def new():
# New call record form.
# If no errors, forwards to /edit
errors = []
if not session['user_auth_level'] >= 100: # read write
log_access('new', 'access_denied: user is not read/write user or above')
return render_template('access_denied.html')
if request.method == 'POST':
form = request.form.copy()
[errors, id] = model.add_call_log(form)
log_access('new', 'form recorded ' + str(id))
model.delete_autosave_form(session['user_username'])
if not errors:
return redirect(url_for('edit', id=id))
else:
log_access('new')
form = {'username': session['user_username'], 'user_id': session['user_id']}
return render_template('new.html', form=form,
call_classification=model.get_call_classification(),
pt_hospital=model.get_pt_hospital(),
from_title=model.get_from_title(),
tagsource=model.get_tag_source(),
errors=errors)
def edit():
# Edit call record form.
errors = []
message = None
# can edit?
if not session['user_auth_level'] >= 100: # read write
log_access('edit', 'access_denied: user is not read/write user or above record id:' + request.args['id'])
return render_template('access_denied.html')
# is a form submitted?
if request.method == 'POST':
form = request.form.copy()
log_access('edit', 'posted form: ' + form['id'])
if model.get_call_log(form['id'])['created'] < datetime.today() - timedelta(days=config.DISABLE_EDIT_AGE):
# unless administrator, check for age of the record.
if not session['user_auth_level'] >= 10000: # not administrator
log_access('edit', 'form older than disable edit age')
errors.append("This record is older than " + str(config.DISABLE_EDIT_AGE) + " days. You cannot edit this record. This is the error.")
# unless administrator, check for the ownership of the record.
elif session['user_auth_level'] >= 10000 or model.is_call_log_owner(session['user_id'], form['id']):
model.save_history_call_log(request.form['id'])
model.delete_autosave_form(request.form['id'])
errors = model.set_call_log(form)
if not errors:
log_access('edit', 'form recorded ' + str(request.form['id']))
form = model.get_call_log(request.form['id'])
message = "Record saved. <a href='" + url_for("show", id=form['id']) + "'>Show record.</a>"
else:
log_access('edit', 'access_denied ' + str(request.form['id']))
return render_template('access_denied.html')
# initial display of the unedited form?
elif request.method == 'GET':
id = int(request.args['id'])
record = model.get_call_log(id)
log_access('edit', 'id: ' + str(id))
if record['created'] < datetime.today() - timedelta(days=config.DISABLE_EDIT_AGE):
if not session['user_auth_level'] >= 10000: # not administrator
errors.append("This record is older than " + str(config.DISABLE_EDIT_AGE) + " days. You cannot edit this record. Saving will result in an error.")
if record['user_id'] != session['user_id']:
if not session['user_auth_level'] >= 10000: # not administrator
log_access('edit', 'access_denied: userid != records owner id')
return render_template('access_denied.html')
form = record
else:
return render_template('error.html')
tagsource = model.get_tag_source()
return render_template('new.html', form = form,
call_classification = model.get_call_classification(),
pt_hospital = model.get_pt_hospital(),
from_title = model.get_from_title(),
tagsource = model.get_tag_source(),
errors = errors,
message = message)
def ajax():
# Utility entry point for various functions that are triggered by the javascript.
action = request.args['action']
log_access('ajax', 'query' + request.query_string)
# AutoSaveForm is used to recover any edits on the calls when users browser closes for an unintended reason.
if action == 'setautosaveform':
model.set_autosave_form(request.args['key'], json.dumps(request.form))
elif action == 'getautosaveform':
return model.get_autosave_form(request.args['key'])
elif action == 'deleteautosaveform':
model.delete_autosave_form(request.args['key'])
# Templates are quick text blobs used for editing the calls.
elif action == 'gettemplatelist':
return json.dumps(model.get_template_list())
elif action == 'addtemplate':
id = model.add_template(request.form)
return json.dumps(model.get_template(id))
elif action == 'settemplate':
model.set_template(request.form)
return json.dumps(model.get_template(request.form['id']))
elif action == 'deletetemplate':
model.delete_template(request.form['id'])
elif action == 'startemplate':
return json.dumps(model.star_template(request.form['id']))
elif action == 'getresidentsstarredtemplates':
return json.dumps(model.get_residents_starred_templates())
# Commenting related functions
elif action == 'addcomment':
model.add_comment(request.args['key'], request.form['comment'])
return json.dumps(model.get_comments(request.args['key']))
elif action == 'deletecomment':
id = request.args['comment_id']
comment = model.get_comment(id)
if session['user_auth_level'] >= 10000 or comment['username'] == session['user_username']: # administrator
model.delete_comment(id)
elif action == 'savecomment':
id = request.args['comment_id']
comment = model.get_comment(id)
if session['user_auth_level'] >= 10000 or comment['username'] == session['user_username']: # administrator
model.edit_comment(id, request.form['comment'])
elif action == 'getcomments':
call_id = request.args['key']
comments = model.get_comments(call_id)
for comment in comments:
comment['blob'] = text_process(comment['blob'])
return json.dumps(comments)
# Deletes a call record.
elif action == 'deletecalllog':
key = request.args['key']
if session['user_auth_level'] >= 10000 \
or (model.is_call_log_owner(session['user_id'], key) and model.get_call_log(key)['created'] >= datetime.today() - timedelta(days=config.DISABLE_EDIT_AGE)): # administrator
model.delete_call_log(key)
# Returns calls of a specific patient by the patients hospital number.
elif action == 'searchforpatientnumber':
key = request.args['key']
key = key.strip()
return json.dumps(model.get_calls_by_patient_number(key))
# Tag related
elif action == 'deletetag':
model.delete_tag(request.args['tag'])
elif action == 'saveTagChange':
model.save_tag_change_for_call(int(request.args['id']), request.args['tag'], int(request.args['added']))
# Liking a call, currently there is no limit on how many times you can like a record.
elif action == 'like':
key = int(request.args['id'])
model.like_call_log(key)
call = model.get_call_log(key)
return str(call['liked'])
# Flags a record
elif action == 'flag':
key = int(request.args['id'])
flag = int(request.args['flag'])
flag_state = model.get_flag(request.args['id'])
if flag_state == flag:
model.delete_flag(request.args['id'])
else:
model.set_flag(key, flag)
return str(model.get_flag(request.args['id']))
return '1'
