8 * @link http://www.open-emr.org
9 * @author Matthew Vita <matthewvita48@gmail.com>
10 * @author Jerry Padgett <sjpadgett@gmail.com>
11 * @author Brady Miller <brady.g.miller@gmail.com>
12 * @author Yash Raj Bothra <yashrajbothra786@gmail.com>
13 * @copyright Copyright (c) 2018 Matthew Vita <matthewvita48@gmail.com>
14 * @copyright Copyright (c) 2018-2020 Jerry Padgett <sjpadgett@gmail.com>
15 * @copyright Copyright (c) 2019-2021 Brady Miller <brady.g.miller@gmail.com>
16 * @copyright Copyright (c) 2020 Yash Raj Bothra <yashrajbothra786@gmail.com>
17 * @license https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
21 * @OA\Info(title="OpenEMR API", version="6.1.0")
22 * @OA\Server(url="/apis/default/")
24 * securityScheme="openemr_auth",
27 * authorizationUrl="/oauth2/default/authorize",
28 * tokenUrl="/oauth2/default/token",
29 * refreshUrl="/oauth2/default/token",
30 * flow="authorizationCode",
32 * "openid": "Generic mandatory scope",
33 * "offline_access": "Will signal server to provide a refresh token",
34 * "api:fhir": "FHIR R4 API",
35 * "patient/AllergyIntolerance.read": "Read allergy intolerance resources for the current patient (api:fhir)",
36 * "patient/CarePlan.read": "Read care plan resources for the current patient (api:fhir)",
37 * "patient/CareTeam.read": "Read care team resources for the current patient (api:fhir)",
38 * "patient/Condition.read": "Read condition resources for the current patient (api:fhir)",
39 * "patient/Device.read": "Read device resources for the current patient (api:fhir)",
40 * "patient/DiagnosticReport.read": "Read diagnostic report resources for the current patient (api:fhir)",
41 * "patient/DocumentReference.read": "Read document reference resources for the current patient (api:fhir)",
42 * "patient/Encounter.read": "Read encounter resources for the current patient (api:fhir)",
43 * "patient/Goal.read": "Read goal resources for the current patient (api:fhir)",
44 * "patient/Immunization.read": "Read immunization resources for the current patient (api:fhir)",
45 * "patient/Location.read": "Read location resources for the current patient (api:fhir)",
46 * "patient/Medication.read": "Read medication resources for the current patient (api:fhir)",
47 * "patient/MedicationRequest.read": "Read medication request resources for the current patient (api:fhir)",
48 * "patient/Observation.read": "Read observation resources for the current patient (api:fhir)",
49 * "patient/Organization.read": "Read organization resources for the current patient (api:fhir)",
50 * "patient/Patient.read": "Read patient resource for the current patient (api:fhir)",
51 * "patient/Person.read": "Read person resources for the current patient (api:fhir)",
52 * "patient/Practitioner.read": "Read practitioner resources for the current patient (api:fhir)",
53 * "patient/Procedure.read": "Read procedure resources for the current patient (api:fhir)",
54 * "patient/Provenance.read": "Read provenance resources for the current patient (api:fhir)",
55 * "system/AllergyIntolerance.read": "Read all allergy intolerance resources in the system (api:fhir)",
56 * "system/CarePlan.read": "Read all care plan resources in the system (api:fhir)",
57 * "system/CareTeam.read": "Read all care team resources in the system (api:fhir)",
58 * "system/Condition.read": "Read all condition resources in the system (api:fhir)",
59 * "system/Coverage.read": "Read all coverage resources in the system (api:fhir)",
60 * "system/Device.read": "Read all device resources in the system (api:fhir)",
61 * "system/DiagnosticReport.read": "Read all diagnostic report resources in the system (api:fhir)",
62 * "system/Document.read": "Read all document resources in the system (api:fhir)",
63 * "system/DocumentReference.read": "Read all document reference resources in the system (api:fhir)",
64 * "system/Encounter.read": "Read all encounter resources in the system (api:fhir)",
65 * "system/Goal.read": "Read all goal resources in the system (api:fhir)",
66 * "system/Group.read": "Read all group resources in the system (api:fhir)",
67 * "system/Immunization.read": "Read all immunization resources in the system (api:fhir)",
68 * "system/Location.read": "Read all location resources in the system (api:fhir)",
69 * "system/Medication.read": "Read all medication resources in the system (api:fhir)",
70 * "system/MedicationRequest.read": "Read all medication request resources in the system (api:fhir)",
71 * "system/Observation.read": "Read all observation resources in the system (api:fhir)",
72 * "system/Organization.read": "Read all organization resources in the system (api:fhir)",
73 * "system/Patient.read": "Read all patient resources in the system (api:fhir)",
74 * "system/Person.read": "Read all person resources in the system (api:fhir)",
75 * "system/Practitioner.read": "Read all practitioner resources in the system (api:fhir)",
76 * "system/PractitionerRole.read": "Read all practitioner role resources in the system (api:fhir)",
77 * "system/Procedure.read": "Read all procedure resources in the system (api:fhir)",
78 * "system/Provenance.read": "Read all provenance resources in the system (api:fhir)",
79 * "user/AllergyIntolerance.read": "Read all allergy intolerance resources the user has access to (api:fhir)",
80 * "user/CarePlan.read": "Read all care plan resources the user has access to (api:fhir)",
81 * "user/CareTeam.read": "Read all care team resources the user has access to (api:fhir)",
82 * "user/Condition.read": "Read all condition resources the user has access to (api:fhir)",
83 * "user/Coverage.read": "Read all coverage resources the user has access to (api:fhir)",
84 * "user/Device.read": "Read all device resources the user has access to (api:fhir)",
85 * "user/DiagnosticReport.read": "Read all diagnostic report resources the user has access to (api:fhir)",
86 * "user/DocumentReference.read": "Read all document reference resources the user has access to (api:fhir)",
87 * "user/Encounter.read": "Read all encounter resources the user has access to (api:fhir)",
88 * "user/Goal.read": "Read all goal resources the user has access to (api:fhir)",
89 * "user/Immunization.read": "Read all immunization resources the user has access to (api:fhir)",
90 * "user/Location.read": "Read all location resources the user has access to (api:fhir)",
91 * "user/Medication.read": "Read all medication resources the user has access to (api:fhir)",
92 * "user/MedicationRequest.read": "Read all medication request resources the user has access to (api:fhir)",
93 * "user/Observation.read": "Read all observation resources the user has access to (api:fhir)",
94 * "user/Organization.read": "Read all organization resources the user has access to (api:fhir)",
95 * "user/Organization.write": "Write all organization resources the user has access to (api:fhir)",
96 * "user/Patient.read": "Read all patient resources the user has access to (api:fhir)",
97 * "user/Patient.write": "Write all patient resources the user has access to (api:fhir)",
98 * "user/Person.read": "Read all person resources the user has access to (api:fhir)",
99 * "user/Practitioner.read": "Read all practitioner resources the user has access to (api:fhir)",
100 * "user/Practitioner.write": "Write all practitioner resources the user has access to (api:fhir)",
101 * "user/PractitionerRole.read": "Read all practitioner role resources the user has access to (api:fhir)",
102 * "user/Procedure.read": "Read all procedure resources the user has access to (api:fhir)",
103 * "user/Provenance.read": "Read all provenance resources the user has access to (api:fhir)",
104 * "api:oemr": "Standard OpenEMR API",
105 * "user/allergy.read": "Read allergies the user has access to (api:oemr)",
106 * "user/allergy.write": "Write allergies the user has access to for (api:oemr)",
107 * "user/appointment.read": "Read appointments the user has access to (api:oemr)",
108 * "user/appointment.write": "Write appointments the user has access to for (api:oemr)",
109 * "user/dental_issue.read": "Read dental issues the user has access to (api:oemr)",
110 * "user/dental_issue.write": "Write dental issues the user has access to (api:oemr)",
111 * "user/document.read": "Read documents the user has access to (api:oemr)",
112 * "user/document.write": "Write documents the user has access to (api:oemr)",
113 * "user/drug.read": "Read drugs the user has access to (api:oemr)",
114 * "user/encounter.read": "Read encounters the user has access to (api:oemr)",
115 * "user/encounter.write": "Write encounters the user has access to (api:oemr)",
116 * "user/facility.read": "Read facilities the user has access to (api:oemr)",
117 * "user/facility.write": "Write facilities the user has access to (api:oemr)",
118 * "user/immunization.read": "Read immunizations the user has access to (api:oemr)",
119 * "user/insurance.read": "Read insurances the user has access to (api:oemr)",
120 * "user/insurance.write": "Write insurances the user has access to (api:oemr)",
121 * "user/insurance_company.read": "Read insurance companies the user has access to (api:oemr)",
122 * "user/insurance_company.write": "Write insurance companies the user has access to (api:oemr)",
123 * "user/insurance_type.read": "Read insurance types the user has access to (api:oemr)",
124 * "user/list.read": "Read lists the user has access to (api:oemr)",
125 * "user/medical_problem.read": "Read medical problems the user has access to (api:oemr)",
126 * "user/medical_problem.write": "Write medical problems the user has access to (api:oemr)",
127 * "user/medication.read": "Read medications the user has access to (api:oemr)",
128 * "user/medication.write": "Write medications the user has access to (api:oemr)",
129 * "user/message.write": "Read messages the user has access to (api:oemr)",
130 * "user/patient.read": "Read patients the user has access to (api:oemr)",
131 * "user/patient.write": "Write patients the user has access to (api:oemr)",
132 * "user/practitioner.read": "Read practitioners the user has access to (api:oemr)",
133 * "user/practitioner.write": "Write practitioners the user has access to (api:oemr)",
134 * "user/prescription.read": "Read prescriptions the user has access to (api:oemr)",
135 * "user/procedure.read": "Read procedures the user has access to (api:oemr)",
136 * "user/soap_note.read": "Read soap notes the user has access to (api:oemr)",
137 * "user/soap_note.write": "Write soap notes the user has access to (api:oemr)",
138 * "user/surgery.read": "Read surgeries the user has access to (api:oemr)",
139 * "user/surgery.write": "Write surgeries the user has access to (api:oemr)",
140 * "user/vital.read": "Read vitals the user has access to (api:oemr)",
141 * "user/vital.write": "Write vitals the user has access to (api:oemr)",
142 * "api:port": "Standard Patient Portal OpenEMR API",
143 * "patient/encounter.read": "Read encounters the patient has access to (api:port)",
144 * "patient/patient.read": "Write encounters the patient has access to (api:port)"
150 * description="FHIR R4 API"
154 * description="Standard OpenEMR API"
157 * name="standard-patient",
158 * description="Standard Patient Portal OpenEMR API"
161 * response="standard",
162 * description="Standard Response",
164 * mediaType="application/json",
167 * property="validationErrors",
168 * description="Validation errors.",
175 * property="internalErrors",
176 * description="Internal errors.",
184 * description="Returned data.",
191 * "validationErrors": {},
192 * "error_description": {},
199 * response="badrequest",
200 * description="Bad Request",
202 * mediaType="application/json",
205 * property="validationErrors",
206 * description="Validation errors.",
210 * "validationErrors":
212 * "_id": "The search field argument was invalid, improperly formatted, or could not be parsed. Inner message: UUID columns must be a valid UUID string"
219 * response="unauthorized",
220 * description="Unauthorized",
222 * mediaType="application/json",
226 * description="The error.",
230 * property="error_description",
231 * description="The description of the error.",
236 * description="More specific information on the error.",
240 * property="message",
241 * description="Message regarding the error.",
245 * "error": "access_denied",
246 * "error_description": "The resource owner or authorization server denied the request.",
247 * "hint": "Missing ""Authorization"" header",
248 * "message": "The resource owner or authorization server denied the request."
254 * response="uuidnotfound",
255 * description="Not Found",
257 * mediaType="application/json",
261 * description="empty",
270 // Lets keep our controller classes with the routes.
272 use OpenEMR\Common\Acl\AccessDeniedException
;
273 use OpenEMR\Common\Http\HttpRestRequest
;
274 use OpenEMR\RestControllers\AllergyIntoleranceRestController
;
275 use OpenEMR\RestControllers\FacilityRestController
;
276 use OpenEMR\RestControllers\VersionRestController
;
277 use OpenEMR\RestControllers\ProductRegistrationRestController
;
278 use OpenEMR\RestControllers\PatientRestController
;
279 use OpenEMR\RestControllers\EncounterRestController
;
280 use OpenEMR\RestControllers\PractitionerRestController
;
281 use OpenEMR\RestControllers\ListRestController
;
282 use OpenEMR\RestControllers\InsuranceCompanyRestController
;
283 use OpenEMR\RestControllers\AppointmentRestController
;
284 use OpenEMR\RestControllers\ConditionRestController
;
285 use OpenEMR\RestControllers\ONoteRestController
;
286 use OpenEMR\RestControllers\DocumentRestController
;
287 use OpenEMR\RestControllers\DrugRestController
;
288 use OpenEMR\RestControllers\ImmunizationRestController
;
289 use OpenEMR\RestControllers\InsuranceRestController
;
290 use OpenEMR\RestControllers\MessageRestController
;
291 use OpenEMR\RestControllers\PrescriptionRestController
;
292 use OpenEMR\RestControllers\ProcedureRestController
;
294 // Note some Http clients may not send auth as json so a function
295 // is implemented to determine and parse encoding on auth route's.
297 // Note that the api route is only for users role
298 // (there is a mechanism in place to ensure only user role can access the api route)
299 RestConfig
::$ROUTE_MAP = array(
302 * path="/api/facility",
303 * description="Returns a single facility.",
308 * description="The name for the facility.",
315 * name="facility_npi",
317 * description="The facility_npi for the facility.",
326 * description="The phone for the facility.",
335 * description="The fax for the facility.",
344 * description="The street for the facility.",
353 * description="The city for the facility.",
362 * description="The state for the facility.",
369 * name="postal_code",
371 * description="The postal_code for the facility.",
378 * name="country_code",
380 * description="The country_code for the facility.",
387 * name="federal_ein",
389 * description="The federal_ein for the facility.",
398 * description="The website for the facility.",
407 * description="The email for the facility.",
414 * name="domain_identifier",
416 * description="The domain_identifier for the facility.",
423 * name="facility_taxonomy",
425 * description="The facility_taxonomy for the facility.",
432 * name="facility_code",
434 * description="The facility_code for the facility.",
441 * name="billing_location",
443 * description="The billing_location setting for the facility.",
450 * name="accepts_assignment",
452 * description="The accepts_assignment setting for the facility.",
461 * description="The oid for the facility.",
468 * name="service_location",
470 * description="The service_location setting for the facility.",
478 * ref="#/components/responses/standard"
482 * ref="#/components/responses/badrequest"
486 * ref="#/components/responses/unauthorized"
488 * security={{"openemr_auth":{}}}
491 "GET /api/facility" => function () {
492 RestConfig
::authorization_check("admin", "users");
493 $return = (new FacilityRestController())->getAll($_GET);
494 RestConfig
::apiLog($return);
500 * path="/api/facility/{fuuid}",
501 * description="Returns a single facility.",
506 * description="The uuid for the facility.",
514 * ref="#/components/responses/standard"
518 * ref="#/components/responses/badrequest"
522 * ref="#/components/responses/unauthorized"
524 * security={{"openemr_auth":{}}}
527 "GET /api/facility/:fuuid" => function ($fuuid) {
528 RestConfig
::authorization_check("admin", "users");
529 $return = (new FacilityRestController())->getOne($fuuid);
530 RestConfig
::apiLog($return);
536 * path="/api/facility",
537 * description="Creates a facility in the system",
542 * mediaType="application/json",
546 * description="The name for the facility.",
550 * property="facility_npi",
551 * description="The facility_npi for the facility.",
556 * description="The phone for the facility.",
561 * description="The fax for the facility.",
566 * description="The street for the facility.",
571 * description="The city for the facility.",
576 * description="The state for the facility.",
580 * property="postal_code",
581 * description="The postal_code for the facility.",
585 * property="country_code",
586 * description="The country_code for the facility.",
590 * property="federal_ein",
591 * description="The federal_ein for the facility.",
595 * property="website",
596 * description="The website for the facility.",
601 * description="The email for the facility.",
605 * property="domain_identifier",
606 * description="The domain_identifier for the facility.",
610 * property="facility_taxonomy",
611 * description="The facility_taxonomy for the facility.",
615 * property="facility_code",
616 * description="The facility_code for the facility.",
620 * property="billing_location",
621 * description="The billing_location setting for the facility.",
625 * property="accepts_assignment",
626 * description="The accepts_assignment setting for the facility.",
631 * description="The oid for the facility.",
635 * property="service_location",
636 * description="The service_location setting for the facility.",
639 * required={"name", "facility_npi"},
642 * "facility_npi": "123456789123",
643 * "phone": "808-606-3030",
644 * "fax": "808-606-3031",
645 * "street": "1337 Bit Shifter Ln",
646 * "city": "San Lorenzo",
648 * "postal_code": "54321",
649 * "country_code": "US",
650 * "federal_ein": "4343434",
651 * "website": "https://example.com",
652 * "email": "foo@bar.com",
653 * "domain_identifier": "",
654 * "facility_taxonomy": "",
655 * "facility_code": "",
656 * "billing_location": "1",
657 * "accepts_assignment": "1",
659 * "service_location": "1"
666 * ref="#/components/responses/standard"
670 * ref="#/components/responses/badrequest"
674 * ref="#/components/responses/unauthorized"
676 * security={{"openemr_auth":{}}}
679 "POST /api/facility" => function () {
680 RestConfig
::authorization_check("admin", "super");
681 $data = (array) (json_decode(file_get_contents("php://input")));
682 $return = (new FacilityRestController())->post($data);
683 RestConfig
::apiLog($return, $data);
689 * path="/api/facility/{fuuid}",
690 * description="Updates a facility in the system",
695 * description="The uuid for the facility.",
704 * mediaType="application/json",
708 * description="The name for the facility.",
712 * property="facility_npi",
713 * description="The facility_npi for the facility.",
718 * description="The phone for the facility.",
723 * description="The fax for the facility.",
728 * description="The street for the facility.",
733 * description="The city for the facility.",
738 * description="The state for the facility.",
742 * property="postal_code",
743 * description="The postal_code for the facility.",
747 * property="country_code",
748 * description="The country_code for the facility.",
752 * property="federal_ein",
753 * description="The federal_ein for the facility.",
757 * property="website",
758 * description="The website for the facility.",
763 * description="The email for the facility.",
767 * property="domain_identifier",
768 * description="The domain_identifier for the facility.",
772 * property="facility_taxonomy",
773 * description="The facility_taxonomy for the facility.",
777 * property="facility_code",
778 * description="The facility_code for the facility.",
782 * property="billing_location",
783 * description="The billing_location setting for the facility.",
787 * property="accepts_assignment",
788 * description="The accepts_assignment setting for the facility.",
793 * description="The oid for the facility.",
797 * property="service_location",
798 * description="The service_location setting for the facility.",
803 * "facility_npi": "123456789123",
804 * "phone": "808-606-3030",
805 * "fax": "808-606-3031",
806 * "street": "1337 Bit Shifter Ln",
807 * "city": "San Lorenzo",
809 * "postal_code": "54321",
810 * "country_code": "US",
811 * "federal_ein": "4343434",
812 * "website": "https://example.com",
813 * "email": "foo@bar.com",
814 * "domain_identifier": "",
815 * "facility_taxonomy": "",
816 * "facility_code": "",
817 * "billing_location": "1",
818 * "accepts_assignment": "1",
820 * "service_location": "1"
827 * ref="#/components/responses/standard"
831 * ref="#/components/responses/badrequest"
835 * ref="#/components/responses/unauthorized"
837 * security={{"openemr_auth":{}}}
840 "PUT /api/facility/:fuuid" => function ($fuuid) {
841 RestConfig
::authorization_check("admin", "super");
842 $data = (array) (json_decode(file_get_contents("php://input")));
843 $return = (new FacilityRestController())->patch($fuuid, $data);
844 RestConfig
::apiLog($return, $data);
850 * path="/api/patient",
851 * description="Retrieves a list of patients",
856 * description="The first name for the patient.",
865 * description="The last name for the patient.",
874 * description="The social security number for the patient.",
883 * description="The street for the patient.",
890 * name="postal_code",
892 * description="The postal code for the patient.",
901 * description="The city for the patient.",
910 * description="The state for the patient.",
919 * description="The home phone for the patient.",
928 * description="The business phone for the patient.",
937 * description="The cell phone for the patient.",
944 * name="postal_contact",
946 * description="The postal_contact for the patient.",
955 * description="The gender for the patient.",
962 * name="country_code",
964 * description="The country code for the patient.",
973 * description="The email for the patient.",
982 * description="The DOB for the patient.",
990 * ref="#/components/responses/standard"
994 * ref="#/components/responses/badrequest"
998 * ref="#/components/responses/unauthorized"
1000 * security={{"openemr_auth":{}}}
1003 "GET /api/patient" => function () {
1004 RestConfig
::authorization_check("patients", "demo");
1005 $return = (new PatientRestController())->getAll($_GET);
1006 RestConfig
::apiLog($return);
1011 * Schema for the patient request
1014 * schema="api_patient_request",
1017 * description="The title of patient.",
1022 * description="The fname of patient.",
1027 * description="The mname of patient.",
1032 * description="The lname of patient.",
1036 * property="street",
1037 * description="The street address of patient.",
1041 * property="postal_code",
1042 * description="The postal code of patient.",
1047 * description="The city of patient.",
1052 * description="The state of patient.",
1056 * property="country_code",
1057 * description="The country code of patient.",
1061 * property="phone_contact",
1062 * description="The phone contact of patient.",
1067 * description="The DOB of patient.",
1072 * description="The lname of patient.",
1077 * description="The race of patient.",
1081 * property="ethnicity",
1082 * description="The ethnicity of patient.",
1085 * required={"fname", "lname", "DOB", "sex"},
1091 * "street": "456 Tree Lane",
1092 * "postal_code": "08642",
1093 * "city": "FooTown",
1095 * "country_code": "US",
1096 * "phone_contact": "123-456-7890",
1097 * "DOB": "1992-02-02",
1106 * path="/api/patient",
1107 * description="Creates a new patient",
1108 * tags={"standard"},
1112 * mediaType="application/json",
1113 * @OA\Schema(ref="#/components/schemas/api_patient_request")
1118 * description="Standard response",
1120 * mediaType="application/json",
1123 * property="validationErrors",
1124 * description="Validation errors.",
1131 * property="internalErrors",
1132 * description="Internal errors.",
1140 * description="Returned data.",
1145 * description="patient pid",
1151 * "validationErrors": {},
1152 * "error_description": {},
1162 * ref="#/components/responses/unauthorized"
1164 * security={{"openemr_auth":{}}}
1167 "POST /api/patient" => function () {
1168 RestConfig
::authorization_check("patients", "demo");
1169 $data = (array) (json_decode(file_get_contents("php://input")));
1170 $return = (new PatientRestController())->post($data);
1171 RestConfig
::apiLog($return, $data);
1176 * Schema for the patient response
1179 * schema="api_patient_response",
1181 * property="validationErrors",
1182 * description="Validation errors.",
1189 * property="internalErrors",
1190 * description="Internal errors.",
1198 * description="Returned data.",
1203 * description="patient id",
1208 * description="patient pid",
1212 * property="pubpid",
1213 * description="patient public id",
1218 * description="patient title",
1223 * description="patient first name",
1228 * description="patient middle name",
1233 * description="patient last name",
1238 * description="patient social security number",
1242 * property="street",
1243 * description="patient street address",
1247 * property="postal_code",
1248 * description="patient postal code",
1253 * description="patient city",
1258 * description="patient state",
1262 * property="county",
1263 * description="patient county",
1267 * property="country_code",
1268 * description="patient country code",
1272 * property="drivers_license",
1273 * description="patient drivers license id",
1277 * property="contact_relationship",
1278 * description="patient contact relationship",
1282 * property="phone_contact",
1283 * description="patient phone contact",
1287 * property="phone_home",
1288 * description="patient home phone",
1292 * property="phone_biz",
1293 * description="patient work phone",
1297 * property="phone_cell",
1298 * description="patient mobile phone",
1303 * description="patient email",
1308 * description="patient DOB",
1313 * description="patient sex (gender)",
1318 * description="patient race",
1322 * property="ethnicity",
1323 * description="patient ethnicity",
1327 * property="status",
1328 * description="patient status",
1334 * "validationErrors": {},
1335 * "error_description": {},
1345 * "street": "456 Tree Lane",
1346 * "postal_code": "08642",
1347 * "city": "FooTown",
1350 * "country_code": "US",
1351 * "drivers_license": "",
1352 * "contact_relationship": "",
1353 * "phone_contact": "123-456-7890",
1358 * "DOB": "1992-02-03",
1369 * path="/api/patient/{puuid}",
1370 * description="Updates a patient",
1371 * tags={"standard"},
1375 * description="The uuid for the patient.",
1384 * mediaType="application/json",
1385 * @OA\Schema(ref="#/components/schemas/api_patient_request")
1390 * description="Standard response",
1392 * mediaType="application/json",
1393 * @OA\Schema(ref="#/components/schemas/api_patient_response")
1398 * ref="#/components/responses/unauthorized"
1400 * security={{"openemr_auth":{}}}
1403 "PUT /api/patient/:puuid" => function ($puuid) {
1404 RestConfig
::authorization_check("patients", "demo");
1405 $data = (array) (json_decode(file_get_contents("php://input")));
1406 $return = (new PatientRestController())->put($puuid, $data);
1407 RestConfig
::apiLog($return, $data);
1413 * path="/api/patient/{puuid}",
1414 * description="Retrieves a single patient by their uuid",
1415 * tags={"standard"},
1419 * description="The uuid for the patient.",
1427 * description="Standard response",
1429 * mediaType="application/json",
1430 * @OA\Schema(ref="#/components/schemas/api_patient_response")
1435 * ref="#/components/responses/unauthorized"
1437 * security={{"openemr_auth":{}}}
1440 "GET /api/patient/:puuid" => function ($puuid) {
1441 RestConfig
::authorization_check("patients", "demo");
1442 $return = (new PatientRestController())->getOne($puuid);
1443 RestConfig
::apiLog($return);
1449 * path="/api/patient/{puuid}/encounter",
1450 * description="Retrieves a list of encounters for a single patient",
1451 * tags={"standard"},
1455 * description="The uuid for the patient.",
1463 * ref="#/components/responses/standard"
1467 * ref="#/components/responses/badrequest"
1471 * ref="#/components/responses/unauthorized"
1473 * security={{"openemr_auth":{}}}
1476 "GET /api/patient/:puuid/encounter" => function ($puuid) {
1477 RestConfig
::authorization_check("encounters", "auth_a");
1478 $return = (new EncounterRestController())->getAll($puuid);
1479 RestConfig
::apiLog($return);
1484 * Schema for the encounter request
1487 * schema="api_encounter_request",
1490 * description="The date of encounter.",
1494 * property="onset_date",
1495 * description="The onset date of encounter.",
1499 * property="reason",
1500 * description="The reason of encounter.",
1504 * property="facility",
1505 * description="The facility of encounter.",
1509 * property="pc_catid",
1510 * description="The pc_catid of encounter.",
1514 * property="facility_id",
1515 * description="The facility id of encounter.",
1519 * property="billing_facility",
1520 * description="The billing facility id of encounter.",
1524 * property="sensitivity",
1525 * description="The sensitivity of encounter.",
1529 * property="referral_source",
1530 * description="The referral source of encounter.",
1534 * property="pos_code",
1535 * description="The pos_code of encounter.",
1539 * property="external_id",
1540 * description="The external id of encounter.",
1544 * property="provider_id",
1545 * description="The provider id of encounter.",
1549 * property="class_code",
1550 * description="The class_code of encounter.",
1553 * required={"pc_catid", "class_code"},
1555 * "date":"2020-11-10",
1557 * "reason": "Pregnancy Test",
1558 * "facility": "Owerri General Hospital",
1560 * "facility_id": "3",
1561 * "billing_facility": "3",
1562 * "sensitivity": "normal",
1563 * "referral_source": "",
1565 * "external_id": "",
1566 * "provider_id": "1",
1567 * "class_code" : "AMB"
1573 * path="/api/patient/{puuid}/encounter",
1574 * description="Creates a new encounter",
1575 * tags={"standard"},
1579 * description="The uuid for the patient.",
1588 * mediaType="application/json",
1589 * @OA\Schema(ref="#/components/schemas/api_encounter_request")
1594 * description="Standard response",
1596 * mediaType="application/json",
1599 * property="validationErrors",
1600 * description="Validation errors.",
1607 * property="internalErrors",
1608 * description="Internal errors.",
1616 * description="Returned data.",
1620 * property="encounter",
1621 * description="encounter id",
1626 * description="encounter uuid",
1632 * "validationErrors": {},
1633 * "error_description": {},
1636 * "uuid": "90c196f2-51cc-4655-8858-3a80aebff3ef"
1644 * ref="#/components/responses/unauthorized"
1646 * security={{"openemr_auth":{}}}
1649 "POST /api/patient/:puuid/encounter" => function ($puuid) {
1650 RestConfig
::authorization_check("encounters", "auth_a");
1651 $data = (array) (json_decode(file_get_contents("php://input")));
1652 $return = (new EncounterRestController())->post($puuid, $data);
1653 RestConfig
::apiLog($return, $data);
1658 * Schema for the encounter response
1661 * schema="api_encounter_response",
1663 * property="validationErrors",
1664 * description="Validation errors.",
1671 * property="internalErrors",
1672 * description="Internal errors.",
1680 * description="Returned data.",
1685 * description="encounter id",
1690 * description="encounter uuid",
1695 * description="encounter date",
1699 * property="reason",
1700 * description="encounter reason",
1704 * property="facility",
1705 * description="encounter facility name",
1709 * property="facility_id",
1710 * description="encounter facility id name",
1715 * description="encounter for patient pid",
1719 * property="onset_date",
1720 * description="encounter onset date",
1724 * property="sensitivity",
1725 * description="encounter sensitivity",
1729 * property="billing_note",
1730 * description="encounter billing note",
1734 * property="pc_catid",
1735 * description="encounter pc_catid",
1739 * property="last_level_billed",
1740 * description="encounter last_level_billed",
1744 * property="last_level_closed",
1745 * description="encounter last_level_closed",
1749 * property="last_stmt_date",
1750 * description="encounter last_stmt_date",
1754 * property="stmt_count",
1755 * description="encounter stmt_count",
1759 * property="provider_id",
1760 * description="provider id",
1764 * property="supervisor_id",
1765 * description="encounter supervisor id",
1769 * property="invoice_refno",
1770 * description="encounter invoice_refno",
1774 * property="referral_source",
1775 * description="encounter referral source",
1779 * property="billing_facility",
1780 * description="encounter billing facility id",
1784 * property="external_id",
1785 * description="encounter external id",
1789 * property="pos_code",
1790 * description="encounter pos_code",
1794 * property="class_code",
1795 * description="encounter class_code",
1799 * property="class_title",
1800 * description="encounter class_title",
1804 * property="pc_catname",
1805 * description="encounter pc_catname",
1809 * property="billing_facility_name",
1810 * description="encounter billing facility name",
1816 * "validationErrors": {},
1817 * "error_description": {},
1820 * "uuid": "90c196f2-51cc-4655-8858-3a80aebff3ef",
1821 * "date": "2019-09-14 00:00:00",
1822 * "reason": "Pregnancy Test",
1823 * "facility": "Owerri General Hospital",
1824 * "facility_id": "3",
1826 * "onset_date": "2019-04-20 00:00:00",
1827 * "sensitivity": "normal",
1828 * "billing_note": null,
1830 * "last_level_billed": "0",
1831 * "last_level_closed": "0",
1832 * "last_stmt_date": null,
1833 * "stmt_count": "0",
1834 * "provider_id": "1",
1835 * "supervisor_id": "0",
1836 * "invoice_refno": "",
1837 * "referral_source": "",
1838 * "billing_facility": "3",
1839 * "external_id": "",
1841 * "class_code": "AMB",
1842 * "class_title": "ambulatory",
1843 * "pc_catname": "Office Visit",
1844 * "billing_facility_name": "Owerri General Hospital"
1851 * path="/api/patient/{puuid}/encounter/{euuid}",
1852 * description="Modify a encounter",
1853 * tags={"standard"},
1857 * description="The uuid for the patient.",
1866 * description="The uuid for the encounter.",
1875 * mediaType="application/json",
1876 * @OA\Schema(ref="#/components/schemas/api_encounter_request")
1881 * description="Standard response",
1883 * mediaType="application/json",
1884 * @OA\Schema(ref="#/components/schemas/api_encounter_response")
1889 * ref="#/components/responses/unauthorized"
1891 * security={{"openemr_auth":{}}}
1894 "PUT /api/patient/:puuid/encounter/:euuid" => function ($puuid, $euuid) {
1895 RestConfig
::authorization_check("encounters", "auth_a");
1896 $data = (array) (json_decode(file_get_contents("php://input")));
1897 $return = (new EncounterRestController())->put($puuid, $euuid, $data);
1898 RestConfig
::apiLog($return, $data);
1904 * path="/api/patient/{puuid}/encounter/{euuid}",
1905 * description="Retrieves a single encounter for a patient",
1906 * tags={"standard"},
1910 * description="The uuid for the patient.",
1919 * description="The uuid for the encounter.",
1927 * description="Standard response",
1929 * mediaType="application/json",
1930 * @OA\Schema(ref="#/components/schemas/api_encounter_response")
1935 * ref="#/components/responses/unauthorized"
1937 * security={{"openemr_auth":{}}}
1940 "GET /api/patient/:puuid/encounter/:euuid" => function ($puuid, $euuid) {
1941 RestConfig
::authorization_check("encounters", "auth_a");
1942 $return = (new EncounterRestController())->getOne($puuid, $euuid);
1943 RestConfig
::apiLog($return);
1949 * path="/api/patient/{pid}/encounter/{eid}/soap_note",
1950 * description="Retrieves soap notes from an encounter for a patient",
1951 * tags={"standard"},
1955 * description="The pid for the patient.",
1964 * description="The id for the encounter.",
1972 * ref="#/components/responses/standard"
1976 * ref="#/components/responses/badrequest"
1980 * ref="#/components/responses/unauthorized"
1982 * security={{"openemr_auth":{}}}
1985 "GET /api/patient/:pid/encounter/:eid/soap_note" => function ($pid, $eid) {
1986 RestConfig
::authorization_check("encounters", "notes");
1987 $return = (new EncounterRestController())->getSoapNotes($pid, $eid);
1988 RestConfig
::apiLog($return);
1993 * Schema for the vital request
1996 * schema="api_vital_request",
1999 * description="The bps of vitals.",
2004 * description="The bpd of vitals.",
2008 * property="weight",
2009 * description="The weight of vitals. (unit is lb)",
2013 * property="height",
2014 * description="The height of vitals. (unit is inches)",
2018 * property="temperature",
2019 * description="The temperature of temperature. (unit is F)",
2023 * property="temp_method",
2024 * description="The temp_method of vitals.",
2029 * description="The pulse of vitals.",
2033 * property="respiration",
2034 * description="The respiration of vitals.",
2039 * description="The note (ie. comments) of vitals.",
2043 * property="waist_circ",
2044 * description="The waist circumference of vitals. (unit is inches)",
2048 * property="head_circ",
2049 * description="The head circumference of vitals. (unit is inches)",
2053 * property="oxygen_saturation",
2054 * description="The oxygen_saturation of vitals.",
2062 * "temperature": "98",
2063 * "temp_method": "Oral",
2065 * "respiration": "20",
2066 * "note": "Patient with difficulty standing, which made weight measurement difficult.",
2067 * "waist_circ": "37",
2068 * "head_circ": "22.2",
2069 * "oxygen_saturation": "96"
2075 * path="/api/patient/{pid}/encounter/{eid}/vital",
2076 * description="Submits a new vitals form",
2077 * tags={"standard"},
2081 * description="The id for the patient.",
2090 * description="The id for the encounter.",
2099 * mediaType="application/json",
2100 * @OA\Schema(ref="#/components/schemas/api_vital_request")
2105 * ref="#/components/responses/standard"
2109 * ref="#/components/responses/badrequest"
2113 * ref="#/components/responses/unauthorized"
2115 * security={{"openemr_auth":{}}}
2118 "POST /api/patient/:pid/encounter/:eid/vital" => function ($pid, $eid) {
2119 RestConfig
::authorization_check("encounters", "notes");
2120 $data = json_decode(file_get_contents("php://input"), true) ??
[];
2121 $return = (new EncounterRestController())->postVital($pid, $eid, $data);
2122 RestConfig
::apiLog($return, $data);
2128 * path="/api/patient/{pid}/encounter/{eid}/vital/{vid}",
2129 * description="Edit a vitals form",
2130 * tags={"standard"},
2134 * description="The id for the patient.",
2143 * description="The id for the encounter.",
2152 * description="The id for the vitalss form.",
2161 * mediaType="application/json",
2162 * @OA\Schema(ref="#/components/schemas/api_vital_request")
2167 * ref="#/components/responses/standard"
2171 * ref="#/components/responses/badrequest"
2175 * ref="#/components/responses/unauthorized"
2177 * security={{"openemr_auth":{}}}
2180 "PUT /api/patient/:pid/encounter/:eid/vital/:vid" => function ($pid, $eid, $vid) {
2181 RestConfig
::authorization_check("encounters", "notes");
2182 $data = json_decode(file_get_contents("php://input"), true) ??
[];
2183 $return = (new EncounterRestController())->putVital($pid, $eid, $vid, $data);
2184 RestConfig
::apiLog($return, $data);
2190 * path="/api/patient/{pid}/encounter/{eid}/vital",
2191 * description="Retrieves all vitals from an encounter for a patient",
2192 * tags={"standard"},
2196 * description="The pid for the patient.",
2205 * description="The id for the encounter.",
2213 * ref="#/components/responses/standard"
2217 * ref="#/components/responses/badrequest"
2221 * ref="#/components/responses/unauthorized"
2223 * security={{"openemr_auth":{}}}
2226 "GET /api/patient/:pid/encounter/:eid/vital" => function ($pid, $eid) {
2227 RestConfig
::authorization_check("encounters", "notes");
2228 $return = (new EncounterRestController())->getVitals($pid, $eid);
2229 RestConfig
::apiLog($return);
2235 * path="/api/patient/{pid}/encounter/{eid}/vital/{vid}",
2236 * description="Retrieves a vitals form from an encounter for a patient",
2237 * tags={"standard"},
2241 * description="The pid for the patient.",
2250 * description="The id for the encounter.",
2259 * description="The id for the vitals form.",
2267 * ref="#/components/responses/standard"
2271 * ref="#/components/responses/badrequest"
2275 * ref="#/components/responses/unauthorized"
2277 * security={{"openemr_auth":{}}}
2280 "GET /api/patient/:pid/encounter/:eid/vital/:vid" => function ($pid, $eid, $vid) {
2281 RestConfig
::authorization_check("encounters", "notes");
2282 $return = (new EncounterRestController())->getVital($pid, $eid, $vid);
2283 RestConfig
::apiLog($return);
2289 * path="/api/patient/{pid}/encounter/{eid}/soap_note/{sid}",
2290 * description="Retrieves a soap note from an encounter for a patient",
2291 * tags={"standard"},
2295 * description="The pid for the patient.",
2304 * description="The id for the encounter.",
2313 * description="The id for the soap note.",
2321 * ref="#/components/responses/standard"
2325 * ref="#/components/responses/badrequest"
2329 * ref="#/components/responses/unauthorized"
2331 * security={{"openemr_auth":{}}}
2334 "GET /api/patient/:pid/encounter/:eid/soap_note/:sid" => function ($pid, $eid, $sid) {
2335 RestConfig
::authorization_check("encounters", "notes");
2336 $return = (new EncounterRestController())->getSoapNote($pid, $eid, $sid);
2337 RestConfig
::apiLog($return);
2342 * Schema for the soap_note request
2345 * schema="api_soap_note_request",
2347 * property="subjective",
2348 * description="The subjective of soap note.",
2352 * property="objective",
2353 * description="The objective of soap note.",
2357 * property="assessment",
2358 * description="The assessment of soap note.",
2363 * description="The plan of soap note.",
2367 * "subjective": "The patient with mechanical fall and cut finger.",
2368 * "objective": "The patient with finger laceration on exam.",
2369 * "assessment": "The patient with finger laceration requiring sutures.",
2370 * "plan": "Sutured finger laceration."
2376 * path="/api/patient/{pid}/encounter/{eid}/soap_note",
2377 * description="Submits a new soap note",
2378 * tags={"standard"},
2382 * description="The id for the patient.",
2391 * description="The id for the encounter.",
2400 * mediaType="application/json",
2401 * @OA\Schema(ref="#/components/schemas/api_soap_note_request")
2406 * ref="#/components/responses/standard"
2410 * ref="#/components/responses/badrequest"
2414 * ref="#/components/responses/unauthorized"
2416 * security={{"openemr_auth":{}}}
2419 "POST /api/patient/:pid/encounter/:eid/soap_note" => function ($pid, $eid) {
2420 RestConfig
::authorization_check("encounters", "notes");
2421 $data = (array) (json_decode(file_get_contents("php://input")));
2422 $return = (new EncounterRestController())->postSoapNote($pid, $eid, $data);
2423 RestConfig
::apiLog($return, $data);
2429 * path="/api/patient/{pid}/encounter/{eid}/soap_note/{sid}",
2430 * description="Edit a soap note",
2431 * tags={"standard"},
2435 * description="The id for the patient.",
2444 * description="The id for the encounter.",
2453 * description="The id for the soap noted.",
2462 * mediaType="application/json",
2463 * @OA\Schema(ref="#/components/schemas/api_soap_note_request")
2468 * ref="#/components/responses/standard"
2472 * ref="#/components/responses/badrequest"
2476 * ref="#/components/responses/unauthorized"
2478 * security={{"openemr_auth":{}}}
2481 "PUT /api/patient/:pid/encounter/:eid/soap_note/:sid" => function ($pid, $eid, $sid) {
2482 RestConfig
::authorization_check("encounters", "notes");
2483 $data = (array) (json_decode(file_get_contents("php://input")));
2484 $return = (new EncounterRestController())->putSoapNote($pid, $eid, $sid, $data);
2485 RestConfig
::apiLog($return, $data);
2492 * path="/api/practitioner",
2493 * description="Retrieves a list of practitioners",
2494 * tags={"standard"},
2498 * description="The title for the practitioner.",
2507 * description="The first name for the practitioner.",
2516 * description="The last name for the practitioner.",
2525 * description="The middle name for the practitioner.",
2532 * name="federaltaxid",
2534 * description="The federal tax id for the practitioner.",
2541 * name="federaldrugid",
2543 * description="The federal drug id for the practitioner.",
2552 * description="The upin for the practitioner.",
2559 * name="facility_id",
2561 * description="The facility id for the practitioner.",
2570 * description="The facility for the practitioner.",
2579 * description="The npi for the practitioner.",
2588 * description="The email for the practitioner.",
2597 * description="The specialty for the practitioner.",
2606 * description="The billname for the practitioner.",
2615 * description="The url for the practitioner.",
2624 * description="The assistant for the practitioner.",
2631 * name="organization",
2633 * description="The organization for the practitioner.",
2640 * name="valedictory",
2642 * description="The valedictory for the practitioner.",
2651 * description="The street for the practitioner.",
2660 * description="The street (line 2) for the practitioner.",
2669 * description="The city for the practitioner.",
2678 * description="The state for the practitioner.",
2687 * description="The zip for the practitioner.",
2696 * description="The phone for the practitioner.",
2705 * description="The fax for the practitioner.",
2714 * description="The phonew1 for the practitioner.",
2723 * description="The phonecell for the practitioner.",
2732 * description="The notes for the practitioner.",
2739 * name="state_license_number2",
2741 * description="The state license number for the practitioner.",
2750 * description="The username for the practitioner.",
2758 * ref="#/components/responses/standard"
2762 * ref="#/components/responses/badrequest"
2766 * ref="#/components/responses/unauthorized"
2768 * security={{"openemr_auth":{}}}
2771 "GET /api/practitioner" => function () {
2772 RestConfig
::authorization_check("admin", "users");
2773 $return = (new PractitionerRestController())->getAll($_GET);
2774 RestConfig
::apiLog($return);
2780 * path="/api/practitioner/{pruuid}",
2781 * description="Retrieves a single practitioner by their uuid",
2782 * tags={"standard"},
2786 * description="The uuid for the practitioner.",
2794 * ref="#/components/responses/standard"
2798 * ref="#/components/responses/badrequest"
2802 * ref="#/components/responses/unauthorized"
2804 * security={{"openemr_auth":{}}}
2807 "GET /api/practitioner/:pruuid" => function ($pruuid) {
2808 RestConfig
::authorization_check("admin", "users");
2809 $return = (new PractitionerRestController())->getOne($pruuid);
2810 RestConfig
::apiLog($return);
2816 * path="/api/practitioner",
2817 * description="Submits a new practitioner",
2818 * tags={"standard"},
2822 * mediaType="application/json",
2826 * description="The title for the practitioner.",
2831 * description="The first name for the practitioner.",
2836 * description="The middle name for the practitioner.",
2841 * description="The last name for the practitioner.",
2845 * property="federaltaxid",
2846 * description="The federal tax id for the practitioner.",
2850 * property="federaldrugid",
2851 * description="The federal drug id for the practitioner.",
2856 * description="The upin for the practitioner.",
2860 * property="facility_id",
2861 * description="The facility_id for the practitioner.",
2865 * property="facility",
2866 * description="The facility name for the practitioner.",
2871 * description="The npi for the practitioner.",
2876 * description="The email for the practitioner.",
2880 * property="specialty",
2881 * description="The specialty for the practitioner.",
2885 * property="billname",
2886 * description="The billname for the practitioner.",
2891 * description="The url for the practitioner.",
2895 * property="assistant",
2896 * description="The assistant for the practitioner.",
2900 * property="valedictory",
2901 * description="The valedictory for the practitioner.",
2905 * property="street",
2906 * description="The street address for the practitioner.",
2910 * property="streetb",
2911 * description="The streetb address for the practitioner.",
2916 * description="The city for the practitioner.",
2921 * description="The state for the practitioner.",
2926 * description="The zip for the practitioner.",
2931 * description="The phone for the practitioner.",
2936 * description="The fax for the practitioner.",
2940 * property="phonew1",
2941 * description="The phonew1 for the practitioner.",
2945 * property="phonecell",
2946 * description="The phonecell for the practitioner.",
2951 * description="The notes for the practitioner.",
2955 * property="state_license_number",
2956 * description="The state license number for the practitioner.",
2960 * property="username",
2961 * description="The username for the practitioner.",
2964 * required={"fname", "lname", "npi"},
2967 * "fname": "Eduardo",
2970 * "federaltaxid": "",
2971 * "federaldrugid": "",
2973 * "facility_id": "3",
2974 * "facility": "Your Clinic Name Here",
2975 * "npi": "12345678901",
2976 * "email": "info@pennfirm.com",
2980 * "assistant": null,
2981 * "organization": null,
2982 * "valedictory": null,
2983 * "street": "789 Third Avenue",
2984 * "streetb": "123 Cannaut Street",
2985 * "city": "San Diego",
2988 * "phone": "(619) 555-9827",
2990 * "phonew1": "(619) 555-7822",
2991 * "phonecell": "(619) 555-7821",
2993 * "state_license_number": "123456",
2994 * "username": "eduardoperez"
3001 * description="Standard response",
3003 * mediaType="application/json",
3006 * property="validationErrors",
3007 * description="Validation errors.",
3014 * property="internalErrors",
3015 * description="Internal errors.",
3023 * description="Returned data.",
3028 * description="practitioner id",
3033 * description="practitioner uuid",
3039 * "validationErrors": {},
3040 * "error_description": {},
3043 * "uuid": "90d453fb-0248-4c0d-9575-d99d02b169f5"
3051 * ref="#/components/responses/unauthorized"
3053 * security={{"openemr_auth":{}}}
3056 "POST /api/practitioner" => function () {
3057 RestConfig
::authorization_check("admin", "users");
3058 $data = (array) (json_decode(file_get_contents("php://input")));
3059 $return = (new PractitionerRestController())->post($data);
3060 RestConfig
::apiLog($return, $data);
3066 * path="/api/practitioner/{pruuid}",
3067 * description="Edit a practitioner",
3068 * tags={"standard"},
3072 * description="The uuid for the practitioner.",
3081 * mediaType="application/json",
3085 * description="The title for the practitioner.",
3090 * description="The first name for the practitioner.",
3095 * description="The middle name for the practitioner.",
3100 * description="The last name for the practitioner.",
3104 * property="federaltaxid",
3105 * description="The federal tax id for the practitioner.",
3109 * property="federaldrugid",
3110 * description="The federal drug id for the practitioner.",
3115 * description="The upin for the practitioner.",
3119 * property="facility_id",
3120 * description="The facility_id for the practitioner.",
3124 * property="facility",
3125 * description="The facility name for the practitioner.",
3130 * description="The npi for the practitioner.",
3135 * description="The email for the practitioner.",
3139 * property="specialty",
3140 * description="The specialty for the practitioner.",
3144 * property="billname",
3145 * description="The billname for the practitioner.",
3150 * description="The url for the practitioner.",
3154 * property="assistant",
3155 * description="The assistant for the practitioner.",
3159 * property="valedictory",
3160 * description="The valedictory for the practitioner.",
3164 * property="street",
3165 * description="The street address for the practitioner.",
3169 * property="streetb",
3170 * description="The streetb address for the practitioner.",
3175 * description="The city for the practitioner.",
3180 * description="The state for the practitioner.",
3185 * description="The zip for the practitioner.",
3190 * description="The phone for the practitioner.",
3195 * description="The fax for the practitioner.",
3199 * property="phonew1",
3200 * description="The phonew1 for the practitioner.",
3204 * property="phonecell",
3205 * description="The phonecell for the practitioner.",
3210 * description="The notes for the practitioner.",
3214 * property="state_license_number",
3215 * description="The state license number for the practitioner.",
3219 * property="username",
3220 * description="The username for the practitioner.",
3228 * "street": "456 Tree Lane",
3230 * "city": "FooTown",
3232 * "phone": "123-456-7890"
3239 * description="Standard response",
3241 * mediaType="application/json",
3244 * property="validationErrors",
3245 * description="Validation errors.",
3252 * property="internalErrors",
3253 * description="Internal errors.",
3261 * description="Returned data.",
3266 * description="practitioner id",
3271 * description="practitioner uuid",
3276 * description="practitioner title",
3281 * description="practitioner fname",
3286 * description="practitioner lname",
3291 * description="practitioner mname",
3295 * property="federaltaxid",
3296 * description="practitioner federaltaxid",
3300 * property="federaldrugid",
3301 * description="practitioner federaldrugid",
3306 * description="practitioner upin",
3310 * property="facility_id",
3311 * description="practitioner facility_id",
3315 * property="facility",
3316 * description="practitioner facility",
3321 * description="practitioner npi",
3326 * description="practitioner email",
3330 * property="active",
3331 * description="practitioner active setting",
3335 * property="specialty",
3336 * description="practitioner specialty",
3340 * property="billname",
3341 * description="practitioner billname",
3346 * description="practitioner url",
3350 * property="assistant",
3351 * description="practitioner assistant",
3355 * property="organization",
3356 * description="practitioner organization",
3360 * property="valedictory",
3361 * description="practitioner valedictory",
3365 * property="street",
3366 * description="practitioner street",
3370 * property="streetb",
3371 * description="practitioner streetb",
3376 * description="practitioner city",
3381 * description="practitioner state",
3386 * description="practitioner zip",
3391 * description="practitioner phone",
3396 * description="fax",
3400 * property="phonew1",
3401 * description="practitioner phonew1",
3405 * property="phonecell",
3406 * description="practitioner phonecell",
3411 * description="practitioner notes",
3415 * property="state_license_number",
3416 * description="practitioner state license number",
3420 * property="abook_title",
3421 * description="practitioner abook title",
3425 * property="physician_title",
3426 * description="practitioner physician title",
3430 * property="physician_code",
3431 * description="practitioner physician code",
3437 * "validationErrors": {},
3438 * "error_description": {},
3441 * "uuid": "90d453fb-0248-4c0d-9575-d99d02b169f5",
3446 * "federaltaxid": "",
3447 * "federaldrugid": "",
3449 * "facility_id": "3",
3450 * "facility": "Your Clinic Name Here",
3451 * "npi": "0123456789",
3452 * "email": "info@pennfirm.com",
3458 * "organization": "",
3459 * "valedictory": "",
3460 * "street": "456 Tree Lane",
3461 * "streetb": "123 Cannaut Street",
3462 * "city": "FooTown",
3465 * "phone": "123-456-7890",
3467 * "phonew1": "(619) 555-7822",
3468 * "phonecell": "(619) 555-7821",
3470 * "state_license_number": "123456",
3471 * "abook_title": null,
3472 * "physician_title": null,
3473 * "physician_code": null
3481 * ref="#/components/responses/unauthorized"
3483 * security={{"openemr_auth":{}}}
3486 "PUT /api/practitioner/:pruuid" => function ($pruuid) {
3487 RestConfig
::authorization_check("admin", "users");
3488 $data = (array) (json_decode(file_get_contents("php://input")));
3489 $return = (new PractitionerRestController())->patch($pruuid, $data);
3490 RestConfig
::apiLog($return, $data);
3496 * path="/api/medical_problem",
3497 * description="Retrieves a list of medical problems",
3498 * tags={"standard"},
3502 * description="The uuid for the patient.",
3509 * name="condition_uuid",
3511 * description="The uuid for the medical problem.",
3520 * description="The title for the medical problem.",
3529 * description="The start date for the medical problem.",
3538 * description="The end date for the medical problem.",
3547 * description="The diagnosis for the medical problem.",
3555 * ref="#/components/responses/standard"
3559 * ref="#/components/responses/badrequest"
3563 * ref="#/components/responses/unauthorized"
3565 * security={{"openemr_auth":{}}}
3568 "GET /api/medical_problem" => function () {
3569 RestConfig
::authorization_check("encounters", "notes");
3570 $return = (new ConditionRestController())->getAll();
3571 RestConfig
::apiLog($return);
3577 * path="/api/medical_problem/{muuid}",
3578 * description="Retrieves a single medical problem by their uuid",
3579 * tags={"standard"},
3583 * description="The uuid for the medical problem.",
3591 * ref="#/components/responses/standard"
3595 * ref="#/components/responses/badrequest"
3599 * ref="#/components/responses/unauthorized"
3601 * security={{"openemr_auth":{}}}
3604 "GET /api/medical_problem/:muuid" => function ($muuid) {
3605 RestConfig
::authorization_check("encounters", "notes");
3606 $return = (new ConditionRestController())->getOne($muuid);
3607 RestConfig
::apiLog($return);
3613 * path="/api/patient/{puuid}/medical_problem",
3614 * description="Retrieves all medical problems for a patient",
3615 * tags={"standard"},
3619 * description="The uuid for the patient.",
3627 * ref="#/components/responses/standard"
3631 * ref="#/components/responses/badrequest"
3635 * ref="#/components/responses/unauthorized"
3637 * security={{"openemr_auth":{}}}
3640 "GET /api/patient/:puuid/medical_problem" => function ($puuid) {
3641 RestConfig
::authorization_check("encounters", "notes");
3642 $return = (new ConditionRestController())->getAll($puuid, "medical_problem");
3643 RestConfig
::apiLog($return);
3649 * path="/api/patient/{puuid}/medical_problem/{muuid}",
3650 * description="Retrieves a medical problem for a patient",
3651 * tags={"standard"},
3655 * description="The uuid for the patient.",
3664 * description="The uuid for the medical problem.",
3672 * ref="#/components/responses/standard"
3676 * ref="#/components/responses/badrequest"
3680 * ref="#/components/responses/unauthorized"
3682 * security={{"openemr_auth":{}}}
3685 "GET /api/patient/:puuid/medical_problem/:muuid" => function ($puuid, $muuid) {
3686 RestConfig
::authorization_check("patients", "med");
3687 $return = (new ConditionRestController())->getAll(['puuid' => $puuid, 'condition_uuid' => $muuid]);
3688 RestConfig
::apiLog($return);
3693 * Schema for the medical_problem request
3696 * schema="api_medical_problem_request",
3699 * description="The title of medical problem.",
3703 * property="begdate",
3704 * description="The beginning date of medical problem.",
3708 * property="enddate",
3709 * description="The end date of medical problem.",
3713 * property="diagnosis",
3714 * description="The diagnosis of medical problem. In format `<codetype>:<code>`",
3717 * required={"title", "begdate"},
3719 * "title": "Dermatochalasis",
3720 * "begdate": "2010-10-13",
3722 * "diagnosis": "ICD10:H02.839"
3728 * path="/api/patient/{puuid}/medical_problem",
3729 * description="Submits a new medical problem",
3730 * tags={"standard"},
3734 * description="The uuid for the patient.",
3743 * mediaType="application/json",
3744 * @OA\Schema(ref="#/components/schemas/api_medical_problem_request")
3749 * ref="#/components/responses/standard"
3753 * ref="#/components/responses/badrequest"
3757 * ref="#/components/responses/unauthorized"
3759 * security={{"openemr_auth":{}}}
3762 "POST /api/patient/:puuid/medical_problem" => function ($puuid) {
3763 RestConfig
::authorization_check("patients", "med");
3764 $data = (array) (json_decode(file_get_contents("php://input")));
3765 $return = (new ConditionRestController())->post($puuid, $data);
3766 RestConfig
::apiLog($return, $data);
3772 * path="/api/patient/{puuid}/medical_problem/{muuid}",
3773 * description="Edit a medical problem",
3774 * tags={"standard"},
3778 * description="The uuid for the patient.",
3787 * description="The uuid for the medical problem.",
3796 * mediaType="application/json",
3797 * @OA\Schema(ref="#/components/schemas/api_medical_problem_request")
3802 * ref="#/components/responses/standard"
3806 * ref="#/components/responses/badrequest"
3810 * ref="#/components/responses/unauthorized"
3812 * security={{"openemr_auth":{}}}
3815 "PUT /api/patient/:puuid/medical_problem/:muuid" => function ($puuid, $muuid) {
3816 RestConfig
::authorization_check("patients", "med");
3817 $data = (array) (json_decode(file_get_contents("php://input")));
3818 $return = (new ConditionRestController())->put($puuid, $muuid, $data);
3819 RestConfig
::apiLog($return, $data);
3825 * path="/api/patient/{puuid}/medical_problem/{muuid}",
3826 * description="Delete a medical problem",
3827 * tags={"standard"},
3831 * description="The uuid for the patient.",
3840 * description="The uuid for the medical problem.",
3848 * ref="#/components/responses/standard"
3852 * ref="#/components/responses/badrequest"
3856 * ref="#/components/responses/unauthorized"
3858 * security={{"openemr_auth":{}}}
3861 "DELETE /api/patient/:puuid/medical_problem/:muuid" => function ($puuid, $muuid) {
3862 RestConfig
::authorization_check("patients", "med");
3863 $return = (new ConditionRestController())->delete($puuid, $muuid);
3864 RestConfig
::apiLog($return);
3870 * path="/api/allergy",
3871 * description="Retrieves a list of allergies",
3872 * tags={"standard"},
3876 * description="The uuid for the patient.",
3885 * description="The uuid for the allergy.",
3894 * description="The title for the allergy.",
3903 * description="The start date for the allergy.",
3912 * description="The end date for the allergy.",
3921 * description="The diagnosis for the allergy.",
3929 * ref="#/components/responses/standard"
3933 * ref="#/components/responses/badrequest"
3937 * ref="#/components/responses/unauthorized"
3939 * security={{"openemr_auth":{}}}
3942 "GET /api/allergy" => function () {
3943 RestConfig
::authorization_check("patients", "med");
3944 $return = (new AllergyIntoleranceRestController())->getAll();
3945 RestConfig
::apiLog($return);
3951 * path="/api/allergy/{auuid}",
3952 * description="Retrieves a single allergy by their uuid",
3953 * tags={"standard"},
3957 * description="The uuid for the allergy.",
3965 * ref="#/components/responses/standard"
3969 * ref="#/components/responses/badrequest"
3973 * ref="#/components/responses/unauthorized"
3975 * security={{"openemr_auth":{}}}
3978 "GET /api/allergy/:auuid" => function ($auuid) {
3979 RestConfig
::authorization_check("patients", "med");
3980 $return = (new AllergyIntoleranceRestController())->getOne($auuid);
3981 RestConfig
::apiLog($return);
3987 * path="/api/patient/{puuid}/allergy",
3988 * description="Retrieves all allergies for a patient",
3989 * tags={"standard"},
3993 * description="The uuid for the patient.",
4001 * ref="#/components/responses/standard"
4005 * ref="#/components/responses/badrequest"
4009 * ref="#/components/responses/unauthorized"
4011 * security={{"openemr_auth":{}}}
4014 "GET /api/patient/:puuid/allergy" => function ($puuid) {
4015 RestConfig
::authorization_check("patients", "med");
4016 $return = (new AllergyIntoleranceRestController())->getAll(['lists.pid' => $puuid]);
4017 RestConfig
::apiLog($return);
4023 * path="/api/patient/{puuid}/allergy/{auuid}",
4024 * description="Retrieves a allergy for a patient",
4025 * tags={"standard"},
4029 * description="The uuid for the patient.",
4038 * description="The uuid for the allergy.",
4046 * ref="#/components/responses/standard"
4050 * ref="#/components/responses/badrequest"
4054 * ref="#/components/responses/unauthorized"
4056 * security={{"openemr_auth":{}}}
4059 "GET /api/patient/:puuid/allergy/:auuid" => function ($puuid, $auuid) {
4060 RestConfig
::authorization_check("patients", "med");
4061 $return = (new AllergyIntoleranceRestController())->getAll(['lists.pid' => $puuid, 'lists.id' => $auuid]);
4062 RestConfig
::apiLog($return);
4067 * Schema for the allergy request
4070 * schema="api_allergy_request",
4073 * description="The title of allergy.",
4077 * property="begdate",
4078 * description="The beginning date of allergy.",
4082 * property="enddate",
4083 * description="The end date of allergy.",
4087 * property="diagnosis",
4088 * description="The diagnosis of allergy. In format `<codetype>:<code>`",
4091 * required={"title", "begdate"},
4093 * "title": "Iodine",
4094 * "begdate": "2010-10-13",
4101 * path="/api/patient/{puuid}/allergy",
4102 * description="Submits a new allergy",
4103 * tags={"standard"},
4107 * description="The uuid for the patient.",
4116 * mediaType="application/json",
4117 * @OA\Schema(ref="#/components/schemas/api_allergy_request")
4122 * ref="#/components/responses/standard"
4126 * ref="#/components/responses/badrequest"
4130 * ref="#/components/responses/unauthorized"
4132 * security={{"openemr_auth":{}}}
4135 "POST /api/patient/:puuid/allergy" => function ($puuid) {
4136 RestConfig
::authorization_check("patients", "med");
4137 $data = (array) (json_decode(file_get_contents("php://input")));
4138 $return = (new AllergyIntoleranceRestController())->post($puuid, $data);
4139 RestConfig
::apiLog($return, $data);
4145 * path="/api/patient/{puuid}/allergy/{auuid}",
4146 * description="Edit a allergy",
4147 * tags={"standard"},
4151 * description="The uuid for the patient.",
4160 * description="The uuid for the allergy.",
4169 * mediaType="application/json",
4170 * @OA\Schema(ref="#/components/schemas/api_allergy_request")
4175 * ref="#/components/responses/standard"
4179 * ref="#/components/responses/badrequest"
4183 * ref="#/components/responses/unauthorized"
4185 * security={{"openemr_auth":{}}}
4188 "PUT /api/patient/:puuid/allergy/:auuid" => function ($puuid, $auuid) {
4189 RestConfig
::authorization_check("patients", "med");
4190 $data = (array) (json_decode(file_get_contents("php://input")));
4191 $return = (new AllergyIntoleranceRestController())->put($puuid, $auuid, $data);
4192 RestConfig
::apiLog($return, $data);
4198 * path="/api/patient/{puuid}/allergy/{auuid}",
4199 * description="Delete a medical problem",
4200 * tags={"standard"},
4204 * description="The uuid for the patient.",
4213 * description="The uuid for the allergy.",
4221 * ref="#/components/responses/standard"
4225 * ref="#/components/responses/badrequest"
4229 * ref="#/components/responses/unauthorized"
4231 * security={{"openemr_auth":{}}}
4234 "DELETE /api/patient/:puuid/allergy/:auuid" => function ($puuid, $auuid) {
4235 RestConfig
::authorization_check("patients", "med");
4236 $return = (new AllergyIntoleranceRestController())->delete($puuid, $auuid);
4237 RestConfig
::apiLog($return);
4243 * path="/api/patient/{pid}/medication",
4244 * description="Retrieves all medications for a patient",
4245 * tags={"standard"},
4249 * description="The pid for the patient.",
4257 * ref="#/components/responses/standard"
4261 * ref="#/components/responses/badrequest"
4265 * ref="#/components/responses/unauthorized"
4267 * security={{"openemr_auth":{}}}
4270 "GET /api/patient/:pid/medication" => function ($pid) {
4271 RestConfig
::authorization_check("patients", "med");
4272 $return = (new ListRestController())->getAll($pid, "medication");
4273 RestConfig
::apiLog($return);
4278 * Schema for the medication request
4281 * schema="api_medication_request",
4284 * description="The title of medication.",
4288 * property="begdate",
4289 * description="The beginning date of medication.",
4293 * property="enddate",
4294 * description="The end date of medication.",
4298 * property="diagnosis",
4299 * description="The diagnosis of medication. In format `<codetype>:<code>`",
4302 * required={"title", "begdate"},
4304 * "title": "Norvasc",
4305 * "begdate": "2013-04-13",
4312 * path="/api/patient/{pid}/medication",
4313 * description="Submits a new medication",
4314 * tags={"standard"},
4318 * description="The pid for the patient.",
4327 * mediaType="application/json",
4328 * @OA\Schema(ref="#/components/schemas/api_medication_request")
4333 * ref="#/components/responses/standard"
4337 * ref="#/components/responses/badrequest"
4341 * ref="#/components/responses/unauthorized"
4343 * security={{"openemr_auth":{}}}
4346 "POST /api/patient/:pid/medication" => function ($pid) {
4347 RestConfig
::authorization_check("patients", "med");
4348 $data = (array) (json_decode(file_get_contents("php://input")));
4349 $return = (new ListRestController())->post($pid, "medication", $data);
4350 RestConfig
::apiLog($return, $data);
4356 * path="/api/patient/{pid}/medication/{mid}",
4357 * description="Edit a medication",
4358 * tags={"standard"},
4362 * description="The pid for the patient.",
4371 * description="The id for the medication.",
4380 * mediaType="application/json",
4381 * @OA\Schema(ref="#/components/schemas/api_medication_request")
4386 * ref="#/components/responses/standard"
4390 * ref="#/components/responses/badrequest"
4394 * ref="#/components/responses/unauthorized"
4396 * security={{"openemr_auth":{}}}
4399 "PUT /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
4400 RestConfig
::authorization_check("patients", "med");
4401 $data = (array) (json_decode(file_get_contents("php://input")));
4402 $return = (new ListRestController())->put($pid, $mid, "medication", $data);
4403 RestConfig
::apiLog($return, $data);
4409 * path="/api/patient/{pid}/medication/{mid}",
4410 * description="Retrieves a medication for a patient",
4411 * tags={"standard"},
4415 * description="The id for the patient.",
4424 * description="The id for the medication.",
4432 * ref="#/components/responses/standard"
4436 * ref="#/components/responses/badrequest"
4440 * ref="#/components/responses/unauthorized"
4442 * security={{"openemr_auth":{}}}
4445 "GET /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
4446 RestConfig
::authorization_check("patients", "med");
4447 $return = (new ListRestController())->getOne($pid, "medication", $mid);
4448 RestConfig
::apiLog($return);
4454 * path="/api/patient/{pid}/medication/{mid}",
4455 * description="Delete a medication",
4456 * tags={"standard"},
4460 * description="The id for the patient.",
4469 * description="The id for the medication.",
4477 * ref="#/components/responses/standard"
4481 * ref="#/components/responses/badrequest"
4485 * ref="#/components/responses/unauthorized"
4487 * security={{"openemr_auth":{}}}
4490 "DELETE /api/patient/:pid/medication/:mid" => function ($pid, $mid) {
4491 RestConfig
::authorization_check("patients", "med");
4492 $return = (new ListRestController())->delete($pid, $mid, "medication");
4493 RestConfig
::apiLog($return);
4499 * path="/api/patient/{pid}/surgery",
4500 * description="Retrieves all surgeries for a patient",
4501 * tags={"standard"},
4505 * description="The pid for the patient.",
4513 * ref="#/components/responses/standard"
4517 * ref="#/components/responses/badrequest"
4521 * ref="#/components/responses/unauthorized"
4523 * security={{"openemr_auth":{}}}
4526 "GET /api/patient/:pid/surgery" => function ($pid) {
4527 RestConfig
::authorization_check("patients", "med");
4528 $return = (new ListRestController())->getAll($pid, "surgery");
4529 RestConfig
::apiLog($return);
4535 * path="/api/patient/{pid}/surgery/{sid}",
4536 * description="Retrieves a surgery for a patient",
4537 * tags={"standard"},
4541 * description="The id for the patient.",
4550 * description="The id for the surgery.",
4558 * ref="#/components/responses/standard"
4562 * ref="#/components/responses/badrequest"
4566 * ref="#/components/responses/unauthorized"
4568 * security={{"openemr_auth":{}}}
4571 "GET /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
4572 RestConfig
::authorization_check("patients", "med");
4573 $return = (new ListRestController())->getOne($pid, "surgery", $sid);
4574 RestConfig
::apiLog($return);
4580 * path="/api/patient/{pid}/surgery/{sid}",
4581 * description="Delete a surgery",
4582 * tags={"standard"},
4586 * description="The id for the patient.",
4595 * description="The id for the surgery.",
4603 * ref="#/components/responses/standard"
4607 * ref="#/components/responses/badrequest"
4611 * ref="#/components/responses/unauthorized"
4613 * security={{"openemr_auth":{}}}
4616 "DELETE /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
4617 RestConfig
::authorization_check("patients", "med");
4618 $return = (new ListRestController())->delete($pid, $sid, "surgery");
4619 RestConfig
::apiLog($return);
4624 * Schema for the surgery request
4627 * schema="api_surgery_request",
4630 * description="The title of surgery.",
4634 * property="begdate",
4635 * description="The beginning date of surgery.",
4639 * property="enddate",
4640 * description="The end date of surgery.",
4644 * property="diagnosis",
4645 * description="The diagnosis of surgery. In format `<codetype>:<code>`",
4648 * required={"title", "begdate"},
4650 * "title": "Blepharoplasty",
4651 * "begdate": "2013-10-14",
4653 * "diagnosis": "CPT4:15823-50"
4659 * path="/api/patient/{pid}/surgery",
4660 * description="Submits a new surgery",
4661 * tags={"standard"},
4665 * description="The pid for the patient.",
4674 * mediaType="application/json",
4675 * @OA\Schema(ref="#/components/schemas/api_surgery_request")
4680 * ref="#/components/responses/standard"
4684 * ref="#/components/responses/badrequest"
4688 * ref="#/components/responses/unauthorized"
4690 * security={{"openemr_auth":{}}}
4693 "POST /api/patient/:pid/surgery" => function ($pid) {
4694 RestConfig
::authorization_check("patients", "med");
4695 $data = (array) (json_decode(file_get_contents("php://input")));
4696 $return = (new ListRestController())->post($pid, "surgery", $data);
4697 RestConfig
::apiLog($return, $data);
4703 * path="/api/patient/{pid}/surgery/{sid}",
4704 * description="Edit a surgery",
4705 * tags={"standard"},
4709 * description="The pid for the patient.",
4718 * description="The id for the surgery.",
4727 * mediaType="application/json",
4728 * @OA\Schema(ref="#/components/schemas/api_surgery_request")
4733 * ref="#/components/responses/standard"
4737 * ref="#/components/responses/badrequest"
4741 * ref="#/components/responses/unauthorized"
4743 * security={{"openemr_auth":{}}}
4746 "PUT /api/patient/:pid/surgery/:sid" => function ($pid, $sid) {
4747 RestConfig
::authorization_check("patients", "med");
4748 $data = (array) (json_decode(file_get_contents("php://input")));
4749 $return = (new ListRestController())->put($pid, $sid, "surgery", $data);
4750 RestConfig
::apiLog($return, $data);
4756 * path="/api/patient/{pid}/dental_issue",
4757 * description="Retrieves all dental issues for a patient",
4758 * tags={"standard"},
4762 * description="The pid for the patient.",
4770 * ref="#/components/responses/standard"
4774 * ref="#/components/responses/badrequest"
4778 * ref="#/components/responses/unauthorized"
4780 * security={{"openemr_auth":{}}}
4783 "GET /api/patient/:pid/dental_issue" => function ($pid) {
4784 RestConfig
::authorization_check("patients", "med");
4785 $return = (new ListRestController())->getAll($pid, "dental");
4786 RestConfig
::apiLog($return);
4792 * path="/api/patient/{pid}/dental_issue/{did}",
4793 * description="Retrieves a dental issue for a patient",
4794 * tags={"standard"},
4798 * description="The id for the patient.",
4807 * description="The id for the dental issue.",
4815 * ref="#/components/responses/standard"
4819 * ref="#/components/responses/badrequest"
4823 * ref="#/components/responses/unauthorized"
4825 * security={{"openemr_auth":{}}}
4828 "GET /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
4829 RestConfig
::authorization_check("patients", "med");
4830 $return = (new ListRestController())->getOne($pid, "dental", $did);
4831 RestConfig
::apiLog($return);
4837 * path="/api/patient/{pid}/dental_issue/{did}",
4838 * description="Delete a dental issue",
4839 * tags={"standard"},
4843 * description="The id for the patient.",
4852 * description="The id for the dental issue.",
4860 * ref="#/components/responses/standard"
4864 * ref="#/components/responses/badrequest"
4868 * ref="#/components/responses/unauthorized"
4870 * security={{"openemr_auth":{}}}
4873 "DELETE /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
4874 RestConfig
::authorization_check("patients", "med");
4875 $return = (new ListRestController())->delete($pid, $did, "dental");
4876 RestConfig
::apiLog($return);
4881 * Schema for the dental_issue request
4884 * schema="api_dental_issue_request",
4887 * description="The title of dental issue.",
4891 * property="begdate",
4892 * description="The beginning date of dental issue.",
4896 * property="enddate",
4897 * description="The end date of dental issue.",
4901 * property="diagnosis",
4902 * description="The diagnosis of dental issue. In format `<codetype>:<code>`",
4905 * required={"title", "begdate"},
4907 * "title": "Halitosis",
4908 * "begdate": "2015-03-17",
4915 * path="/api/patient/{pid}/dental_issue",
4916 * description="Submits a new dental issue",
4917 * tags={"standard"},
4921 * description="The pid for the patient.",
4930 * mediaType="application/json",
4931 * @OA\Schema(ref="#/components/schemas/api_dental_issue_request")
4936 * ref="#/components/responses/standard"
4940 * ref="#/components/responses/badrequest"
4944 * ref="#/components/responses/unauthorized"
4946 * security={{"openemr_auth":{}}}
4949 "POST /api/patient/:pid/dental_issue" => function ($pid) {
4950 RestConfig
::authorization_check("patients", "med");
4951 $data = (array) (json_decode(file_get_contents("php://input")));
4952 $return = (new ListRestController())->post($pid, "dental", $data);
4953 RestConfig
::apiLog($return, $data);
4959 * path="/api/patient/{pid}/dental_issue/{did}",
4960 * description="Edit a dental issue",
4961 * tags={"standard"},
4965 * description="The pid for the patient.",
4974 * description="The id for the dental issue.",
4983 * mediaType="application/json",
4984 * @OA\Schema(ref="#/components/schemas/api_dental_issue_request")
4989 * ref="#/components/responses/standard"
4993 * ref="#/components/responses/badrequest"
4997 * ref="#/components/responses/unauthorized"
4999 * security={{"openemr_auth":{}}}
5002 "PUT /api/patient/:pid/dental_issue/:did" => function ($pid, $did) {
5003 RestConfig
::authorization_check("patients", "med");
5004 $data = (array) (json_decode(file_get_contents("php://input")));
5005 $return = (new ListRestController())->put($pid, $did, "dental", $data);
5006 RestConfig
::apiLog($return, $data);
5012 * path="/api/patient/{pid}/appointment",
5013 * description="Retrieves all appointments for a patient",
5014 * tags={"standard"},
5018 * description="The pid for the patient.",
5026 * ref="#/components/responses/standard"
5030 * ref="#/components/responses/badrequest"
5034 * ref="#/components/responses/unauthorized"
5036 * security={{"openemr_auth":{}}}
5039 "GET /api/patient/:pid/appointment" => function ($pid) {
5040 RestConfig
::authorization_check("patients", "appt");
5041 $return = (new AppointmentRestController())->getAllForPatient($pid);
5042 RestConfig
::apiLog($return);
5048 * path="/api/patient/{pid}/appointment",
5049 * description="Submits a new appointment",
5050 * tags={"standard"},
5054 * description="The id for the patient.",
5063 * mediaType="application/json",
5066 * property="pc_catid",
5067 * description="The category of the appointment.",
5071 * property="pc_title",
5072 * description="The title of the appointment.",
5076 * property="pc_duration",
5077 * description="The duration of the appointment.",
5081 * property="pc_hometext",
5082 * description="Comments for the appointment.",
5086 * property="pc_apptstatus",
5087 * description="use an option from resource=/api/list/apptstat",
5091 * property="pc_eventDate",
5092 * description="The date of the appointment.",
5096 * property="pc_startTime",
5097 * description="The time of the appointment.",
5101 * property="pc_facility",
5102 * description="The facility id of the appointment.",
5106 * property="pc_billing_location",
5107 * description="The billinag location id of the appointment.",
5110 * required={"pc_catid", "pc_title", "pc_duration", "pc_hometext", "pc_apptstatus", "pc_eventDate", "pc_startTime", "pc_facility", "pc_billing_location"},
5113 * "pc_title": "Office Visit",
5114 * "pc_duration": "900",
5115 * "pc_hometext": "Test",
5116 * "pc_apptstatus": "-",
5117 * "pc_eventDate": "2018-10-19",
5118 * "pc_startTime": "09:00",
5119 * "pc_facility": "9",
5120 * "pc_billing_location": "10"
5127 * ref="#/components/responses/standard"
5131 * ref="#/components/responses/badrequest"
5135 * ref="#/components/responses/unauthorized"
5137 * security={{"openemr_auth":{}}}
5140 "POST /api/patient/:pid/appointment" => function ($pid) {
5141 RestConfig
::authorization_check("patients", "appt");
5142 $data = (array) (json_decode(file_get_contents("php://input")));
5143 $return = (new AppointmentRestController())->post($pid, $data);
5144 RestConfig
::apiLog($return, $data);
5150 * path="/api/appointment",
5151 * description="Retrieves all appointments",
5152 * tags={"standard"},
5155 * ref="#/components/responses/standard"
5159 * ref="#/components/responses/badrequest"
5163 * ref="#/components/responses/unauthorized"
5165 * security={{"openemr_auth":{}}}
5168 "GET /api/appointment" => function () {
5169 RestConfig
::authorization_check("patients", "appt");
5170 $return = (new AppointmentRestController())->getAll();
5171 RestConfig
::apiLog($return);
5177 * path="/api/appointment/{eid}",
5178 * description="Retrieves an appointment",
5179 * tags={"standard"},
5183 * description="The eid for the appointment.",
5191 * ref="#/components/responses/standard"
5195 * ref="#/components/responses/badrequest"
5199 * ref="#/components/responses/unauthorized"
5201 * security={{"openemr_auth":{}}}
5204 "GET /api/appointment/:eid" => function ($eid) {
5205 RestConfig
::authorization_check("patients", "appt");
5206 $return = (new AppointmentRestController())->getOne($eid);
5207 RestConfig
::apiLog($return);
5213 * path="/api/patient/{pid}/appointment/{eid}",
5214 * description="Delete a appointment",
5215 * tags={"standard"},
5219 * description="The id for the patient.",
5228 * description="The eid for the appointment.",
5236 * ref="#/components/responses/standard"
5240 * ref="#/components/responses/badrequest"
5244 * ref="#/components/responses/unauthorized"
5246 * security={{"openemr_auth":{}}}
5249 "DELETE /api/patient/:pid/appointment/:eid" => function ($pid, $eid) {
5250 RestConfig
::authorization_check("patients", "appt");
5251 $return = (new AppointmentRestController())->delete($eid);
5252 RestConfig
::apiLog($return);
5258 * path="/api/patient/{pid}/appointment/{eid}",
5259 * description="Retrieves a appointment for a patient",
5260 * tags={"standard"},
5264 * description="The id for the patient.",
5273 * description="The eid for the appointment.",
5281 * ref="#/components/responses/standard"
5285 * ref="#/components/responses/badrequest"
5289 * ref="#/components/responses/unauthorized"
5291 * security={{"openemr_auth":{}}}
5294 "GET /api/patient/:pid/appointment/:eid" => function ($pid, $eid) {
5295 RestConfig
::authorization_check("patients", "appt");
5296 $return = (new AppointmentRestController())->getOne($eid);
5297 RestConfig
::apiLog($return);
5303 * path="/api/list/{list_name}",
5304 * description="Retrieves a list",
5305 * tags={"standard"},
5309 * description="The list_id of the list.",
5317 * ref="#/components/responses/standard"
5321 * ref="#/components/responses/badrequest"
5325 * ref="#/components/responses/unauthorized"
5327 * security={{"openemr_auth":{}}}
5330 "GET /api/list/:list_name" => function ($list_name) {
5331 RestConfig
::authorization_check("lists", "default");
5332 $return = (new ListRestController())->getOptions($list_name);
5333 RestConfig
::apiLog($return);
5339 * path="/api/version",
5340 * description="Retrieves the OpenEMR version information",
5341 * tags={"standard"},
5344 * ref="#/components/responses/standard"
5348 * ref="#/components/responses/badrequest"
5352 * ref="#/components/responses/unauthorized"
5354 * security={{"openemr_auth":{}}}
5357 "GET /api/version" => function () {
5358 $return = (new VersionRestController())->getOne();
5359 RestConfig
::apiLog($return);
5365 * path="/api/product",
5366 * description="Retrieves the OpenEMR product registration information",
5367 * tags={"standard"},
5370 * ref="#/components/responses/standard"
5374 * ref="#/components/responses/badrequest"
5378 * ref="#/components/responses/unauthorized"
5380 * security={{"openemr_auth":{}}}
5383 "GET /api/product" => function () {
5384 $return = (new ProductRegistrationRestController())->getOne();
5385 RestConfig
::apiLog($return);
5391 * path="/api/insurance_company",
5392 * description="Retrieves all insurance companies",
5393 * tags={"standard"},
5396 * ref="#/components/responses/standard"
5400 * ref="#/components/responses/badrequest"
5404 * ref="#/components/responses/unauthorized"
5406 * security={{"openemr_auth":{}}}
5409 "GET /api/insurance_company" => function () {
5410 $return = (new InsuranceCompanyRestController())->getAll();
5411 RestConfig
::apiLog($return);
5417 * path="/api/insurance_company/{iid}",
5418 * description="Retrieves insurance company",
5419 * tags={"standard"},
5423 * description="The id of the insurance company.",
5431 * ref="#/components/responses/standard"
5435 * ref="#/components/responses/badrequest"
5439 * ref="#/components/responses/unauthorized"
5441 * security={{"openemr_auth":{}}}
5444 "GET /api/insurance_company/:iid" => function ($iid) {
5445 $return = (new InsuranceCompanyRestController())->getOne($iid);
5446 RestConfig
::apiLog($return);
5452 * path="/api/insurance_type",
5453 * description="Retrieves all insurance types",
5454 * tags={"standard"},
5457 * ref="#/components/responses/standard"
5461 * ref="#/components/responses/badrequest"
5465 * ref="#/components/responses/unauthorized"
5467 * security={{"openemr_auth":{}}}
5470 "GET /api/insurance_type" => function () {
5471 $return = (new InsuranceCompanyRestController())->getInsuranceTypes();
5472 RestConfig
::apiLog($return);
5477 * Schema for the insurance_company request
5480 * schema="api_insurance_company_request",
5483 * description="The name of insurance company.",
5488 * description="The attn of insurance company.",
5492 * property="cms_id",
5493 * description="The cms id of insurance company.",
5497 * property="ins_type_code",
5498 * description="The insurance type code of insurance company. The insurance type code can be found by inspecting the route at (/api/insurance_type).",
5502 * property="x12_receiver_id",
5503 * description="The x12 receiver id of insurance company.",
5507 * property="x12_default_partner_id",
5508 * description="The x12 default partner id of insurance company.",
5512 * property="alt_cms_id",
5513 * description="The alternate cms id of insurance company.",
5518 * description="The line1 address of insurance company.",
5523 * description="The line2 address of insurance company.",
5528 * description="The city of insurance company.",
5533 * description="The state of insurance company.",
5538 * description="The zip of insurance company.",
5542 * property="country",
5543 * description="The country of insurance company.",
5546 * required={"name"},
5548 * "name": "Cool Insurance Company",
5551 * "ins_type_code": "2",
5552 * "x12_receiver_id": null,
5553 * "x12_default_partner_id": null,
5555 * "line1": "123 Cool Lane",
5556 * "line2": "Suite 123",
5557 * "city": "Cooltown",
5566 * path="/api/insurance_company",
5567 * description="Submits a new insurance company",
5568 * tags={"standard"},
5572 * mediaType="application/json",
5573 * @OA\Schema(ref="#/components/schemas/api_insurance_company_request")
5578 * ref="#/components/responses/standard"
5582 * ref="#/components/responses/badrequest"
5586 * ref="#/components/responses/unauthorized"
5588 * security={{"openemr_auth":{}}}
5591 "POST /api/insurance_company" => function () {
5592 $data = (array) (json_decode(file_get_contents("php://input")));
5593 $return = (new InsuranceCompanyRestController())->post($data);
5594 RestConfig
::apiLog($return, $data);
5600 * path="/api/insurance_company/{iid}",
5601 * description="Edit a insurance company",
5602 * tags={"standard"},
5606 * description="The id for the insurance company.",
5615 * mediaType="application/json",
5616 * @OA\Schema(ref="#/components/schemas/api_insurance_company_request")
5621 * ref="#/components/responses/standard"
5625 * ref="#/components/responses/badrequest"
5629 * ref="#/components/responses/unauthorized"
5631 * security={{"openemr_auth":{}}}
5634 "PUT /api/insurance_company/:iid" => function ($iid) {
5635 $data = (array) (json_decode(file_get_contents("php://input")));
5636 $return = (new InsuranceCompanyRestController())->put($iid, $data);
5637 RestConfig
::apiLog($return, $data);
5643 * path="/api/patient/{pid}/document",
5644 * description="Submits a new patient document",
5645 * tags={"standard"},
5649 * description="The pid for the patient.",
5658 * description="The category of the document.",
5667 * mediaType="multipart/form-data",
5670 * property="document",
5671 * description="document",
5680 * ref="#/components/responses/standard"
5684 * ref="#/components/responses/badrequest"
5688 * ref="#/components/responses/unauthorized"
5690 * security={{"openemr_auth":{}}}
5693 "POST /api/patient/:pid/document" => function ($pid) {
5694 $return = (new DocumentRestController())->postWithPath($pid, $_GET['path'], $_FILES['document']);
5695 RestConfig
::apiLog($return);
5701 * path="/api/patient/{pid}/document",
5702 * description="Retrieves all file information of documents from a category for a patient",
5703 * tags={"standard"},
5707 * description="The pid for the patient.",
5716 * description="The category of the documents.",
5724 * ref="#/components/responses/standard"
5728 * ref="#/components/responses/badrequest"
5732 * ref="#/components/responses/unauthorized"
5734 * security={{"openemr_auth":{}}}
5737 "GET /api/patient/:pid/document" => function ($pid) {
5738 $return = (new DocumentRestController())->getAllAtPath($pid, $_GET['path']);
5739 RestConfig
::apiLog($return);
5745 * path="/api/patient/{pid}/document/{did}",
5746 * description="Retrieves a document for a patient",
5747 * tags={"standard"},
5751 * description="The pid for the patient.",
5760 * description="The id for the patient document.",
5768 * ref="#/components/responses/standard"
5772 * ref="#/components/responses/badrequest"
5776 * ref="#/components/responses/unauthorized"
5778 * security={{"openemr_auth":{}}}
5781 "GET /api/patient/:pid/document/:did" => function ($pid, $did) {
5782 $return = (new DocumentRestController())->downloadFile($pid, $did);
5783 RestConfig
::apiLog($return);
5789 * path="/api/patient/{pid}/insurance",
5790 * description="Retrieves all insurances for a patient",
5791 * tags={"standard"},
5795 * description="The pid for the patient.",
5803 * ref="#/components/responses/standard"
5807 * ref="#/components/responses/badrequest"
5811 * ref="#/components/responses/unauthorized"
5813 * security={{"openemr_auth":{}}}
5816 "GET /api/patient/:pid/insurance" => function ($pid) {
5817 $return = (new InsuranceRestController())->getAll($pid);
5818 RestConfig
::apiLog($return);
5824 * path="/api/patient/{pid}/insurance/{type}",
5825 * description="Retrieves a insurance (by type) for a patient",
5826 * tags={"standard"},
5830 * description="The pid for the patient.",
5839 * description="The insurance type for the patient. (options are 'primary', 'secondary', or 'tertiary')",
5847 * ref="#/components/responses/standard"
5851 * ref="#/components/responses/badrequest"
5855 * ref="#/components/responses/unauthorized"
5857 * security={{"openemr_auth":{}}}
5860 "GET /api/patient/:pid/insurance/:type" => function ($pid, $type) {
5861 $return = (new InsuranceRestController())->getOne($pid, $type);
5862 RestConfig
::apiLog($return);
5867 * Schema for the insurance request
5870 * schema="api_insurance_request",
5872 * property="provider",
5873 * description="The insurance company id.",
5877 * property="plan_name",
5878 * description="The plan name of insurance.",
5882 * property="policy_number",
5883 * description="The policy number of insurance.",
5887 * property="group_number",
5888 * description="The group number of insurance.",
5892 * property="subscriber_lname",
5893 * description="The subscriber last name of insurance.",
5897 * property="subscriber_mname",
5898 * description="The subscriber middle name of insurance.",
5902 * property="subscriber_fname",
5903 * description="The subscriber first name of insurance.",
5907 * property="subscriber_relationship",
5908 * description="The subscriber relationship of insurance.",
5912 * property="subscriber_ss",
5913 * description="The subscriber ss number of insurance.",
5917 * property="subscriber_DOB",
5918 * description="The subscriber DOB of insurance.",
5922 * property="subscriber_street",
5923 * description="The subscriber street address of insurance.",
5927 * property="subscriber_postal_code",
5928 * description="The subscriber postal code of insurance.",
5932 * property="subscriber_city",
5933 * description="The subscriber city of insurance.",
5937 * property="subscriber_state",
5938 * description="The subscriber state of insurance. `state` can be found by querying `resource=/api/list/state`",
5942 * property="subscriber_country",
5943 * description="The subscriber country of insurance. `country` can be found by querying `resource=/api/list/country`",
5947 * property="subscriber_phone",
5948 * description="The subscriber phone of insurance.",
5952 * property="subscriber_employer",
5953 * description="The subscriber employer of insurance.",
5957 * property="subscriber_employer_street",
5958 * description="The subscriber employer street of insurance.",
5962 * property="subscriber_employer_postal_code",
5963 * description="The subscriber employer postal code of insurance.",
5967 * property="subscriber_employer_state",
5968 * description="The subscriber employer state of insurance.",
5972 * property="subscriber_employer_country",
5973 * description="The subscriber employer country of insurance.",
5977 * property="subscriber_employer_city",
5978 * description="The subscriber employer city of insurance.",
5983 * description="The copay of insurance.",
5988 * description="The date of insurance.",
5992 * property="subscriber_sex",
5993 * description="The subscriber sex of insurance.",
5997 * property="accept_assignment",
5998 * description="The accept_assignment of insurance.",
6002 * property="policy_type",
6003 * description="The policy_type of insurance.",
6006 * required={"provider", "plan_name", "policy_number", "group_number", "subscriber_fname", "subscriber_lname", "subscriber_relationship", "subscriber_ss", "subscriber_DOB", "subscriber_street", "subscriber_postal_code", "subscriber_city", "subscriber_state", "subscriber_country", "subscriber_phone", "subscriber_sex", "accept_assignment", "policy_type"},
6009 * "plan_name": "Some Plan",
6010 * "policy_number": "12345",
6011 * "group_number": "252412",
6012 * "subscriber_lname": "Tester",
6013 * "subscriber_mname": "Xi",
6014 * "subscriber_fname": "Foo",
6015 * "subscriber_relationship": "other",
6016 * "subscriber_ss": "234231234",
6017 * "subscriber_DOB": "2018-10-03",
6018 * "subscriber_street": "183 Cool St",
6019 * "subscriber_postal_code": "23418",
6020 * "subscriber_city": "Cooltown",
6021 * "subscriber_state": "AZ",
6022 * "subscriber_country": "USA",
6023 * "subscriber_phone": "234-598-2123",
6024 * "subscriber_employer": "Some Employer",
6025 * "subscriber_employer_street": "123 Heather Lane",
6026 * "subscriber_employer_postal_code": "23415",
6027 * "subscriber_employer_state": "AZ",
6028 * "subscriber_employer_country": "USA",
6029 * "subscriber_employer_city": "Cooltown",
6031 * "date": "2018-10-15",
6032 * "subscriber_sex": "Female",
6033 * "accept_assignment": "TRUE",
6034 * "policy_type": "a"
6040 * path="/api/patient/{pid}/insurance/{type}",
6041 * description="Submits a new patient insurance (with type)",
6042 * tags={"standard"},
6046 * description="The pid for the patient.",
6055 * description="The insurance type for the patient. (options are 'primary', 'secondary', or 'tertiary')",
6064 * mediaType="application/json",
6065 * @OA\Schema(ref="#/components/schemas/api_insurance_request")
6070 * ref="#/components/responses/standard"
6074 * ref="#/components/responses/badrequest"
6078 * ref="#/components/responses/unauthorized"
6080 * security={{"openemr_auth":{}}}
6083 "POST /api/patient/:pid/insurance/:type" => function ($pid, $type) {
6084 $data = (array) (json_decode(file_get_contents("php://input")));
6085 $return = (new InsuranceRestController())->post($pid, $type, $data);
6086 RestConfig
::apiLog($return, $data);
6092 * path="/api/patient/{pid}/insurance/{type}",
6093 * description="Edit a patient insurance (by type)",
6094 * tags={"standard"},
6098 * description="The pid for the patient.",
6107 * description="The insurance type for the patient. (options are 'primary', 'secondary', or 'tertiary')",
6116 * mediaType="application/json",
6117 * @OA\Schema(ref="#/components/schemas/api_insurance_request")
6122 * ref="#/components/responses/standard"
6126 * ref="#/components/responses/badrequest"
6130 * ref="#/components/responses/unauthorized"
6132 * security={{"openemr_auth":{}}}
6135 "PUT /api/patient/:pid/insurance/:type" => function ($pid, $type) {
6136 $data = (array) (json_decode(file_get_contents("php://input")));
6137 $return = (new InsuranceRestController())->put($pid, $type, $data);
6138 RestConfig
::apiLog($return, $data);
6143 * Schema for the message request
6146 * schema="api_message_request",
6149 * description="The body of message.",
6153 * property="groupname",
6154 * description="The group name (usually is 'Default').",
6159 * description="The sender of the message.",
6164 * description="The recipient of the message.",
6169 * description="use an option from resource=/api/list/note_type",
6173 * property="message_status",
6174 * description="use an option from resource=/api/list/message_status",
6177 * required={"body", "groupname", "from", "to", "title", "message_status"},
6179 * "body": "Test 456",
6180 * "groupname": "Default",
6181 * "from": "Matthew",
6184 * "message_status": "New"
6190 * path="/api/patient/{pid}/message",
6191 * description="Submits a pnote message",
6192 * tags={"standard"},
6196 * description="The id for the patient.",
6205 * mediaType="application/json",
6206 * @OA\Schema(ref="#/components/schemas/api_message_request")
6211 * ref="#/components/responses/standard"
6215 * ref="#/components/responses/badrequest"
6219 * ref="#/components/responses/unauthorized"
6221 * security={{"openemr_auth":{}}}
6224 "POST /api/patient/:pid/message" => function ($pid) {
6225 RestConfig
::authorization_check("patients", "notes");
6226 $data = (array) (json_decode(file_get_contents("php://input")));
6227 $return = (new MessageRestController())->post($pid, $data);
6228 RestConfig
::apiLog($return, $data);
6235 * path="/api/patient/{pid}/message/{mid}",
6236 * description="Edit a pnote message",
6237 * tags={"standard"},
6241 * description="The id for the patient.",
6250 * description="The id for the pnote message.",
6259 * mediaType="application/json",
6260 * @OA\Schema(ref="#/components/schemas/api_message_request")
6265 * ref="#/components/responses/standard"
6269 * ref="#/components/responses/badrequest"
6273 * ref="#/components/responses/unauthorized"
6275 * security={{"openemr_auth":{}}}
6278 "PUT /api/patient/:pid/message/:mid" => function ($pid, $mid) {
6279 RestConfig
::authorization_check("patients", "notes");
6280 $data = (array) (json_decode(file_get_contents("php://input")));
6281 $return = (new MessageRestController())->put($pid, $mid, $data);
6282 RestConfig
::apiLog($return, $data);
6288 * path="/api/patient/{pid}/message/{mid}",
6289 * description="Delete a pnote message",
6290 * tags={"standard"},
6294 * description="The id for the patient.",
6303 * description="The id for the pnote message.",
6311 * ref="#/components/responses/standard"
6315 * ref="#/components/responses/badrequest"
6319 * ref="#/components/responses/unauthorized"
6321 * security={{"openemr_auth":{}}}
6324 "DELETE /api/patient/:pid/message/:mid" => function ($pid, $mid) {
6325 RestConfig
::authorization_check("patients", "notes");
6326 $return = (new MessageRestController())->delete($pid, $mid);
6327 RestConfig
::apiLog($return);
6333 * path="/api/immunization",
6334 * description="Retrieves a list of immunizations",
6335 * tags={"standard"},
6337 * name="patient_id",
6339 * description="The pid for the patient.",
6348 * description="The id for the immunization.",
6357 * description="The uuid for the immunization.",
6364 * name="administered_date",
6366 * description="The administered date for the immunization.",
6373 * name="immunization_id",
6375 * description="The immunization list_id for the immunization.",
6384 * description="The cvx code for the immunization.",
6391 * name="manufacturer",
6393 * description="The manufacturer for the immunization.",
6400 * name="lot_number",
6402 * description="The lot number for the immunization.",
6409 * name="administered_by_id",
6411 * description="The administered by id for the immunization.",
6418 * name="administered_by",
6420 * description="The administered by for the immunization.",
6427 * name="education_date",
6429 * description="The education date for the immunization.",
6438 * description="The vis date for the immunization.",
6447 * description="The note for the immunization.",
6454 * name="create_date",
6456 * description="The create date for the immunization.",
6463 * name="update_date",
6465 * description="The update date for the immunization.",
6472 * name="created_by",
6474 * description="The created_by for the immunization.",
6481 * name="updated_by",
6483 * description="The updated_by for the immunization.",
6490 * name="amount_administered",
6492 * description="The amount administered for the immunization.",
6499 * name="amount_administered_unit",
6501 * description="The amount administered unit for the immunization.",
6508 * name="expiration_date",
6510 * description="The expiration date for the immunization.",
6519 * description="The route for the immunization.",
6526 * name="administration_site",
6528 * description="The administration site for the immunization.",
6535 * name="added_erroneously",
6537 * description="The added_erroneously for the immunization.",
6544 * name="external_id",
6546 * description="The external_id for the immunization.",
6553 * name="completion_status",
6555 * description="The completion status for the immunization.",
6562 * name="information_source",
6564 * description="The information source for the immunization.",
6571 * name="refusal_reason",
6573 * description="The refusal reason for the immunization.",
6580 * name="ordering_provider",
6582 * description="The ordering provider for the immunization.",
6590 * ref="#/components/responses/standard"
6594 * ref="#/components/responses/badrequest"
6598 * ref="#/components/responses/unauthorized"
6600 * security={{"openemr_auth":{}}}
6603 "GET /api/immunization" => function () {
6604 RestConfig
::authorization_check("patients", "med");
6605 $return = (new ImmunizationRestController())->getAll($_GET);
6606 RestConfig
::apiLog($return);
6612 * path="/api/immunization/{uuid}",
6613 * description="Retrieves a immunization",
6614 * tags={"standard"},
6618 * description="The uuid for the immunization.",
6626 * ref="#/components/responses/standard"
6630 * ref="#/components/responses/badrequest"
6634 * ref="#/components/responses/unauthorized"
6636 * security={{"openemr_auth":{}}}
6639 "GET /api/immunization/:uuid" => function ($uuid) {
6640 RestConfig
::authorization_check("patients", "med");
6641 $return = (new ImmunizationRestController())->getOne($uuid);
6642 RestConfig
::apiLog($return);
6648 * path="/api/procedure",
6649 * description="Retrieves a list of all procedures",
6650 * tags={"standard"},
6653 * ref="#/components/responses/standard"
6657 * ref="#/components/responses/badrequest"
6661 * ref="#/components/responses/unauthorized"
6663 * security={{"openemr_auth":{}}}
6666 "GET /api/procedure" => function () {
6667 RestConfig
::authorization_check("patients", "med");
6668 $return = (new ProcedureRestController())->getAll();
6669 RestConfig
::apiLog($return);
6675 * path="/api/procedure/{uuid}",
6676 * description="Retrieves a procedure",
6677 * tags={"standard"},
6681 * description="The uuid for the procedure.",
6689 * ref="#/components/responses/standard"
6693 * ref="#/components/responses/badrequest"
6697 * ref="#/components/responses/unauthorized"
6699 * security={{"openemr_auth":{}}}
6702 "GET /api/procedure/:uuid" => function ($uuid) {
6703 RestConfig
::authorization_check("patients", "med");
6704 $return = (new ProcedureRestController())->getOne($uuid);
6705 RestConfig
::apiLog($return);
6712 * description="Retrieves a list of all drugs",
6713 * tags={"standard"},
6716 * ref="#/components/responses/standard"
6720 * ref="#/components/responses/badrequest"
6724 * ref="#/components/responses/unauthorized"
6726 * security={{"openemr_auth":{}}}
6729 "GET /api/drug" => function () {
6730 RestConfig
::authorization_check("patients", "med");
6731 $return = (new DrugRestController())->getAll();
6732 RestConfig
::apiLog($return);
6738 * path="/api/drug/{uuid}",
6739 * description="Retrieves a drug",
6740 * tags={"standard"},
6744 * description="The uuid for the drug.",
6752 * ref="#/components/responses/standard"
6756 * ref="#/components/responses/badrequest"
6760 * ref="#/components/responses/unauthorized"
6762 * security={{"openemr_auth":{}}}
6765 "GET /api/drug/:uuid" => function ($uuid) {
6766 RestConfig
::authorization_check("patients", "med");
6767 $return = (new DrugRestController())->getOne($uuid);
6768 RestConfig
::apiLog($return);
6774 * path="/api/prescription",
6775 * description="Retrieves a list of all prescriptions",
6776 * tags={"standard"},
6779 * ref="#/components/responses/standard"
6783 * ref="#/components/responses/badrequest"
6787 * ref="#/components/responses/unauthorized"
6789 * security={{"openemr_auth":{}}}
6792 "GET /api/prescription" => function () {
6793 RestConfig
::authorization_check("patients", "med");
6794 $return = (new PrescriptionRestController())->getAll();
6795 RestConfig
::apiLog($return);
6801 * path="/api/prescription/{uuid}",
6802 * description="Retrieves a prescription",
6803 * tags={"standard"},
6807 * description="The uuid for the prescription.",
6815 * ref="#/components/responses/standard"
6819 * ref="#/components/responses/badrequest"
6823 * ref="#/components/responses/unauthorized"
6825 * security={{"openemr_auth":{}}}
6828 "GET /api/prescription/:uuid" => function ($uuid) {
6829 RestConfig
::authorization_check("patients", "med");
6830 $return = (new PrescriptionRestController())->getOne($uuid);
6831 RestConfig
::apiLog($return);
6836 use OpenEMR\Common\Http\StatusCode
;
6837 use OpenEMR\Common\Http\Psr17Factory
;
6838 use OpenEMR\RestControllers\FHIR\FhirAllergyIntoleranceRestController
;
6839 use OpenEMR\RestControllers\FHIR\FhirCarePlanRestController
;
6840 use OpenEMR\RestControllers\FHIR\FhirCareTeamRestController
;
6841 use OpenEMR\RestControllers\FHIR\FhirConditionRestController
;
6842 use OpenEMR\RestControllers\FHIR\FhirCoverageRestController
;
6843 use OpenEMR\RestControllers\FHIR\FhirDeviceRestController
;
6844 use OpenEMR\RestControllers\FHIR\FhirDiagnosticReportRestController
;
6845 use OpenEMR\RestControllers\FHIR\FhirDocumentReferenceRestController
;
6846 use OpenEMR\RestControllers\FHIR\FhirEncounterRestController
;
6847 use OpenEMR\RestControllers\FHIR\FhirExportRestController
;
6848 use OpenEMR\RestControllers\FHIR\FhirObservationRestController
;
6849 use OpenEMR\RestControllers\FHIR\FhirImmunizationRestController
;
6850 use OpenEMR\RestControllers\FHIR\FhirGoalRestController
;
6851 use OpenEMR\RestControllers\FHIR\FhirGroupRestController
;
6852 use OpenEMR\RestControllers\FHIR\FhirLocationRestController
;
6853 use OpenEMR\RestControllers\FHIR\FhirMedicationRestController
;
6854 use OpenEMR\RestControllers\FHIR\FhirMedicationRequestRestController
;
6855 use OpenEMR\RestControllers\FHIR\FhirOrganizationRestController
;
6856 use OpenEMR\RestControllers\FHIR\FhirPatientRestController
;
6857 use OpenEMR\RestControllers\FHIR\FhirPersonRestController
;
6858 use OpenEMR\RestControllers\FHIR\FhirPractitionerRoleRestController
;
6859 use OpenEMR\RestControllers\FHIR\FhirPractitionerRestController
;
6860 use OpenEMR\RestControllers\FHIR\FhirProcedureRestController
;
6861 use OpenEMR\RestControllers\FHIR\FhirProvenanceRestController
;
6862 use OpenEMR\RestControllers\FHIR\FhirMetaDataRestController
;
6864 // Note that the fhir route includes both user role and patient role
6865 // (there is a mechanism in place to ensure patient role is binded
6866 // to only see the data of the one patient)
6867 RestConfig
::$FHIR_ROUTE_MAP = array(
6870 * path="/fhir/AllergyIntolerance",
6871 * description="Returns a list of AllergyIntolerance resources.",
6876 * description="The uuid for the AllergyIntolerance resource.",
6885 * description="The uuid for the patient.",
6893 * description="Standard Response",
6895 * mediaType="application/json",
6898 * property="json object",
6899 * description="FHIR Json object.",
6904 * "lastUpdated": "2021-09-14T09:13:51"
6906 * "resourceType": "Bundle",
6907 * "type": "collection",
6911 * "relation": "self",
6912 * "url": "https://localhost:9300/apis/default/fhir/AllergyIntolerance"
6921 * ref="#/components/responses/badrequest"
6925 * ref="#/components/responses/unauthorized"
6927 * security={{"openemr_auth":{}}}
6930 "GET /fhir/AllergyIntolerance" => function (HttpRestRequest
$request) {
6931 $getParams = $request->getQueryParams();
6932 if ($request->isPatientRequest()) {
6933 // only allow access to data of binded patient
6934 $return = (new FhirAllergyIntoleranceRestController($request))->getAll($getParams, $request->getPatientUUIDString());
6936 RestConfig
::authorization_check("patients", "med");
6937 $return = (new FhirAllergyIntoleranceRestController($request))->getAll($getParams);
6939 RestConfig
::apiLog($return);
6945 * path="/fhir/AllergyIntolerance/{uuid}",
6946 * description="Returns a single AllergyIntolerance resource.",
6951 * description="The uuid for the AllergyIntolerance resource.",
6959 * description="Standard Response",
6961 * mediaType="application/json",
6964 * property="json object",
6965 * description="FHIR Json object.",
6969 * "id": "94682fe5-f383-4885-9505-64b02e34906f",
6972 * "lastUpdated": "2021-09-16T00:27:32+00:00"
6974 * "resourceType": "AllergyIntolerance",
6976 * "status": "additional",
6977 * "div": "<div xmlns='http://www.w3.org/1999/xhtml'>penicillin</div>"
6979 * "clinicalStatus": {
6982 * "system": "http://terminology.hl7.org/CodeSystem/allergyintolerance-clinical",
6984 * "display": "Active"
6988 * "verificationStatus": {
6991 * "system": "http://terminology.hl7.org/CodeSystem/allergyintolerance-verification",
6992 * "code": "confirmed",
6993 * "display": "Confirmed"
7000 * "criticality": "low",
7004 * "system": "http://terminology.hl7.org/CodeSystem/data-absent-reason",
7005 * "code": "unknown",
7006 * "display": "Unknown"
7011 * "reference": "Patient/94682ef5-b0e3-4289-b19a-11b9592e9c92"
7015 * "manifestation": {
7019 * "system": "http://snomed.info/sct",
7020 * "code": "422587007",
7021 * "display": "Nausea"
7035 * ref="#/components/responses/badrequest"
7039 * ref="#/components/responses/unauthorized"
7043 * ref="#/components/responses/uuidnotfound"
7045 * security={{"openemr_auth":{}}}
7048 "GET /fhir/AllergyIntolerance/:uuid" => function ($uuid, HttpRestRequest
$request) {
7049 if ($request->isPatientRequest()) {
7050 // only allow access to data of binded patient
7051 $return = (new FhirAllergyIntoleranceRestController($request))->getOne($uuid, $request->getPatientUUIDString());
7053 RestConfig
::authorization_check("patients", "med");
7054 $return = (new FhirAllergyIntoleranceRestController($request))->getOne($uuid);
7056 RestConfig
::apiLog($return);
7062 * path="/fhir/CarePlan",
7063 * description="Returns a list of CarePlan resources.",
7068 * description="The uuid for the CarePlan resource.",
7077 * description="The uuid for the patient.",
7086 * description="The category of the CarePlan resource.",
7094 * description="Standard Response",
7096 * mediaType="application/json",
7099 * property="json object",
7100 * description="FHIR Json object.",
7105 * "lastUpdated": "2021-09-14T09:13:51"
7107 * "resourceType": "Bundle",
7108 * "type": "collection",
7112 * "relation": "self",
7113 * "url": "https://localhost:9300/apis/default/fhir/CarePlan"
7122 * ref="#/components/responses/badrequest"
7126 * ref="#/components/responses/unauthorized"
7128 * security={{"openemr_auth":{}}}
7131 "GET /fhir/CarePlan" => function (HttpRestRequest
$request) {
7132 $getParams = $request->getQueryParams();
7133 if ($request->isPatientRequest()) {
7134 // only allow access to data of binded patient
7135 $return = (new FhirCarePlanRestController())->getAll($getParams, $request->getPatientUUIDString());
7137 RestConfig
::authorization_check("patients", "med");
7138 $return = (new FhirCarePlanRestController())->getAll($getParams);
7140 RestConfig
::apiLog($return);
7146 * path="/fhir/CarePlan/{uuid}",
7147 * description="Returns a single CarePlan resource.",
7152 * description="The uuid for the CarePlan resource.",
7160 * description="Standard Response",
7162 * mediaType="application/json",
7165 * property="json object",
7166 * description="FHIR Json object.",
7170 * "id": "94682f08-8fbc-451e-b1ec-f922d765c38f_1",
7173 * "lastUpdated": "2021-09-16T00:54:18+00:00"
7175 * "resourceType": "CarePlan",
7177 * "status": "generated",
7178 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""><p>Treat flu.</p></div>"
7180 * "status": "active",
7186 * "system": "http://hl7.org/fhir/us/core/CodeSystem/careplan-category",
7187 * "code": "assess-plan"
7192 * "description": "Treat flu.",
7194 * "reference": "Patient/94682ef5-b0e3-4289-b19a-11b9592e9c92",
7203 * ref="#/components/responses/badrequest"
7207 * ref="#/components/responses/unauthorized"
7211 * ref="#/components/responses/uuidnotfound"
7213 * security={{"openemr_auth":{}}}
7216 "GET /fhir/CarePlan/:uuid" => function ($uuid, HttpRestRequest
$request) {
7217 if ($request->isPatientRequest()) {
7218 // only allow access to data of binded patient
7219 $return = (new FhirCarePlanRestController())->getOne($uuid, $request->getPatientUUIDString());
7221 RestConfig
::authorization_check("patients", "med");
7222 $return = (new FhirCarePlanRestController())->getOne($uuid);
7224 RestConfig
::apiLog($return);
7230 * path="/fhir/CareTeam",
7231 * description="Returns a list of CareTeam resources.",
7236 * description="The uuid for the CareTeam resource.",
7245 * description="The uuid for the patient.",
7254 * description="The status of the CarePlan resource.",
7262 * description="Standard Response",
7264 * mediaType="application/json",
7267 * property="json object",
7268 * description="FHIR Json object.",
7273 * "lastUpdated": "2021-09-14T09:13:51"
7275 * "resourceType": "Bundle",
7276 * "type": "collection",
7280 * "relation": "self",
7281 * "url": "https://localhost:9300/apis/default/fhir/CareTeam"
7290 * ref="#/components/responses/badrequest"
7294 * ref="#/components/responses/unauthorized"
7296 * security={{"openemr_auth":{}}}
7299 "GET /fhir/CareTeam" => function (HttpRestRequest
$request) {
7300 $getParams = $request->getQueryParams();
7301 if ($request->isPatientRequest()) {
7302 // only allow access to data of binded patient
7303 $return = (new FhirCareTeamRestController())->getAll($getParams, $request->getPatientUUIDString());
7305 RestConfig
::authorization_check("patients", "med");
7306 $return = (new FhirCareTeamRestController())->getAll($getParams);
7308 RestConfig
::apiLog($return);
7314 * path="/fhir/CareTeam/{uuid}",
7315 * description="Returns a single CareTeam resource.",
7320 * description="The uuid for the CareTeam resource.",
7328 * description="Standard Response",
7330 * mediaType="application/json",
7333 * property="json object",
7334 * description="FHIR Json object.",
7338 * "id": "94682f09-69fe-4ada-8ea6-753a52bd1516",
7341 * "lastUpdated": "2021-09-16T01:07:22+00:00"
7343 * "resourceType": "CareTeam",
7344 * "status": "active",
7346 * "reference": "Patient/94682ef5-b0e3-4289-b19a-11b9592e9c92",
7355 * "system": "http://nucc.org/provider-taxonomy",
7356 * "code": "102L00000X",
7357 * "display": "Psychoanalyst"
7363 * "reference": "Practitioner/94682c68-f712-4c39-9158-ff132a08f26b",
7364 * "type": "Practitioner"
7367 * "reference": "Organization/94682c62-b801-4498-84a1-13f158bb2a18",
7368 * "type": "Organization"
7376 * "system": "http://terminology.hl7.org/CodeSystem/data-absent-reason",
7377 * "code": "unknown",
7378 * "display": "Unknown"
7384 * "reference": "Organization/94682c62-b801-4498-84a1-13f158bb2a18",
7385 * "type": "Organization"
7395 * ref="#/components/responses/badrequest"
7399 * ref="#/components/responses/unauthorized"
7403 * ref="#/components/responses/uuidnotfound"
7405 * security={{"openemr_auth":{}}}
7408 "GET /fhir/CareTeam/:uuid" => function ($uuid, HttpRestRequest
$request) {
7409 if ($request->isPatientRequest()) {
7410 // only allow access to data of binded patient
7411 $return = (new FhirCareTeamRestController())->getOne($uuid, $request->getPatientUUIDString());
7413 RestConfig
::authorization_check("patients", "med");
7414 $return = (new FhirCareTeamRestController())->getOne($uuid);
7416 RestConfig
::apiLog($return);
7422 * path="/fhir/Condition",
7423 * description="Returns a list of Condition resources.",
7428 * description="The uuid for the Condition resource.",
7437 * description="The uuid for the patient.",
7445 * description="Standard Response",
7447 * mediaType="application/json",
7450 * property="json object",
7451 * description="FHIR Json object.",
7456 * "lastUpdated": "2021-09-14T09:13:51"
7458 * "resourceType": "Bundle",
7459 * "type": "collection",
7463 * "relation": "self",
7464 * "url": "https://localhost:9300/apis/default/fhir/Condition"
7473 * ref="#/components/responses/badrequest"
7477 * ref="#/components/responses/unauthorized"
7479 * security={{"openemr_auth":{}}}
7482 "GET /fhir/Condition" => function (HttpRestRequest
$request) {
7483 $getParams = $request->getQueryParams();
7484 if ($request->isPatientRequest()) {
7485 // only allow access to data of binded patient
7486 $return = (new FhirConditionRestController())->getAll($getParams, $request->getPatientUUIDString());
7488 RestConfig
::authorization_check("patients", "med");
7489 $return = (new FhirConditionRestController())->getAll($getParams);
7491 RestConfig
::apiLog($return);
7497 * path="/fhir/Condition/{uuid}",
7498 * description="Returns a single Condition resource.",
7503 * description="The uuid for the Condition resource.",
7511 * description="Standard Response",
7513 * mediaType="application/json",
7516 * property="json object",
7517 * description="FHIR Json object.",
7521 * "id": "94682c68-e5bb-4c5c-859a-cebaa5a1e582",
7524 * "lastUpdated": "2021-09-16T02:41:53+00:00"
7526 * "resourceType": "Condition",
7527 * "clinicalStatus": {
7530 * "system": "http://terminology.hl7.org/CodeSystem/condition-clinical",
7531 * "code": "inactive",
7532 * "display": "Inactive"
7536 * "verificationStatus": {
7539 * "system": "http://terminology.hl7.org/CodeSystem/condition-ver-status",
7540 * "code": "unconfirmed",
7541 * "display": "Unconfirmed"
7549 * "system": "http://terminology.hl7.org/CodeSystem/condition-category",
7550 * "code": "problem-list-item",
7551 * "display": "Problem List Item"
7559 * "system": "http://snomed.info/sct",
7560 * "code": "444814009",
7566 * "reference": "Patient/94682c62-d37e-48b5-8018-c5f6f3566609"
7574 * ref="#/components/responses/badrequest"
7578 * ref="#/components/responses/unauthorized"
7582 * ref="#/components/responses/uuidnotfound"
7584 * security={{"openemr_auth":{}}}
7587 "GET /fhir/Condition/:uuid" => function ($uuid, HttpRestRequest
$request) {
7588 if ($request->isPatientRequest()) {
7589 // only allow access to data of binded patient
7590 $return = (new FhirConditionRestController())->getOne($uuid, $request->getPatientUUIDString());
7592 RestConfig
::authorization_check("patients", "med");
7593 $return = (new FhirConditionRestController())->getOne($uuid);
7595 RestConfig
::apiLog($return);
7601 * path="/fhir/Coverage",
7602 * description="Returns a list of Coverage resources.",
7607 * description="The uuid for the Coverage resource.",
7616 * description="The uuid for the patient.",
7625 * description="The payor of the Coverage resource.",
7633 * description="Standard Response",
7635 * mediaType="application/json",
7638 * property="json object",
7639 * description="FHIR Json object.",
7644 * "lastUpdated": "2021-09-14T09:13:51"
7646 * "resourceType": "Bundle",
7647 * "type": "collection",
7651 * "relation": "self",
7652 * "url": "https://localhost:9300/apis/default/fhir/Coverage"
7661 * ref="#/components/responses/badrequest"
7665 * ref="#/components/responses/unauthorized"
7667 * security={{"openemr_auth":{}}}
7672 * 1. Broken when trying to search with parameters.
7674 "GET /fhir/Coverage" => function (HttpRestRequest
$request) {
7675 RestConfig
::authorization_check("admin", "super");
7676 $return = (new FhirCoverageRestController())->getAll($request->getQueryParams());
7677 RestConfig
::apiLog($return);
7683 * path="/fhir/Coverage/{uuid}",
7684 * description="Returns a single Coverage resource.",
7689 * description="The uuid for the Coverage resource.",
7697 * ref="#/components/responses/standard"
7701 * ref="#/components/responses/badrequest"
7705 * ref="#/components/responses/unauthorized"
7709 * ref="#/components/responses/uuidnotfound"
7711 * security={{"openemr_auth":{}}}
7716 * 1. Broken. Fix and then add standard response example.
7718 "GET /fhir/Coverage/:uuid" => function ($uuid, HttpRestRequest
$request) {
7719 RestConfig
::authorization_check("admin", "super");
7720 $return = (new FhirCoverageRestController())->getOne($uuid);
7721 RestConfig
::apiLog($return);
7727 * path="/fhir/Device",
7728 * description="Returns a list of Device resources.",
7733 * description="The uuid for the Device resource.",
7742 * description="The uuid for the patient.",
7750 * description="Standard Response",
7752 * mediaType="application/json",
7755 * property="json object",
7756 * description="FHIR Json object.",
7761 * "lastUpdated": "2021-09-14T09:13:51"
7763 * "resourceType": "Bundle",
7764 * "type": "collection",
7768 * "relation": "self",
7769 * "url": "https://localhost:9300/apis/default/fhir/Device"
7778 * ref="#/components/responses/badrequest"
7782 * ref="#/components/responses/unauthorized"
7784 * security={{"openemr_auth":{}}}
7787 "GET /fhir/Device" => function (HttpRestRequest
$request) {
7788 if ($request->isPatientRequest()) {
7789 // only allow access to data of binded patient
7790 $return = (new FhirDeviceRestController())->getAll($request->getQueryParams(), $request->getPatientUUIDString());
7792 RestConfig
::authorization_check("admin", "super");
7793 $return = (new FhirDeviceRestController())->getAll($request->getQueryParams());
7795 RestConfig
::apiLog($return);
7801 * path="/fhir/Device/{uuid}",
7802 * description="Returns a single Device resource.",
7807 * description="The uuid for the Device resource.",
7815 * description="Standard Response",
7817 * mediaType="application/json",
7820 * property="json object",
7821 * description="FHIR Json object.",
7825 * "id": "946dce19-c80a-402c-862a-eadf3f2377f0",
7828 * "lastUpdated": "2021-09-18T19:28:59+00:00"
7830 * "resourceType": "Device",
7833 * "deviceIdentifier": "08717648200274",
7834 * "carrierHRF": "=/08717648200274=,000025=A99971312345600=>014032=}013032&,1000000000000XYZ123"
7837 * "distinctIdentifier": "A99971312345600",
7838 * "manufactureDate": "2013-02-01",
7839 * "expirationDate": "2014-02-01",
7840 * "lotNumber": "000000000000XYZ123",
7841 * "serialNumber": "000025",
7845 * "valueCode": "unknown",
7846 * "url": "http://hl7.org/fhir/StructureDefinition/data-absent-reason"
7851 * "reference": "Patient/946da619-c631-431a-a282-487cd6fb7802",
7860 * ref="#/components/responses/badrequest"
7864 * ref="#/components/responses/unauthorized"
7868 * ref="#/components/responses/uuidnotfound"
7870 * security={{"openemr_auth":{}}}
7873 "GET /fhir/Device/:uuid" => function ($uuid, HttpRestRequest
$request) {
7874 if ($request->isPatientRequest()) {
7875 // only allow access to data of binded patient
7876 $return = (new FhirDeviceRestController())->getOne($uuid, $request->getPatientUUIDString());
7878 RestConfig
::authorization_check("admin", "super");
7879 $return = (new FhirDeviceRestController())->getOne($uuid);
7881 RestConfig
::apiLog($return);
7887 * path="/fhir/DiagnosticReport",
7888 * description="Returns a list of DiagnosticReport resources.",
7893 * description="The uuid for the DiagnosticReport resource.",
7902 * description="The uuid for the patient.",
7911 * description="The code of the DiagnosticReport resource.",
7920 * description="The category of the DiagnosticReport resource.",
7929 * description="The datetime of the DiagnosticReport resource.",
7937 * description="Standard Response",
7939 * mediaType="application/json",
7942 * property="json object",
7943 * description="FHIR Json object.",
7948 * "lastUpdated": "2021-09-14T09:13:51"
7950 * "resourceType": "Bundle",
7951 * "type": "collection",
7955 * "relation": "self",
7956 * "url": "https://localhost:9300/apis/default/fhir/DiagnosticReport"
7965 * ref="#/components/responses/badrequest"
7969 * ref="#/components/responses/unauthorized"
7971 * security={{"openemr_auth":{}}}
7974 "GET /fhir/DiagnosticReport" => function (HttpRestRequest
$request) {
7975 $getParams = $request->getQueryParams();
7976 if ($request->isPatientRequest()) {
7977 // only allow access to data of binded patient
7978 $return = (new FhirDiagnosticReportRestController())->getAll($getParams, $request->getPatientUUIDString());
7980 RestConfig
::authorization_check("admin", "super");
7981 $return = (new FhirDiagnosticReportRestController())->getAll($getParams);
7983 RestConfig
::apiLog($return);
7989 * path="/fhir/DiagnosticReport/{uuid}",
7990 * description="Returns a single DiagnosticReport resource.",
7995 * description="The uuid for the DiagnosticReport resource.",
8003 * description="Standard Response",
8005 * mediaType="application/json",
8008 * property="json object",
8009 * description="FHIR Json object.",
8013 * "id": "93fb2d6a-77ac-48ca-a12d-1a17e40007e3",
8016 * "lastUpdated": "2021-09-18T20:52:34+00:00"
8018 * "resourceType": "DiagnosticReport",
8019 * "status": "final",
8024 * "system": "http://loinc.org",
8025 * "code": "LP7839-6",
8026 * "display": "Pathology"
8034 * "system": "http://loinc.org",
8035 * "code": "11502-2",
8036 * "display": "Laboratory report"
8041 * "reference": "Patient/9353b8f5-0a87-4e2a-afd4-25341fdb0fbc",
8045 * "reference": "Encounter/93540818-cb5f-49df-b73b-83901bb793b6",
8046 * "type": "Encounter"
8048 * "effectiveDateTime": "2015-06-22T00:00:00+00:00",
8049 * "issued": "2015-06-22T00:00:00+00:00",
8052 * "reference": "Organization/935249b5-0ba6-4b5b-8863-a7a27d4c6350",
8053 * "type": "Organization"
8056 * "presentedForm": {
8058 * "contentType": "text/plain",
8059 * "data": "TXMgQWxpY2UgTmV3bWFuIHdhcyB0ZXN0ZWQgZm9yIHRoZSBVcmluYW5hbHlzaXMgbWFjcm8gcGFuZWwgYW5kIHRoZSByZXN1bHRzIGhhdmUgYmVlbiBmb3VuZCB0byBiZSANCm5vcm1hbC4="
8068 * ref="#/components/responses/badrequest"
8072 * ref="#/components/responses/unauthorized"
8076 * ref="#/components/responses/uuidnotfound"
8078 * security={{"openemr_auth":{}}}
8081 "GET /fhir/DiagnosticReport/:uuid" => function ($uuid, HttpRestRequest
$request) {
8082 $getParams = $request->getQueryParams();
8083 if ($request->isPatientRequest()) {
8084 // only allow access to data of binded patient
8085 $return = (new FhirDiagnosticReportRestController())->getOne($uuid, $request->getPatientUUIDString());
8087 RestConfig
::authorization_check("admin", "super");
8088 $return = (new FhirDiagnosticReportRestController())->getOne($uuid);
8090 RestConfig
::apiLog($return);
8096 * path="/fhir/DocumentReference",
8097 * description="Returns a list of DocumentReference resources.",
8102 * description="The uuid for the DocumentReference resource.",
8111 * description="The uuid for the patient.",
8120 * description="The type of the DocumentReference resource.",
8129 * description="The category of the DocumentReference resource.",
8138 * description="The datetime of the DocumentReference resource.",
8146 * description="Standard Response",
8148 * mediaType="application/json",
8151 * property="json object",
8152 * description="FHIR Json object.",
8157 * "lastUpdated": "2021-09-14T09:13:51"
8159 * "resourceType": "Bundle",
8160 * "type": "collection",
8164 * "relation": "self",
8165 * "url": "https://localhost:9300/apis/default/fhir/DocumentReference"
8174 * ref="#/components/responses/badrequest"
8178 * ref="#/components/responses/unauthorized"
8180 * security={{"openemr_auth":{}}}
8183 'GET /fhir/DocumentReference' => function (HttpRestRequest
$request) {
8184 $getParams = $request->getQueryParams();
8185 if ($request->isPatientRequest()) {
8186 // only allow access to data of binded patient
8187 $return = (new FhirDocumentReferenceRestController($request))->getAll($getParams, $request->getPatientUUIDString());
8189 RestConfig
::authorization_check("admin", "super");
8190 $return = (new FhirDocumentReferenceRestController($request))->getAll($getParams);
8192 RestConfig
::apiLog($return);
8198 * path="/fhir/DocumentReference/{uuid}",
8199 * description="Returns a single DocumentReference resource.",
8204 * description="The uuid for the DocumentReference resource.",
8212 * description="Standard Response",
8214 * mediaType="application/json",
8217 * property="json object",
8218 * description="FHIR Json object.",
8222 * "id": "946e7553-1aaa-49f8-8f81-ae15ccaa9165",
8225 * "lastUpdated": "2021-09-19T03:17:51+00:00"
8227 * "resourceType": "DocumentReference",
8230 * "value": "946e7553-1aaa-49f8-8f81-ae15ccaa9165"
8233 * "status": "current",
8237 * "system": "http://terminology.hl7.org/CodeSystem/v3-NullFlavor",
8239 * "display": "unknown"
8247 * "system": "https://localhost:9300/apis/default/fhir/ValueSet/openemr-document-types",
8248 * "code": "openemr-document",
8249 * "display": "OpenEMR Document"
8255 * "reference": "Patient/946da619-c631-431a-a282-487cd6fb7802",
8258 * "date": "2021-09-19T03:15:56+00:00",
8265 * "contentType": "image/gif",
8266 * "url": "https://localhost:9300/apis/default/fhir/Document/7/Binary"
8269 * "system": "http://ihe.net/fhir/ValueSet/IHE.FormatCode.codesystem",
8270 * "code": "urn:ihe:iti:xds:2017:mimeTypeSufficient",
8271 * "display": "mimeType Sufficient"
8281 * ref="#/components/responses/badrequest"
8285 * ref="#/components/responses/unauthorized"
8289 * ref="#/components/responses/uuidnotfound"
8291 * security={{"openemr_auth":{}}}
8294 "GET /fhir/DocumentReference/:uuid" => function ($uuid, HttpRestRequest
$request) {
8295 $getParams = $request->getQueryParams();
8296 if ($request->isPatientRequest()) {
8297 // only allow access to data of binded patient
8298 $return = (new FhirDocumentReferenceRestController($request))->getOne($uuid, $request->getPatientUUIDString());
8300 RestConfig
::authorization_check("admin", "super");
8301 $return = (new FhirDocumentReferenceRestController($request))->getOne($uuid);
8303 RestConfig
::apiLog($return);
8309 * path="/fhir/Document/{id}/Binary",
8310 * description="THIS ENDPOINT DOCUMENTATION IS UNDER CONSTRUCTION.",
8315 * description="The id for the Document.",
8323 * ref="#/components/responses/standard"
8327 * ref="#/components/responses/badrequest"
8331 * ref="#/components/responses/unauthorized"
8333 * security={{"openemr_auth":{}}}
8339 'GET /fhir/Document/:id/Binary' => function ($documentId, HttpRestRequest
$request) {
8340 // currently only allow users with the same permissions as export to take a file out
8341 // this could be relaxed to allow other types of files ie such as patient access etc.
8342 RestConfig
::authorization_check("admin", "users");
8344 // Grab the document id
8345 $docController = new \OpenEMR\RestControllers\FHIR\
FhirDocumentRestController($request);
8346 $response = $docController->downloadDocument($documentId, $request->getRequestUserId());
8352 * path="/fhir/Encounter",
8353 * description="Returns a list of Encounter resources.",
8358 * description="The uuid for the Encounter resource.",
8367 * description="The uuid for the patient.",
8376 * description="The datetime of the Encounter resource.",
8384 * description="Standard Response",
8386 * mediaType="application/json",
8389 * property="json object",
8390 * description="FHIR Json object.",
8395 * "lastUpdated": "2021-09-14T09:13:51"
8397 * "resourceType": "Bundle",
8398 * "type": "collection",
8402 * "relation": "self",
8403 * "url": "https://localhost:9300/apis/default/fhir/Encounter"
8412 * ref="#/components/responses/badrequest"
8416 * ref="#/components/responses/unauthorized"
8418 * security={{"openemr_auth":{}}}
8421 "GET /fhir/Encounter" => function (HttpRestRequest
$request) {
8422 $getParams = $request->getQueryParams();
8423 if ($request->isPatientRequest()) {
8424 // only allow access to data of binded patient
8425 $return = (new FhirEncounterRestController())->getAll($getParams, $request->getPatientUUIDString());
8427 RestConfig
::authorization_check("encounters", "auth_a");
8428 $return = (new FhirEncounterRestController())->getAll($getParams);
8430 RestConfig
::apiLog($return);
8436 * path="/fhir/Encounter/{uuid}",
8437 * description="Returns a single Encounter resource.",
8442 * description="The uuid for the Encounter resource.",
8450 * description="Standard Response",
8452 * mediaType="application/json",
8455 * property="json object",
8456 * description="FHIR Json object.",
8460 * "id": "946da61d-6b95-4f8e-abe5-534a25913b71",
8463 * "lastUpdated": "2021-09-19T06:27:41+00:00"
8465 * "resourceType": "Encounter",
8468 * "system": "urn:ietf:rfc:3986",
8469 * "value": "946da61d-6b95-4f8e-abe5-534a25913b71"
8472 * "status": "finished",
8474 * "system": "http://terminology.hl7.org/CodeSystem/v3-ActCode",
8476 * "display": "ambulatory"
8482 * "system": "http://snomed.info/sct",
8483 * "code": "185349003",
8484 * "display": "Encounter for check up (procedure)"
8490 * "reference": "Patient/946da61b-626b-4f88-81e2-adfb88f4f0fe",
8499 * "system": "http://terminology.hl7.org/CodeSystem/v3-ParticipationType",
8501 * "display": "Primary Performer"
8507 * "start": "2012-08-13T00:00:00+00:00"
8510 * "reference": "Practitioner/946da61d-ac5f-4fdc-b3f2-7b58dc49976b",
8511 * "type": "Practitioner"
8516 * "start": "2012-08-13T00:00:00+00:00"
8524 * ref="#/components/responses/badrequest"
8528 * ref="#/components/responses/unauthorized"
8532 * ref="#/components/responses/uuidnotfound"
8534 * security={{"openemr_auth":{}}}
8537 "GET /fhir/Encounter/:uuid" => function ($uuid, HttpRestRequest
$request) {
8538 if ($request->isPatientRequest()) {
8539 // only allow access to data of binded patient
8540 $return = (new FhirEncounterRestController())->getOne($uuid, $request->getPatientUUIDString());
8542 RestConfig
::authorization_check("admin", "super");
8543 $return = (new FhirEncounterRestController())->getOne($uuid);
8545 RestConfig
::apiLog($return);
8551 * path="/fhir/Goal",
8552 * description="Returns a list of Condition resources.",
8557 * description="The uuid for the Goal resource.",
8566 * description="The uuid for the patient.",
8574 * description="Standard Response",
8576 * mediaType="application/json",
8579 * property="json object",
8580 * description="FHIR Json object.",
8585 * "lastUpdated": "2021-09-14T09:13:51"
8587 * "resourceType": "Bundle",
8588 * "type": "collection",
8592 * "relation": "self",
8593 * "url": "https://localhost:9300/apis/default/fhir/Goal"
8602 * ref="#/components/responses/badrequest"
8606 * ref="#/components/responses/unauthorized"
8608 * security={{"openemr_auth":{}}}
8611 "GET /fhir/Goal" => function (HttpRestRequest
$request) {
8612 $getParams = $request->getQueryParams();
8613 if ($request->isPatientRequest()) {
8614 // only allow access to data of binded patient
8615 $return = (new FhirGoalRestController())->getAll($getParams, $request->getPatientUUIDString());
8617 RestConfig
::authorization_check("admin", "super");
8618 $return = (new FhirGoalRestController())->getAll($getParams);
8620 RestConfig
::apiLog($return);
8626 * path="/fhir/Goal/{uuid}",
8627 * description="Returns a single Goal resource.",
8632 * description="The uuid for the Goal resource.",
8640 * description="Standard Response",
8642 * mediaType="application/json",
8645 * property="json object",
8646 * description="FHIR Json object.",
8650 * "id": "946da61d-6b88-4d54-bdd6-4029e2ad9e3f_1",
8653 * "lastUpdated": "2021-09-19T06:45:58+00:00"
8655 * "resourceType": "Goal",
8656 * "lifecycleStatus": "active",
8658 * "text": "Eating more vegetables."
8661 * "reference": "Patient/946da619-c631-431a-a282-487cd6fb7802",
8669 * "valueCode": "unknown",
8670 * "url": "http://hl7.org/fhir/StructureDefinition/data-absent-reason"
8674 * "detailString": "Eating more vegetables.",
8675 * "dueDate": "2021-09-09"
8684 * ref="#/components/responses/badrequest"
8688 * ref="#/components/responses/unauthorized"
8692 * ref="#/components/responses/uuidnotfound"
8694 * security={{"openemr_auth":{}}}
8697 "GET /fhir/Goal/:uuid" => function ($uuid, HttpRestRequest
$request) {
8698 if ($request->isPatientRequest()) {
8699 // only allow access to data of binded patient
8700 $return = (new FhirGoalRestController())->getOne($uuid, $request->getPatientUUIDString());
8702 RestConfig
::authorization_check("admin", "super");
8703 $return = (new FhirGoalRestController())->getOne($uuid);
8705 RestConfig
::apiLog($return);
8711 * path="/fhir/Group",
8712 * description="Returns a list of Group resources.",
8717 * description="The uuid for the Group resource.",
8726 * description="The uuid for the patient.",
8734 * description="Standard Response",
8736 * mediaType="application/json",
8739 * property="json object",
8740 * description="FHIR Json object.",
8745 * "lastUpdated": "2021-09-14T09:13:51"
8747 * "resourceType": "Bundle",
8748 * "type": "collection",
8752 * "relation": "self",
8753 * "url": "https://localhost:9300/apis/default/fhir/Group"
8762 * ref="#/components/responses/badrequest"
8766 * ref="#/components/responses/unauthorized"
8768 * security={{"openemr_auth":{}}}
8774 'GET /fhir/Group' => function (HttpRestRequest
$request) {
8775 RestConfig
::authorization_check("admin", "users");
8776 $getParams = $request->getQueryParams();
8777 if ($request->isPatientRequest()) {
8778 // only allow access to data of binded patient
8779 $return = (new FhirGroupRestController())->getAll($getParams, $request->getPatientUUIDString());
8781 $return = (new FhirGroupRestController())->getAll($getParams);
8783 RestConfig
::apiLog($return);
8789 * path="/fhir/Group/{uuid}",
8790 * description="Returns a single Group resource.",
8795 * description="The uuid for the Group resource.",
8803 * ref="#/components/responses/standard"
8807 * ref="#/components/responses/badrequest"
8811 * ref="#/components/responses/unauthorized"
8815 * ref="#/components/responses/uuidnotfound"
8817 * security={{"openemr_auth":{}}}
8823 "GET /fhir/Group/:uuid" => function ($uuid, HttpRestRequest
$request) {
8824 RestConfig
::authorization_check("admin", "users");
8825 if ($request->isPatientRequest()) {
8826 // only allow access to data of binded patient
8827 $return = (new FhirGroupRestController())->getOne($uuid, $request->getPatientUUIDString());
8829 $return = (new FhirGroupRestController())->getOne($uuid);
8831 RestConfig
::apiLog($return);
8837 * path="/fhir/Group/{id}/$export",
8838 * description="THIS ENDPOINT DOCUMENTATION IS UNDER CONSTRUCTION.",
8842 * ref="#/components/responses/standard"
8846 * ref="#/components/responses/badrequest"
8850 * ref="#/components/responses/unauthorized"
8852 * security={{"openemr_auth":{}}}
8858 'GET /fhir/Group/:id/$export' => function ($groupId, HttpRestRequest
$request) {
8859 RestConfig
::authorization_check("admin", "users");
8860 $fhirExportService = new FhirExportRestController($request);
8861 $exportParams = $request->getQueryParams();
8862 $exportParams['groupId'] = $groupId;
8863 $return = $fhirExportService->processExport(
8866 $request->getHeader('Accept'),
8867 $request->getHeader('Prefer')
8869 RestConfig
::apiLog($return);
8875 * path="/fhir/Immunization",
8876 * description="Returns a list of Immunization resources.",
8881 * description="The uuid for the Immunization resource.",
8890 * description="The uuid for the patient.",
8898 * description="Standard Response",
8900 * mediaType="application/json",
8903 * property="json object",
8904 * description="FHIR Json object.",
8909 * "lastUpdated": "2021-09-14T09:13:51"
8911 * "resourceType": "Bundle",
8912 * "type": "collection",
8916 * "relation": "self",
8917 * "url": "https://localhost:9300/apis/default/fhir/Immunization"
8926 * ref="#/components/responses/badrequest"
8930 * ref="#/components/responses/unauthorized"
8932 * security={{"openemr_auth":{}}}
8937 * 1. Broken sql query.
8939 "GET /fhir/Immunization" => function (HttpRestRequest
$request) {
8940 $getParams = $request->getQueryParams();
8941 if ($request->isPatientRequest()) {
8942 // only allow access to data of binded patient
8943 $return = (new FhirImmunizationRestController())->getAll($getParams, $request->getPatientUUIDString());
8945 RestConfig
::authorization_check("patients", "med");
8946 $return = (new FhirImmunizationRestController())->getAll($getParams);
8948 RestConfig
::apiLog($return);
8954 * path="/fhir/Immunization/{uuid}",
8955 * description="Returns a single Immunization resource.",
8960 * description="The uuid for the Immunization resource.",
8968 * ref="#/components/responses/standard"
8972 * ref="#/components/responses/badrequest"
8976 * ref="#/components/responses/unauthorized"
8980 * ref="#/components/responses/uuidnotfound"
8982 * security={{"openemr_auth":{}}}
8987 * 1. Broken sql query.
8989 "GET /fhir/Immunization/:uuid" => function ($uuid, HttpRestRequest
$request) {
8990 if ($request->isPatientRequest()) {
8991 // only allow access to data of binded patient
8992 $return = (new FhirImmunizationRestController())->getOne($uuid, $request->getPatientUUIDString());
8994 RestConfig
::authorization_check("patients", "med");
8995 $return = (new FhirImmunizationRestController())->getOne($uuid);
8997 RestConfig
::apiLog($return);
9003 * path="/fhir/Location",
9004 * description="Returns a list of Location resources.",
9009 * description="The uuid for the Location resource.",
9017 * description="Standard Response",
9019 * mediaType="application/json",
9022 * property="json object",
9023 * description="FHIR Json object.",
9028 * "lastUpdated": "2021-09-14T09:13:51"
9030 * "resourceType": "Bundle",
9031 * "type": "collection",
9035 * "relation": "self",
9036 * "url": "https://localhost:9300/apis/default/fhir/Location"
9045 * ref="#/components/responses/badrequest"
9049 * ref="#/components/responses/unauthorized"
9051 * security={{"openemr_auth":{}}}
9054 "GET /fhir/Location" => function (HttpRestRequest
$request) {
9055 $return = (new FhirLocationRestController())->getAll($request->getQueryParams(), $request->getPatientUUIDString());
9056 RestConfig
::apiLog($return);
9062 * path="/fhir/Location/{uuid}",
9063 * description="Returns a single Location resource.",
9068 * description="The uuid for the Location resource.",
9076 * description="Standard Response",
9078 * mediaType="application/json",
9081 * property="json object",
9082 * description="FHIR Json object.",
9086 * "id": "946da61d-c4f2-4f03-a2a7-b571f6a24b65",
9089 * "lastUpdated": "2021-09-19T08:14:58+00:00"
9091 * "resourceType": "Location",
9092 * "status": "active",
9093 * "name": "Your Clinic Name Here",
9096 * "system": "phone",
9097 * "value": "000-000-0000"
9101 * "value": "000-000-0000"
9110 * ref="#/components/responses/badrequest"
9114 * ref="#/components/responses/unauthorized"
9118 * ref="#/components/responses/uuidnotfound"
9120 * security={{"openemr_auth":{}}}
9123 "GET /fhir/Location/:uuid" => function ($uuid, HttpRestRequest
$request) {
9124 $return = (new FhirLocationRestController())->getOne($uuid, $request->getPatientUUIDString());
9125 RestConfig
::apiLog($return);
9131 * path="/fhir/Medication",
9132 * description="Returns a list of Medication resources.",
9136 * description="Standard Response",
9138 * mediaType="application/json",
9141 * property="json object",
9142 * description="FHIR Json object.",
9147 * "lastUpdated": "2021-09-14T09:13:51"
9149 * "resourceType": "Bundle",
9150 * "type": "collection",
9154 * "relation": "self",
9155 * "url": "https://localhost:9300/apis/default/fhir/Medication"
9164 * ref="#/components/responses/badrequest"
9168 * ref="#/components/responses/unauthorized"
9170 * security={{"openemr_auth":{}}}
9173 "GET /fhir/Medication" => function (HttpRestRequest
$request) {
9174 RestConfig
::authorization_check("patients", "med");
9175 $return = (new FhirMedicationRestController())->getAll($request->getQueryParams());
9176 RestConfig
::apiLog($return);
9182 * path="/fhir/Medication/{uuid}",
9183 * description="Returns a single Medication resource.",
9188 * description="The uuid for the Medication resource.",
9196 * ref="#/components/responses/standard"
9200 * ref="#/components/responses/badrequest"
9204 * ref="#/components/responses/unauthorized"
9208 * ref="#/components/responses/uuidnotfound"
9210 * security={{"openemr_auth":{}}}
9215 * 1. Broken uuid validation.
9217 "GET /fhir/Medication/:uuid" => function ($uuid, HttpRestRequest
$request) {
9218 RestConfig
::authorization_check("patients", "med");
9219 $return = (new FhirMedicationRestController())->getOne($uuid);
9220 RestConfig
::apiLog($return);
9226 * path="/fhir/MedicationRequest",
9227 * description="Returns a list of MedicationRequest resources.",
9232 * description="The uuid for the MedicationRequest resource.",
9241 * description="The uuid for the patient.",
9250 * description="The intent of the MedicationRequest resource.",
9259 * description="The status of the MedicationRequest resource.",
9267 * description="Standard Response",
9269 * mediaType="application/json",
9272 * property="json object",
9273 * description="FHIR Json object.",
9278 * "lastUpdated": "2021-09-14T09:13:51"
9280 * "resourceType": "Bundle",
9281 * "type": "collection",
9285 * "relation": "self",
9286 * "url": "https://localhost:9300/apis/default/fhir/MedicationRequest"
9295 * ref="#/components/responses/badrequest"
9299 * ref="#/components/responses/unauthorized"
9301 * security={{"openemr_auth":{}}}
9304 "GET /fhir/MedicationRequest" => function (HttpRestRequest
$request) {
9305 $getParams = $request->getQueryParams();
9306 if ($request->isPatientRequest()) {
9307 // only allow access to data of binded patient
9308 $return = (new FhirMedicationRequestRestController())->getAll($getParams, $request->getPatientUUIDString());
9310 RestConfig
::authorization_check("patients", "med");
9311 $return = (new FhirMedicationRequestRestController())->getAll($getParams);
9313 RestConfig
::apiLog($return);
9319 * path="/fhir/MedicationRequest/{uuid}",
9320 * description="Returns a single MedicationRequest resource.",
9325 * description="The uuid for the MedicationRequest resource.",
9333 * description="Standard Response",
9335 * mediaType="application/json",
9338 * property="json object",
9339 * description="FHIR Json object.",
9343 * "id": "946da61d-9cff-4416-8d27-805f19f9d7d8",
9346 * "lastUpdated": "2021-09-20T04:03:14+00:00"
9348 * "resourceType": "MedicationRequest",
9349 * "status": "active",
9350 * "intent": "order",
9355 * "system": "http://terminology.hl7.org/CodeSystem/medicationrequest-category",
9356 * "code": "community",
9357 * "display": "Home/Community"
9362 * "reportedBoolean": false,
9363 * "medicationCodeableConcept": {
9366 * "system": "http://www.nlm.nih.gov/research/umls/rxnorm",
9367 * "code": "1738139",
9368 * "display": "Acetaminophen 325 MG Oral Tablet"
9373 * "reference": "Patient/946da617-1a4a-4b2c-ae66-93b84377cb1e",
9376 * "authoredOn": "2021-09-18T00:00:00+00:00",
9378 * "reference": "Practitioner/946da61d-ac5f-4fdc-b3f2-7b58dc49976b",
9379 * "type": "Practitioner"
9387 * ref="#/components/responses/badrequest"
9391 * ref="#/components/responses/unauthorized"
9395 * ref="#/components/responses/uuidnotfound"
9397 * security={{"openemr_auth":{}}}
9400 "GET /fhir/MedicationRequest/:uuid" => function ($uuid, HttpRestRequest
$request) {
9401 if ($request->isPatientRequest()) {
9402 // only allow access to data of binded patient
9403 $return = (new FhirMedicationRequestRestController())->getOne($uuid, $request->getPatientUUIDString());
9405 RestConfig
::authorization_check("patients", "med");
9406 $return = (new FhirMedicationRequestRestController())->getOne($uuid);
9408 RestConfig
::apiLog($return);
9414 * path="/fhir/Observation",
9415 * description="Returns a list of Observation resources.",
9420 * description="The uuid for the Observation resource.",
9429 * description="The uuid for the patient.",
9438 * description="The code of the Observation resource.",
9447 * description="The category of the Observation resource.",
9456 * description="The datetime of the Observation resource.",
9464 * description="Standard Response",
9466 * mediaType="application/json",
9469 * property="json object",
9470 * description="FHIR Json object.",
9475 * "lastUpdated": "2021-09-14T09:13:51"
9477 * "resourceType": "Bundle",
9478 * "type": "collection",
9482 * "relation": "self",
9483 * "url": "https://localhost:9300/apis/default/fhir/Observation"
9492 * ref="#/components/responses/badrequest"
9496 * ref="#/components/responses/unauthorized"
9498 * security={{"openemr_auth":{}}}
9501 "GET /fhir/Observation" => function (HttpRestRequest
$request) {
9502 $getParams = $request->getQueryParams();
9503 if ($request->isPatientRequest()) {
9504 // only allow access to data of binded patient
9505 $return = (new FhirObservationRestController())->getAll($getParams, $request->getPatientUUIDString());
9507 RestConfig
::authorization_check("patients", "med");
9508 $return = (new FhirObservationRestController())->getAll($getParams);
9510 RestConfig
::apiLog($return);
9516 * path="/fhir/Observation/{uuid}",
9517 * description="Returns a single Observation resource.",
9522 * description="The uuid for the Observation resource.",
9530 * description="Standard Response",
9532 * mediaType="application/json",
9535 * property="json object",
9536 * description="FHIR Json object.",
9540 * "id": "946da61e-0597-485e-9dfd-a87205ea56b3",
9543 * "lastUpdated": "2021-09-20T04:12:16+00:00"
9545 * "resourceType": "Observation",
9546 * "status": "final",
9551 * "system": "http://terminology.hl7.org/CodeSystem/observation-category",
9552 * "code": "vital-signs"
9560 * "system": "http://loinc.org",
9561 * "code": "85354-9",
9562 * "display": "Blood pressure systolic and diastolic"
9567 * "reference": "Patient/946da619-c631-431a-a282-487cd6fb7802",
9570 * "effectiveDateTime": "2015-08-31T00:00:00+00:00",
9576 * "system": "http://loinc.org",
9578 * "display": "Systolic blood pressure"
9582 * "valueQuantity": {
9585 * "system": "http://unitsofmeasure.org",
9593 * "system": "http://loinc.org",
9595 * "display": "Diastolic blood pressure"
9599 * "valueQuantity": {
9602 * "system": "http://unitsofmeasure.org",
9613 * ref="#/components/responses/badrequest"
9617 * ref="#/components/responses/unauthorized"
9621 * ref="#/components/responses/uuidnotfound"
9623 * security={{"openemr_auth":{}}}
9626 "GET /fhir/Observation/:uuid" => function ($uuid, HttpRestRequest
$request) {
9627 if ($request->isPatientRequest()) {
9628 // only allow access to data of binded patient
9629 $return = (new FhirObservationRestController())->getOne($uuid, $request->getPatientUUIDString());
9631 RestConfig
::authorization_check("patients", "med");
9632 $return = (new FhirObservationRestController())->getOne($uuid);
9634 RestConfig
::apiLog($return);
9640 * path="/fhir/Organization",
9641 * description="Returns a list of Organization resources.",
9646 * description="The uuid for the Organization resource.",
9655 * description="The name of the Organization resource.",
9664 * description="The email of the Organization resource.",
9673 * description="The phone of the Organization resource.",
9682 * description="The telecom of the Organization resource.",
9691 * description="The address of the Organization resource.",
9698 * name="address-city",
9700 * description="The address-city of the Organization resource.",
9707 * name="address-postalcode",
9709 * description="The address-postalcode of the Organization resource.",
9716 * name="address-state",
9718 * description="The address-state of the Organization resource.",
9726 * description="Standard Response",
9728 * mediaType="application/json",
9731 * property="json object",
9732 * description="FHIR Json object.",
9737 * "lastUpdated": "2021-09-14T09:13:51"
9739 * "resourceType": "Bundle",
9740 * "type": "collection",
9744 * "relation": "self",
9745 * "url": "https://localhost:9300/apis/default/fhir/Organization"
9754 * ref="#/components/responses/badrequest"
9758 * ref="#/components/responses/unauthorized"
9760 * security={{"openemr_auth":{}}}
9763 "GET /fhir/Organization" => function (HttpRestRequest
$request) {
9764 if (!$request->isPatientRequest()) {
9765 RestConfig
::authorization_check("admin", "users");
9767 $return = (new FhirOrganizationRestController())->getAll($request->getQueryParams());
9768 RestConfig
::apiLog($return);
9774 * path="/fhir/Organization/{uuid}",
9775 * description="Returns a single Organization resource.",
9780 * description="The uuid for the Organization resource.",
9788 * description="Standard Response",
9790 * mediaType="application/json",
9793 * property="json object",
9794 * description="FHIR Json object.",
9798 * "id": "946da616-fae2-409d-b24d-56425bfb3316",
9801 * "lastUpdated": "2021-09-21T16:47:36+00:00"
9803 * "resourceType": "Organization",
9805 * "status": "generated",
9806 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""> <p>Your Clinic Name Here</p></div>"
9813 * "system": "http://terminology.hl7.org/CodeSystem/organization-type",
9815 * "display": "Healthcare Provider"
9820 * "name": "Your Clinic Name Here",
9823 * "system": "phone",
9824 * "value": "000-000-0000",
9829 * "value": "000-000-0000",
9842 * ref="#/components/responses/badrequest"
9846 * ref="#/components/responses/unauthorized"
9850 * ref="#/components/responses/uuidnotfound"
9852 * security={{"openemr_auth":{}}}
9855 "GET /fhir/Organization/:uuid" => function ($uuid, HttpRestRequest
$request) {
9856 $patientUUID = null;
9857 if (!$request->isPatientRequest()) {
9858 RestConfig
::authorization_check("admin", "users");
9860 $patientUUID = $request->getPatientUUIDString();
9862 $return = (new FhirOrganizationRestController())->getOne($uuid, $patientUUID);
9864 RestConfig
::apiLog($return);
9870 * path="/fhir/Organization",
9871 * description="Adds a Organization resource.",
9876 * mediaType="application/json",
9878 * description="The json object for the Organization resource.",
9885 * ref="#/components/responses/standard"
9889 * ref="#/components/responses/badrequest"
9893 * ref="#/components/responses/unauthorized"
9895 * security={{"openemr_auth":{}}}
9901 "POST /fhir/Organization" => function (HttpRestRequest
$request) {
9902 RestConfig
::authorization_check("admin", "super");
9903 $data = (array) (json_decode(file_get_contents("php://input"), true));
9904 $return = (new FhirOrganizationRestController())->post($data);
9905 RestConfig
::apiLog($return, $data);
9911 * path="/fhir/Organization/{uuid}",
9912 * description="Modifies a Organization resource.",
9917 * description="The uuid for the organization.",
9926 * mediaType="application/json",
9928 * description="The json object for the Organization resource.",
9935 * ref="#/components/responses/standard"
9939 * ref="#/components/responses/badrequest"
9943 * ref="#/components/responses/unauthorized"
9945 * security={{"openemr_auth":{}}}
9951 "PUT /fhir/Organization/:uuid" => function ($uuid, HttpRestRequest
$request) {
9952 RestConfig
::authorization_check("admin", "super");
9953 $data = (array) (json_decode(file_get_contents("php://input"), true));
9954 $return = (new FhirOrganizationRestController())->patch($uuid, $data);
9955 RestConfig
::apiLog($return, $data);
9961 * path="/fhir/Patient",
9962 * description="Adds a Patient resource.",
9967 * mediaType="application/json",
9969 * description="The json object for the Patient resource.",
9976 * ref="#/components/responses/standard"
9980 * ref="#/components/responses/badrequest"
9984 * ref="#/components/responses/unauthorized"
9986 * security={{"openemr_auth":{}}}
9992 "POST /fhir/Patient" => function (HttpRestRequest
$request) {
9993 RestConfig
::authorization_check("patients", "demo");
9994 $data = (array) (json_decode(file_get_contents("php://input"), true));
9995 $return = (new FhirPatientRestController())->post($data);
9996 RestConfig
::apiLog($return, $data);
10002 * path="/fhir/Patient/{uuid}",
10003 * description="Modifies a Patient resource.",
10008 * description="The uuid for the Patient resource.",
10017 * mediaType="application/json",
10019 * description="The json object for the Patient resource.",
10026 * ref="#/components/responses/standard"
10030 * ref="#/components/responses/badrequest"
10034 * ref="#/components/responses/unauthorized"
10036 * security={{"openemr_auth":{}}}
10042 "PUT /fhir/Patient/:uuid" => function ($uuid, HttpRestRequest
$request) {
10043 RestConfig
::authorization_check("patients", "demo");
10044 $data = (array) (json_decode(file_get_contents("php://input"), true));
10045 $return = (new FhirPatientRestController())->put($uuid, $data);
10046 RestConfig
::apiLog($return, $data);
10052 * path="/fhir/Patient",
10053 * description="Returns a list of Patient resources.",
10058 * description="The uuid for the Patient resource.",
10065 * name="identifier",
10067 * description="The identifier of the Patient resource.",
10076 * description="The name of the Patient resource.",
10083 * name="birthdate",
10085 * description="The birthdate of the Patient resource.",
10094 * description="The gender of the Patient resource.",
10103 * description="The address of the Patient resource.",
10110 * name="address-city",
10112 * description="The address-city of the Patient resource.",
10119 * name="address-postalcode",
10121 * description="The address-postalcode of the Patient resource.",
10128 * name="address-state",
10130 * description="The address-state of the Patient resource.",
10139 * description="The email of the Patient resource.",
10148 * description="The family name of the Patient resource.",
10157 * description="The given name of the Patient resource.",
10166 * description="The phone number of the Patient resource.",
10175 * description="The fax number of the Patient resource.",
10183 * description="Standard Response",
10185 * mediaType="application/json",
10188 * property="json object",
10189 * description="FHIR Json object.",
10194 * "lastUpdated": "2021-09-14T09:13:51"
10196 * "resourceType": "Bundle",
10197 * "type": "collection",
10201 * "relation": "self",
10202 * "url": "https://localhost:9300/apis/default/fhir/Patient"
10211 * ref="#/components/responses/badrequest"
10215 * ref="#/components/responses/unauthorized"
10217 * security={{"openemr_auth":{}}}
10220 "GET /fhir/Patient" => function (HttpRestRequest
$request) {
10221 $params = $request->getQueryParams();
10222 if ($request->isPatientRequest()) {
10223 // only allow access to data of binded patient
10224 // Note in Patient context still have to return a bundle even if it is just one resource. (ie.
10225 // need to use getAll rather than getOne)
10226 $params['_id'] = $request->getPatientUUIDString();
10227 $return = (new FhirPatientRestController())->getAll($params, $request->getPatientUUIDString());
10229 RestConfig
::authorization_check("patients", "demo");
10230 $return = (new FhirPatientRestController())->getAll($params);
10232 RestConfig
::apiLog($return);
10238 * path="/fhir/Patient/$export",
10239 * description="THIS ENDPOINT DOCUMENTATION IS UNDER CONSTRUCTION.",
10243 * ref="#/components/responses/standard"
10247 * ref="#/components/responses/badrequest"
10251 * ref="#/components/responses/unauthorized"
10253 * security={{"openemr_auth":{}}}
10259 // we have to have the bulk fhir export operation here otherwise it will match $export to the patient $id
10260 'GET /fhir/Patient/$export' => function (HttpRestRequest
$request) {
10261 RestConfig
::authorization_check("admin", "users");
10262 $fhirExportService = new FhirExportRestController($request);
10263 $return = $fhirExportService->processExport(
10264 $request->getQueryParams(),
10266 $request->getHeader('Accept'),
10267 $request->getHeader('Prefer')
10269 RestConfig
::apiLog($return);
10275 * path="/fhir/Patient/{uuid}",
10276 * description="Returns a single Patient resource.",
10281 * description="The uuid for the Patient resource.",
10289 * description="Standard Response",
10291 * mediaType="application/json",
10294 * property="json object",
10295 * description="FHIR Json object.",
10299 * "id": "946da617-1a4a-4b2c-ae66-93b84377cb1e",
10301 * "versionId": "1",
10302 * "lastUpdated": "2021-09-21T17:08:03+00:00"
10304 * "resourceType": "Patient",
10306 * "status": "generated",
10307 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""> <p>Aurore252 Von197</p></div>"
10311 * "valueCode": "F",
10312 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-birthsex"
10318 * "system": "urn:oid:2.16.840.1.113883.6.238",
10319 * "code": "1006-6",
10320 * "display": "Abenaki"
10322 * "url": "ombCategory"
10325 * "valueString": "Abenaki",
10329 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-race"
10334 * "valueString": "Declined To Specify",
10338 * "url": "http://hl7.org/fhir/us/core/StructureDefinition/us-core-ethnicity"
10343 * "use": "official",
10347 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
10352 * "system": "http://terminology.hl7.org/CodeSystem/v2-0203",
10359 * "use": "official",
10360 * "family": "Von197",
10366 * "gender": "female",
10367 * "birthDate": "1970-07-03",
10373 * "city": "Boston",
10374 * "state": "Massachusetts",
10375 * "postalCode": "02215",
10377 * "start": "2020-09-21T17:08:03.532+00:00"
10381 * "communication": {
10386 * "system": "http://terminology.hl7.org/CodeSystem/data-absent-reason",
10387 * "code": "unknown",
10388 * "display": "Unknown"
10400 * ref="#/components/responses/badrequest"
10404 * ref="#/components/responses/unauthorized"
10408 * ref="#/components/responses/uuidnotfound"
10410 * security={{"openemr_auth":{}}}
10413 "GET /fhir/Patient/:uuid" => function ($uuid, HttpRestRequest
$request) {
10414 if ($request->isPatientRequest()) {
10415 // only allow access to data of binded patient
10416 if (empty($id) ||
($id != $request->getPatientUUIDString())) {
10417 throw new AccessDeniedException("patients", "demo", "patient id invalid");
10419 $id = $request->getPatientUUIDString();
10421 RestConfig
::authorization_check("patients", "demo");
10423 $return = (new FhirPatientRestController())->getOne($uuid);
10424 RestConfig
::apiLog($return);
10430 * path="/fhir/Person",
10431 * description="Returns a list of Person resources.",
10436 * description="The name of the Person resource.",
10445 * description="The active status of the Person resource.",
10454 * description="The address of the Person resource.",
10461 * name="address-city",
10463 * description="The address-city of the Person resource.",
10470 * name="address-postalcode",
10472 * description="The address-postalcode of the Person resource.",
10479 * name="address-state",
10481 * description="The address-state of the Person resource.",
10490 * description="The email of the Person resource.",
10499 * description="The family name of the Person resource.",
10508 * description="The given name of the Person resource.",
10517 * description="The phone number of the Person resource.",
10526 * description="The fax number of the Person resource.",
10534 * description="Standard Response",
10536 * mediaType="application/json",
10539 * property="json object",
10540 * description="FHIR Json object.",
10545 * "lastUpdated": "2021-09-14T09:13:51"
10547 * "resourceType": "Bundle",
10548 * "type": "collection",
10552 * "relation": "self",
10553 * "url": "https://localhost:9300/apis/default/fhir/Person"
10562 * ref="#/components/responses/badrequest"
10566 * ref="#/components/responses/unauthorized"
10568 * security={{"openemr_auth":{}}}
10573 * 1. Broken sql query.
10575 "GET /fhir/Person" => function (HttpRestRequest
$request) {
10576 RestConfig
::authorization_check("admin", "users");
10577 $return = (new FhirPersonRestController())->getAll($request->getQueryParams());
10578 RestConfig
::apiLog($return);
10584 * path="/fhir/Person/{uuid}",
10585 * description="Returns a single Person resource.",
10590 * description="The uuid for the Person resource.",
10598 * ref="#/components/responses/standard"
10602 * ref="#/components/responses/badrequest"
10606 * ref="#/components/responses/unauthorized"
10610 * ref="#/components/responses/uuidnotfound"
10612 * security={{"openemr_auth":{}}}
10617 * 1. Broken sql query.
10619 "GET /fhir/Person/:uuid" => function ($uuid, HttpRestRequest
$request) {
10620 RestConfig
::authorization_check("admin", "users");
10621 $return = (new FhirPersonRestController())->getOne($uuid);
10622 RestConfig
::apiLog($return);
10628 * path="/fhir/Practitioner",
10629 * description="Returns a list of Practitioner resources.",
10634 * description="The uuid for the Practitioner resource.",
10643 * description="The name of the Practitioner resource.",
10652 * description="The active status of the Practitioner resource.",
10661 * description="The address of the Practitioner resource.",
10668 * name="address-city",
10670 * description="The address-city of the Practitioner resource.",
10677 * name="address-postalcode",
10679 * description="The address-postalcode of the Practitioner resource.",
10686 * name="address-state",
10688 * description="The address-state of the Practitioner resource.",
10697 * description="The email of the Practitioner resource.",
10706 * description="The family name of the Practitioner resource.",
10715 * description="The given name of the Practitioner resource.",
10724 * description="The phone number of the Practitioner resource.",
10733 * description="The fax number of the Practitioner resource.",
10741 * description="Standard Response",
10743 * mediaType="application/json",
10746 * property="json object",
10747 * description="FHIR Json object.",
10752 * "lastUpdated": "2021-09-14T09:13:51"
10754 * "resourceType": "Bundle",
10755 * "type": "collection",
10759 * "relation": "self",
10760 * "url": "https://localhost:9300/apis/default/fhir/Practitioner"
10769 * ref="#/components/responses/badrequest"
10773 * ref="#/components/responses/unauthorized"
10775 * security={{"openemr_auth":{}}}
10778 "GET /fhir/Practitioner" => function (HttpRestRequest
$request) {
10780 // TODO: @adunsulag talk with brady.miller about patients needing access to any practitioner resource
10781 // that is referenced in connected patient resources -- such as AllergyIntollerance.
10782 // I don't believe patients are assigned to a particular practitioner
10783 // should we allow just open api access to admin information? Should we restrict particular pieces
10784 // of data in the practitioner side (phone number, address information) based on a permission set?
10785 if (!$request->isPatientRequest()) {
10786 RestConfig
::authorization_check("admin", "users");
10788 $return = (new FhirPractitionerRestController())->getAll($request->getQueryParams());
10789 RestConfig
::apiLog($return);
10795 * path="/fhir/Practitioner/{uuid}",
10796 * description="Returns a single Practitioner resource.",
10801 * description="The uuid for the Practitioner resource.",
10809 * description="Standard Response",
10811 * mediaType="application/json",
10814 * property="json object",
10815 * description="FHIR Json object.",
10819 * "id": "9473b0cf-e969-4eaa-8044-51037767fa4f",
10821 * "versionId": "1",
10822 * "lastUpdated": "2021-09-21T17:41:57+00:00"
10824 * "resourceType": "Practitioner",
10826 * "status": "generated",
10827 * "div": "<div xmlns=""http://www.w3.org/1999/xhtml""> <p>Billy Smith</p></div>"
10831 * "system": "http://hl7.org/fhir/sid/us-npi",
10832 * "value": "11223344554543"
10838 * "use": "official",
10839 * "family": "Smith",
10851 * ref="#/components/responses/badrequest"
10855 * ref="#/components/responses/unauthorized"
10859 * ref="#/components/responses/uuidnotfound"
10861 * security={{"openemr_auth":{}}}
10864 "GET /fhir/Practitioner/:uuid" => function ($uuid, HttpRestRequest
$request) {
10865 // TODO: @adunsulag talk with brady.miller about patients needing access to any practitioner resource
10866 // that is referenced in connected patient resources -- such as AllergyIntollerance.
10867 // I don't believe patients are assigned to a particular practitioner
10868 // should we allow just open api access to admin information? Should we restrict particular pieces
10869 // of data in the practitioner side (phone number, address information) based on a permission set?
10870 if (!$request->isPatientRequest()) {
10871 RestConfig
::authorization_check("admin", "users");
10873 $return = (new FhirPractitionerRestController())->getOne($uuid);
10874 RestConfig
::apiLog($return);
10880 * path="/fhir/Practitioner",
10881 * description="Adds a Practitioner resources.",
10886 * mediaType="application/json",
10888 * description="The json object for the Practitioner resource.",
10895 * ref="#/components/responses/standard"
10899 * ref="#/components/responses/badrequest"
10903 * ref="#/components/responses/unauthorized"
10905 * security={{"openemr_auth":{}}}
10910 * 1. Broken sql query.
10912 "POST /fhir/Practitioner" => function (HttpRestRequest
$request) {
10913 RestConfig
::authorization_check("admin", "users");
10914 $data = (array) (json_decode(file_get_contents("php://input"), true));
10915 $return = (new FhirPractitionerRestController())->post($data);
10916 RestConfig
::apiLog($return, $data);
10922 * path="/fhir/Practitioner/{uuid}",
10923 * description="Modify a Practitioner resource.",
10928 * description="The uuid for the Practitioner resource.",
10937 * mediaType="application/json",
10939 * description="The json object for the Practitioner resource.",
10946 * ref="#/components/responses/standard"
10950 * ref="#/components/responses/badrequest"
10954 * ref="#/components/responses/unauthorized"
10956 * security={{"openemr_auth":{}}}
10961 * 1. Broken sql query.
10963 "PUT /fhir/Practitioner/:uuid" => function ($uuid, HttpRestRequest
$request) {
10964 RestConfig
::authorization_check("admin", "users");
10965 $data = (array) (json_decode(file_get_contents("php://input"), true));
10966 $return = (new FhirPractitionerRestController())->patch($uuid, $data);
10967 RestConfig
::apiLog($return, $data);
10973 * path="/fhir/PractitionerRole",
10974 * description="Returns a list of PractitionerRole resources.",
10977 * name="specialty",
10979 * description="The specialty of the PractitionerRole resource.",
10986 * name="practitioner",
10988 * description="The practitioner of the PractitionerRole resource.",
10996 * description="Standard Response",
10998 * mediaType="application/json",
11001 * property="json object",
11002 * description="FHIR Json object.",
11007 * "lastUpdated": "2021-09-14T09:13:51"
11009 * "resourceType": "Bundle",
11010 * "type": "collection",
11014 * "relation": "self",
11015 * "url": "https://localhost:9300/apis/default/fhir/PractitionerRole"
11024 * ref="#/components/responses/badrequest"
11028 * ref="#/components/responses/unauthorized"
11030 * security={{"openemr_auth":{}}}
11033 "GET /fhir/PractitionerRole" => function (HttpRestRequest
$request) {
11034 RestConfig
::authorization_check("admin", "users");
11035 $return = (new FhirPractitionerRoleRestController())->getAll($request->getQueryParams());
11036 RestConfig
::apiLog($return);
11042 * path="/fhir/PractitionerRole/{uuid}",
11043 * description="Returns a single PractitionerRole resource.",
11048 * description="The uuid for the PractitionerRole resource.",
11056 * ref="#/components/responses/standard"
11060 * ref="#/components/responses/badrequest"
11064 * ref="#/components/responses/unauthorized"
11068 * ref="#/components/responses/uuidnotfound"
11070 * security={{"openemr_auth":{}}}
11075 * 1. Broken _id validation.
11077 "GET /fhir/PractitionerRole/:uuid" => function ($uuid, HttpRestRequest
$request) {
11078 RestConfig
::authorization_check("admin", "users");
11079 $return = (new FhirPractitionerRoleRestController())->getOne($uuid);
11080 RestConfig
::apiLog($return);
11086 * path="/fhir/Procedure",
11087 * description="Returns a list of Procedure resources.",
11092 * description="The uuid for the Procedure resource.",
11101 * description="The uuid for the patient.",
11110 * description="The datetime of the Procedure resource.",
11118 * description="Standard Response",
11120 * mediaType="application/json",
11123 * property="json object",
11124 * description="FHIR Json object.",
11129 * "lastUpdated": "2021-09-14T09:13:51"
11131 * "resourceType": "Bundle",
11132 * "type": "collection",
11136 * "relation": "self",
11137 * "url": "https://localhost:9300/apis/default/fhir/Procedure"
11146 * ref="#/components/responses/badrequest"
11150 * ref="#/components/responses/unauthorized"
11152 * security={{"openemr_auth":{}}}
11157 * 1. Broken sql query.
11159 "GET /fhir/Procedure" => function (HttpRestRequest
$request) {
11160 if ($request->isPatientRequest()) {
11161 // only allow access to data of binded patient
11162 $return = (new FhirProcedureRestController())->getAll($request->getQueryParams(), $request->getPatientUUIDString());
11164 RestConfig
::authorization_check("patients", "med");
11165 $return = (new FhirProcedureRestController())->getAll($request->getQueryParams());
11167 RestConfig
::apiLog($return);
11173 * path="/fhir/Procedure/{uuid}",
11174 * description="Returns a single Procedure resource.",
11179 * description="The uuid for the Procedure resource.",
11187 * ref="#/components/responses/standard"
11191 * ref="#/components/responses/badrequest"
11195 * ref="#/components/responses/unauthorized"
11199 * ref="#/components/responses/uuidnotfound"
11201 * security={{"openemr_auth":{}}}
11206 * 1. Broken sql query.
11208 "GET /fhir/Procedure/:uuid" => function ($uuid, HttpRestRequest
$request) {
11209 if ($request->isPatientRequest()) {
11210 // only allow access to data of binded patient
11211 $return = (new FhirProcedureRestController())->getOne($uuid, $request->getPatientUUIDString());
11213 RestConfig
::authorization_check("patients", "med");
11214 $return = (new FhirProcedureRestController())->getOne($uuid);
11216 RestConfig
::apiLog($return);
11222 * path="/fhir/Provenance/{uuid}",
11223 * description="Returns a single Provenance resource.",
11228 * description="The uuid for the Provenance resource.",
11236 * ref="#/components/responses/standard"
11240 * ref="#/components/responses/badrequest"
11244 * ref="#/components/responses/unauthorized"
11248 * ref="#/components/responses/uuidnotfound"
11250 * security={{"openemr_auth":{}}}
11256 "GET /fhir/Provenance/:uuid" => function ($uuid, HttpRestRequest
$request) {
11257 if ($request->isPatientRequest()) {
11258 // only allow access to data of binded patient
11259 $return = (new FhirProvenanceRestController($request))->getOne($uuid, $request->getPatientUUIDString());
11261 RestConfig
::authorization_check("admin", "super");
11262 $return = (new FhirProvenanceRestController($request))->getOne($uuid);
11264 RestConfig
::apiLog($return);
11270 * path="/fhir/Provenance",
11271 * description="Returns a list of Provenance resources.",
11276 * description="The uuid for the Provenance resource.",
11284 * description="Standard Response",
11286 * mediaType="application/json",
11289 * property="json object",
11290 * description="FHIR Json object.",
11295 * "lastUpdated": "2021-09-14T09:13:51"
11297 * "resourceType": "Bundle",
11298 * "type": "collection",
11302 * "relation": "self",
11303 * "url": "https://localhost:9300/apis/default/fhir/Provenance"
11312 * ref="#/components/responses/badrequest"
11316 * ref="#/components/responses/unauthorized"
11318 * security={{"openemr_auth":{}}}
11324 // NOTE: this GET request only supports requests with an _id parameter. FHIR inferno test tool requires the 'search'
11325 // property to support which is why this endpoint exists.
11326 "GET /fhir/Provenance" => function (HttpRestRequest
$request) {
11327 if ($request->isPatientRequest()) {
11328 // only allow access to data of binded patient
11329 $return = (new FhirProvenanceRestController($request))->getAll($request->getQueryParams(), $request->getPatientUUIDString());
11331 // TODO: it seems like regular users should be able to grab authorship / provenance information
11332 RestConfig
::authorization_check("admin", "super");
11333 $return = (new FhirProvenanceRestController($request))->getAll($request->getQueryParams());
11335 RestConfig
::apiLog($return);
11343 * path="/fhir/metadata",
11344 * description="Returns metadata (ie. CapabilityStatement resource) of the fhir server.",
11348 * description="Return CapabilityStatement resource of the fhir server"
11352 "GET /fhir/metadata" => function () {
11353 $return = (new FhirMetaDataRestController())->getMetaData();
11354 RestConfig
::apiLog($return);
11360 * path="/fhir/.well-known/smart-configuration",
11361 * description="Returns smart configuration of the fhir server.",
11365 * description="Return smart configuration of the fhir server"
11369 "GET /fhir/.well-known/smart-configuration" => function () {
11370 $authController = new \OpenEMR\RestControllers\
AuthorizationController();
11371 $return = (new \OpenEMR\RestControllers\SMART\
SMARTConfigurationController($authController))->getConfig();
11372 RestConfig
::apiLog($return);
11376 // FHIR root level operations
11380 * path="/fhir/$export",
11381 * description="THIS ENDPOINT DOCUMENTATION IS UNDER CONSTRUCTION.",
11385 * ref="#/components/responses/standard"
11389 * ref="#/components/responses/badrequest"
11393 * ref="#/components/responses/unauthorized"
11395 * security={{"openemr_auth":{}}}
11401 'GET /fhir/$export' => function (HttpRestRequest
$request) {
11402 RestConfig
::authorization_check("admin", "users");
11403 $fhirExportService = new FhirExportRestController($request);
11404 $return = $fhirExportService->processExport(
11405 $request->getQueryParams(),
11407 $request->getHeader('Accept'),
11408 $request->getHeader('Prefer')
11410 RestConfig
::apiLog($return);
11414 // these two operations are adopted based on the documentation used in the IBM FHIR Server
11415 // we'd reference cerner or epic but we couldn't find any documentation about those (Jan 30th 2021)
11416 // @see https://ibm.github.io/FHIR/guides/FHIRBulkOperations/
11420 * path="/fhir/$bulkdata-status",
11421 * description="THIS ENDPOINT DOCUMENTATION IS UNDER CONSTRUCTION.",
11425 * ref="#/components/responses/standard"
11429 * ref="#/components/responses/badrequest"
11433 * ref="#/components/responses/unauthorized"
11435 * security={{"openemr_auth":{}}}
11441 'GET /fhir/$bulkdata-status' => function (HttpRestRequest
$request) {
11442 RestConfig
::authorization_check("admin", "users");
11443 $jobUuidString = $request->getQueryParam('job');
11444 // if we were truly async we would return 202 here to say we are in progress with a JSON response
11445 // since OpenEMR data is so small we just return the JSON from the database
11446 $fhirExportService = new FhirExportRestController($request);
11447 $return = $fhirExportService->processExportStatusRequestForJob($jobUuidString);
11448 RestConfig
::apiLog($return);
11454 * path="/fhir/$bulkdata-status",
11455 * description="THIS ENDPOINT DOCUMENTATION IS UNDER CONSTRUCTION.",
11459 * ref="#/components/responses/standard"
11463 * ref="#/components/responses/badrequest"
11467 * ref="#/components/responses/unauthorized"
11469 * security={{"openemr_auth":{}}}
11475 'DELETE /fhir/$bulkdata-status' => function (HttpRestRequest
$request) {
11476 RestConfig
::authorization_check("admin", "users");
11477 $job = $request->getQueryParam('job');
11478 $fhirExportService = new FhirExportRestController($request);
11479 $return = $fhirExportService->processDeleteExportForJob($job);
11480 RestConfig
::apiLog($return);
11485 // Note that the portal (api) route is only for patient role
11486 // (there is a mechanism in place to ensure only patient role can access the portal (api) route)
11487 RestConfig
::$PORTAL_ROUTE_MAP = array(
11490 * path="/portal/patient",
11491 * description="Returns the patient.",
11492 * tags={"standard-patient"},
11495 * description="Standard response",
11497 * mediaType="application/json",
11498 * @OA\Schema(ref="#/components/schemas/api_patient_response")
11503 * ref="#/components/responses/unauthorized"
11505 * security={{"openemr_auth":{}}}
11508 "GET /portal/patient" => function (HttpRestRequest
$request) {
11509 $return = (new PatientRestController())->getOne($request->getPatientUUIDString());
11510 RestConfig
::apiLog($return);
11516 * path="/portal/patient/encounter",
11517 * description="Returns encounters for the patient.",
11518 * tags={"standard-patient"},
11521 * ref="#/components/responses/standard"
11525 * ref="#/components/responses/badrequest"
11529 * ref="#/components/responses/unauthorized"
11531 * security={{"openemr_auth":{}}}
11534 "GET /portal/patient/encounter" => function (HttpRestRequest
$request) {
11535 $return = (new EncounterRestController())->getAll($request->getPatientUUIDString());
11536 RestConfig
::apiLog($return);
11542 * path="/portal/patient/encounter/{euuid}",
11543 * description="Returns a selected encounter by its uuid.",
11544 * tags={"standard-patient"},
11548 * description="The uuid for the encounter.",
11556 * ref="#/components/responses/standard"
11560 * ref="#/components/responses/badrequest"
11564 * ref="#/components/responses/unauthorized"
11566 * security={{"openemr_auth":{}}}
11569 "GET /portal/patient/encounter/:euuid" => function ($euuid, HttpRestRequest
$request) {
11570 $return = (new EncounterRestController())->getOne($request->getPatientUUIDString(), $euuid);
11571 RestConfig
::apiLog($return);