {
7896 * "system": "http://terminology.hl7.org/CodeSystem/condition-clinical",
7897 * "code": "inactive",
7898 * "display": "Inactive"
7902 * "verificationStatus": {
7905 * "system": "http://terminology.hl7.org/CodeSystem/condition-ver-status",
7906 * "code": "unconfirmed",
7907 * "display": "Unconfirmed"
7915 * "system": "http://terminology.hl7.org/CodeSystem/condition-category",
7916 * "code": "problem-list-item",
7917 * "display": "Problem List Item"
7925 * "system": "http://snomed.info/sct",
7926 * "code": "444814009",
7932 * "reference": "Patient/94682c62-d37e-48b5-8018-c5f6f3566609"
7940 * ref="#/components/responses/badrequest"
7944 * ref="#/components/responses/unauthorized"
7948 * ref="#/components/responses/uuidnotfound"
7950 * security={{"openemr_auth":{}}}
7953 "GET /fhir/Condition/:uuid" => function ($uuid, HttpRestRequest
$request) {
7954 if ($request->isPatientRequest()) {
7955 // only allow access to data of binded patient
7956 $return = (new FhirConditionRestController())->getOne($uuid, $request->getPatientUUIDString());
7958 RestConfig
::authorization_check("patients", "med");
7959 $return = (new FhirConditionRestController())->getOne($uuid);
7961 RestConfig
::apiLog($return);
7967 * path="/fhir/Coverage",
7968 * description="Returns a list of Coverage resources.",
7973 * description="The uuid for the Coverage resource.",
7982 * description="The uuid for the patient.",
7991 * description="The payor of the Coverage resource.",
7999 * description="Standard Response",
8001 * mediaType="application/json",
8004 * property="json object",
8005 * description="FHIR Json object.",
8010 * "lastUpdated": "2021-09-14T09:13:51"
8012 * "resourceType": "Bundle",
8013 * "type": "collection",
8017 * "relation": "self",
8018 * "url": "https://localhost:9300/apis/default/fhir/Coverage"
8027 * ref="#/components/responses/badrequest"
8031 * ref="#/components/responses/unauthorized"
8033 * security={{"openemr_auth":{}}}
8036 "GET /fhir/Coverage" => function (HttpRestRequest
$request) {
8037 if ($request->isPatientRequest()) {
8038 // only allow access to data of binded patient
8039 $return = (new FhirCoverageRestController())->getAll($request->getQueryParams(), $request->getPatientUUIDString());
8041 RestConfig
::authorization_check("admin", "super");
8042 $return = (new FhirCoverageRestController())->getAll($request->getQueryParams());
8044 RestConfig
::apiLog($return);
8050 * path="/fhir/Coverage/{uuid}",
8051 * description="Returns a single Coverage resource.",
8056 * description="The uuid for the Coverage resource.",
8064 * description="Standard Response",
8066 * mediaType="application/json",
8069 * property="json object",
8070 * description="FHIR Json object.",
8074 * "id": "960d5f10-edc6-4c65-a6d4-39a1e1da87a8",
8077 * "lastUpdated": "2022-04-14T07:58:45+00:00"
8079 * "resourceType": "Coverage",
8080 * "status": "active",
8082 * "reference": "Patient/960d5f08-9fdf-4bdc-9108-84a149e28bac"
8087 * "system": "http://terminology.hl7.org/CodeSystem/subscriber-relationship",
8098 * ref="#/components/responses/badrequest"
8102 * ref="#/components/responses/unauthorized"
8106 * ref="#/components/responses/uuidnotfound"
8108 * security={{"openemr_auth":{}}}
8111 "GET /fhir/Coverage/:uuid" => function ($uuid, HttpRestRequest
$request) {
8112 if ($request->isPatientRequest()) {
8113 // only allow access to data of binded patient
8114 $return = (new FhirCoverageRestController())->getOne($uuid, $request->getPatientUUIDString());
8116 RestConfig
::authorization_check("admin", "super");
8117 $return = (new FhirCoverageRestController())->getOne($uuid);
8119 RestConfig
::apiLog($return);
8125 * path="/fhir/Device",
8126 * description="Returns a list of Device resources.",
8131 * description="The uuid for the Device resource.",
8140 * description="The uuid for the patient.",
8148 * description="Standard Response",
8150 * mediaType="application/json",
8153 * property="json object",
8154 * description="FHIR Json object.",
8159 * "lastUpdated": "2021-09-14T09:13:51"
8161 * "resourceType": "Bundle",
8162 * "type": "collection",
8166 * "relation": "self",
8167 * "url": "https://localhost:9300/apis/default/fhir/Device"
8176 * ref="#/components/responses/badrequest"
8180 * ref="#/components/responses/unauthorized"
8182 * security={{"openemr_auth":{}}}
8185 "GET /fhir/Device" => function (HttpRestRequest
$request) {
8186 if ($request->isPatientRequest()) {
8187 // only allow access to data of binded patient
8188 $return = (new FhirDeviceRestController())->getAll($request->getQueryParams(), $request->getPatientUUIDString());
8190 RestConfig
::authorization_check("admin", "super");
8191 $return = (new FhirDeviceRestController())->getAll($request->getQueryParams());
8193 RestConfig
::apiLog($return);
8199 * path="/fhir/Device/{uuid}",
8200 * description="Returns a single Device resource.",
8205 * description="The uuid for the Device resource.",
8213 * description="Standard Response",
8215 * mediaType="application/json",
8218 * property="json object",
8219 * description="FHIR Json object.",
8223 * "id": "946dce19-c80a-402c-862a-eadf3f2377f0",
8226 * "lastUpdated": "2021-09-18T19:28:59+00:00"
8228 * "resourceType": "Device",
8231 * "deviceIdentifier": "08717648200274",
8232 * "carrierHRF": "=/08717648200274=,000025=A99971312345600=>014032=}013032&,1000000000000XYZ123"
8235 * "distinctIdentifier": "A99971312345600",
8236 * "manufactureDate": "2013-02-01",
8237 * "expirationDate": "2014-02-01",
8238 * "lotNumber": "000000000000XYZ123",
8239 * "serialNumber": "000025",
8243 * "valueCode": "unknown",
8244 * "url": "http://hl7.org/fhir/StructureDefinition/data-absent-reason"
8249 * "reference": "Patient/946da619-c631-431a-a282-487cd6fb7802",
8258 * ref="#/components/responses/badrequest"
8262 * ref="#/components/responses/unauthorized"
8266 * ref="#/components/responses/uuidnotfound"
8268 * security={{"openemr_auth":{}}}
8271 "GET /fhir/Device/:uuid" => function ($uuid, HttpRestRequest
$request) {
8272 if ($request->isPatientRequest()) {
8273 // only allow access to data of binded patient
8274 $return = (new FhirDeviceRestController())->getOne($uuid, $request->getPatientUUIDString());
8276 RestConfig
::authorization_check("admin", "super");
8277 $return = (new FhirDeviceRestController())->getOne($uuid);
8279 RestConfig
::apiLog($return);
8285 * path="/fhir/DiagnosticReport",
8286 * description="Returns a list of DiagnosticReport resources.",
8291 * description="The uuid for the DiagnosticReport resource.",
8300 * description="The uuid for the patient.",
8309 * description="The code of the DiagnosticReport resource.",
8318 * description="The category of the DiagnosticReport resource.",
8327 * description="The datetime of the DiagnosticReport resource.",
8335 * description="Standard Response",
8337 * mediaType="application/json",
8340 * property="json object",
8341 * description="FHIR Json object.",
8346 * "lastUpdated": "2021-09-14T09:13:51"
8348 * "resourceType": "Bundle",
8349 * "type": "collection",
8353 * "relation": "self",
8354 * "url": "https://localhost:9300/apis/default/fhir/DiagnosticReport"
8363 * ref="#/components/responses/badrequest"
8367 * ref="#/components/responses/unauthorized"
8369 * security={{"openemr_auth":{}}}
8372 "GET /fhir/DiagnosticReport" => function (HttpRestRequest
$request) {
8373 $getParams = $request->getQueryParams();
8374 if ($request->isPatientRequest()) {
8375 // only allow access to data of binded patient
8376 $return = (new FhirDiagnosticReportRestController())->getAll($getParams, $request->getPatientUUIDString());
8378 RestConfig
::authorization_check("admin", "super");
8379 $return = (new FhirDiagnosticReportRestController())->getAll($getParams);
8381 RestConfig
::apiLog($return);
8387 * path="/fhir/DiagnosticReport/{uuid}",
8388 * description="Returns a single DiagnosticReport resource.",
8393 * description="The uuid for the DiagnosticReport resource.",
8401 * description="Standard Response",
8403 * mediaType="application/json",
8406 * property="json object",
8407 * description="FHIR Json object.",
8411 * "id": "93fb2d6a-77ac-48ca-a12d-1a17e40007e3",
8414 * "lastUpdated": "2021-09-18T20:52:34+00:00"
8416 * "resourceType": "DiagnosticReport",
8417 * "status": "final",
8422 * "system": "http://loinc.org",
8423 * "code": "LP7839-6",
8424 * "display": "Pathology"
8432 * "system": "http://loinc.org",
8433 * "code": "11502-2",
8434 * "display": "Laboratory report"
8439 * "reference": "Patient/9353b8f5-0a87-4e2a-afd4-25341fdb0fbc",
8443 * "reference": "Encounter/93540818-cb5f-49df-b73b-83901bb793b6",
8444 * "type": "Encounter"
8446 * "effectiveDateTime": "2015-06-22T00:00:00+00:00",
8447 * "issued": "2015-06-22T00:00:00+00:00",
8450 * "reference": "Organization/935249b5-0ba6-4b5b-8863-a7a27d4c6350",
8451 * "type": "Organization"
8454 * "presentedForm": {
8456 * "contentType": "text/plain",
8457 * "data": "TXMgQWxpY2UgTmV3bWFuIHdhcyB0ZXN0ZWQgZm9yIHRoZSBVcmluYW5hbHlzaXMgbWFjcm8gcGFuZWwgYW5kIHRoZSByZXN1bHRzIGhhdmUgYmVlbiBmb3VuZCB0byBiZSANCm5vcm1hbC4="
8466 * ref="#/components/responses/badrequest"
8470 * ref="#/components/responses/unauthorized"
8474 * ref="#/components/responses/uuidnotfound"
8476 * security={{"openemr_auth":{}}}
8479 "GET /fhir/DiagnosticReport/:uuid" => function ($uuid, HttpRestRequest
$request) {
8480 $getParams = $request->getQueryParams();
8481 if ($request->isPatientRequest()) {
8482 // only allow access to data of binded patient
8483 $return = (new FhirDiagnosticReportRestController())->getOne($uuid, $request->getPatientUUIDString());
8485 RestConfig
::authorization_check("admin", "super");
8486 $return = (new FhirDiagnosticReportRestController())->getOne($uuid);
8488 RestConfig
::apiLog($return);
8494 * path="/fhir/DocumentReference",
8495 * description="Returns a list of DocumentReference resources.",
8500 * description="The uuid for the DocumentReference resource.",
8509 * description="The uuid for the patient.",
8518 * description="The type of the DocumentReference resource.",
8527 * description="The category of the DocumentReference resource.",
8536 * description="The datetime of the DocumentReference resource.",
8544 * description="Standard Response",
8546 * mediaType="application/json",
8549 * property="json object",
8550 * description="FHIR Json object.",
8555 * "lastUpdated": "2021-09-14T09:13:51"
8557 * "resourceType": "Bundle",
8558 * "type": "collection",
8562 * "relation": "self",
8563 * "url": "https://localhost:9300/apis/default/fhir/DocumentReference"
8572 * ref="#/components/responses/badrequest"
8576 * ref="#/components/responses/unauthorized"
8578 * security={{"openemr_auth":{}}}
8581 'GET /fhir/DocumentReference' => function (HttpRestRequest
$request) {
8582 $getParams = $request->getQueryParams();
8583 if ($request->isPatientRequest()) {
8584 // only allow access to data of binded patient
8585 $return = (new FhirDocumentReferenceRestController($request))->getAll($getParams, $request->getPatientUUIDString());
8587 RestConfig
::authorization_check("admin", "super");
8588 $return = (new FhirDocumentReferenceRestController($request))->getAll($getParams);
8590 RestConfig
::apiLog($return);
8596 * path="/fhir/DocumentReference/$docref",
8597 * description="The $docref operation is used to request the server generates a document based on the specified parameters. If no additional parameters are specified then a DocumentReference to the patient's most current Clinical Summary of Care Document (CCD) is returned. The document itself is retrieved using the DocumentReference.content.attachment.url element. See <a href='http://hl7.org/fhir/us/core/OperationDefinition-docref.html' target='_blank' rel='noopener'>http://hl7.org/fhir/us/core/OperationDefinition-docref.html</a> for more details.",
8599 * @OA\ExternalDocumentation(description="Detailed documentation on this operation", url="https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API"),
8603 * description="The uuid for the patient.",
8612 * description="The datetime refers to care dates not record currency dates. All records relating to care provided in a certain date range. If no start date is provided then all documents prior to the end date are in scope. If no start and end date are provided, the most recent or current document is in scope.",
8621 * description="The datetime refers to care dates not record currency dates. All records relating to care provided in a certain date range. If no end date is provided then all documents subsequent to the start date are in scope. If no start and end date are provided, the most recent or current document is in scope.",
8630 * description="The type refers to the document type. This is a LOINC code from the valueset of <a href='http://hl7.org/fhir/R4/valueset-c80-doc-typecodes.html' target='_blank' rel='noopener'>http://hl7.org/fhir/R4/valueset-c80-doc-typecodes.html</a>. The server currently only supports the LOINC code of 34133-9 (Summary of episode node).",
8638 * description="A search bundle of DocumentReferences is returned"
8642 * ref="#/components/responses/badrequest"
8646 * ref="#/components/responses/unauthorized"
8648 * security={{"openemr_auth":{}}}
8651 'POST /fhir/DocumentReference/$docref' => function (HttpRestRequest
$request) {
8653 // NOTE: The order of this route is IMPORTANT as it needs to come before the DocumentReference single request.
8654 if ($request->isPatientRequest()) {
8655 // only allow access to data of binded patient
8656 $return = (new FhirOperationDocRefRestController($request))->getAll($request->getQueryParams(), $request->getPatientUUIDString());
8658 // TODO: it seems like regular users should be able to grab authorship / provenance information
8659 RestConfig
::authorization_check("patients", "demo");
8660 $return = (new FhirOperationDocRefRestController($request))->getAll($request->getQueryParams());
8662 RestConfig
::apiLog($return);
8668 * path="/fhir/DocumentReference/{uuid}",
8669 * description="Returns a single DocumentReference resource.",
8674 * description="The uuid for the DocumentReference resource.",
8682 * description="Standard Response",
8684 * mediaType="application/json",
8687 * property="json object",
8688 * description="FHIR Json object.",
8692 * "id": "946e7553-1aaa-49f8-8f81-ae15ccaa9165",
8695 * "lastUpdated": "2021-09-19T03:17:51+00:00"
8697 * "resourceType": "DocumentReference",
8700 * "value": "946e7553-1aaa-49f8-8f81-ae15ccaa9165"
8703 * "status": "current",
8707 * "system": "http://terminology.hl7.org/CodeSystem/v3-NullFlavor",
8709 * "display": "unknown"
8717 * "system": "https://localhost:9300/apis/default/fhir/ValueSet/openemr-document-types",
8718 * "code": "openemr-document",
8719 * "display": "OpenEMR Document"
8725 * "reference": "Patient/946da619-c631-431a-a282-487cd6fb7802",
8728 * "date": "2021-09-19T03:15:56+00:00",
8735 * "contentType": "image/gif",
8736 * "url": "https://localhost:9300/apis/default/fhir/Binary/7"
8739 * "system": "http://ihe.net/fhir/ValueSet/IHE.FormatCode.codesystem",
8740 * "code": "urn:ihe:iti:xds:2017:mimeTypeSufficient",
8741 * "display": "mimeType Sufficient"
8751 * ref="#/components/responses/badrequest"
8755 * ref="#/components/responses/unauthorized"
8759 * ref="#/components/responses/uuidnotfound"
8761 * security={{"openemr_auth":{}}}
8764 "GET /fhir/DocumentReference/:uuid" => function ($uuid, HttpRestRequest
$request) {
8765 $getParams = $request->getQueryParams();
8766 if ($request->isPatientRequest()) {
8767 // only allow access to data of binded patient
8768 $return = (new FhirDocumentReferenceRestController($request))->getOne($uuid, $request->getPatientUUIDString());
8770 RestConfig
::authorization_check("admin", "super");
8771 $return = (new FhirDocumentReferenceRestController($request))->getOne($uuid);
8773 RestConfig
::apiLog($return);
8779 * path="/fhir/Binary/{id}",
8780 * description="Used for downloading binary documents generated either with BULK FHIR Export or with the $docref CCD export operation. Documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
8785 * description="The id for the Document.",
8793 * description="The documentation for working with BULK FHIR or $docref document exports can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>"
8797 * ref="#/components/responses/badrequest"
8801 * ref="#/components/responses/unauthorized"
8803 * security={{"openemr_auth":{}}}
8806 'GET /fhir/Binary/:id' => function ($documentId, HttpRestRequest
$request) {
8807 $docController = new \OpenEMR\RestControllers\FHIR\
FhirDocumentRestController($request);
8809 if ($request->isPatientRequest()) {
8810 $response = $docController->downloadDocument($documentId, $request->getPatientUUIDString());
8812 RestConfig
::authorization_check("admin", "users");
8813 $response = $docController->downloadDocument($documentId);
8821 * path="/fhir/Encounter",
8822 * description="Returns a list of Encounter resources.",
8827 * description="The uuid for the Encounter resource.",
8836 * description="The uuid for the patient.",
8845 * description="The datetime of the Encounter resource.",
8853 * description="Standard Response",
8855 * mediaType="application/json",
8858 * property="json object",
8859 * description="FHIR Json object.",
8864 * "lastUpdated": "2021-09-14T09:13:51"
8866 * "resourceType": "Bundle",
8867 * "type": "collection",
8871 * "relation": "self",
8872 * "url": "https://localhost:9300/apis/default/fhir/Encounter"
8881 * ref="#/components/responses/badrequest"
8885 * ref="#/components/responses/unauthorized"
8887 * security={{"openemr_auth":{}}}
8890 "GET /fhir/Encounter" => function (HttpRestRequest
$request) {
8891 $getParams = $request->getQueryParams();
8892 if ($request->isPatientRequest()) {
8893 // only allow access to data of binded patient
8894 $return = (new FhirEncounterRestController())->getAll($getParams, $request->getPatientUUIDString());
8896 RestConfig
::authorization_check("encounters", "auth_a");
8897 $return = (new FhirEncounterRestController())->getAll($getParams);
8899 RestConfig
::apiLog($return);
8905 * path="/fhir/Encounter/{uuid}",
8906 * description="Returns a single Encounter resource.",
8911 * description="The uuid for the Encounter resource.",
8919 * description="Standard Response",
8921 * mediaType="application/json",
8924 * property="json object",
8925 * description="FHIR Json object.",
8929 * "id": "946da61d-6b95-4f8e-abe5-534a25913b71",
8932 * "lastUpdated": "2021-09-19T06:27:41+00:00"
8934 * "resourceType": "Encounter",
8937 * "system": "urn:ietf:rfc:3986",
8938 * "value": "946da61d-6b95-4f8e-abe5-534a25913b71"
8941 * "status": "finished",
8943 * "system": "http://terminology.hl7.org/CodeSystem/v3-ActCode",
8945 * "display": "ambulatory"
8951 * "system": "http://snomed.info/sct",
8952 * "code": "185349003",
8953 * "display": "Encounter for check up (procedure)"
8959 * "reference": "Patient/946da61b-626b-4f88-81e2-adfb88f4f0fe",
8968 * "system": "http://terminology.hl7.org/CodeSystem/v3-ParticipationType",
8970 * "display": "Primary Performer"
8976 * "start": "2012-08-13T00:00:00+00:00"
8979 * "reference": "Practitioner/946da61d-ac5f-4fdc-b3f2-7b58dc49976b",
8980 * "type": "Practitioner"
8985 * "start": "2012-08-13T00:00:00+00:00"
8993 * ref="#/components/responses/badrequest"
8997 * ref="#/components/responses/unauthorized"
9001 * ref="#/components/responses/uuidnotfound"
9003 * security={{"openemr_auth":{}}}
9006 "GET /fhir/Encounter/:uuid" => function ($uuid, HttpRestRequest
$request) {
9007 if ($request->isPatientRequest()) {
9008 // only allow access to data of binded patient
9009 $return = (new FhirEncounterRestController())->getOne($uuid, $request->getPatientUUIDString());
9011 RestConfig
::authorization_check("admin", "super");
9012 $return = (new FhirEncounterRestController())->getOne($uuid);
9014 RestConfig
::apiLog($return);
9020 * path="/fhir/Goal",
9021 * description="Returns a list of Condition resources.",
9026 * description="The uuid for the Goal resource.",
9035 * description="The uuid for the patient.",
9043 * description="Standard Response",
9045 * mediaType="application/json",
9048 * property="json object",
9049 * description="FHIR Json object.",
9054 * "lastUpdated": "2021-09-14T09:13:51"
9056 * "resourceType": "Bundle",
9057 * "type": "collection",
9061 * "relation": "self",
9062 * "url": "https://localhost:9300/apis/default/fhir/Goal"
9071 * ref="#/components/responses/badrequest"
9075 * ref="#/components/responses/unauthorized"
9077 * security={{"openemr_auth":{}}}
9080 "GET /fhir/Goal" => function (HttpRestRequest
$request) {
9081 $getParams = $request->getQueryParams();
9082 if ($request->isPatientRequest()) {
9083 // only allow access to data of binded patient
9084 $return = (new FhirGoalRestController())->getAll($getParams, $request->getPatientUUIDString());
9086 RestConfig
::authorization_check("admin", "super");
9087 $return = (new FhirGoalRestController())->getAll($getParams);
9089 RestConfig
::apiLog($return);
9095 * path="/fhir/Goal/{uuid}",
9096 * description="Returns a single Goal resource.",
9101 * description="The uuid for the Goal resource.",
9109 * description="Standard Response",
9111 * mediaType="application/json",
9114 * property="json object",
9115 * description="FHIR Json object.",
9119 * "id": "946da61d-6b88-4d54-bdd6-4029e2ad9e3f_1",
9122 * "lastUpdated": "2021-09-19T06:45:58+00:00"
9124 * "resourceType": "Goal",
9125 * "lifecycleStatus": "active",
9127 * "text": "Eating more vegetables."
9130 * "reference": "Patient/946da619-c631-431a-a282-487cd6fb7802",
9138 * "valueCode": "unknown",
9139 * "url": "http://hl7.org/fhir/StructureDefinition/data-absent-reason"
9143 * "detailString": "Eating more vegetables.",
9144 * "dueDate": "2021-09-09"
9153 * ref="#/components/responses/badrequest"
9157 * ref="#/components/responses/unauthorized"
9161 * ref="#/components/responses/uuidnotfound"
9163 * security={{"openemr_auth":{}}}
9166 "GET /fhir/Goal/:uuid" => function ($uuid, HttpRestRequest
$request) {
9167 if ($request->isPatientRequest()) {
9168 // only allow access to data of binded patient
9169 $return = (new FhirGoalRestController())->getOne($uuid, $request->getPatientUUIDString());
9171 RestConfig
::authorization_check("admin", "super");
9172 $return = (new FhirGoalRestController())->getOne($uuid);
9174 RestConfig
::apiLog($return);
9180 * path="/fhir/Group",
9181 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
9186 * description="The uuid for the Group resource.",
9195 * description="The uuid for the patient.",
9203 * description="Standard Response",
9205 * mediaType="application/json",
9208 * property="json object",
9209 * description="FHIR Json object.",
9214 * "lastUpdated": "2021-09-14T09:13:51"
9216 * "resourceType": "Bundle",
9217 * "type": "collection",
9221 * "relation": "self",
9222 * "url": "https://localhost:9300/apis/default/fhir/Group"
9231 * ref="#/components/responses/badrequest"
9235 * ref="#/components/responses/unauthorized"
9237 * security={{"openemr_auth":{}}}
9240 'GET /fhir/Group' => function (HttpRestRequest
$request) {
9241 RestConfig
::authorization_check("admin", "users");
9242 $getParams = $request->getQueryParams();
9243 if ($request->isPatientRequest()) {
9244 // only allow access to data of binded patient
9245 $return = (new FhirGroupRestController())->getAll($getParams, $request->getPatientUUIDString());
9247 $return = (new FhirGroupRestController())->getAll($getParams);
9249 RestConfig
::apiLog($return);
9255 * path="/fhir/Group/{uuid}",
9256 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
9261 * description="The uuid for the Group resource.",
9269 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>"
9273 * ref="#/components/responses/badrequest"
9277 * ref="#/components/responses/unauthorized"
9281 * ref="#/components/responses/uuidnotfound"
9283 * security={{"openemr_auth":{}}}
9286 "GET /fhir/Group/:uuid" => function ($uuid, HttpRestRequest
$request) {
9287 RestConfig
::authorization_check("admin", "users");
9288 if ($request->isPatientRequest()) {
9289 // only allow access to data of binded patient
9290 $return = (new FhirGroupRestController())->getOne($uuid, $request->getPatientUUIDString());
9292 $return = (new FhirGroupRestController())->getOne($uuid);
9294 RestConfig
::apiLog($return);
9300 * path="/fhir/Group/{id}/$export",
9301 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
9305 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>"
9309 * ref="#/components/responses/badrequest"
9313 * ref="#/components/responses/unauthorized"
9315 * security={{"openemr_auth":{}}}
9318 'GET /fhir/Group/:id/$export' => function ($groupId, HttpRestRequest
$request) {
9319 RestConfig
::authorization_check("admin", "users");
9320 $fhirExportService = new FhirOperationExportRestController($request);
9321 $exportParams = $request->getQueryParams();
9322 $exportParams['groupId'] = $groupId;
9323 $return = $fhirExportService->processExport(
9326 $request->getHeader('Accept'),
9327 $request->getHeader('Prefer')
9329 RestConfig
::apiLog($return);
9335 * path="/fhir/Immunization",
9336 * description="Returns a list of Immunization resources.",
9341 * description="The uuid for the Immunization resource.",
9350 * description="The uuid for the patient.",
9358 * description="Standard Response",
9360 * mediaType="application/json",
9363 * property="json object",
9364 * description="FHIR Json object.",
9369 * "lastUpdated": "2021-09-14T09:13:51"
9371 * "resourceType": "Bundle",
9372 * "type": "collection",
9376 * "relation": "self",
9377 * "url": "https://localhost:9300/apis/default/fhir/Immunization"
9386 * ref="#/components/responses/badrequest"
9390 * ref="#/components/responses/unauthorized"
9392 * security={{"openemr_auth":{}}}
9395 "GET /fhir/Immunization" => function (HttpRestRequest
$request) {
9396 $getParams = $request->getQueryParams();
9397 if ($request->isPatientRequest()) {
9398 // only allow access to data of binded patient
9399 $return = (new FhirImmunizationRestController())->getAll($getParams, $request->getPatientUUIDString());
9401 RestConfig
::authorization_check("patients", "med");
9402 $return = (new FhirImmunizationRestController())->getAll($getParams);
9404 RestConfig
::apiLog($return);
9410 * path="/fhir/Immunization/{uuid}",
9411 * description="Returns a single Immunization resource.",
9416 * description="The uuid for the Immunization resource.",
9424 * description="Standard Response",
9426 * mediaType="application/json",
9429 * property="json object",
9430 * description="FHIR Json object.",
9434 * "id": "95e8d8b7-e3e2-4e03-8eb1-31e1d9097d8f",
9437 * "lastUpdated": "2022-03-26T05:42:59+00:00"
9439 * "resourceType": "Immunization",
9440 * "status": "completed",
9444 * "system": "http://hl7.org/fhir/sid/cvx",
9446 * "display": "SARS-COV-2 (COVID-19) vaccine, mRNA, spike protein, LNP, preservative free, 100 mcg/0.5mL dose"
9451 * "reference": "Patient/95e8d830-3068-48cf-930a-2fefb18c2bcf"
9453 * "occurrenceDateTime": "2022-03-26T05:35:00+00:00",
9454 * "recorded": "2022-03-26T05:42:26+00:00",
9455 * "primarySource": false
9462 * ref="#/components/responses/badrequest"
9466 * ref="#/components/responses/unauthorized"
9470 * ref="#/components/responses/uuidnotfound"
9472 * security={{"openemr_auth":{}}}
9475 "GET /fhir/Immunization/:uuid" => function ($uuid, HttpRestRequest
$request) {
9476 if ($request->isPatientRequest()) {
9477 // only allow access to data of binded patient
9478 $return = (new FhirImmunizationRestController())->getOne($uuid, $request->getPatientUUIDString());
9480 RestConfig
::authorization_check("patients", "med");
9481 $return = (new FhirImmunizationRestController())->getOne($uuid);
9483 RestConfig
::apiLog($return);
9489 * path="/fhir/Location",
9490 * description="Returns a list of Location resources.",
9495 * description="The uuid for the Location resource.",
9503 * description="Standard Response",
9505 * mediaType="application/json",
9508 * property="json object",
9509 * description="FHIR Json object.",
9514 * "lastUpdated": "2021-09-14T09:13:51"
9516 * "resourceType": "Bundle",
9517 * "type": "collection",
9521 * "relation": "self",
9522 * "url": "https://localhost:9300/apis/default/fhir/Location"
9531 * ref="#/components/responses/badrequest"
9535 * ref="#/components/responses/unauthorized"
9537 * security={{"openemr_auth":{}}}
9540 "GET /fhir/Location" => function (HttpRestRequest
$request) {
9541 $return = (new FhirLocationRestController())->getAll($request->getQueryParams(), $request->getPatientUUIDString());
9542 RestConfig
::apiLog($return);
9548 * path="/fhir/Location/{uuid}",
9549 * description="Returns a single Location resource.",
9554 * description="The uuid for the Location resource.",
9562 * description="Standard Response",
9564 * mediaType="application/json",
9567 * property="json object",
9568 * description="FHIR Json object.",
9572 * "id": "946da61d-c4f2-4f03-a2a7-b571f6a24b65",
9575 * "lastUpdated": "2021-09-19T08:14:58+00:00"
9577 * "resourceType": "Location",
9578 * "status": "active",
9579 * "name": "Your Clinic Name Here",
9582 * "system": "phone",
9583 * "value": "000-000-0000"
9587 * "value": "000-000-0000"
9596 * ref="#/components/responses/badrequest"
9600 * ref="#/components/responses/unauthorized"
9604 * ref="#/components/responses/uuidnotfound"
9606 * security={{"openemr_auth":{}}}
9609 "GET /fhir/Location/:uuid" => function ($uuid, HttpRestRequest
$request) {
9610 $return = (new FhirLocationRestController())->getOne($uuid, $request->getPatientUUIDString());
9611 RestConfig
::apiLog($return);
9617 * path="/fhir/Medication",
9618 * description="Returns a list of Medication resources.",
9622 * description="Standard Response",
9624 * mediaType="application/json",
9627 * property="json object",
9628 * description="FHIR Json object.",
9633 * "lastUpdated": "2021-09-14T09:13:51"
9635 * "resourceType": "Bundle",
9636 * "type": "collection",
9640 * "relation": "self",
9641 * "url": "https://localhost:9300/apis/default/fhir/Medication"
9650 * ref="#/components/responses/badrequest"
9654 * ref="#/components/responses/unauthorized"
9656 * security={{"openemr_auth":{}}}
9659 "GET /fhir/Medication" => function (HttpRestRequest
$request) {
9660 RestConfig
::authorization_check("patients", "med");
9661 $return = (new FhirMedicationRestController())->getAll($request->getQueryParams());
9662 RestConfig
::apiLog($return);
9668 * path="/fhir/Medication/{uuid}",
9669 * description="Returns a single Medication resource.",
9674 * description="The uuid for the Medication resource.",
9682 * description="Standard Response",
9684 * mediaType="application/json",
9687 * property="json object",
9688 * description="FHIR Json object.",
9692 * "id": "961aa334-9348-4145-8252-de665e3c4afa",
9695 * "lastUpdated": "2022-04-19T23:42:14+00:00"
9697 * "resourceType": "Medication",
9701 * "system": "http://www.nlm.nih.gov/research/umls/rxnorm",
9706 * "status": "active",
9708 * "lotNumber": "132",
9709 * "expirationDate": "0000-00-00"
9717 * ref="#/components/responses/badrequest"
9721 * ref="#/components/responses/unauthorized"
9725 * ref="#/components/responses/uuidnotfound"
9727 * security={{"openemr_auth":{}}}
9730 "GET /fhir/Medication/:uuid" => function ($uuid, HttpRestRequest
$request) {
9731 if ($request->isPatientRequest()) {
9732 // only allow access to data of binded patient
9733 $return = (new FhirMedicationRestController())->getOne($uuid, $request->getPatientUUIDString());
9735 RestConfig
::authorization_check("patients", "med");
9736 $return = (new FhirMedicationRestController())->getOne($uuid);
9738 RestConfig
::apiLog($return);
9744 * path="/fhir/MedicationRequest",
9745 * description="Returns a list of MedicationRequest resources.",
9750 * description="The uuid for the MedicationRequest resource.",
9759 * description="The uuid for the patient.",
9768 * description="The intent of the MedicationRequest resource.",
9777 * description="The status of the MedicationRequest resource.",
9785 * description="Standard Response",
9787 * mediaType="application/json",
9790 * property="json object",
9791 * description="FHIR Json object.",
9796 * "lastUpdated": "2021-09-14T09:13:51"
9798 * "resourceType": "Bundle",
9799 * "type": "collection",
9803 * "relation": "self",
9804 * "url": "https://localhost:9300/apis/default/fhir/MedicationRequest"
9813 * ref="#/components/responses/badrequest"
9817 * ref="#/components/responses/unauthorized"
9819 * security={{"openemr_auth":{}}}
9822 "GET /fhir/MedicationRequest" => function (HttpRestRequest
$request) {
9823 $getParams = $request->getQueryParams();
9824 if ($request->isPatientRequest()) {
9825 // only allow access to data of binded patient
9826 $return = (new FhirMedicationRequestRestController())->getAll($getParams, $request->getPatientUUIDString());
9828 RestConfig
::authorization_check("patients", "med");
9829 $return = (new FhirMedicationRequestRestController())->getAll($getParams);
9831 RestConfig
::apiLog($return);
9837 * path="/fhir/MedicationRequest/{uuid}",
9838 * description="Returns a single MedicationRequest resource.",
9843 * description="The uuid for the MedicationRequest resource.",
9851 * description="Standard Response",
9853 * mediaType="application/json",
9856 * property="json object",
9857 * description="FHIR Json object.",
9861 * "id": "946da61d-9cff-4416-8d27-805f19f9d7d8",
9864 * "lastUpdated": "2021-09-20T04:03:14+00:00"
9866 * "resourceType": "MedicationRequest",
9867 * "status": "active",
9868 * "intent": "order",
9873 * "system": "http://terminology.hl7.org/CodeSystem/medicationrequest-category",
9874 * "code": "community",
9875 * "display": "Home/Community"
9880 * "reportedBoolean": false,
9881 * "medicationCodeableConcept": {
9884 * "system": "http://www.nlm.nih.gov/research/umls/rxnorm",
9885 * "code": "1738139",
9886 * "display": "Acetaminophen 325 MG Oral Tablet"
9891 * "reference": "Patient/946da617-1a4a-4b2c-ae66-93b84377cb1e",
9894 * "authoredOn": "2021-09-18T00:00:00+00:00",
9896 * "reference": "Practitioner/946da61d-ac5f-4fdc-b3f2-7b58dc49976b",
9897 * "type": "Practitioner"
9905 * ref="#/components/responses/badrequest"
9909 * ref="#/components/responses/unauthorized"
9913 * ref="#/components/responses/uuidnotfound"
9915 * security={{"openemr_auth":{}}}
9918 "GET /fhir/MedicationRequest/:uuid" => function ($uuid, HttpRestRequest
$request) {
9919 if ($request->isPatientRequest()) {
9920 // only allow access to data of binded patient
9921 $return = (new FhirMedicationRequestRestController())->getOne($uuid, $request->getPatientUUIDString());
9923 RestConfig
::authorization_check("patients", "med");
9924 $return = (new FhirMedicationRequestRestController())->getOne($uuid);
9926 RestConfig
::apiLog($return);
9932 * path="/fhir/Observation",
9933 * description="Returns a list of Observation resources.",
9938 * description="The uuid for the Observation resource.",
9947 * description="The uuid for the patient.",
9956 * description="The code of the Observation resource.",
9965 * description="The category of the Observation resource.",
9974 * description="The datetime of the Observation resource.",
9982 * description="Standard Response",
9984 * mediaType="application/json",
9987 * property="json object",
9988 * description="FHIR Json object.",
9993 * "lastUpdated": "2021-09-14T09:13:51"
9995 * "resourceType": "Bundle",
9996 * "type": "collection",
10000 * "relation": "self",
10001 * "url": "https://localhost:9300/apis/default/fhir/Observation"
10010 * ref="#/components/responses/badrequest"
10014 * ref="#/components/responses/unauthorized"
10016 * security={{"openemr_auth":{}}}
10019 "GET /fhir/Observation" => function (HttpRestRequest
$request) {
10020 $getParams = $request->getQueryParams();
10021 if ($request->isPatientRequest()) {
10022 // only allow access to data of binded patient
10023 $return = (new FhirObservationRestController())->getAll($getParams, $request->getPatientUUIDString());
10025 RestConfig
::authorization_check("patients", "med");
10026 $return = (new FhirObservationRestController())->getAll($getParams);
10028 RestConfig
::apiLog($return);
10034 * path="/fhir/Observation/{uuid}",
10035 * description="Returns a single Observation resource.",
10040 * description="The uuid for the Observation resource.",
10048 * description="Standard Response",
10050 * mediaType="application/json",
10053 * property="json object",
10054 * description="FHIR Json object.",
10058 * "id": "946da61e-0597-485e-9dfd-a87205ea56b3",
10060 * "versionId": "1",
10061 * "lastUpdated": "2021-09-20T04:12:16+00:00"
10063 * "resourceType": "Observation",
10064 * "status": "final",
10069 * "system": "http://terminology.hl7.org/CodeSystem/observation-category",
10070 * "code": "vital-signs"
10078 * "system": "http://loinc.org",
10079 * "code": "85354-9",
10080 * "display": "Blood pressure systolic and diastolic"
10085 * "reference": "Patient/946da619-c631-431a-a282-487cd6fb7802",
10086 * "type": "Patient"
10088 * "effectiveDateTime": "2015-08-31T00:00:00+00:00",
10094 * "system": "http://loinc.org",
10095 * "code": "8480-6",
10096 * "display": "Systolic blood pressure"
10100 * "valueQuantity": {
10102 * "unit": "mm[Hg]",
10103 * "system": "http://unitsofmeasure.org",
10111 * "system": "http://loinc.org",
10112 * "code": "8462-4",
10113 * "display": "Diastolic blood pressure"
10117 * "valueQuantity": {
10119 * "unit": "mm[Hg]",
10120 * "system": "http://unitsofmeasure.org",
10131 * ref="#/components/responses/badrequest"
10135 * ref="#/components/responses/unauthorized"
10139 * ref="#/components/responses/uuidnotfound"
10141 * security={{"openemr_auth":{}}}
10144 "GET /fhir/Observation/:uuid" => function ($uuid, HttpRestRequest
$request) {
10145 if ($request->isPatientRequest()) {
10146 // only allow access to data of binded patient
10147 $return = (new FhirObservationRestController())->getOne($uuid, $request->getPatientUUIDString());
10149 RestConfig
::authorization_check("patients", "med");
10150 $return = (new FhirObservationRestController())->getOne($uuid);
10152 RestConfig
::apiLog($return);
10158 * path="/fhir/Organization",
10159 * description="Returns a list of Organization resources.",
10164 * description="The uuid for the Organization resource.",
10173 * description="The name of the Organization resource.",
10182 * description="The email of the Organization resource.",
10191 * description="The phone of the Organization resource.",
10200 * description="The telecom of the Organization resource.",
10209 * description="The address of the Organization resource.",
10216 * name="address-city",
10218 * description="The address-city of the Organization resource.",
10225 * name="address-postalcode",
10227 * description="The address-postalcode of the Organization resource.",
10234 * name="address-state",
10236 * description="The address-state of the Organization resource.",
10244 * description="Standard Response",
10246 * mediaType="application/json",
10249 * property="json object",
10250 * description="FHIR Json object.",
10255 * "lastUpdated": "2021-09-14T09:13:51"
10257 * "resourceType": "Bundle",
10258 * "type": "collection",
10262 * "relation": "self",
10263 * "url": "https://localhost:9300/apis/default/fhir/Organization"
10272 * ref="#/components/responses/badrequest"
10276 * ref="#/components/responses/unauthorized"
10278 * security={{"openemr_auth":{}}}
10281 "GET /fhir/Organization" => function (HttpRestRequest
$request) {
10282 if (!$request->isPatientRequest()) {
10283 RestConfig
::authorization_check("admin", "users");
10285 $return = (new FhirOrganizationRestController())->getAll($request->getQueryParams());
10286 RestConfig
::apiLog($return);
10292 * path="/fhir/Organization/{uuid}",
10293 * description="Returns a single Organization resource.",
10298 * description="The uuid for the Organization resource.",
10306 * description="Standard Response",
10308 * mediaType="application/json",
10311 * property="json object",
10312 * description="FHIR Json object.",
10316 * "id": "95f0e672-be37-4c73-95c9-649c2d200018",
10318 * "versionId": "1",
10319 * "lastUpdated": "2022-03-30T07:43:23+00:00"
10321 * "resourceType": "Organization",
10323 * "status": "generated",
10324 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Your Clinic Name Here</p></div>"
10328 * "system": "http://hl7.org/fhir/sid/us-npi",
10329 * "value": "1234567890"
10337 * "system": "http://terminology.hl7.org/CodeSystem/organization-type",
10339 * "display": "Healthcare Provider"
10344 * "name": "Your Clinic Name Here",
10347 * "system": "phone",
10348 * "value": "000-000-0000",
10353 * "value": "000-000-0000",
10366 * ref="#/components/responses/badrequest"
10370 * ref="#/components/responses/unauthorized"
10374 * ref="#/components/responses/uuidnotfound"
10376 * security={{"openemr_auth":{}}}
10379 "GET /fhir/Organization/:uuid" => function ($uuid, HttpRestRequest
$request) {
10380 $patientUUID = null;
10381 if (!$request->isPatientRequest()) {
10382 RestConfig
::authorization_check("admin", "users");
10384 $patientUUID = $request->getPatientUUIDString();
10386 $return = (new FhirOrganizationRestController())->getOne($uuid, $patientUUID);
10388 RestConfig
::apiLog($return);
10394 * path="/fhir/Organization",
10395 * description="Adds a Organization resource.",
10400 * mediaType="application/json",
10402 * description="The json object for the Organization resource.",
10406 * "id": "95f0e672-be37-4c73-95c9-649c2d200018",
10408 * "versionId": "1",
10409 * "lastUpdated": "2022-03-30T07:43:23+00:00"
10411 * "resourceType": "Organization",
10413 * "status": "generated",
10414 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Your Clinic Name Here</p></div>"
10418 * "system": "http://hl7.org/fhir/sid/us-npi",
10419 * "value": "1234567890"
10427 * "system": "http://terminology.hl7.org/CodeSystem/organization-type",
10429 * "display": "Healthcare Provider"
10434 * "name": "Your Clinic Name Here Hey",
10437 * "system": "phone",
10438 * "value": "000-000-0000",
10443 * "value": "000-000-0000",
10455 * description="Standard Response",
10457 * mediaType="application/json",
10460 * property="json object",
10461 * description="FHIR Json object.",
10465 * "id": "95f0e672-be37-4c73-95c9-649c2d200018",
10467 * "versionId": "1",
10468 * "lastUpdated": "2022-03-30T07:43:23+00:00"
10470 * "resourceType": "Organization",
10472 * "status": "generated",
10473 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Your Clinic Name Here</p></div>"
10477 * "system": "http://hl7.org/fhir/sid/us-npi",
10478 * "value": "1234567890"
10486 * "system": "http://terminology.hl7.org/CodeSystem/organization-type",
10488 * "display": "Healthcare Provider"
10493 * "name": "Your Clinic Name Here Now",
10496 * "system": "phone",
10497 * "value": "000-000-0000",
10502 * "value": "000-000-0000",
10515 * ref="#/components/responses/badrequest"
10519 * ref="#/components/responses/unauthorized"
10521 * security={{"openemr_auth":{}}}
10524 "POST /fhir/Organization" => function (HttpRestRequest
$request) {
10525 RestConfig
::authorization_check("admin", "super");
10526 $data = (array) (json_decode(file_get_contents("php://input"), true));
10527 $return = (new FhirOrganizationRestController())->post($data);
10528 RestConfig
::apiLog($return, $data);
10534 * path="/fhir/Organization/{uuid}",
10535 * description="Modifies a Organization resource.",
10540 * description="The uuid for the organization.",
10549 * mediaType="application/json",
10551 * description="The json object for the Organization resource.",
10555 * "id": "95f0e672-be37-4c73-95c9-649c2d200018",
10557 * "versionId": "1",
10558 * "lastUpdated": "2022-03-30T07:43:23+00:00"
10560 * "resourceType": "Organization",
10562 * "status": "generated",
10563 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Your Clinic Name Here</p></div>"
10567 * "system": "http://hl7.org/fhir/sid/us-npi",
10568 * "value": "1234567890"
10576 * "system": "http://terminology.hl7.org/CodeSystem/organization-type",
10578 * "display": "Healthcare Provider"
10583 * "name": "Your Clinic Name Here",
10586 * "system": "phone",
10587 * "value": "000-000-0000",
10592 * "value": "000-000-0000",
10604 * description="Standard Response",
10606 * mediaType="application/json",
10610 * "uuid": "95f217c1-258c-44ca-bf11-909dce369574"
10617 * ref="#/components/responses/badrequest"
10621 * ref="#/components/responses/unauthorized"
10623 * security={{"openemr_auth":{}}}
10626 "PUT /fhir/Organization/:uuid" => function ($uuid, HttpRestRequest
$request) {
10627 RestConfig
::authorization_check("admin", "super");
10628 $data = (array) (json_decode(file_get_contents("php://input"), true));
10629 $return = (new FhirOrganizationRestController())->patch($uuid, $data);
10630 RestConfig
::apiLog($return, $data);
10636 * path="/fhir/Patient",
10637 * description="Adds a Patient resource.",
10642 * mediaType="application/json",
10644 * description="The json object for the Patient resource.",
10648 * "id": "95f22ff4-dd25-4290-8b52-1dd2fedf8e54",
10650 * "versionId": "1",
10651 * "lastUpdated": "2022-03-31T02:48:28+00:00"
10653 * "resourceType": "Patient",
10655 * "status": "generated",
10656 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Brenda Smith</p></div>"
10660 * "valueCode": "F",
10661 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-birthsex"
10667 * "system": "http://terminology.hl7.org/CodeSystem/v3-NullFlavor",
10669 * "display": "Unknown"
10671 * "url": "ombCategory"
10674 * "valueString": "Unknown",
10678 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-race"
10683 * "use": "official",
10687 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
10692 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
10699 * "use": "official",
10700 * "family": "Smith",
10706 * "gender": "female",
10707 * "birthDate": "2017-03-10",
10708 * "communication": {
10713 * "system": "http://terminology.hl7.org/CodeSystem/data-absent-reason",
10714 * "code": "unknown",
10715 * "display": "Unknown"
10726 * description="Standard Response",
10728 * mediaType="application/json",
10731 * property="json object",
10732 * description="FHIR Json object.",
10736 * "id": "95f22ff4-dd25-4290-8b52-1dd2fedf8e54",
10738 * "versionId": "1",
10739 * "lastUpdated": "2022-03-31T02:48:28+00:00"
10741 * "resourceType": "Patient",
10743 * "status": "generated",
10744 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Brenda Smith</p></div>"
10748 * "valueCode": "F",
10749 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-birthsex"
10755 * "system": "http://terminology.hl7.org/CodeSystem/v3-NullFlavor",
10757 * "display": "Unknown"
10759 * "url": "ombCategory"
10762 * "valueString": "Unknown",
10766 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-race"
10771 * "use": "official",
10775 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
10780 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
10787 * "use": "official",
10788 * "family": "Smith",
10794 * "gender": "female",
10795 * "birthDate": "2017-03-10",
10796 * "communication": {
10801 * "system": "http://terminology.hl7.org/CodeSystem/data-absent-reason",
10802 * "code": "unknown",
10803 * "display": "Unknown"
10815 * ref="#/components/responses/badrequest"
10819 * ref="#/components/responses/unauthorized"
10821 * security={{"openemr_auth":{}}}
10824 "POST /fhir/Patient" => function (HttpRestRequest
$request) {
10825 RestConfig
::authorization_check("patients", "demo");
10826 $data = (array) (json_decode(file_get_contents("php://input"), true));
10827 $return = (new FhirPatientRestController())->post($data);
10828 RestConfig
::apiLog($return, $data);
10834 * path="/fhir/Patient/{uuid}",
10835 * description="Modifies a Patient resource.",
10840 * description="The uuid for the Patient resource.",
10849 * mediaType="application/json",
10851 * description="The json object for the Patient resource.",
10855 * "id": "95f22ff4-dd25-4290-8b52-1dd2fedf8e54",
10857 * "versionId": "1",
10858 * "lastUpdated": "2022-03-31T02:48:28+00:00"
10860 * "resourceType": "Patient",
10862 * "status": "generated",
10863 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Brenda Smith</p></div>"
10867 * "valueCode": "F",
10868 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-birthsex"
10874 * "system": "http://terminology.hl7.org/CodeSystem/v3-NullFlavor",
10876 * "display": "Unknown"
10878 * "url": "ombCategory"
10881 * "valueString": "Unknown",
10885 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-race"
10890 * "use": "official",
10894 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
10899 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
10906 * "use": "official",
10907 * "family": "Smith",
10913 * "gender": "female",
10914 * "birthDate": "2017-03-10",
10915 * "communication": {
10920 * "system": "http://terminology.hl7.org/CodeSystem/data-absent-reason",
10921 * "code": "unknown",
10922 * "display": "Unknown"
10933 * description="Standard Response",
10935 * mediaType="application/json",
10939 * "uuid": "95f2ad04-5834-4243-8838-e396a7faadbf"
10946 * ref="#/components/responses/badrequest"
10950 * ref="#/components/responses/unauthorized"
10952 * security={{"openemr_auth":{}}}
10955 "PUT /fhir/Patient/:uuid" => function ($uuid, HttpRestRequest
$request) {
10956 RestConfig
::authorization_check("patients", "demo");
10957 $data = (array) (json_decode(file_get_contents("php://input"), true));
10958 $return = (new FhirPatientRestController())->put($uuid, $data);
10959 RestConfig
::apiLog($return, $data);
10965 * path="/fhir/Patient",
10966 * description="Returns a list of Patient resources.",
10971 * description="The uuid for the Patient resource.",
10978 * name="identifier",
10980 * description="The identifier of the Patient resource.",
10989 * description="The name of the Patient resource.",
10996 * name="birthdate",
10998 * description="The birthdate of the Patient resource.",
11007 * description="The gender of the Patient resource.",
11016 * description="The address of the Patient resource.",
11023 * name="address-city",
11025 * description="The address-city of the Patient resource.",
11032 * name="address-postalcode",
11034 * description="The address-postalcode of the Patient resource.",
11041 * name="address-state",
11043 * description="The address-state of the Patient resource.",
11052 * description="The email of the Patient resource.",
11061 * description="The family name of the Patient resource.",
11070 * description="The given name of the Patient resource.",
11079 * description="The phone number of the Patient resource.",
11088 * description="The fax number of the Patient resource.",
11096 * description="Standard Response",
11098 * mediaType="application/json",
11101 * property="json object",
11102 * description="FHIR Json object.",
11107 * "lastUpdated": "2021-09-14T09:13:51"
11109 * "resourceType": "Bundle",
11110 * "type": "collection",
11114 * "relation": "self",
11115 * "url": "https://localhost:9300/apis/default/fhir/Patient"
11124 * ref="#/components/responses/badrequest"
11128 * ref="#/components/responses/unauthorized"
11130 * security={{"openemr_auth":{}}}
11133 "GET /fhir/Patient" => function (HttpRestRequest
$request) {
11134 $params = $request->getQueryParams();
11135 if ($request->isPatientRequest()) {
11136 // only allow access to data of binded patient
11137 // Note in Patient context still have to return a bundle even if it is just one resource. (ie.
11138 // need to use getAll rather than getOne)
11139 $params['_id'] = $request->getPatientUUIDString();
11140 $return = (new FhirPatientRestController())->getAll($params, $request->getPatientUUIDString());
11142 RestConfig
::authorization_check("patients", "demo");
11143 $return = (new FhirPatientRestController())->getAll($params);
11145 RestConfig
::apiLog($return);
11151 * path="/fhir/Patient/$export",
11152 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
11156 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>"
11160 * ref="#/components/responses/badrequest"
11164 * ref="#/components/responses/unauthorized"
11166 * security={{"openemr_auth":{}}}
11169 // we have to have the bulk fhir export operation here otherwise it will match $export to the patient $id
11170 'GET /fhir/Patient/$export' => function (HttpRestRequest
$request) {
11171 RestConfig
::authorization_check("admin", "users");
11172 $fhirExportService = new FhirOperationExportRestController($request);
11173 $return = $fhirExportService->processExport(
11174 $request->getQueryParams(),
11176 $request->getHeader('Accept'),
11177 $request->getHeader('Prefer')
11179 RestConfig
::apiLog($return);
11185 * path="/fhir/Patient/{uuid}",
11186 * description="Returns a single Patient resource.",
11191 * description="The uuid for the Patient resource.",
11199 * description="Standard Response",
11201 * mediaType="application/json",
11204 * property="json object",
11205 * description="FHIR Json object.",
11209 * "id": "946da617-1a4a-4b2c-ae66-93b84377cb1e",
11211 * "versionId": "1",
11212 * "lastUpdated": "2021-09-21T17:08:03+00:00"
11214 * "resourceType": "Patient",
11216 * "status": "generated",
11217 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""> <p>Aurore252 Von197</p></div>"
11221 * "valueCode": "F",
11222 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-birthsex"
11228 * "system": "urn:oid:2.16.840.1.113883.6.238",
11229 * "code": "1006-6",
11230 * "display": "Abenaki"
11232 * "url": "ombCategory"
11235 * "valueString": "Abenaki",
11239 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-race"
11244 * "valueString": "Declined To Specify",
11248 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-ethnicity"
11253 * "use": "official",
11257 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
11262 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
11269 * "use": "official",
11270 * "family": "Von197",
11276 * "gender": "female",
11277 * "birthDate": "1970-07-03",
11283 * "city": "Boston",
11284 * "state": "Massachusetts",
11285 * "postalCode": "02215",
11287 * "start": "2020-09-21T17:08:03.532+00:00"
11291 * "communication": {
11296 * "system": "http://terminology.hl7.org/CodeSystem/data-absent-reason",
11297 * "code": "unknown",
11298 * "display": "Unknown"
11310 * ref="#/components/responses/badrequest"
11314 * ref="#/components/responses/unauthorized"
11318 * ref="#/components/responses/uuidnotfound"
11320 * security={{"openemr_auth":{}}}
11323 "GET /fhir/Patient/:uuid" => function ($uuid, HttpRestRequest
$request) {
11324 if ($request->isPatientRequest()) {
11325 // only allow access to data of binded patient
11326 if (empty($uuid) ||
($uuid != $request->getPatientUUIDString())) {
11327 throw new AccessDeniedException("patients", "demo", "patient id invalid");
11329 $uuid = $request->getPatientUUIDString();
11331 RestConfig
::authorization_check("patients", "demo");
11333 $return = (new FhirPatientRestController())->getOne($uuid);
11334 RestConfig
::apiLog($return);
11340 * path="/fhir/Person",
11341 * description="Returns a list of Person resources.",
11346 * description="The name of the Person resource.",
11355 * description="The active status of the Person resource.",
11364 * description="The address of the Person resource.",
11371 * name="address-city",
11373 * description="The address-city of the Person resource.",
11380 * name="address-postalcode",
11382 * description="The address-postalcode of the Person resource.",
11389 * name="address-state",
11391 * description="The address-state of the Person resource.",
11400 * description="The email of the Person resource.",
11409 * description="The family name of the Person resource.",
11418 * description="The given name of the Person resource.",
11427 * description="The phone number of the Person resource.",
11436 * description="The fax number of the Person resource.",
11444 * description="Standard Response",
11446 * mediaType="application/json",
11449 * property="json object",
11450 * description="FHIR Json object.",
11455 * "lastUpdated": "2021-09-14T09:13:51"
11457 * "resourceType": "Bundle",
11458 * "type": "collection",
11462 * "relation": "self",
11463 * "url": "https://localhost:9300/apis/default/fhir/Person"
11472 * ref="#/components/responses/badrequest"
11476 * ref="#/components/responses/unauthorized"
11478 * security={{"openemr_auth":{}}}
11481 "GET /fhir/Person" => function (HttpRestRequest
$request) {
11482 RestConfig
::authorization_check("admin", "users");
11483 $return = (new FhirPersonRestController())->getAll($request->getQueryParams());
11484 RestConfig
::apiLog($return);
11490 * path="/fhir/Person/{uuid}",
11491 * description="Returns a single Person resource.",
11496 * description="The uuid for the Person resource.",
11504 * description="Standard Response",
11506 * mediaType="application/json",
11509 * property="json object",
11510 * description="FHIR Json object.",
11514 * "id": "960c7cd6-187a-4119-8cd4-85389d80efb9",
11516 * "versionId": "1",
11517 * "lastUpdated": "2022-04-13T08:57:32+00:00"
11519 * "resourceType": "Person",
11521 * "status": "generated",
11522 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'> <p>Administrator Administrator</p></div>"
11526 * "use": "official",
11527 * "family": "Administrator",
11536 * "system": "phone",
11537 * "value": "1234567890",
11541 * "system": "phone",
11542 * "value": "1234567890",
11546 * "system": "phone",
11547 * "value": "1234567890",
11551 * "system": "email",
11552 * "value": "hey@hey.com",
11559 * "123 Lane Street"
11561 * "city": "Bellevue",
11564 * "start": "2021-04-13T08:57:32.146+00:00"
11575 * ref="#/components/responses/badrequest"
11579 * ref="#/components/responses/unauthorized"
11583 * ref="#/components/responses/uuidnotfound"
11585 * security={{"openemr_auth":{}}}
11588 "GET /fhir/Person/:uuid" => function ($uuid, HttpRestRequest
$request) {
11589 // if the api user is requesting their own user we need to let it through
11590 // this is because the /Person endpoint needs to be responsive to the fhirUser return value
11591 // for the currently logged in user
11592 if ($request->getRequestUserUUIDString() == $uuid) {
11593 $return = (new FhirPersonRestController())->getOne($uuid);
11594 } else if (!$request->isPatientRequest()) {
11595 // not a patient ,make sure we have access to the users ACL
11596 RestConfig
::authorization_check("admin", "users");
11597 $return = (new FhirPersonRestController())->getOne($uuid);
11599 // if we are a patient bound request we need to make sure we are only bound to the patient
11600 $return = (new FhirPersonRestController())->getOne($uuid, $request->getPatientUUIDString());
11603 RestConfig
::apiLog($return);
11609 * path="/fhir/Practitioner",
11610 * description="Returns a list of Practitioner resources.",
11615 * description="The uuid for the Practitioner resource.",
11624 * description="The name of the Practitioner resource.",
11633 * description="The active status of the Practitioner resource.",
11642 * description="The address of the Practitioner resource.",
11649 * name="address-city",
11651 * description="The address-city of the Practitioner resource.",
11658 * name="address-postalcode",
11660 * description="The address-postalcode of the Practitioner resource.",
11667 * name="address-state",
11669 * description="The address-state of the Practitioner resource.",
11678 * description="The email of the Practitioner resource.",
11687 * description="The family name of the Practitioner resource.",
11696 * description="The given name of the Practitioner resource.",
11705 * description="The phone number of the Practitioner resource.",
11714 * description="The fax number of the Practitioner resource.",
11722 * description="Standard Response",
11724 * mediaType="application/json",
11727 * property="json object",
11728 * description="FHIR Json object.",
11733 * "lastUpdated": "2021-09-14T09:13:51"
11735 * "resourceType": "Bundle",
11736 * "type": "collection",
11740 * "relation": "self",
11741 * "url": "https://localhost:9300/apis/default/fhir/Practitioner"
11750 * ref="#/components/responses/badrequest"
11754 * ref="#/components/responses/unauthorized"
11756 * security={{"openemr_auth":{}}}
11759 "GET /fhir/Practitioner" => function (HttpRestRequest
$request) {
11761 // TODO: @adunsulag talk with brady.miller about patients needing access to any practitioner resource
11762 // that is referenced in connected patient resources -- such as AllergyIntollerance.
11763 // I don't believe patients are assigned to a particular practitioner
11764 // should we allow just open api access to admin information? Should we restrict particular pieces
11765 // of data in the practitioner side (phone number, address information) based on a permission set?
11766 if (!$request->isPatientRequest()) {
11767 RestConfig
::authorization_check("admin", "users");
11769 $return = (new FhirPractitionerRestController())->getAll($request->getQueryParams());
11770 RestConfig
::apiLog($return);
11776 * path="/fhir/Practitioner/{uuid}",
11777 * description="Returns a single Practitioner resource.",
11782 * description="The uuid for the Practitioner resource.",
11790 * description="Standard Response",
11792 * mediaType="application/json",
11795 * property="json object",
11796 * description="FHIR Json object.",
11800 * "id": "9473b0cf-e969-4eaa-8044-51037767fa4f",
11802 * "versionId": "1",
11803 * "lastUpdated": "2021-09-21T17:41:57+00:00"
11805 * "resourceType": "Practitioner",
11807 * "status": "generated",
11808 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""> <p>Billy Smith</p></div>"
11812 * "system": "http://hl7.org/fhir/sid/us-npi",
11813 * "value": "11223344554543"
11819 * "use": "official",
11820 * "family": "Smith",
11832 * ref="#/components/responses/badrequest"
11836 * ref="#/components/responses/unauthorized"
11840 * ref="#/components/responses/uuidnotfound"
11842 * security={{"openemr_auth":{}}}
11845 "GET /fhir/Practitioner/:uuid" => function ($uuid, HttpRestRequest
$request) {
11846 // TODO: @adunsulag talk with brady.miller about patients needing access to any practitioner resource
11847 // that is referenced in connected patient resources -- such as AllergyIntollerance.
11848 // I don't believe patients are assigned to a particular practitioner
11849 // should we allow just open api access to admin information? Should we restrict particular pieces
11850 // of data in the practitioner side (phone number, address information) based on a permission set?
11851 if (!$request->isPatientRequest()) {
11852 RestConfig
::authorization_check("admin", "users");
11854 $return = (new FhirPractitionerRestController())->getOne($uuid);
11855 RestConfig
::apiLog($return);
11861 * path="/fhir/Practitioner",
11862 * description="Adds a Practitioner resources.",
11867 * mediaType="application/json",
11869 * description="The json object for the Practitioner resource.",
11873 * "id": "9473b0cf-e969-4eaa-8044-51037767fa4f",
11875 * "versionId": "1",
11876 * "lastUpdated": "2021-09-21T17:41:57+00:00"
11878 * "resourceType": "Practitioner",
11880 * "status": "generated",
11881 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""> <p>Billy Smith</p></div>"
11885 * "system": "http://hl7.org/fhir/sid/us-npi",
11886 * "value": "11223344554543"
11892 * "use": "official",
11893 * "family": "Smith",
11904 * description="Standard Response",
11906 * mediaType="application/json",
11909 * property="json object",
11910 * description="FHIR Json object.",
11914 * "id": "9473b0cf-e969-4eaa-8044-51037767fa4f",
11916 * "versionId": "1",
11917 * "lastUpdated": "2021-09-21T17:41:57+00:00"
11919 * "resourceType": "Practitioner",
11921 * "status": "generated",
11922 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""> <p>Billy Smith</p></div>"
11926 * "system": "http://hl7.org/fhir/sid/us-npi",
11927 * "value": "11223344554543"
11933 * "use": "official",
11934 * "family": "Smith",
11946 * ref="#/components/responses/badrequest"
11950 * ref="#/components/responses/unauthorized"
11952 * security={{"openemr_auth":{}}}
11955 "POST /fhir/Practitioner" => function (HttpRestRequest
$request) {
11956 RestConfig
::authorization_check("admin", "users");
11957 $data = (array) (json_decode(file_get_contents("php://input"), true));
11958 $return = (new FhirPractitionerRestController())->post($data);
11959 RestConfig
::apiLog($return, $data);
11965 * path="/fhir/Practitioner/{uuid}",
11966 * description="Modify a Practitioner resource.",
11971 * description="The uuid for the Practitioner resource.",
11980 * mediaType="application/json",
11982 * description="The json object for the Practitioner resource.",
11986 * "id": "9473b0cf-e969-4eaa-8044-51037767fa4f",
11988 * "versionId": "1",
11989 * "lastUpdated": "2021-09-21T17:41:57+00:00"
11991 * "resourceType": "Practitioner",
11993 * "status": "generated",
11994 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""> <p>Billy Smith</p></div>"
11998 * "system": "http://hl7.org/fhir/sid/us-npi",
11999 * "value": "11223344554543"
12005 * "use": "official",
12006 * "family": "Smith",
12017 * description="Standard Response",
12019 * mediaType="application/json",
12023 * "uuid": "95f294d7-e14c-441d-81a6-309fe369ee21"
12030 * ref="#/components/responses/badrequest"
12034 * ref="#/components/responses/unauthorized"
12036 * security={{"openemr_auth":{}}}
12039 "PUT /fhir/Practitioner/:uuid" => function ($uuid, HttpRestRequest
$request) {
12040 RestConfig
::authorization_check("admin", "users");
12041 $data = (array) (json_decode(file_get_contents("php://input"), true));
12042 $return = (new FhirPractitionerRestController())->patch($uuid, $data);
12043 RestConfig
::apiLog($return, $data);
12049 * path="/fhir/PractitionerRole",
12050 * description="Returns a list of PractitionerRole resources.",
12053 * name="specialty",
12055 * description="The specialty of the PractitionerRole resource.",
12062 * name="practitioner",
12064 * description="The practitioner of the PractitionerRole resource.",
12072 * description="Standard Response",
12074 * mediaType="application/json",
12077 * property="json object",
12078 * description="FHIR Json object.",
12083 * "lastUpdated": "2021-09-14T09:13:51"
12085 * "resourceType": "Bundle",
12086 * "type": "collection",
12090 * "relation": "self",
12091 * "url": "https://localhost:9300/apis/default/fhir/PractitionerRole"
12100 * ref="#/components/responses/badrequest"
12104 * ref="#/components/responses/unauthorized"
12106 * security={{"openemr_auth":{}}}
12109 "GET /fhir/PractitionerRole" => function (HttpRestRequest
$request) {
12110 RestConfig
::authorization_check("admin", "users");
12111 $return = (new FhirPractitionerRoleRestController())->getAll($request->getQueryParams());
12112 RestConfig
::apiLog($return);
12118 * path="/fhir/PractitionerRole/{uuid}",
12119 * description="Returns a single PractitionerRole resource.",
12124 * description="The uuid for the PractitionerRole resource.",
12132 * description="Standard Response",
12134 * mediaType="application/json",
12137 * property="json object",
12138 * description="FHIR Json object.",
12142 * "id": "960c806f-9463-482e-b228-67b5be1fed55",
12144 * "versionId": "1",
12145 * "lastUpdated": "2022-04-13T06:18:17+00:00"
12147 * "resourceType": "PractitionerRole",
12148 * "practitioner": {
12149 * "reference": "Practitioner/960c7cd6-187a-4119-8cd4-85389d80efb9",
12150 * "display": "Administrator Administrator"
12152 * "organization": {
12153 * "reference": "Organization/960c7cc6-b4ae-49bc-877b-1a2913271c43",
12154 * "display": "Your Clinic Name Here"
12161 * "text": "Psychoanalyst"
12167 * "text": "Counselor"
12176 * ref="#/components/responses/badrequest"
12180 * ref="#/components/responses/unauthorized"
12184 * ref="#/components/responses/uuidnotfound"
12186 * security={{"openemr_auth":{}}}
12189 "GET /fhir/PractitionerRole/:uuid" => function ($uuid, HttpRestRequest
$request) {
12190 RestConfig
::authorization_check("admin", "users");
12191 $return = (new FhirPractitionerRoleRestController())->getOne($uuid);
12192 RestConfig
::apiLog($return);
12198 * path="/fhir/Procedure",
12199 * description="Returns a list of Procedure resources.",
12204 * description="The uuid for the Procedure resource.",
12213 * description="The uuid for the patient.",
12222 * description="The datetime of the Procedure resource.",
12230 * description="Standard Response",
12232 * mediaType="application/json",
12235 * property="json object",
12236 * description="FHIR Json object.",
12241 * "lastUpdated": "2021-09-14T09:13:51"
12243 * "resourceType": "Bundle",
12244 * "type": "collection",
12248 * "relation": "self",
12249 * "url": "https://localhost:9300/apis/default/fhir/Procedure"
12258 * ref="#/components/responses/badrequest"
12262 * ref="#/components/responses/unauthorized"
12264 * security={{"openemr_auth":{}}}
12267 "GET /fhir/Procedure" => function (HttpRestRequest
$request) {
12268 if ($request->isPatientRequest()) {
12269 // only allow access to data of binded patient
12270 $return = (new FhirProcedureRestController())->getAll($request->getQueryParams(), $request->getPatientUUIDString());
12272 RestConfig
::authorization_check("patients", "med");
12273 $return = (new FhirProcedureRestController())->getAll($request->getQueryParams());
12275 RestConfig
::apiLog($return);
12281 * path="/fhir/Procedure/{uuid}",
12282 * description="Returns a single Procedure resource.",
12287 * description="The uuid for the Procedure resource.",
12295 * description="Standard Response",
12297 * mediaType="application/json",
12300 * property="json object",
12301 * description="FHIR Json object.",
12305 * "id": "95e9d3fb-fe7b-448a-aa60-d40b11b486a5",
12307 * "versionId": "1",
12308 * "lastUpdated": "2022-03-26T17:20:14+00:00"
12310 * "resourceType": "Procedure",
12311 * "status": "in-progress",
12313 * "reference": "Patient/95e8d830-3068-48cf-930a-2fefb18c2bcf",
12314 * "type": "Patient"
12322 * ref="#/components/responses/badrequest"
12326 * ref="#/components/responses/unauthorized"
12330 * ref="#/components/responses/uuidnotfound"
12332 * security={{"openemr_auth":{}}}
12335 "GET /fhir/Procedure/:uuid" => function ($uuid, HttpRestRequest
$request) {
12336 if ($request->isPatientRequest()) {
12337 // only allow access to data of binded patient
12338 $return = (new FhirProcedureRestController())->getOne($uuid, $request->getPatientUUIDString());
12340 RestConfig
::authorization_check("patients", "med");
12341 $return = (new FhirProcedureRestController())->getOne($uuid);
12343 RestConfig
::apiLog($return);
12349 * path="/fhir/Provenance/{uuid}",
12350 * description="Returns a single Provenance resource.",
12355 * description="The id for the Provenance resource. Format is \<resource name\>:\<uuid\> (Example: AllergyIntolerance:95ea43f3-1066-4bc7-b224-6c23b985f145).",
12363 * description="Standard Response",
12365 * mediaType="application/json",
12368 * property="json object",
12369 * description="FHIR Json object.",
12373 * "id": "AllergyIntolerance:95ea43f3-1066-4bc7-b224-6c23b985f145",
12374 * "resourceType": "Provenance",
12377 * "reference": "AllergyIntolerance/95ea43f3-1066-4bc7-b224-6c23b985f145",
12378 * "type": "AllergyIntolerance"
12381 * "recorded": "2022-03-26T22:43:30+00:00",
12387 * "system": "http://terminology.hl7.org/CodeSystem/provenance-participant-type",
12388 * "code": "author",
12389 * "display": "Author"
12394 * "reference": "Organization/95e8d810-7e55-44aa-bb48-fecd5b0d88c7",
12395 * "type": "Organization"
12398 * "reference": "Organization/95e8d810-7e55-44aa-bb48-fecd5b0d88c7",
12399 * "type": "Organization"
12406 * "system": "http://hl7.org/fhir/us/core/CodeSystem/us-core-provenance-participant-type",
12407 * "code": "transmitter",
12408 * "display": "Transmitter"
12414 * "reference": "Organization/95e8d810-7e55-44aa-bb48-fecd5b0d88c7",
12415 * "type": "Organization"
12418 * "reference": "Organization/95e8d810-7e55-44aa-bb48-fecd5b0d88c7",
12419 * "type": "Organization"
12428 * ref="#/components/responses/badrequest"
12432 * ref="#/components/responses/unauthorized"
12436 * ref="#/components/responses/uuidnotfound"
12438 * security={{"openemr_auth":{}}}
12441 "GET /fhir/Provenance/:uuid" => function ($uuid, HttpRestRequest
$request) {
12442 if ($request->isPatientRequest()) {
12443 // only allow access to data of binded patient
12444 $return = (new FhirProvenanceRestController($request))->getOne($uuid, $request->getPatientUUIDString());
12446 RestConfig
::authorization_check("admin", "super");
12447 $return = (new FhirProvenanceRestController($request))->getOne($uuid);
12449 RestConfig
::apiLog($return);
12455 * path="/fhir/Provenance",
12456 * description="Returns a list of Provenance resources.",
12461 * description="The id for the Provenance resource. Format is \<resource name\>:\<uuid\> (Example: AllergyIntolerance:95ea43f3-1066-4bc7-b224-6c23b985f145).",
12469 * description="Standard Response",
12471 * mediaType="application/json",
12474 * property="json object",
12475 * description="FHIR Json object.",
12480 * "lastUpdated": "2021-09-14T09:13:51"
12482 * "resourceType": "Bundle",
12483 * "type": "collection",
12487 * "relation": "self",
12488 * "url": "https://localhost:9300/apis/default/fhir/Provenance"
12497 * ref="#/components/responses/badrequest"
12501 * ref="#/components/responses/unauthorized"
12503 * security={{"openemr_auth":{}}}
12506 // NOTE: this GET request only supports requests with an _id parameter. FHIR inferno test tool requires the 'search'
12507 // property to support which is why this endpoint exists.
12508 "GET /fhir/Provenance" => function (HttpRestRequest
$request) {
12509 if ($request->isPatientRequest()) {
12510 // only allow access to data of binded patient
12511 $return = (new FhirProvenanceRestController($request))->getAll($request->getQueryParams(), $request->getPatientUUIDString());
12513 // TODO: it seems like regular users should be able to grab authorship / provenance information
12514 RestConfig
::authorization_check("admin", "super");
12515 $return = (new FhirProvenanceRestController($request))->getAll($request->getQueryParams());
12517 RestConfig
::apiLog($return);
12525 * path="/fhir/metadata",
12526 * description="Returns metadata (ie. CapabilityStatement resource) of the fhir server.",
12530 * description="Return CapabilityStatement resource of the fhir server"
12534 "GET /fhir/metadata" => function () {
12535 $return = (new FhirMetaDataRestController())->getMetaData();
12536 RestConfig
::apiLog($return);
12542 * path="/fhir/.well-known/smart-configuration",
12543 * description="Returns smart configuration of the fhir server.",
12547 * description="Return smart configuration of the fhir server"
12551 "GET /fhir/.well-known/smart-configuration" => function () {
12552 $authController = new \OpenEMR\RestControllers\
AuthorizationController();
12553 $return = (new \OpenEMR\RestControllers\SMART\
SMARTConfigurationController($authController))->getConfig();
12554 RestConfig
::apiLog($return);
12560 * path="/fhir/OperationDefinition",
12561 * description="Returns a list of the OperationDefinition resources that are specific to this OpenEMR installation",
12565 * description="Return list of OperationDefinition resources"
12569 "GET /fhir/OperationDefinition" => function (HttpRestRequest
$request) {
12570 // for now we will just hard code the custom resources
12571 $operationDefinitionController = new FhirOperationDefinitionRestController();
12572 $return = $operationDefinitionController->getAll($request->getQueryParams());
12573 RestConfig
::apiLog($return);
12579 * path="/fhir/OperationDefinition/{operation}",
12580 * description="Returns a single OperationDefinition resource that is specific to this OpenEMR installation",
12583 * name="operation",
12585 * description="The name of the operation to query. For example $bulkdata-status",
12593 * description="Standard Response",
12595 * mediaType="application/json",
12598 * property="json object",
12599 * description="FHIR Json object.",
12603 * "resourceType": "OperationDefinition",
12604 * "name": "$bulkdata-status",
12605 * "status": "active",
12606 * "kind": "operation",
12614 * "system": "http://hl7.org/fhir/data-types",
12615 * "code": "string",
12616 * "display": "string"
12619 * "system": "http://hl7.org/fhir/ValueSet/search-param-type",
12620 * "code": "string",
12621 * "display": "string"
12631 "GET /fhir/OperationDefinition/:operation" => function ($operation, HttpRestRequest
$request) {
12632 // for now we will just hard code the custom resources
12633 $operationDefinitionController = new FhirOperationDefinitionRestController();
12634 $return = $operationDefinitionController->getOne($operation);
12635 RestConfig
::apiLog($return);
12639 // FHIR root level operations
12643 * path="/fhir/$export",
12644 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
12648 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>"
12652 * ref="#/components/responses/badrequest"
12656 * ref="#/components/responses/unauthorized"
12658 * security={{"openemr_auth":{}}}
12661 'GET /fhir/$export' => function (HttpRestRequest
$request) {
12662 RestConfig
::authorization_check("admin", "users");
12663 $fhirExportService = new FhirOperationExportRestController($request);
12664 $return = $fhirExportService->processExport(
12665 $request->getQueryParams(),
12667 $request->getHeader('Accept'),
12668 $request->getHeader('Prefer')
12670 RestConfig
::apiLog($return);
12674 // these two operations are adopted based on the documentation used in the IBM FHIR Server
12675 // we'd reference cerner or epic but we couldn't find any documentation about those (Jan 30th 2021)
12676 // @see https://ibm.github.io/FHIR/guides/FHIRBulkOperations/
12680 * path="/fhir/$bulkdata-status",
12681 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
12685 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>"
12689 * ref="#/components/responses/badrequest"
12693 * ref="#/components/responses/unauthorized"
12695 * security={{"openemr_auth":{}}}
12698 'GET /fhir/$bulkdata-status' => function (HttpRestRequest
$request) {
12699 RestConfig
::authorization_check("admin", "users");
12700 $jobUuidString = $request->getQueryParam('job');
12701 // if we were truly async we would return 202 here to say we are in progress with a JSON response
12702 // since OpenEMR data is so small we just return the JSON from the database
12703 $fhirExportService = new FhirOperationExportRestController($request);
12704 $return = $fhirExportService->processExportStatusRequestForJob($jobUuidString);
12705 RestConfig
::apiLog($return);
12711 * path="/fhir/$bulkdata-status",
12712 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>",
12716 * description="The BULK FHIR Exports documentation can be found at <a href='https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API' target='_blank' rel='noopener'>https://www.open-emr.org/wiki/index.php/OpenEMR_Wiki_Home_Page#API</a>"
12720 * ref="#/components/responses/badrequest"
12724 * ref="#/components/responses/unauthorized"
12726 * security={{"openemr_auth":{}}}
12729 'DELETE /fhir/$bulkdata-status' => function (HttpRestRequest
$request) {
12730 RestConfig
::authorization_check("admin", "users");
12731 $job = $request->getQueryParam('job');
12732 $fhirExportService = new FhirOperationExportRestController($request);
12733 $return = $fhirExportService->processDeleteExportForJob($job);
12734 RestConfig
::apiLog($return);
12739 // Note that the portal (api) route is only for patient role
12740 // (there is a mechanism in place to ensure only patient role can access the portal (api) route)
12741 RestConfig
::$PORTAL_ROUTE_MAP = array(
12744 * path="/portal/patient",
12745 * description="Returns the patient.",
12746 * tags={"standard-patient"},
12749 * description="Standard response",
12751 * mediaType="application/json",
12752 * @OA\Schema(ref="#/components/schemas/api_patient_response")
12757 * ref="#/components/responses/unauthorized"
12759 * security={{"openemr_auth":{}}}
12762 "GET /portal/patient" => function (HttpRestRequest
$request) {
12763 $return = (new PatientRestController())->getOne($request->getPatientUUIDString());
12764 RestConfig
::apiLog($return);
12770 * path="/portal/patient/encounter",
12771 * description="Returns encounters for the patient.",
12772 * tags={"standard-patient"},
12775 * ref="#/components/responses/standard"
12779 * ref="#/components/responses/badrequest"
12783 * ref="#/components/responses/unauthorized"
12785 * security={{"openemr_auth":{}}}
12788 "GET /portal/patient/encounter" => function (HttpRestRequest
$request) {
12789 $return = (new EncounterRestController())->getAll($request->getPatientUUIDString());
12790 RestConfig
::apiLog($return);
12796 * path="/portal/patient/encounter/{euuid}",
12797 * description="Returns a selected encounter by its uuid.",
12798 * tags={"standard-patient"},
12802 * description="The uuid for the encounter.",
12810 * ref="#/components/responses/standard"
12814 * ref="#/components/responses/badrequest"
12818 * ref="#/components/responses/unauthorized"
12820 * security={{"openemr_auth":{}}}
12823 "GET /portal/patient/encounter/:euuid" => function ($euuid, HttpRestRequest
$request) {
12824 $return = (new EncounterRestController())->getOne($request->getPatientUUIDString(), $euuid);
12825 RestConfig
::apiLog($return);
12831 * path="/portal/patient/appointment",
12832 * description="Retrieves all appointments for a patient",
12833 * tags={"standard-patient"},
12836 * ref="#/components/responses/standard"
12840 * ref="#/components/responses/badrequest"
12844 * ref="#/components/responses/unauthorized"
12846 * security={{"openemr_auth":{}}}
12849 "GET /portal/patient/appointment" => function (HttpRestRequest
$request) {
12850 $return = (new AppointmentRestController())->getAllForPatientByUuid($request->getPatientUUIDString());
12851 RestConfig
::apiLog($return);
12858 * path="/portal/patient/appointment/{auuid}",
12859 * description="Returns a selected appointment by its uuid.",
12860 * tags={"standard-patient"},
12864 * description="The uuid for the appointment.",
12872 * ref="#/components/responses/standard"
12876 * ref="#/components/responses/badrequest"
12880 * ref="#/components/responses/unauthorized"
12882 * security={{"openemr_auth":{}}}
12885 "GET /portal/patient/appointment/:auuid" => function ($auuid, HttpRestRequest
$request) {
12886 $return = (new AppointmentRestController())->getOneForPatient($auuid, $request->getPatientUUIDString());
12887 RestConfig
::apiLog($return);