def get(self, request, registry_code, patient_id): patient_model = Patient.objects.get(pk=patient_id) security_check_user_patient(request.user, patient_model) context = {} consent_sections = ConsentSection.objects.filter( registry__code=registry_code) patient = Patient.objects.get(id=patient_id) details = {} for section in consent_sections: if section.applicable_to(patient): details[section] = self._get_consent_details_for_patient( registry_code, section.id, patient_id) context['details'] = details context['patient'] = patient if request.user.is_parent: parent = ParentGuardian.objects.get(user=request.user) context['is_parent'] = True context['parent'] = parent context[ 'self_patient'] = True if parent.self_patient == patient else False return render(request, 'rdrf_cdes/consent_details_print.html', context)
def post(self, request, registry_code, patient_id): survey_name = request.POST.get("survey_name") patient_id = request.POST.get("patient") registry_id = request.POST.get("registry") patient_token = request.POST.get("patient_token") user = request.POST.get("user") registry_model = Registry.objects.get(id=registry_id) patient_model = Patient.objects.get(id=patient_id) security_check_user_patient(request.user, patient_model) communication_type = request.POST.get("communication_type") survey_request = SurveyRequest( survey_name=survey_name, registry=registry_model, patient=patient_model, user=user, state=SurveyRequestStates.REQUESTED, patient_token=patient_token, communication_type=communication_type, ) survey_request.save() survey_request.send() return JsonResponse({"patient_token": survey_request.patient_token})
def rpc_get_forms_list(request, registry_code, patient_id, form_group_id): from rdrf.models.definition.models import ContextFormGroup from rdrf.models.definition.models import Registry from registry.patients.models import Patient from rdrf.security.security_checks import security_check_user_patient, get_object_or_permission_denied from django.core.exceptions import PermissionDenied from rdrf.forms.components import FormsButton from django.utils.translation import ugettext as _ user = request.user fail_response = { "status": "fail", "message": _("Data could not be retrieved") } try: registry_model = Registry.objects.get(code=registry_code) except Registry.DoesNotExist: return fail_response try: patient_model = get_object_or_permission_denied(Patient, pk=patient_id) except Patient.DoesNotExist: return fail_response try: security_check_user_patient(user, patient_model) except PermissionDenied: return fail_response if not patient_model.in_registry(registry_model.code): return fail_response if not user.is_superuser and not user.in_registry(registry_model): return fail_response if form_group_id is not None: try: context_form_group = ContextFormGroup.objects.get(id=form_group_id) except ContextFormGroup.DoesNotExist: logger.warning( f"ContextFormGroup does not exist for form_group_id: {form_group_id}" ) return fail_response else: context_form_group = None forms = context_form_group.forms if context_form_group else registry_model.forms form_models = [ f for f in forms if f.applicable_to(patient_model) and user.can_view(f) ] html = FormsButton(registry_model, user, patient_model, context_form_group, form_models).html return {"status": "success", "html": html}
def check_object_permissions(self, request, patient): """We're always filtering the patients by the registry code form the url and the user's working groups""" super().check_object_permissions(request, patient) security_check_user_patient(request.user, patient) if not patient.working_groups.filter( pk__in=request.user.working_groups.all()).exists(): self.permission_denied(request, message='Patient not in your working group')
def get(self, request, registry_code, patient_id): registry_model = Registry.objects.get(code=registry_code) patient_model = Patient.objects.get(id=patient_id) security_check_user_patient(request.user, patient_model) context = self._build_context(request.user, registry_model, patient_model) return render(request, "proms/proms_clinical.html", context)
def get(self, request, registry_code, section_id, patient_id): patient_model = Patient.objects.get(pk=patient_id) security_check_user_patient(request.user, patient_model) if request.is_ajax: values = self._get_consent_details_for_patient( registry_code, section_id, patient_id) return HttpResponse(json.dumps(values, cls=DjangoJSONEncoder)) return render(request, 'rdrf_cdes/consent_details.html', {})
def get(self, request, consent_id=None, filename=""): consent = get_object_or_404(PatientConsent, pk=consent_id) security_check_user_patient(request.user, consent.patient) if consent.form and consent.form.file: response = FileResponse(consent.form.file, content_type='application/octet-stream') response['Content-disposition'] = "filename=%s" % consent.filename return response raise Http404("The file %s (consent %s) was not found" % (consent.filename, consent_id))
def _get_objects(self, request, registry_code, patient_id): self.request = request self.user = request.user self.message = None if self.user.is_parent: self.parent = ParentGuardian.objects.get(user=self.user) else: self.parent = None self.patient_model = get_object_or_404(Patient, pk=patient_id) security_check_user_patient(self.user, self.patient_model) self.registry_model = get_object_or_404(Registry, code=registry_code) if not self.registry_model.has_feature( RegistryFeatures.CLINICIAN_FORM): raise Http404 self.patient_name = '%s %s' % (self.patient_model.given_names, self.patient_model.family_name) try: self.clinician_other_model = ClinicianOther.objects.get( patient=self.patient_model) except ClinicianOther.DoesNotExist: self.clinician_other_model = None if request.method == "POST": if self.clinician_other_model is None: self.clinician_form = ClinicianForm(self.registry_model, post_data=request.POST) else: self.clinician_form = ClinicianForm( self.registry_model, post_data=request.POST, instance=self.clinician_other_model) else: if self.clinician_other_model: self.clinician_form = ClinicianForm( self.registry_model, instance=self.clinician_other_model) else: self.clinician_form = ClinicianForm( self.registry_model, initial={"patient": patient_id}) self.context_launcher = RDRFContextLauncherComponent( self.user, self.registry_model, self.patient_model, "Clinician") self.wizard = self._get_navigation_wizard()
def rpc_update_selected_cdes_from_questionnaire(request, patient_id, questionnaire_response_id, questionnaire_checked_ids): from registry.patients.models import Patient from rdrf.models.definition.models import QuestionnaireResponse from rdrf.workflows.questionnaires.questionnaires import Questionnaire from django.db import transaction from django.utils.translation import ugettext as _ patient_model = Patient.objects.get(pk=patient_id) try: security_check_user_patient(request.user, patient_model) except PermissionDenied: return { "status": "fail", "message": _("Permission error. Data cannot be updated !") } questionnaire_response_model = QuestionnaireResponse.objects.get( pk=questionnaire_response_id) registry_model = questionnaire_response_model.registry questionnaire = Questionnaire(registry_model, questionnaire_response_model) data_to_update = [ question for question in questionnaire.questions if question.src_id in questionnaire_checked_ids ] try: with transaction.atomic(): errors = questionnaire.update_patient(patient_model, data_to_update) if len(errors) > 0: raise Exception("Errors occurred during update: %s" % ",".join(errors)) except Exception as ex: logger.error("Update patient failed: rolled back: %s" % ex) return {"status": "fail", "message": ",".join(errors)} else: questionnaire_response_model.processed = True questionnaire_response_model.patient_id = patient_model.pk questionnaire_response_model.save() return {"status": "success", "message": "Patient updated successfully"}
def rpc_load_matched_patient_data(request, patient_id, questionnaire_response_id): """ Try to return any existing data for a patient corresponding the filled in values of a questionnaire filled out by on the questionnaire interface NB. The curator is responsible for matching an existing patient to the incoming questionnaire data. See RDR-1229 for a description of the use case. The existing data returned is the existing questionnaire values for this matched patient ( not the data provided in the questionnaire response itself - which potentially may overwrite the matched data if the curator indicates in the approval GUI. """ from registry.patients.models import Patient from rdrf.models.definition.models import QuestionnaireResponse from rdrf.workflows.questionnaires.questionnaires import Questionnaire from django.utils.translation import ugettext as _ patient_model = Patient.objects.get(pk=patient_id) try: security_check_user_patient(request.user, patient_model) except PermissionDenied: return { "status": "fail", "message": _("Permission error. Data cannot be loaded !") } questionnaire_response_model = QuestionnaireResponse.objects.get( pk=questionnaire_response_id) patient_model = Patient.objects.get(pk=patient_id) registry_model = questionnaire_response_model.registry questionnaire = Questionnaire(registry_model, questionnaire_response_model) existing_data = questionnaire.existing_data(patient_model) return { "link": existing_data.link, "name": existing_data.name, "questions": existing_data.questions }
def post(self, request, registry_code, patient_id): user = request.user patient = Patient.objects.get(id=patient_id) patient_type = patient.patient_type security_check_user_patient(user, patient) patient_relatives_forms = None actions = [] if patient.user: patient_user = patient.user else: patient_user = None registry_model = Registry.objects.get(code=registry_code) context_launcher = RDRFContextLauncherComponent( request.user, registry_model, patient) patient_info = RDRFPatientInfoComponent(registry_model, patient) if registry_model.patient_fields: patient_form_class = self._create_registry_specific_patient_form_class( user, PatientForm, registry_model, patient) else: patient_form_class = PatientForm patient_form = patient_form_class(request.POST, request.FILES, instance=patient, user=request.user, registry_model=registry_model) country_code = request.POST.get('country_of_birth') patient_form.fields['country_of_birth'].choices = [(country_code, country_code)] kin_country_code = request.POST.get('next_of_kin_country') kin_state_code = request.POST.get('next_of_kin_state') patient_form.fields['next_of_kin_country'].choices = [ (kin_country_code, kin_country_code) ] patient_form.fields['next_of_kin_state'].choices = [(kin_state_code, kin_state_code)] patient_address_form_set = inlineformset_factory( Patient, PatientAddress, form=PatientAddressForm, fields="__all__") address_to_save = patient_address_form_set(request.POST, instance=patient, prefix="patient_address") index = 0 for f in address_to_save.forms: country_field_name = 'patient_address-' + str(index) + '-country' patient_country_code = request.POST.get(country_field_name) state_field_name = 'patient_address-' + str(index) + '-state' patient_state_code = request.POST.get(state_field_name) index += 1 f.fields['country'].choices = [(patient_country_code, patient_country_code)] f.fields['state'].choices = [(patient_state_code, patient_state_code)] patient_relatives_forms = None if patient.is_index and registry_model.get_metadata_item( "family_linkage"): patient_relatives_formset = inlineformset_factory( Patient, PatientRelative, fk_name='patient', form=PatientRelativeForm, extra=0, can_delete=True, fields="__all__") patient_relatives_forms = patient_relatives_formset( request.POST, instance=patient, prefix="patient_relative") forms = [patient_form, address_to_save, patient_relatives_forms] else: forms = [patient_form, address_to_save] valid_forms = [] error_messages = [] for form in forms: if not form.is_valid(): valid_forms.append(False) if isinstance(form.errors, list): for error_dict in form.errors: for field in error_dict: error_messages.append("%s: %s" % (field, error_dict[field])) else: for field in form.errors: for error in form.errors[field]: error_messages.append(error) else: valid_forms.append(True) if registry_model.get_metadata_item("patient_form_doctors"): patient_doctor_form_set = inlineformset_factory( Patient, PatientDoctor, form=PatientDoctorForm, fields="__all__") doctors_to_save = patient_doctor_form_set(request.POST, instance=patient, prefix="patient_doctor") valid_forms.append(doctors_to_save.is_valid()) if all(valid_forms): if registry_model.get_metadata_item("patient_form_doctors"): doctors_to_save.save() address_to_save.save() patient_instance = patient_form.save() patient_instance.patient_type = patient_type patient_instance.save() patient_instance.sync_patient_relative() if patient_user and not patient_instance.user: patient_instance.user = patient_user patient_instance.save() registry_specific_fields_handler = RegistrySpecificFieldsHandler( registry_model, patient_instance) registry_specific_fields_handler.save_registry_specific_data_in_mongo( request) patient, form_sections = self._get_patient_and_forms_sections( patient_id, registry_code, request) if patient_relatives_forms: self.create_patient_relatives(patient_relatives_forms, patient, registry_model) context = { "forms": form_sections, "patient": patient, "context_launcher": context_launcher.html, "message": _("Patient's details saved successfully"), "error_messages": [], } else: error_messages = get_error_messages(forms) if not registry_model.get_metadata_item("patient_form_doctors"): doctors_to_save = None patient, form_sections = self._get_patient_and_forms_sections( patient_id, registry_code, request, patient_form, address_to_save, doctors_to_save, patient_relatives_forms=patient_relatives_forms) context = { "forms": form_sections, "patient": patient, "actions": actions, "context_launcher": context_launcher.html, "errors": True, "error_messages": error_messages, } wizard = NavigationWizard(request.user, registry_model, patient, NavigationFormType.DEMOGRAPHICS, None, None) family_linkage_panel = FamilyLinkagePanel(request.user, registry_model, patient) context["next_form_link"] = wizard.next_link context["previous_form_link"] = wizard.previous_link context["patient_info"] = patient_info.html context["registry_code"] = registry_code context["patient_id"] = patient.id context["location"] = _("Demographics") context["form_links"] = [] context["not_linked"] = not patient.is_linked context["family_linkage_panel"] = family_linkage_panel.html context["show_archive_button"] = request.user.can_archive context["archive_patient_url"] = patient.get_archive_url( registry_model) if request.user.can_archive else "" context["consent"] = consent_status_for_patient(registry_code, patient) section_blacklist = self._check_for_blacklisted_sections( registry_model) context["section_blacklist"] = section_blacklist hidden_sectionlist = self._check_for_hidden_section( request.user, registry_model, form_sections) context["hidden_sectionlist"] = hidden_sectionlist if request.user.is_parent: context['parent'] = ParentGuardian.objects.get(user=request.user) return render(request, 'rdrf_cdes/patient_edit.html', context)
def get(self, request, registry_code, patient_id): if not request.user.is_authenticated: patient_edit_url = reverse('patient_edit', args=[ registry_code, patient_id, ]) login_url = reverse('two_factor:login') return redirect("%s?next=%s" % (login_url, patient_edit_url)) registry_model = Registry.objects.get(code=registry_code) section_blacklist = self._check_for_blacklisted_sections( registry_model) patient, form_sections = self._get_patient_and_forms_sections( patient_id, registry_code, request) security_check_user_patient(request.user, patient) if registry_model.has_feature("consent_checks"): from rdrf.helpers.utils import consent_check if not consent_check(registry_model, request.user, patient, "see_patient"): raise PermissionDenied context_launcher = RDRFContextLauncherComponent( request.user, registry_model, patient) patient_info = RDRFPatientInfoComponent(registry_model, patient) family_linkage_panel = FamilyLinkagePanel(request.user, registry_model, patient) context = { "location": "Demographics", "context_launcher": context_launcher.html, "patient_info": patient_info.html, "forms": form_sections, "family_linkage_panel": family_linkage_panel.html, "patient": patient, "proms_link": self._get_proms_link(registry_model, patient), "patient_id": patient.id, "registry_code": registry_code, "form_links": [], "show_archive_button": request.user.can_archive, "archive_patient_url": patient.get_archive_url(registry_model) if request.user.can_archive else "", "consent": consent_status_for_patient(registry_code, patient), "section_blacklist": section_blacklist } if request.GET.get('just_created', False): context["message"] = _("Patient added successfully") context["not_linked"] = not patient.is_linked wizard = NavigationWizard(request.user, registry_model, patient, NavigationFormType.DEMOGRAPHICS, None, None) context["next_form_link"] = wizard.next_link context["previous_form_link"] = wizard.previous_link if request.user.is_parent: context['parent'] = ParentGuardian.objects.get(user=request.user) hidden_sectionlist = self._check_for_hidden_section( request.user, registry_model, form_sections) context["hidden_sectionlist"] = hidden_sectionlist return render(request, 'rdrf_cdes/patient_edit.html', context)