From 01a47e83cc4bad20ce280ebc9f623fd8daa8972e Mon Sep 17 00:00:00 2001 From: sunsetsystems Date: Thu, 4 Aug 2005 22:28:29 +0000 Subject: [PATCH] phpgacl implementation updates --- Documentation/README.phpgacl | 12 ++- interface/main/main_navigation.php | 8 +- interface/patient_file/encounter/diagnosis.php | 27 ++++-- interface/patient_file/encounter/forms.php | 101 +++++++++++---------- interface/patient_file/history/encounters.php | 93 ++++++++++++------- interface/patient_file/history/encounters_full.php | 95 +++++++++++-------- interface/patient_file/history/history.php | 26 ++++-- interface/patient_file/history/history_full.php | 12 ++- interface/patient_file/history/history_save.php | 12 ++- interface/patient_file/summary/add_edit_issue.php | 5 + interface/patient_file/summary/demographics.php | 21 ++++- .../patient_file/summary/demographics_full.php | 31 +++++-- .../patient_file/summary/demographics_save.php | 15 ++- interface/patient_file/summary/pnotes.php | 17 +++- interface/patient_file/summary/pnotes_full.php | 63 ++----------- interface/patient_file/summary/stats.php | 18 +++- interface/patient_file/summary/stats_full.php | 14 ++- library/acl.inc | 30 +++--- 18 files changed, 366 insertions(+), 234 deletions(-) diff --git a/Documentation/README.phpgacl b/Documentation/README.phpgacl index 95912baf9..864383cab 100644 --- a/Documentation/README.phpgacl +++ b/Documentation/README.phpgacl @@ -8,6 +8,10 @@ and a bit of time. If you don't have the time then you should hire an experienced person to set things up for you. The following tips are for the adventurous only! +Alternatively, it's possible to set up your own access rules without +using phpGACL by customizing the code in library/acl.inc. See that +module for more information. + phpGACL is available from http://phpgacl.sourceforge.net/. Read its documentation and install it according to its instructions. @@ -89,10 +93,10 @@ a really confusing "write only" interface, but thankfully you won't have to use it every day! Mostly what you will do here is highlight a group from the box on the right, and also select some ACOs from the top section by highlighting them and clicking the ">>" button. -Then if "write" or "wsome" access applies, key in that as the -return value, otherwise a return value is not required. Then click -the Submit button to save that particular access rule. Repeat until -all your ACL rules are defined. +Then if "write" or "wsome" or "addonly" access applies, key in that +as the return value, otherwise a return value is not required. Then +click the Submit button to save that particular access rule. Repeat +until all your ACL rules are defined. To see your access rules, click the "ACL List" tab. To make corrections click the corresponding Edit link on the right side; this will open the diff --git a/interface/main/main_navigation.php b/interface/main/main_navigation.php index 1aba935f3..4f641ec9f 100644 --- a/interface/main/main_navigation.php +++ b/interface/main/main_navigation.php @@ -30,11 +30,17 @@ include_once("../../library/acl.inc"); Find Patient + + - + + diff --git a/interface/patient_file/encounter/diagnosis.php b/interface/patient_file/encounter/diagnosis.php index 305da7460..29aee885f 100644 --- a/interface/patient_file/encounter/diagnosis.php +++ b/interface/patient_file/encounter/diagnosis.php @@ -1,7 +1,8 @@ - - - + topmargin=0 rightmargin=0 leftmargin=4 bottommargin=0 marginheight=0> + +(Coding not authorized)

\n"; + echo "\n\n"; + exit(); + } +?> +

diff --git a/interface/patient_file/encounter/forms.php b/interface/patient_file/encounter/forms.php index 5dfea52a3..fe359e12d 100644 --- a/interface/patient_file/encounter/forms.php +++ b/interface/patient_file/encounter/forms.php @@ -1,58 +1,62 @@ - - - + - - + topmargin=0 rightmargin=0 leftmargin=2 bottommargin=0 marginwidth=2 marginheight=0> -This Encounter +This Encounter\n"; + + if ($result = getFormByEncounter($pid, $encounter, "id, date, form_id, form_name,formdir,user")) { + echo "

"; + foreach ($result as $iter) { + + // Skip forms that we are not authorized to see. + if (($auth_notes_a) || + ($auth_notes && $iter['user'] == $_SESSION['authUser']) || + ($auth_relaxed && $iter['formdir'] == 'sports_fitness')) ; + else continue; + + $form_info = getFormInfoById($iter['id']); + echo ''; + $user = getNameFromUsername($iter['user']); + + $form_name = ($iter['formdir'] == 'newpatient') ? "Patient Encounter" : $iter['form_name']; + + echo ''; + echo "\n" . + "\n" . + "'; - $user = $iter['user']; - $user = getNameFromUsername($user); - - $form_name = ($iter['formdir'] == 'newpatient') ? "Patient Encounter" : $iter['form_name']; - - echo ''; - echo "\n" . - "\n" . - ""; - } - echo "

' . + $user['fname'] . " " . $user['lname'] .'

$form_name

"; + + if (true) { + // Instead of the garbage below, let's use the form's report.php. + // + include_once($GLOBALS['incdir'] . "/forms/" . $iter['formdir'] . "/report.php"); + call_user_func($iter['formdir'] . "_report", $pid, $iter['encounter'], 2, $iter['form_id']); + } + else { -?> -:
- -"; - foreach ($result as $iter) { - $form_info = getFormInfoById($iter['id']); - echo '

' . - $user['fname'] . " " . $user['lname'] .'

$form_name

"; - - if (true) { - // Instead of the garbage below, let's use the form's report.php. - // - include_once($GLOBALS['incdir'] . "/forms/" . $iter['formdir'] . "/report.php"); - call_user_func($iter['formdir'] . "_report", $pid, $iter['encounter'], 2, $iter['form_id']); - } - else { // Garbage starts here. Delete this after some testing. // echo "\n"; @@ -89,12 +93,13 @@ if ($result = getFormByEncounter($pid, $encounter, "id, date, form_id, form_name echo "

\n"; // // End of garbage - } - echo "

"; -} + } + + echo ""; + } + echo ""; + } ?> diff --git a/interface/patient_file/history/encounters.php b/interface/patient_file/history/encounters.php index d0e199693..60a482143 100644 --- a/interface/patient_file/history/encounters.php +++ b/interface/patient_file/history/encounters.php @@ -1,13 +1,13 @@ @@ -20,7 +20,8 @@ $N = 12; - topmargin=0 rightmargin=0 leftmargin=2 bottommargin=0 marginwidth=2 marginheight=0> + topmargin='0' rightmargin='0' leftmargin='2' + bottommargin='0' marginwidth='2' marginheight='0'> Past Encounters
@@ -34,6 +35,14 @@ $N = 12; \n"; + + if ($auth_notes_a || ($auth_notes && $iter['user'] == $_SESSION['authUser'])) + $reason_string .= $result4{"reason"} . "
\n"; + else + $reason_string = "(No access)"; } echo "\n"; @@ -72,15 +85,17 @@ if ($result = getEncounters($pid)) { $reason_string . "\n"; // show issues for this encounter - $ires = sqlStatement("SELECT lists.type, lists.title, lists.begdate " . + echo ""; + + if ($auth_med) { + $ires = sqlStatement("SELECT lists.type, lists.title, lists.begdate " . "FROM issue_encounter, lists WHERE " . "issue_encounter.pid = '$pid' AND " . "issue_encounter.encounter = '" . $iter['encounter'] . "' AND " . "lists.id = issue_encounter.list_id " . "ORDER BY lists.type, lists.begdate"); - echo ""; - for ($i = 0; $irow = sqlFetchArray($ires); ++$i) { + for ($i = 0; $irow = sqlFetchArray($ires); ++$i) { if ($i > 0) echo "
"; $tcode = $irow['type']; if ($tcode == 'medical_problem' || $tcode == 'problem') $tcode = 'P'; @@ -88,7 +103,11 @@ if ($result = getEncounters($pid)) { else if ($tcode == 'medication') $tcode = 'M'; else if ($tcode == 'surgery') $tcode = 'S'; echo "$tcode: " . $irow['title']; + } + } else { + echo "(No access)"; } + echo "\n"; /**** @@ -108,32 +127,41 @@ if ($result = getEncounters($pid)) { print "" . $comments . ""; ****/ + //this is where we print out the text of the billing that occurred on this encounter $coded = ""; - if ($subresult2 = getBillingByEncounter($pid,$iter{"encounter"})) { - //this is where we print out the text of the billing that occurred on this encounter - foreach ($subresult2 as $iter2) { - $coded .= ""; - $coded .= $iter2{"code"} . ", "; + if ($auth_coding_a || ($auth_coding && $iter['user'] == $_SESSION['authUser'])) { + if ($subresult2 = getBillingByEncounter($pid,$iter{"encounter"})) { + foreach ($subresult2 as $iter2) { + $coded .= ""; + $coded .= $iter2{"code"} . ", "; + } + $coded = substr($coded, 0, strlen($coded) - 2); } - $coded = substr($coded, 0, strlen($coded) - 2); + } else { + $coded = "(No access)"; } echo "" . $coded . "\n"; + // Show insurance. $insured = "$raw_encounter_date"; - $subresult5 = getInsuranceDataByDate($pid, $raw_encounter_date, "primary"); - if ($subresult5 && $subresult5{"provider_name"}) { - $insured = "Primary: " . $subresult5{"provider_name"} . "
\n"; - } - $subresult6 = getInsuranceDataByDate($pid, $raw_encounter_date, "secondary"); - if ($subresult6 && $subresult6{"provider_name"}) { - $insured .= "Secondary: ".$subresult6{"provider_name"}."
\n"; - } - $subresult7 = getInsuranceDataByDate($pid, $raw_encounter_date, "tertiary"); - if ($subresult6 && $subresult7{"provider_name"}) { - $insured .= "Tertiary: ".$subresult7{"provider_name"}."
\n"; + if ($auth_demo) { + $subresult5 = getInsuranceDataByDate($pid, $raw_encounter_date, "primary"); + if ($subresult5 && $subresult5{"provider_name"}) { + $insured = "Primary: " . $subresult5{"provider_name"} . "
\n"; + } + $subresult6 = getInsuranceDataByDate($pid, $raw_encounter_date, "secondary"); + if ($subresult6 && $subresult6{"provider_name"}) { + $insured .= "Secondary: ".$subresult6{"provider_name"}."
\n"; + } + $subresult7 = getInsuranceDataByDate($pid, $raw_encounter_date, "tertiary"); + if ($subresult6 && $subresult7{"provider_name"}) { + $insured .= "Tertiary: ".$subresult7{"provider_name"}."
\n"; + } + } else { + $insured = "(No access)"; } echo "\n"; } } - ?> diff --git a/interface/patient_file/history/encounters_full.php b/interface/patient_file/history/encounters_full.php index 30ec631e9..609ebdc4d 100644 --- a/interface/patient_file/history/encounters_full.php +++ b/interface/patient_file/history/encounters_full.php @@ -1,11 +1,10 @@ @@ -26,45 +25,65 @@ include_once("$srcdir/patient.inc"); \n"; - } + $reason_string = ""; + if ($result4 = sqlQuery("select * from form_encounter where encounter='" . $iter{"encounter"} . "' and pid='$pid'")) { + $raw_encounter_date = date("Y-m-d", strtotime($result4{"date"})); + $encounter_date = date("D F jS", strtotime($result4{"date"})); + + if ($auth_notes_a || ($auth_notes && $iter['user'] == $_SESSION['authUser'])) + $reason_string .= $result4{"reason"} . "
\n"; + else + $reason_string = "(No access)"; + } print "\n"; print "" . $encounter_date . "\n"; print "" . $reason_string . "\n"; - $coded = ""; - if ($subresult2 = getBillingByEncounter($pid, $iter{"encounter"})) { - //this is where we print out the text of the billing that occurred on this encounter - foreach ($subresult2 as $iter2) { - $coded .= ""; - $coded .= $iter2{"code"} . ", "; - } - $coded = substr($coded, 0, strlen($coded) - 2); - } - - print "" . $coded . "\n"; - - $insured = "$raw_encounter_date"; - $subresult5 = getInsuranceDataByDate($pid, $raw_encounter_date, "primary"); - if ($subresult5 && $subresult5{"provider_name"}) { - $insured = "Primary: " . $subresult5{"provider_name"} . "
\n"; - } - $subresult6 = getInsuranceDataByDate($pid, $raw_encounter_date, "secondary"); - if ($subresult6 && $subresult6{"provider_name"}) { - $insured .= "Secondary: ".$subresult6{"provider_name"}."
\n"; - } - $subresult7 = getInsuranceDataByDate($pid, $raw_encounter_date, "tertiary"); - if ($subresult6 && $subresult7{"provider_name"}) { - $insured .= "Tertiary: ".$subresult7{"provider_name"}."
\n"; - } + //this is where we print out the text of the billing that occurred on this encounter + $coded = ""; + if ($auth_coding_a || ($auth_coding && $iter['user'] == $_SESSION['authUser'])) { + if ($subresult2 = getBillingByEncounter($pid, $iter{"encounter"})) { + foreach ($subresult2 as $iter2) { + $coded .= ""; + $coded .= $iter2{"code"} . ", "; + } + $coded = substr($coded, 0, strlen($coded) - 2); + } + } else { + $coded = "(No access)"; + } + + print "" . $coded . "\n"; + + $insured = "$raw_encounter_date"; + if ($auth_demo) { + $subresult5 = getInsuranceDataByDate($pid, $raw_encounter_date, "primary"); + if ($subresult5 && $subresult5{"provider_name"}) { + $insured = "Primary: " . $subresult5{"provider_name"} . "
\n"; + } + $subresult6 = getInsuranceDataByDate($pid, $raw_encounter_date, "secondary"); + if ($subresult6 && $subresult6{"provider_name"}) { + $insured .= "Secondary: ".$subresult6{"provider_name"}."
\n"; + } + $subresult7 = getInsuranceDataByDate($pid, $raw_encounter_date, "tertiary"); + if ($subresult6 && $subresult7{"provider_name"}) { + $insured .= "Tertiary: ".$subresult7{"provider_name"}."
\n"; + } + } else { + $insured = "(No access)"; + } print "" . $insured . "\n"; diff --git a/interface/patient_file/history/history.php b/interface/patient_file/history/history.php index 7b772476e..97874680b 100644 --- a/interface/patient_file/history/history.php +++ b/interface/patient_file/history/history.php @@ -1,7 +1,8 @@ @@ -10,14 +11,23 @@ include_once("history.inc.php"); topmargin=0 rightmargin=0 leftmargin=2 bottommargin=0 marginwidth=2 marginheight=0> (History not authorized)

\n"; + echo "\n\n"; + exit(); + } + + $result = getHistoryData($pid); + if (!is_array($result)) { + newHistoryData($pid); + $result = getHistoryData($pid); + } ?> + Patient History / Lifestyle
+ diff --git a/interface/patient_file/history/history_full.php b/interface/patient_file/history/history_full.php index 9841621b1..81f838449 100644 --- a/interface/patient_file/history/history_full.php +++ b/interface/patient_file/history/history_full.php @@ -1,7 +1,13 @@ diff --git a/interface/patient_file/history/history_save.php b/interface/patient_file/history/history_save.php index ba58c38a9..683bdf5e8 100644 --- a/interface/patient_file/history/history_save.php +++ b/interface/patient_file/history/history_save.php @@ -1,7 +1,13 @@ $val) { if ($val == "YYYY-MM-DD") { diff --git a/interface/patient_file/summary/add_edit_issue.php b/interface/patient_file/summary/add_edit_issue.php index 0eff99ff4..ceff1a98b 100644 --- a/interface/patient_file/summary/add_edit_issue.php +++ b/interface/patient_file/summary/add_edit_issue.php @@ -9,10 +9,15 @@ include_once("../../globals.php"); include_once("$srcdir/lists.inc"); include_once("$srcdir/patient.inc"); + include_once("$srcdir/acl.inc"); $issue = $_REQUEST['issue']; $info_msg = ""; + $thisauth = acl_check('patients', 'med'); + if ($issue && $thisauth != 'write') die("Edit is not authorized!"); + if ($thisauth != 'write' && $thisauth != 'addonly') die("Add is not authorized!"); + $arrtype = array( 'medical_problem' => 'Problem', 'allergy' => 'Allergy', diff --git a/interface/patient_file/summary/demographics.php b/interface/patient_file/summary/demographics.php index 5fde23491..e8aee303b 100644 --- a/interface/patient_file/summary/demographics.php +++ b/interface/patient_file/summary/demographics.php @@ -1,6 +1,7 @@ @@ -10,7 +11,21 @@ include_once("$srcdir/patient.inc"); topmargin=0 rightmargin=0 leftmargin=2 bottommargin=0 marginwidth=2 marginheight=0> -

Demographics

+(Demographics not authorized)

\n"; + echo "\n\n"; + exit(); + } + + if ($thisauth == 'write') { + echo "

" . + "Demographics" . + "$tmore

\n"; + } +?>

diff --git a/interface/patient_file/summary/demographics_full.php b/interface/patient_file/summary/demographics_full.php index 88c2d72b9..a9f003b1a 100644 --- a/interface/patient_file/summary/demographics_full.php +++ b/interface/patient_file/summary/demographics_full.php @@ -1,15 +1,26 @@ $val) { if ($val == "MM/DD/YYYY") { diff --git a/interface/patient_file/summary/pnotes.php b/interface/patient_file/summary/pnotes.php index dfe497cb1..87076b660 100644 --- a/interface/patient_file/summary/pnotes.php +++ b/interface/patient_file/summary/pnotes.php @@ -1,8 +1,8 @@ - @@ -11,6 +11,15 @@ include_once("$srcdir/pnotes.inc"); topmargin=0 rightmargin=0 leftmargin=2 bottommargin=0 marginwidth=2 marginheight=0> +(Notes not authorized)

\n"; + echo "\n\n"; + exit(); + } +?> +

"; print "\n"; - - $notes_count++; } }else{ @@ -145,43 +136,5 @@ echo "

@@ -18,7 +27,9 @@ include_once("$srcdir/pnotes.inc");

+ Notes +
diff --git a/interface/patient_file/summary/pnotes_full.php b/interface/patient_file/summary/pnotes_full.php index f9631c205..83d28d9f0 100644 --- a/interface/patient_file/summary/pnotes_full.php +++ b/interface/patient_file/summary/pnotes_full.php @@ -1,12 +1,16 @@ - - - topmargin=0 rightmargin=0 leftmargin=2 bottommargin=0 marginwidth=2 marginheight=0> - - Patient Notes(Back)
@@ -57,8 +56,6 @@ if ($mode == "update") { [Add New Note] - -

".$date_string . ""; print " (". $iter{"user"}.")

" . "" . stripslashes($iter{"body"}) . "

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - \ No newline at end of file + diff --git a/interface/patient_file/summary/stats.php b/interface/patient_file/summary/stats.php index 5b4175d98..f4b71def9 100644 --- a/interface/patient_file/summary/stats.php +++ b/interface/patient_file/summary/stats.php @@ -1,8 +1,8 @@ - @@ -17,7 +17,17 @@ include_once("$srcdir/lists.inc"); - topmargin=0 rightmargin=0 leftmargin=2 bottommargin=0 marginwidth=2 marginheight=0> + topmargin='0' rightmargin='0' leftmargin='2' + bottommargin='0' marginwidth='2' marginheight='0'> + +(Issues not authorized)

\n"; + echo "\n\n"; + exit(); + } +?> \n"; echo " \n"; - echo " \n"; + if ($thisauth == 'write') { + echo " \n"; + } else { + echo " \n"; + } echo " \n"; echo " \n"; echo " \n"; diff --git a/library/acl.inc b/library/acl.inc index 917c9ac00..1c72dfb20 100644 --- a/library/acl.inc +++ b/library/acl.inc @@ -20,25 +20,28 @@ // // Section "acct" (Accounting): // bill Billing (write optional) - // eob EOB data entry + // eob EOB Data Entry // rep Financial Reporting - my encounters // rep_a Financial Reporting - anything // // Section "patients" (Patient Information): // appt Appointments (write optional) - // demo Demographics (write optional) - // med Medical Records and History (write optional) + // demo Demographics (write,addonly optional) + // med Medical Records and History (write,addonly optional) // trans Transactions, e.g. referrals (write optional) - // docs Documents (write optional) + // docs Documents (write,addonly optional) + // notes Patient Notes (write,addonly optional) // // Section "encounters" (Encounter Information): // auth Authorize - my encounters // auth_a Authorize - any encounters // coding Coding - my encounters (write,wsome optional) // coding_a Coding - any encounters (write,wsome optional) - // notes Notes - my encounters (write optional) - // notes_a Notes - any encounters (write optional) + // notes Notes - my encounters (write,addonly optional) + // notes_a Notes - any encounters (write,addonly optional) // date_a Fix encounter dates - any encounters + // relaxed Less-private information (write,addonly optional) + // (e.g. the Sports Fitness encounter form) if ($phpgacl_location) { include_once("$phpgacl_location/gacl.class.php"); @@ -48,10 +51,12 @@ // acl_check should return 0 if access is denied. Otherwise it may // return anything that evaluates to true. In addition if any of the // following types of access are applicable, then the corresponding value - // must be returned if and only if such access is granted: + // must be returned if and only if such access is granted (ony one may + // be specified): // - // * write - the user may add or modify the ACO - // * wsome - the user has limited add/modify access to the ACO + // * write - the user may add or modify the ACO + // * wsome - the user has limited add/modify access to the ACO + // * addonly - the user may view and add but not modify entries // function acl_check($section, $value, $user = '') { global $gacl_object, $phpgacl_location; @@ -63,6 +68,8 @@ // If no phpgacl, then apply the old static rules whereby "authorized" // users (providers) can do anything, and other users can do most things. + // If you want custom access control but don't want to mess with phpGACL, + // then you could customize the code below instead. if ($_SESSION['userauthorized']) return 'write'; @@ -70,8 +77,9 @@ if ($value != 'med') return 'write'; } else if ($section == 'encounters') { - if (strpos($value, 'coding') === 0) return 'write'; - if (strpos($value, 'notes' ) === 0) return 'write'; + if (strpos($value, 'coding' ) === 0) return 'write'; + if (strpos($value, 'notes' ) === 0) return 'write'; + if ($value == 'relaxed') return 'write'; } else if ($section == 'acct') { return 'write'; -- 2.11.4.GIT

diff --git a/interface/patient_file/summary/stats_full.php b/interface/patient_file/summary/stats_full.php index 01d435859..81363ca36 100644 --- a/interface/patient_file/summary/stats_full.php +++ b/interface/patient_file/summary/stats_full.php @@ -8,6 +8,11 @@ include_once("../../globals.php"); include_once("$srcdir/lists.inc"); + include_once("$srcdir/acl.inc"); + + // Check authorization. + $thisauth = acl_check('patients', 'demo'); + if (!$thisauth) die("Demographics not authorized."); $arroccur = array( 0 => 'Unknown or N/A', @@ -111,8 +116,13 @@ function doeclick(id) { echo "
	" . - "$disptitle	"; + echo "$disptitle	"; + echo "$disptitle	" . $row['begdate'] . "	" . $row['enddate'] . "	" . $row['diagnosis'] . "