oe-patient-privacy/openemr.bootstrap.php at master · DiscoverAndChange/oe-patient-privacy · GitHub

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
<?php
/**
 * Bootstrap custom Patient Privacy module.
 *
 * @package   OpenEMR
 * @link      http://www.open-emr.org
 * @author    Ken Chapple <ken@mi-squared.com>
 * @copyright Copyright (c) 2020 Ken Chapple <ken@mi-squared.com>
 * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General Public License 3
 */
//namespace PatientPrivacy;
//require_once __DIR__.'/vendor/autoload.php';

use OpenEMR\Events\PatientFinder\PatientFinderFilterEvent;
use Symfony\Contracts\EventDispatcher\Event;
use Symfony\Component\EventDispatcher\EventDispatcherInterface;
use OpenEMR\Menu\MenuEvent;
use PatientPrivacy\PatientPrivacyService;

function oe_module_patient_privacy_add_menu_item(MenuEvent $event)
{
    $menu = $event->getMenu();

    $menuItem = new stdClass();
    $menuItem->requirement = 0;
    $menuItem->target = 'adm';
    $menuItem->menu_id = 'adm0';
    $menuItem->label = xlt("Patient Privacy");
    $menuItem->url = "/interface/modules/custom_modules/oe-patient-privacy/index.php?action=admin";
    $menuItem->children = [];
    $menuItem->acl_req = ["admin", "super"];

    foreach ($menu as $item) {
        if ($item->menu_id == 'admimg') {
            array_unshift($item->children, $menuItem);
            break;
        }
    }

    $event->setMenu($menu);

    return $event;
}

// Listen for the menu update event so we can dynamically add our patient privacy menu item
$eventDispatcher->addListener(MenuEvent::MENU_UPDATE, 'oe_module_patient_privacy_add_menu_item');

/**
 * @param PatientFinderFilterEvent $event
 */
function oe_module_patient_privacy_filter_by_user(PatientFinderFilterEvent $event)
{
    $userService = new \OpenEMR\Services\UserService();
    $user = $userService->getCurrentlyLoggedInUser();
    $patientPrivacyFilter = PatientPrivacyService::getPrivacyFilterForUser($user['id']);

    // Get filter obj from our event, and by default, don't show any patients
    $boundFilter = $event->getBoundFilter();

    // Set the query part we constructed as the custom where, which will be appended to patient filter query
    $boundFilter->setFilterClause($patientPrivacyFilter->getFilterClause());
    $boundFilter->setBoundValues($patientPrivacyFilter->getBoundValues());

    return $event;
}
// listen for the filter event in the patient finder (hook located in main/finder/dynamic_finder_ajax.php)
// Our handler will filter out patients that aren't associated with the logged-in users' facility list
$eventDispatcher->addListener(PatientFinderFilterEvent::EVENT_HANDLE, 'oe_module_patient_privacy_filter_by_user');

/**
 * @param ViewEvent $event
 * @return ViewEvent
 *
 * Handler for the view event in patient demographics. If the patient is in the logged-in user's
 * blacklist, they will not have access.
 */
function oe_module_patient_privacy_checkUserForViewAuth(\OpenEMR\Events\PatientDemographics\ViewEvent $event)
{
    $userService = new \PatientPrivacy\UserService();
    $user = $userService->getCurrentlyLoggedInUser();

    if (\PatientPrivacy\UserService::isExcluded($user['id'])) {
        $event->setAuthorized(true);
    } else {
        // Check to see if this user has access to this patient by direct or supervisor relationship
        if (PatientPrivacyService::userHasAccess($user['id'], $event->getPid())) {
            $event->setAuthorized(true);
        } else {
            $event->setAuthorized(false);
        }
    }

    return $event;
}

// listen for view and update events on the patient demographics screen (hooks located in
// interface/patient_file/summary/demogrphics.php and
// interface/patient_file/summary/demogrphics_full.php
$eventDispatcher->addListener(\OpenEMR\Events\PatientDemographics\ViewEvent::EVENT_HANDLE, 'oe_module_patient_privacy_checkUserForViewAuth');

/**
 * @param UpdateEvent $event
 * @return UpdateEvent
 *
 * Handler for the update event in patient demographics. If the patient is in the logged-in user's
 * blacklist, they will not have access.
 */
function oe_module_patient_privacy_checkUserForUpdateAuth(\OpenEMR\Events\PatientDemographics\UpdateEvent $event)
{
    $patientPrivacyService = new PatientPrivacyService();

    $userService = new \PatientPrivacy\UserService();
    $user = $userService->getCurrentlyLoggedInUser();

    if (\PatientPrivacy\UserService::isExcluded($user['id'])) {
        $event->setAuthorized(true);
    } else {

        if (PatientPrivacyService::userHasAccess($user['id'], $event->getPid())) {
            $event->setAuthorized(true);
        } else {
            $event->setAuthorized(false);
        }
    }

    return $event;
}

// listen for view and update events on the patient demographics screen (hooks located in
// interface/patient_file/summary/demogrphics.php and
// interface/patient_file/summary/demogrphics_full.php
$eventDispatcher->addListener(\OpenEMR\Events\PatientDemographics\UpdateEvent::EVENT_HANDLE, 'oe_module_patient_privacy_checkUserForUpdateAuth');