Openemr inferno fixes for #5827 #5828 #5829 #5830 #5831 #5833 #5834 #5836
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fixes openemr#5831 - capabilities statement add passthrough statement Fixes openemr#5830 - add document title to DocumentReference endpoint Fixes openemr#5829 - enable patients to download their own documents. Fixes openemr#5828 - OperationDefinition endpoint, $bulkdata-status updates Fixes openemr#5827 - Migrate FHIR doc binary download to root Binary endpoint Fixes openemr#5833 - Patient portal scopes independent of fhir scopes
Fixes openemr#5834 - Add delete interaction in capability statement to handle write scopes correctly. We were using the wrong interaction name for the capability statement and I renamed it in the prior commit. However, I wasn't handling it in our ScopeRepository correctly. Changed the interaction reference to be 'create' instead of 'insert' and put in a documentation url of where to go to get the reference.
adunsulag
commented
Oct 12, 2022
| @@ -283,6 +283,16 @@ public function has_expired() | |||
| return false; | |||
| } | |||
|
|
|||
| public function can_patient_access($pid) | |||
There was a problem hiding this comment.
@bradymiller If you can look at this from a security point of view and let me know if you see any problems. Its called in the FhirDocumentRestController.
There was a problem hiding this comment.
would just make sure $pid is also not empty in the if (overkill but might as well). otherwise looks good.
There was a problem hiding this comment.
@bradymiller Maybe I'm tired but I believe the first check for empty on the foreignID makes sure the $pid is also never empty since foreignID has to equal the $pid.
There was a problem hiding this comment.
that is true. is overkill, on security related stuff, I overuse !empty() and am explicit so i don't need to think :)
can leave as is.
bradymiller
reviewed
Oct 12, 2022
| $scopes_api = array_merge($scopes_api, $scopes_api_portal); | ||
|
|
||
| $scopesSupported = $this->apiScopes(); | ||
| $scopes_dict = array_combine($scopesSupported, $scopesSupported); | ||
| $scopesSupported = null; | ||
| $scopesSupported = null; // this is odd, why do we have this? |
There was a problem hiding this comment.
maybe some sort of loop is happening here where scopesSupported is used to build the $scopes_dict
bradymiller
approved these changes
Oct 12, 2022
|
|
Found the definition url was missing for the operation. Not sure how I ended up removing it.
adunsulag
added a commit
to DiscoverAndChange/openemr
that referenced
this pull request
Oct 21, 2022
…emr#5830 openemr#5831 openemr#5833 openemr#5834 (openemr#5836) * OpenEMR FHIR Api bug/feature fixes Fixes openemr#5831 - capabilities statement add passthrough statement Fixes openemr#5830 - add document title to DocumentReference endpoint Fixes openemr#5829 - enable patients to download their own documents. Fixes openemr#5828 - OperationDefinition endpoint, $bulkdata-status updates Fixes openemr#5827 - Migrate FHIR doc binary download to root Binary endpoint Fixes openemr#5833 - Patient portal scopes independent of fhir scopes * Fix scope permission on insert/create/delete Fixes openemr#5834 - Add delete interaction in capability statement to handle write scopes correctly. We were using the wrong interaction name for the capability statement and I renamed it in the prior commit. However, I wasn't handling it in our ScopeRepository correctly. Changed the interaction reference to be 'create' instead of 'insert' and put in a documentation url of where to go to get the reference. * Fix styles and unit tests * Fix missing definition URL Found the definition url was missing for the operation. Not sure how I ended up removing it.
adunsulag
added a commit
that referenced
this pull request
Oct 25, 2022
) * Openemr inferno fixes for #5827 #5828 #5829 #5830 #5831 #5833 #5834 (#5836) * OpenEMR FHIR Api bug/feature fixes Fixes #5831 - capabilities statement add passthrough statement Fixes #5830 - add document title to DocumentReference endpoint Fixes #5829 - enable patients to download their own documents. Fixes #5828 - OperationDefinition endpoint, $bulkdata-status updates Fixes #5827 - Migrate FHIR doc binary download to root Binary endpoint Fixes #5833 - Patient portal scopes independent of fhir scopes * Fix scope permission on insert/create/delete Fixes #5834 - Add delete interaction in capability statement to handle write scopes correctly. We were using the wrong interaction name for the capability statement and I renamed it in the prior commit. However, I wasn't handling it in our ScopeRepository correctly. Changed the interaction reference to be 'create' instead of 'insert' and put in a documentation url of where to go to get the reference. * Fix styles and unit tests * Fix missing definition URL Found the definition url was missing for the operation. Not sure how I ended up removing it. * Fixes #5854 encounter identifier change uuid (#5854) Change the UUID and remove the RFC reference * Fixes #5832 - add document reference category (#5859) Categories were not being populated in the document service piece so I expose that in the DocumentService class. I add the text name of the category/folder the document is assigned to into the fhir patient document reference. * Fixes #5838 DocumentReference date search (#5860) Make the date search work for document reference with onc inferno.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Fixes #5831 - capabilities statement add passthrough statement
Fixes #5830 - add document title to DocumentReference endpoint
Fixes #5829 - enable patients to download their own documents.
Fixes #5828 - OperationDefinition endpoint, $bulkdata-status updates
Fixes #5827 - Migrate FHIR doc binary download to root Binary endpoint
Fixes #5833 - Patient portal scopes independent of fhir scopes
Fixes #5834 - Add delete interaction in capability statement to handle
write scopes correctly.