Exemple #1
0
    def _get_wizard_view(self, request, token, args, kwargs, initialise=False):
        from rdrf.models.definition.review_models import PatientReview
        review_user = request.user
        patient_review_model = get_object_or_404(PatientReview, token=token)

        if not is_authorised(request.user, patient_review_model.patient):
            raise PermissionDenied

        wizard_view = patient_review_model.create_wizard_view(
            initialise, review_user=review_user)
        return wizard_view(request, *args, **kwargs)
Exemple #2
0
    def _get_patient(self):
        from registry.patients.models import Patient
        from registry.patients.models import ParentGuardian
        if "id" in self.request.GET:
            try:
                patient_model = Patient.objects.get(
                    id=self.request.GET.get("id"))
                if not is_authorised(self.user, patient_model):
                    logger.debug("action not authorised")
                    raise PermissionError
                else:
                    logger.debug("patient found by id ok")
                    return patient_model

            except Patient.DoesNotExist:
                logger.debug("patient does not exist")
                raise Http404

        try:
            logger.debug(
                "patient id not supplied , finding patient assoc with user..")
            patient_model = Patient.objects.filter(
                user=self.user).order_by("id").first()
            if patient_model is not None:
                logger.debug("found patient associated with user %s" %
                             patient_model)
                return patient_model
        except Patient.DoesNotExist:
            logger.debug("user is not a patient ...")
            pass

        try:
            logger.debug("trying parents ... ")
            parent = ParentGuardian.objects.get(user=self.user)
            # what to do if there is more than one child
            # for now we take the first
            children = parent.children
            if children:
                logger.debug(
                    "parent guardian found and no id - returning first child")
                return children[0]
            else:
                logger.debug("user is a parent but has not children??? ...")
                raise Http404
        except ParentGuardian.DoesNotExist:
            logger.debug("no parent guardian assoc with user ...")
            raise Http404
Exemple #3
0
    def get(self, request):
        logger.debug("proms page GET")
        patient_token = request.GET.get("t", None)
        logger.debug("patient_token = %s" % patient_token)
        registry_code = request.GET.get("r", None)
        logger.debug("registry_code = %s" % registry_code)
        survey_name = request.GET.get("s", None)
        logger.debug("survey_name = %s" % survey_name)
        if not self._is_valid(patient_token, registry_code, survey_name):
            raise Http404

        registry_model = get_object_or_404(Registry, code=registry_code)
        check_login = registry_model.has_feature("proms_landing_login")

        logger.debug("registry = %s" % registry_model)
        survey_assignment = get_object_or_404(SurveyAssignment,
                                              patient_token=patient_token,
                                              state=SurveyStates.REQUESTED)
        survey_display_name = survey_assignment.survey.display_name
        preamble_text = registry_model.metadata.get("preamble_text")
        context = {
            "preamble_text": preamble_text,
            "survey_name": survey_display_name
        }

        if check_login:
            if request.user.is_anonymous:
                logger.info("%s not authorised to see survey %s" %
                            (request.user, patient_token))
                raise Http404
            else:
                from rdrf.helpers.utils import is_authorised
                # NB this will only work if proms on same site
                t = survey_assignment.patient_token
                survey_request = get_object_or_404(SurveyRequest,
                                                   patient_token=t,
                                                   state="requested")
                patient_model = survey_request.patient

                if not is_authorised(request.user, patient_model):
                    logger.info("%s not authorised to see survey %s" %
                                (request.user, patient_token))
                    raise Http404

        return render(request, "proms/preamble.html", context)
Exemple #4
0
    def _get_patient(self):
        from registry.patients.models import Patient
        from registry.patients.models import ParentGuardian
        if "id" in self.request.GET:
            patient_id = self.request.GET.get("id")
            try:
                patient_model = Patient.objects.get(id=patient_id)
                if not is_authorised(self.user, patient_model):
                    patient_logfield = getattr(patient_model, settings.LOG_PATIENT_FIELDNAME)
                    logger.warning(f"action not authorised for user:{self.user.id} on patient:{patient_logfield}")
                    raise PermissionError
                else:
                    return patient_model

            except Patient.DoesNotExist:
                logger.warning(f"patient id {patient_id} does not exist")
                raise Http404

        try:
            patient_model = Patient.objects.filter(user=self.user).order_by("id").first()
            if patient_model is not None:
                return patient_model
        except Patient.DoesNotExist:
            pass

        try:
            parent = ParentGuardian.objects.get(user=self.user)
            # what to do if there is more than one child
            # for now we take the first
            children = parent.children
            if children:
                return children[0]
            else:
                logger.warning(f"user {self.user.id} is a parent but has not children??? ...")
                raise Http404
        except ParentGuardian.DoesNotExist:
            logger.warning(f"no parent guardian assoc with user {self.user.id} ...")
            raise Http404