コード例 #1
0
def rebuild_fhir_search(request):
    """ Rebuild the Search String

    We will start to use a session variable

    We received:
    http://localhost:8000/cmsblue/fhir/v1
    ?_getpages=61c6e2d1-2b7c-49c3-a083-3d5b3874d4ff&_getpagesoffset=10
    &_count=10&_format=json&_pretty=true&_bundletype=searchset

    Session Variables will be storing:
    - FHIR Target URL/Resource
    - _getpages value
    - expires datetime

    Construct FHIR_Target_URL + search parameters

    """

    # now = str(datetime.now())
    ikey = ''
    if '_getpages' in request.GET:
        ikey = request.GET['_getpages']
        sn_vr = read_session(request, ikey, skey=SESSION_KEY)
        # logger.debug("Session info:%s" % sn_vr)

        if sn_vr == {}:
            # Nothing returned from Session Variables
            # Key could be expired or not matched
            return authenticated_home(request)

        url_call = sn_vr['fhir_to']
        url_call += '/?' + request.META['QUERY_STRING']

        rewrite_url_list = sn_vr['rwrt_list']
        resource_type = sn_vr['res_type']
        interaction_type = sn_vr['intn_type']
        key = sn_vr['key']
        vid = sn_vr['vid']

        cx = get_crosswalk(request.user)

        # logger.debug("Calling:%s" % url_call)
        r = request_call(request, url_call, cx,
                         reverse_lazy('authenticated_home'))

        host_path = get_host_url(request, '?')

        # get 'xml' 'json' or ''
        fmt = get_search_param_format(request.META['QUERY_STRING'])

        text_out = post_process_request(request, fmt, host_path, r,
                                        rewrite_url_list)
        od = build_output_dict(request, OrderedDict(), resource_type, key, vid,
                               interaction_type, fmt, text_out)

        if fmt == 'xml':
            # logger.debug('We got xml back in od')
            return HttpResponse(r.text, content_type='application/%s' % fmt)
            # return HttpResponse( tostring(dict_to_xml('content', od)),
            #                      content_type='application/%s' % fmt)
        elif fmt == 'json':
            # logger.debug('We got json back in od')
            return HttpResponse(pretty_json(od),
                                content_type='application/%s' % fmt)

        # logger.debug('We got a different format:%s' % fmt)
        return render(
            request,
            'bluebutton/default.html',
            {
                'content': pretty_json(od),
                'output': od
            },
        )

    return authenticated_home(request)
コード例 #2
0
    def test_build_output_dict(self):
        """ Build the Output Dict """

        request = self.factory.get('/cmsblue/fhir/v1/Patient')

        assert_msg = """
            1. Send the data - simple test
        """

        fmt = "json"
        resource_type = "Patient"
        key = "11223344"
        vid = "1"
        interaction_type = "search"
        expected_text = '{"next": "dddd anything http://www.replaced.com ' \
                        'will get replaced ' \
                        'more stuff http://www.replaced.com and ' \
                        'http://www.replaced.com:8000/ okay"}'
        text_out = json.loads(expected_text,
                              object_pairs_hook=OrderedDict)
        od = OrderedDict()

        resp = build_output_dict(request,
                                 od,
                                 resource_type,
                                 key,
                                 vid,
                                 interaction_type,
                                 fmt,
                                 text_out)

        wanted = OrderedDict()
        wanted["resource_type"] = resource_type
        wanted["id"] = key
        wanted["vid"] = vid
        wanted["bundle"] = text_out

        # print("\nRESP:%s" % resp)
        # print("\nEXPC:%s" % wanted)

        # expected = OrderedDict()

        self.assertEqual(resp, wanted, assert_msg)

        assert_msg = """
            2. Send the data - no vid
        """

        fmt = "json"
        resource_type = "Patient"
        key = "11223344"
        vid = None
        interaction_type = "search"
        expected_text = '{"next": "dddd anything http://www.replaced.com ' \
                        'will get replaced ' \
                        'more stuff http://www.replaced.com and ' \
                        'http://www.replaced.com:8000/ okay"}'
        text_out = json.loads(expected_text,
                              object_pairs_hook=OrderedDict)
        od = OrderedDict()

        resp = build_output_dict(request,
                                 od,
                                 resource_type,
                                 key,
                                 vid,
                                 interaction_type,
                                 fmt,
                                 text_out)

        wanted = OrderedDict()
        wanted["resource_type"] = resource_type
        wanted["id"] = key
        # wanted["vid"] = vid
        wanted["bundle"] = text_out

        # print("\nRESP:%s" % resp)
        # print("\nEXPC:%s" % wanted)

        self.assertEqual(resp, wanted, assert_msg)
コード例 #3
0
ファイル: search.py プロジェクト: shihuaxing/hhs_oauth_server
def read_search(request,
                interaction_type,
                resource_type,
                id=None,
                vid=None,
                *args,
                **kwargs):
    """
    Read from remote FHIR Server

    :param request:
    :param interaction_type:
    :param resource_type:
    :param id:
    :param vid:
    :param args:
    :param kwargs:
    :return:

    # Example client use in curl:
    # curl  -X GET http://127.0.0.1:8000/fhir/Practitioner/1234?_format=json


    """

    logger.debug('\n========================\n'
                 'INTERACTION_TYPE: %s' % interaction_type)

    # Get the users crosswalk
    cx = get_crosswalk(request.user)

    # cx will be the crosswalk record or None
    rr = get_resourcerouter(cx)

    # Check if this interaction type and resource type combo is allowed.
    deny = check_access_interaction_and_resource_type(resource_type,
                                                      interaction_type, rr)
    if deny:
        # if not allowed, return a 4xx error.
        return deny

    srtc = check_rt_controls(resource_type, rr)
    # We get back a Supported ResourceType Control record or None
    # with earlier if deny step we should have a valid srtc.

    if srtc.secure_access and request.user.is_anonymous():
        return kickout_403('Error 403: %s Resource access is controlled.'
                           ' Login is required:'
                           '%s' % (resource_type, request.user.is_anonymous()))
        # logger.debug('srtc: %s' % srtc)

    if (cx is None and srtc is not None):
        # There is a srtc record so we need to check override_search
        if srtc.override_search:
            # If user is not in Crosswalk and srtc has search_override = True
            # We need to prevent search to avoid data leakage.
            return kickout_403('Error 403: %s Resource is access controlled.'
                               ' No records are linked to user:'******'%s' % (resource_type, request.user))

    ################################################
    #
    # Now we should have sorted out all the bounces
    # Now to structure the call to the back-end
    #
    ################################################

    # construct the server address, path and release
    # Get the crosswalk.fhir_source = ResourceRouter

    # Build url from rr.server_address + rr.server_path + rr.server_release

    target_url = rr.fhir_url

    # add resource_type + '/'
    target_url += srtc.resourceType

    target_url += "/"

    # Analyze the _format parameter
    # Sve the display _format

    input_parameters = request.GET

    # requested_format = 'json' | 'xml' | 'html'
    requested_format = save_request_format(input_parameters)

    format_mode = eval_format_type(requested_format)

    # prepare the back-end _format setting
    back_end_format = set_fhir_format(format_mode)

    # remove the oauth parameters
    payload = strip_oauth(request.GET)

    # Get payload with oauth parameters removed
    # Add the format for back-end
    payload['_format'] = back_end_format

    # remove the srtc.search_block parameters
    payload = block_params(payload, srtc)

    # print("id:%s" % str(id))
    # move resource_id to _id=resource_id
    id_dict = set_resource_id(srtc, id, cx.fhir_id)
    # id_dict['query_mode'] = 'search' | 'read'
    # id_dict['url_id'] = '' | id
    # id_dict['_id'] = id  | ''
    # id_dict['patient'] = patient_id | ''

    # resource_id = id_dict['url_id']

    # Add the srtc.search_add parameters
    # added_params = add_params(srtc,
    #                           patient_id=id_dict['patient'],
    #                           key=id_dict['url_id'])

    # print("Added Params:%s" % added_params)

    params_list = search_add_to_list(srtc.search_add)

    # print("Params_List:%s" % params_list)

    payload = payload_additions(payload, params_list)

    # print('id_dict:%s' % id_dict)
    # print("what have we got?:%s" % id_dict)
    if id_dict['_id']:
        # add rt_id into the search parameters
        if id_dict['_id'] is not None:
            payload['_id'] = id_dict['_id']

    if resource_type.lower() == 'patient':
        # print("Working resource:%s" % resource_type)
        payload['_id'] = id_dict['patient']
        if payload['patient']:
            del payload['patient']

    for pyld_k, pyld_v in payload.items():
        if pyld_v is None:
            pass
        elif '%PATIENT%' in pyld_v:
            # replace %PATIENT% with cx.fhir_id

            payload = payload_var_replace(payload,
                                          pyld_k,
                                          new_value=id_dict['patient'],
                                          old_value='%PATIENT%')
    # print("post futzing:%s" % id_dict)
    # add the _format setting
    payload['_format'] = back_end_format

    # Make the request_call
    r = request_get_with_parms(request,
                               target_url,
                               json.loads(json.dumps(payload)),
                               cx,
                               reverse_lazy('home'),
                               timeout=settings.REQUEST_CALL_TIMEOUT)

    ################################################
    #
    # Now we process the response from the back-end
    #
    ################################################

    # if 'status_code' in r:
    #     r_status_code = r.status_code
    # else:
    #     r_status_code = 500

    rewrite_list = build_rewrite_list(cx)
    host_path = get_host_url(request, resource_type)[:-1]

    try:
        text_in = r.text
    except:
        text_in = ""

    text_out = post_process_request(request, back_end_format, host_path,
                                    text_in, rewrite_list)

    if resource_type.lower() == 'patient':
        display_key = id_dict['patient']
    else:
        display_key = id
    od = build_output_dict(request, OrderedDict(), resource_type, display_key,
                           vid, interaction_type, requested_format, text_out)

    ################################################
    #
    # Now display the result
    #
    ################################################
    ikey = ''
    try:
        ikey = find_ikey(r.text)
    except:
        ikey = ''

    if ikey is not '':

        save_url = get_target_url(target_url, resource_type)
        # print("Store target_url:%s but only: %s" % (target_url,save_url))
        content = {
            'fhir_to': save_url,
            'rwrt_list': rewrite_list,
            'res_type': resource_type,
            'intn_type': interaction_type,
            'key': display_key,
            'vid': vid,
            'resource_router': rr.id
        }
        sesn_var = write_session(request, ikey, content, skey=SESSION_KEY)
        if sesn_var:
            logger.debug("Problem writing session variables."
                         " Returned %s" % sesn_var)

    if format_mode == 'xml':
        # logger.debug('We got xml back in od')
        return HttpResponse(r.text,
                            content_type='application/%s' % requested_format)
        # return HttpResponse(tostring(dict_to_xml('content', od)),
        #                     content_type='application/%s' % requested_format)

    elif format_mode == 'json':
        # logger.debug('We got json back in od')
        return HttpResponse(pretty_json(od['bundle']),
                            content_type='application/%s' % requested_format)

    query_string = build_querystring(request.GET.copy())
    if "xml" in requested_format:
        # logger.debug("Sending text_out for display: %s" % text_out[0:100])
        div_text = get_div_from_xml(text_out)
        # print("DIV TEXT returned:[%s]%s" % (type(div_text), div_text))
        return render(
            request, 'bluebutton/default_xml.html', {
                'output': text_out,
                'content': {
                    'parameters': query_string,
                    'resource_type': resource_type,
                    'request_method': "GET",
                    'interaction_type': interaction_type,
                    'div_texts': [
                        div_text,
                    ],
                    'source': cx.fhir_source.name
                }
            })

    else:
        text_out = pretty_json(od['bundle'])
        div_text = get_div_from_json(od['bundle'])

    # logger.debug('We got a different format:%s' % requested_format)
    return render(
        request, 'bluebutton/default.html', {
            'output': text_out,
            'content': {
                'parameters': query_string,
                'resource_type': resource_type,
                'request_method': "GET",
                'interaction_type': interaction_type,
                'div_texts': div_text,
                'source': cx.fhir_source.name
            }
        })
コード例 #4
0
def generic_read(request,
                 interaction_type,
                 resource_type,
                 id=None,
                 vid=None,
                 *args,
                 **kwargs):
    """
    Read from remote FHIR Server

    :param request:
    :param interaction_type:
    :param resource_type:
    :param id:
    :param vid:
    :param args:
    :param kwargs:
    :return:

    # Example client use in curl:
    # curl  -X GET http://127.0.0.1:8000/fhir/Practitioner/1234

    Process flow:

    Is it a valid request?

    Get the target server info

    Get the request modifiers

    Construct the call

    Make the call

    Check result for errors

    Deliver the formatted result


    """
    # DONE: Fix to allow url_id in url for non-key resources.
    # eg. Patient is key resource so replace url if override_url_id is True
    # if override_url_id is not set allow url_id to be applied and check
    # if search_override is True.
    # interaction_type = 'read' or '_history' or 'vread' or 'search'
    logger.debug('\n========================\n'
                 'INTERACTION_TYPE: %s' % interaction_type)

    # Get the users crosswalk
    cx = get_crosswalk(request.user)

    # cx will be the crosswalk record or None
    rr = get_resourcerouter(cx)

    # Check if this interaction type and resource type combo is allowed.
    deny = check_access_interaction_and_resource_type(resource_type,
                                                      interaction_type, rr)
    if deny:
        # if not allowed, return a 4xx error.
        return deny

    srtc = check_rt_controls(resource_type, rr)
    # We get back a Supported ResourceType Control record or None
    # with earlier if deny step we should have a valid srtc.

    if srtc.secure_access and request.user.is_anonymous():
        return kickout_403('Error 403: %s Resource access is controlled.'
                           ' Login is required:'
                           '%s' % (resource_type, request.user.is_anonymous()))
    # logger.debug('srtc: %s' % srtc)

    if cx is None:
        logger.debug('Crosswalk for %s does not exist' % request.user)

    if (cx is None and srtc is not None):
        # There is a srtc record so we need to check override_search
        if srtc.override_search:
            # If user is not in Crosswalk and srtc has search_override = True
            # We need to prevent search to avoid data leakage.
            return kickout_403('Error 403: %s Resource is access controlled.'
                               ' No records are linked to user:'******'%s' % (resource_type, request.user))

    # Need to check if user is logged in.
    # request.user.is_anonymous()
    #
    # if request.user.is_anonymous():

    # Request.user = user
    # interaction_type = read | _history | vread
    # resource_type = 'Patient | Practitioner | ExplanationOfBenefit ...'
    # id = fhir_id (potentially masked)
    # vid = Version Id

    # Check the resource_type to see if it has a url
    # Check the resource_type to see if masking is required
    # Get the FHIR_Server (from crosswalk via request.user)
    # if masked get the fhir_id from crosswalk
    # if search_override strip search items (search_block)
    # if search_override add search keys

    fhir_url = ''
    # change source of default_url to ResourceRouter

    default_path = get_default_path(srtc.resource_name, cx=cx)
    # get the default path for resource with ending "/"
    # You need to add resource_type + "/" for full url

    if srtc:
        # logger.debug('SRTC:%s' % srtc)

        fhir_url = default_path + resource_type + '/'

        if srtc.override_url_id:
            fhir_url += cx.fhir_id + "/"

        # logger.debug('fhir_url:%s' % fhir_url)
    else:
        logger.debug('CX:%s' % cx)
        if cx:
            fhir_url = cx.get_fhir_resource_url(resource_type)
        else:
            # logger.debug('FHIRServer:%s' % FhirServerUrl())
            fhir_url = FhirServerUrl() + resource_type + '/'

    # #### SEARCH

    if interaction_type == 'search':
        key = None
    else:
        key = masked_id(resource_type, cx, srtc, id, slash=False)

        print("\nMasked_id-key:%s from r_id:%s "
              "and cx-fhir_id:%s\n" % (key, id, cx.fhir_id))

        # add key to fhir_url unless already in place.
        fhir_url = add_key_to_fhir_url(fhir_url, key)

    logger.debug('FHIR URL with key:%s' % fhir_url)

    ###########################

    # Now we get to process the API Call.

    # Internal handling format is json
    # Remove the oauth elements from the GET
    pass_params = strip_oauth(request.GET)

    # Let's store the inbound requested format
    # We need to simplify the format call to the backend
    # so that we get data we can manipulate
    requested_format = request_format(pass_params)

    # now we simplify the format/_format request for the back-end
    pass_params = strip_format_for_back_end(pass_params)
    if "_format" in pass_params:
        back_end_format = pass_params['_format']
    else:
        back_end_format = "json"

    # #### SEARCH

    if interaction_type == 'search':
        if cx is not None:
            # logger.debug("cx.fhir_id=%s" % cx.fhir_id)
            if cx.fhir_id.__contains__('/'):
                id = cx.fhir_id.split('/')[1]
            else:
                id = cx.fhir_id
            # logger.debug("Patient Id:%s" % r_id)

    if resource_type.lower() == "patient":
        key = cx.fhir_id
    else:
        key = id

    pass_params = build_params(pass_params, srtc, key, patient_id=cx.fhir_id)

    # Add the call type ( READ = nothing, VREAD, _HISTORY)
    # Before we add an identifier key
    pass_to = fhir_call_type(interaction_type, fhir_url, vid)

    logger.debug('\nHere is the URL to send, %s now add '
                 'GET parameters %s' % (pass_to, pass_params))

    if pass_params is not '':
        pass_to += pass_params

    logger.debug("\nMaking request:%s" % pass_to)

    ###############################################
    ###############################################
    # Now make the call to the backend API

    if interaction_type == "search":
        r = request_call(request,
                         pass_to,
                         cx,
                         reverse_lazy('home'),
                         timeout=settings.REQUEST_CALL_TIMEOUT)
    else:
        r = request_call(request, pass_to, cx, reverse_lazy('home'))

    # BACK FROM THE CALL TO BACKEND
    ###############################################
    ###############################################

    # logger.debug("r returned: %s" % r)

    # Check for Error here
    try:
        error_check = r.text
        logger.debug("We got r.text back:%s" % r.text[:200] + "...")
    except:
        error_check = "HttpResponse status_code=502"
        logger.debug("Something went wrong with call to %s" % pass_to)
    logger.debug("Checking for errors:%s" % error_check[:200] + "...")
    if 'status_code' in error_check:
        # logger.debug("We have a status code to check: %s" % r)
        if r.status_code in ERROR_CODE_LIST:
            logger.debug("\nError Status Code:%s" % r.status_code)
            return error_status(r, r.status_code)
    elif 'status_code=302' in error_check:
        return error_status(r, 302)
    elif 'status_code=502' in error_check:
        return error_status(r, 502)
    else:
        logger.debug("Status Code:%s " "in:%s" % (r.status_code, r))

    # We should have a 200 - good record to deal with
    # We can occasionaly get a 200 with a Connection Error. eg. Timeout
    try:
        if "ConnectionError" in r.text:
            logger.debug("Error:%s" % r.text)
            return error_status(r, 502)
    except:
        pass

    text_out = ''
    # if 'text' in r:
    #     logger.debug('r:%s' % r.text)
    #     logger_debug.debug('r:%s' % r.text)
    # else:
    #     logger.debug("r not returning text:%s" % r)
    #     logger_debug.debug("r not returning text:%s" % r)
    #     logger.debug("r.json: %s" % json.dumps(r.json))

    # logger.debug('Rewrite List:%s' % rewrite_url_list)

    host_path = get_host_url(request, resource_type)[:-1]
    # logger.debug('host path:%s' % host_path)

    # Add default FHIR Server URL to re-write
    rewrite_url_list = build_rewrite_list(cx)
    # print("Starting Rewrite_list:%s" % rewrite_url_list)

    # ct_detail = get_content_type(r)
    # logger.debug('Content-Type:%s \n work with %s' % (ct_detail,
    #                                                   back_end_format))

    try:
        text_in = r.text
    except:
        text_in = ""

    text_out = post_process_request(request, back_end_format, host_path,
                                    text_in, rewrite_url_list)

    od = build_output_dict(request, OrderedDict(), resource_type, key, vid,
                           interaction_type, requested_format, text_out)

    # write session variables if _getpages was found
    ikey = ''
    try:
        ikey = find_ikey(r.text)
    except:
        ikey = ''

    if ikey is not '':

        save_url = get_target_url(fhir_url, resource_type)
        # print("Store fhir_url:%s but only: %s" % (fhir_url,save_url))
        content = {
            'fhir_to': save_url,
            'rwrt_list': rewrite_url_list,
            'res_type': resource_type,
            'intn_type': interaction_type,
            'key': key,
            'vid': vid,
            'resource_router': rr.id
        }
        sesn_var = write_session(request, ikey, content, skey=SESSION_KEY)
        if sesn_var:
            logger.debug("Problem writing session variables."
                         " Returned %s" % sesn_var)
    if requested_format == 'xml':
        # logger.debug('We got xml back in od')
        return HttpResponse(r.text,
                            content_type='application/%s' % requested_format)
        # return HttpResponse(tostring(dict_to_xml('content', od)),
        #                     content_type='application/%s' % requested_format)

    elif requested_format == 'json':
        # logger.debug('We got json back in od')
        return HttpResponse(pretty_json(od['bundle']),
                            content_type='application/%s' % requested_format)

    query_string = build_querystring(request.GET.copy())
    if "xml" in requested_format:
        # logger.debug("Sending text_out for display: %s" % text_out[0:100])
        div_text = get_div_from_xml(text_out)
        # print("DIV TEXT returned:[%s]%s" % (type(div_text), div_text))
        return render(
            request, 'bluebutton/default_xml.html', {
                'output': text_out,
                'content': {
                    'parameters': query_string,
                    'resource_type': resource_type,
                    'request_method': "GET",
                    'interaction_type': interaction_type,
                    'div_texts': [
                        div_text,
                    ],
                    'source': cx.fhir_source.name
                }
            })

    else:
        text_out = pretty_json(od['bundle'])
        div_text = get_div_from_json(od['bundle'])

    # logger.debug('We got a different format:%s' % requested_format)
    return render(
        request, 'bluebutton/default.html', {
            'output': text_out,
            'content': {
                'parameters': query_string,
                'resource_type': resource_type,
                'request_method': "GET",
                'interaction_type': interaction_type,
                'div_texts': div_text,
                'source': cx.fhir_source.name
            }
        })
コード例 #5
0
def generic_read(request,
                 interaction_type,
                 resource_type,
                 id=None,
                 via_oauth=False,
                 vid=None,
                 *args,
                 **kwargs):
    """
    Read from remote FHIR Server

    :param request:
    :param interaction_type:
    :param resource_type:
    :param id:
    :param vid:
    :param args:
    :param kwargs:
    :return:

    # Example client use in curl:
    # curl  -X GET http://127.0.0.1:8000/fhir/Practitioner/1234

    Process flow:

    Is it a valid request?

    Get the target server info

    Get the request modifiers
    - change url_id
    - remove unwanted search parameters
    - add search parameters

    Construct the call

    Make the call

    Check result for errors

    Deliver the formatted result


    """
    # DONE: Fix to allow url_id in url for non-key resources.
    # eg. Patient is key resource so replace url if override_url_id is True
    # if override_url_id is not set allow id to be applied and check
    # if search_override is True.
    # interaction_type = 'read' or '_history' or 'vread' or 'search'
    logger.debug('\n========================\n'
                 'INTERACTION_TYPE: %s - Via Oauth:%s' %
                 (interaction_type, via_oauth))

    # if via_oauth we need to call crosswalk with
    if via_oauth:
        # get crosswalk from the resource_owner
        cx = get_crosswalk(request.resource_owner)
    else:
        # Get the users crosswalk
        cx = get_crosswalk(request.user)

    # cx will be the crosswalk record or None
    rr = get_resourcerouter(cx)

    # Check if this interaction type and resource type combo is allowed.
    deny = check_access_interaction_and_resource_type(resource_type,
                                                      interaction_type, rr)
    if deny:
        # if not allowed, return a 4xx error.
        return deny

    srtc = check_rt_controls(resource_type, rr)
    # We get back a Supported ResourceType Control record or None
    # with earlier if deny step we should have a valid srtc.

    if not via_oauth:
        # we don't need to check if user is anonymous if coming via_oauth
        if srtc.secure_access and request.user.is_anonymous():
            return kickout_403('Error 403: %s Resource access is controlled.'
                               ' Login is required:'
                               '%s' %
                               (resource_type, request.user.is_anonymous()))
        # logger.debug('srtc: %s' % srtc)

    if cx is None:
        logger.debug('Crosswalk for %s does not exist' % request.user)

    if (cx is None and srtc is not None):
        # There is a srtc record so we need to check override_search
        if srtc.override_search:
            # If user is not in Crosswalk and srtc has search_override = True
            # We need to prevent search to avoid data leakage.
            return kickout_403('Error 403: %s Resource is access controlled.'
                               ' No records are linked to user:'******'%s' % (resource_type, request.user))

    # TODO: Compare id to cx.fhir_id and return 403 if they don't match for
    # Resource Type - Patient
    fhir_url = ''
    # change source of default_url to ResourceRouter

    default_path = get_default_path(srtc.resource_name, cx=cx)
    # get the default path for resource with ending "/"
    # You need to add resource_type + "/" for full url

    if srtc:
        # logger.debug('SRTC:%s' % srtc)

        fhir_url = default_path + resource_type + '/'

        if srtc.override_url_id:
            fhir_url += get_fhir_id(cx) + "/"

        # logger.debug('fhir_url:%s' % fhir_url)
        else:
            fhir_url += id + "/"

    else:
        logger.debug('CX:%s' % cx)
        if cx:
            fhir_url = cx.get_fhir_resource_url(resource_type)
        else:
            # logger.debug('FHIRServer:%s' % FhirServerUrl())
            fhir_url = FhirServerUrl() + resource_type + '/'

    # #### SEARCH

    if interaction_type == 'search':
        key = None
    else:
        key = masked_id(resource_type, cx, srtc, id, slash=False)

        # print("\nMasked_id-key:%s from r_id:%s "
        #       "and cx-fhir_id:%s\n" % (key, id, cx.fhir_id))

        # add key to fhir_url unless already in place.
        fhir_url = add_key_to_fhir_url(fhir_url, key)

    logger.debug('FHIR URL with key:%s' % fhir_url)

    ###########################

    # Now we get to process the API Call.

    # Internal handling format is json
    # Remove the oauth elements from the GET

    pass_params = request.GET

    # Let's store the inbound requested format
    # We need to simplify the format call to the backend
    # so that we get data we can manipulate

    # if format is not defined and we come in via_oauth
    # then default to json for format
    requested_format = request_format(pass_params)
    if requested_format == "html" and via_oauth:
        requested_format = "json"

    # now we simplify the format/_format request for the back-end
    pass_params = strip_format_for_back_end(pass_params)
    if "_format" in pass_params:
        back_end_format = pass_params['_format']
    else:
        back_end_format = "json"

    # #### SEARCH

    if interaction_type == 'search':
        if cx is not None:
            # logger.debug("cx.fhir_id=%s" % cx.fhir_id)
            if cx.fhir_id.__contains__('/'):
                id = get_fhir_id(cx).split('/')[1]
            else:
                id = get_fhir_id(cx)
            # logger.debug("Patient Id:%s" % r_id)

    if resource_type.lower() == "patient":
        key = get_fhir_id(cx)
    else:
        key = id

    pass_params = build_params(pass_params,
                               srtc,
                               key,
                               patient_id=get_fhir_id(cx))

    # Add the call type ( READ = nothing, VREAD, _HISTORY)
    # Before we add an identifier key
    pass_to = fhir_call_type(interaction_type, fhir_url, vid)

    logger.debug('\nHere is the URL to send, %s now add '
                 'GET parameters %s' % (pass_to, pass_params))

    if pass_params is not '':
        pass_to += pass_params

    logger.debug("\nMaking request:%s" % pass_to)
    query_string = build_querystring(request.GET.copy())

    ###############################################
    ###############################################
    # Now make the call to the backend API

    if interaction_type == "search":
        r = request_call(request,
                         pass_to,
                         cx,
                         reverse_lazy('home'),
                         timeout=rr.wait_time)
    else:
        r = request_call(request, pass_to, cx, reverse_lazy('home'))

    # BACK FROM THE CALL TO BACKEND
    ###############################################
    ###############################################

    # logger.debug("r returned: %s" % r)

    # Check for Error here
    # logger.debug("what is in r:\n#######\n%s\n##########\n" % dir(r))
    logger.debug("status: %s/%s" % (r.status_code, r._status_code))
    # logger.debug("text: %s\n#############\n" % (r.text))

    if r.status_code in ERROR_CODE_LIST:
        logger.debug("We have an error code to deal with: %s" % r.status_code)
        if 'html' in requested_format.lower():
            return render(
                request, 'bluebutton/default.html', {
                    'output': pretty_json(r._content, indent=4),
                    'fhir_id': get_fhir_id(cx),
                    'content': {
                        'parameters': query_string,
                        'resource_type': resource_type,
                        'id': id,
                        'request_method': "GET",
                        'interaction_type': interaction_type,
                        'div_texts': "",
                        'source': get_fhir_source_name(cx)
                    }
                })
        else:
            return HttpResponse(json.dumps(r._content, indent=4),
                                status=r.status_code,
                                content_type='application/json')

    text_out = ''
    host_path = get_host_url(request, resource_type)[:-1]
    # logger.debug('host path:%s' % host_path)

    # Add default FHIR Server URL to re-write
    rewrite_url_list = build_rewrite_list(cx)
    # print("Starting Rewrite_list:%s" % rewrite_url_list)

    # ct_detail = get_content_type(r)
    # logger.debug('Content-Type:%s \n work with %s' % (ct_detail,
    #                                                   back_end_format))

    text_in = get_response_text(fhir_response=r)

    text_out = post_process_request(request, back_end_format, host_path,
                                    text_in, rewrite_url_list)

    od = build_output_dict(request, OrderedDict(), resource_type, key, vid,
                           interaction_type, requested_format, text_out)

    # write session variables if _getpages was found
    ikey = ''
    try:
        ikey = find_ikey(r.text)
    except Exception:
        ikey = ''

    if ikey is not '':

        save_url = get_target_url(fhir_url, resource_type)
        # print("Store fhir_url:%s but only: %s" % (fhir_url,save_url))
        content = {
            'fhir_to': save_url,
            'rwrt_list': rewrite_url_list,
            'res_type': resource_type,
            'intn_type': interaction_type,
            'key': key,
            'vid': vid,
            'resource_router': rr.id
        }
        sesn_var = write_session(request, ikey, content, skey=SESSION_KEY)
        if sesn_var:
            logger.debug("Problem writing session variables."
                         " Returned %s" % sesn_var)
    if requested_format == 'xml':
        # logger.debug('We got xml back in od')
        return HttpResponse(r.text,
                            content_type='application/%s' % requested_format)
        # return HttpResponse(tostring(dict_to_xml('content', od)),
        #                     content_type='application/%s' % requested_format)

    elif requested_format == 'json':
        # logger.debug('We got json back in od')
        return HttpResponse(pretty_json(od['bundle']),
                            content_type='application/%s' % requested_format)

    # define query string further up before request_call
    # query_string = build_querystring(request.GET.copy())
    if "xml" in requested_format:
        # logger.debug("Sending text_out for display: %s" % text_out[0:100])
        div_text = get_div_from_xml(text_out)
        # print("DIV TEXT returned:[%s]%s" % (type(div_text), div_text))
        return render(
            request, 'bluebutton/default_xml.html', {
                'output': text_out,
                'fhir_id': get_fhir_id(cx),
                'content': {
                    'parameters': query_string,
                    'resource_type': resource_type,
                    'id': id,
                    'request_method': "GET",
                    'interaction_type': interaction_type,
                    'div_texts': [
                        div_text,
                    ],
                    'source': get_fhir_source_name(cx)
                }
            })

    else:
        text_out = pretty_json(od['bundle'])
        div_text = get_div_from_json(od['bundle'])

    # logger.debug('We got a different format:%s' % requested_format)
    logger.debug('id or key: %s/%s' % (id, key))

    return render(
        request, 'bluebutton/default.html', {
            'output': text_out,
            'fhir_id': cx.fhir_id,
            'content': {
                'parameters': query_string,
                'resource_type': resource_type,
                'id': id,
                'request_method': "GET",
                'interaction_type': interaction_type,
                'div_texts': div_text,
                'source': get_fhir_source_name(cx)
            }
        })
コード例 #6
0
    def test_build_output_dict(self):
        """ Build the Output Dict """

        request = self.factory.get('/cmsblue/fhir/v1/Patient')

        assert_msg = """
            1. Send the data - simple test
        """

        fmt = "json"
        resource_type = "Patient"
        key = "11223344"
        vid = "1"
        interaction_type = "search"
        expected_text = '{"next": "dddd anything http://www.replaced.com ' \
                        'will get replaced ' \
                        'more stuff http://www.replaced.com and ' \
                        'http://www.replaced.com:8000/ okay"}'
        text_out = json.loads(expected_text, object_pairs_hook=OrderedDict)
        od = OrderedDict()

        resp = build_output_dict(request, od, resource_type, key, vid,
                                 interaction_type, fmt, text_out)

        wanted = OrderedDict()
        wanted["resource_type"] = resource_type
        wanted["id"] = key
        wanted["vid"] = vid
        wanted["bundle"] = text_out

        # print("\nRESP:%s" % resp)
        # print("\nEXPC:%s" % wanted)

        # expected = OrderedDict()

        self.assertEqual(resp, wanted, assert_msg)

        assert_msg = """
            2. Send the data - no vid
        """

        fmt = "json"
        resource_type = "Patient"
        key = "11223344"
        vid = None
        interaction_type = "search"
        expected_text = '{"next": "dddd anything http://www.replaced.com ' \
                        'will get replaced ' \
                        'more stuff http://www.replaced.com and ' \
                        'http://www.replaced.com:8000/ okay"}'
        text_out = json.loads(expected_text, object_pairs_hook=OrderedDict)
        od = OrderedDict()

        resp = build_output_dict(request, od, resource_type, key, vid,
                                 interaction_type, fmt, text_out)

        wanted = OrderedDict()
        wanted["resource_type"] = resource_type
        wanted["id"] = key
        # wanted["vid"] = vid
        wanted["bundle"] = text_out

        # print("\nRESP:%s" % resp)
        # print("\nEXPC:%s" % wanted)

        self.assertEqual(resp, wanted, assert_msg)
コード例 #7
0
def rebuild_fhir_search(request):
    """ Rebuild the Search String

    We will start to use a session variable

    We received:
    http://localhost:8000/cmsblue/fhir/v1
    ?_getpages=61c6e2d1-2b7c-49c3-a083-3d5b3874d4ff&_getpagesoffset=10
    &_count=10&_format=json&_pretty=true&_bundletype=searchset

    Session Variables will be storing:
    - FHIR Target URL/Resource
    - _getpages value
    - expires datetime

    Construct FHIR_Target_URL + search parameters

    """

    # now = str(datetime.now())
    ikey = ""
    if "_getpages" in request.GET:
        ikey = request.GET["_getpages"]
        sn_vr = read_session(request, ikey, skey=SESSION_KEY)
        # logger.debug("Session info:%s" % sn_vr)

        if sn_vr == {}:
            # Nothing returned from Session Variables
            # Key could be expired or not matched
            return authenticated_home(request)

        url_call = sn_vr["fhir_to"]
        url_call += "/?" + request.META["QUERY_STRING"]

        rewrite_url_list = sn_vr["rwrt_list"]
        resource_type = sn_vr["res_type"]
        interaction_type = sn_vr["intn_type"]
        key = sn_vr["key"]
        vid = sn_vr["vid"]

        logger.debug("Calling:%s" % url_call)
        r = request_call(request, url_call, reverse_lazy("authenticated_home"))

        host_path = get_host_url(request, "?")

        # get 'xml' 'json' or ''
        fmt = get_search_param_format(request.META["QUERY_STRING"])

        text_out = post_process_request(request, fmt, host_path, r, rewrite_url_list)
        od = build_output_dict(request, OrderedDict(), resource_type, key, vid, interaction_type, fmt, text_out)

        if fmt == "xml":
            # logger.debug('We got xml back in od')
            return HttpResponse(r.text, content_type="application/%s" % fmt)
            # return HttpResponse( tostring(dict_to_xml('content', od)),
            #                      content_type='application/%s' % fmt)
        elif fmt == "json":
            # logger.debug('We got json back in od')
            return HttpResponse(pretty_json(od), content_type="application/%s" % fmt)

        # logger.debug('We got a different format:%s' % fmt)
        return render(request, "bluebutton/default.html", {"content": pretty_json(od), "output": od})

    return authenticated_home(request)
コード例 #8
0
def generic_read(request,
                 interaction_type,
                 resource_type,
                 r_id=None,
                 vid=None,
                 *args,
                 **kwargs):
    """
    Read from remote FHIR Server

    :param request:
    :param interaction_type:
    :param resource_type:
    :param id:
    :param vid:
    :param args:
    :param kwargs:
    :return:

    # Example client use in curl:
    # curl  -X GET http://127.0.0.1:8000/fhir/Practitioner/1234

    """
    # interaction_type = 'read' or '_history' or 'vread' or 'search'
    logger.debug('interaction_type: %s' % interaction_type)

    # Check if this interaction type and resource type combo is allowed.
    deny = check_access_interaction_and_resource_type(resource_type,
                                                      interaction_type)
    if deny:
        # if not allowed, return a 4xx error.
        return deny

    srtc = check_rt_controls(resource_type)
    # We get back a Supported ResourceType Control record or None
    # with earlier if deny step we should have a valid srtc.

    default_path = get_default_path(srtc.resource_name)
    # get the default path for resource with ending "/"
    # You need to add resource_type + "/" for full url

    logger.debug('srtc: %s' % srtc)

    try:
        cx = Crosswalk.objects.get(user=request.user)
    except Crosswalk.DoesNotExist:
        cx = None
        # logger.debug('Crosswalk for %s does not exist' % request.user)

    if (cx is None and srtc is not None):
        # There is a srtc record so we need to check override_search
        if srtc.override_search:
            # If user is not in Crosswalk and srtc has search_override = True
            # We need to prevent search to avoid data leakage.
            return kickout_403('Error 403: %s Resource is access controlled.'
                               ' No records are linked to user:'******'%s' % (resource_type, request.user))

    # Request.user = user
    # interaction_type = read | _history | vread
    # resource_type = 'Patient | Practitioner | ExplanationOfBenefit ...'
    # id = fhir_id (potentially masked)
    # vid = Version Id

    # Check the resource_type to see if it has a url
    # Check the resource_type to see if masking is required
    # Get the FHIR_Server (from crosswalk via request.user)
    # if masked get the fhir_id from crosswalk
    # if search_override strip search items (search_block)
    # if search_override add search keys

    fhir_url = ''
    # change source of default_url to ResourceRouter

    # Add default FHIR Server URL to re-write

    rewrite_url_list = settings.FHIR_SERVER_CONF['REWRITE_FROM']
    # print("Starting Rewrite_list:%s" % rewrite_url_list)

    if srtc:
        logger.debug('SRTC:%s' % srtc)

        fhir_url = default_path + resource_type + '/'
        # Add to the rewrite_url list
        rewrite_url_list.append(default_path)

    else:
        logger.debug('CX:%s' % cx)
        if cx:
            fhir_url = cx.get_fhir_resource_url(resource_type)
            rewrite_url_list.append(fhir_url.replace(resource_type + '/', ''))
        else:
            # logger.debug('FHIRServer:%s' % FhirServerUrl())
            fhir_url = FhirServerUrl() + resource_type + '/'

    if FhirServerUrl()[:-1] not in rewrite_url_list:
        rewrite_url_list.append(FhirServerUrl()[:-1])

    logger.debug('FHIR URL:%s' % fhir_url)
    logger.debug('Rewrite List:%s' % rewrite_url_list)

    if interaction_type == 'search':
        key = None
    else:
        key = masked_id(resource_type, cx, srtc, r_id, slash=False)
        if fhir_url.endswith(resource_type + '/'):
            # we need to make sure we don't specify resource_type twice in URL
            if key.startswith(resource_type + '/'):
                key = key.replace(resource_type + '/', '')

        fhir_url += key + '/'

    logger.debug('FHIR URL with key:%s' % fhir_url)

    ###########################

    # Now we get to process the API Call.

    # Internal handling format is json
    # Remove the oauth elements from the GET
    pass_params = strip_oauth(request.GET)

    if interaction_type == 'search':
        if cx is not None:
            logger.debug("cx.fhir_id=%s" % cx.fhir_id)
            r_id = cx.fhir_id.split('/')[1]
            logger.debug("Patient Id:%s" % r_id)

    if resource_type == "Patient":
        key = r_id

    pass_params = build_params(pass_params,
                               srtc,
                               # key,
                               r_id,
                               )

    if interaction_type == 'vread':
        pass_to = fhir_url + '_history' + '/' + vid
    elif interaction_type == '_history':
        pass_to = fhir_url + '_history'
    else:  # interaction_type == 'read':
        pass_to = fhir_url

    logger.debug('Here is the URL to send, %s now add '
                 'GET parameters %s' % (pass_to, pass_params))

    if pass_params is not '':
        pass_to += pass_params

    logger.debug("Making request:%s" % pass_to)
    # Now make the call to the backend API
    r = request_call(request, pass_to, reverse_lazy('api:v1:home'))

    text_out = ''
    if 'text' in r:
        logger.debug('r:%s' % r.text)
    else:
        logger.debug("r not returning text:%s" % r)

    # logger.debug('Rewrite List:%s' % rewrite_url_list)

    host_path = get_host_url(request, resource_type)[:-1]
    logger.debug('host path:%s' % host_path)

    # get 'xml' 'json' or ''
    fmt = get_search_param_format(pass_params)

    text_out = post_process_request(request,
                                    fmt,
                                    host_path,
                                    r.text,
                                    rewrite_url_list)

    od = build_output_dict(request,
                           OrderedDict(),
                           resource_type,
                           key,
                           vid,
                           interaction_type,
                           fmt,
                           text_out)

    # write session variables if _getpages was found
    ikey = find_ikey(r.text)
    if ikey is not '':

        save_url = get_target_url(fhir_url, resource_type)
        # print("Store fhir_url:%s but only: %s" % (fhir_url,save_url))
        content = {
            'fhir_to': save_url,
            'rwrt_list': rewrite_url_list,
            'res_type': resource_type,
            'intn_type': interaction_type,
            'key': key,
            'vid': vid
        }
        sesn_var = write_session(request, ikey, content, skey=SESSION_KEY)
        if sesn_var:
            logger.debug("Problem writing session variables."
                         " Returned %s" % sesn_var)
    if fmt == 'xml':
        # logger.debug('We got xml back in od')
        return HttpResponse(r.text, content_type='application/%s' % fmt)
        # return HttpResponse( tostring(dict_to_xml('content', od)),
        #                      content_type='application/%s' % fmt)
    elif fmt == 'json':
        # logger.debug('We got json back in od')
        return HttpResponse(pretty_json(od),
                            content_type='application/%s' % fmt)

    # logger.debug('We got a different format:%s' % fmt)
    return render(
        request,
        'bluebutton/default.html',
        {'content': pretty_json(od), 'output': od},
    )