RubyGems - his_emr_api_lab - Versions diffs - 1.1.28 → 1.1.30 - Mend

his_emr_api_lab 1.1.28 → 1.1.30

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.

Files changed (13) hide show

checksums.yaml +4 -4
data/app/controllers/lab/orders_controller.rb +51 -0
data/app/controllers/lab/users_controller.rb +32 -0
data/app/services/lab/json_web_token_service.rb +20 -0
data/app/services/lab/lims/api/rest_api.rb +7 -0
data/app/services/lab/lims/pull_worker.rb +30 -5
data/app/services/lab/metadata.rb +1 -0
data/app/services/lab/orders_service.rb +96 -2
data/app/services/lab/results_service.rb +1 -0
data/app/services/lab/user_service.rb +62 -0
data/config/routes.rb +12 -1
data/lib/lab/version.rb +1 -1
metadata +5 -2

checksums.yaml CHANGED Viewed

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: '09cfdf606b1084b4bda331d27fa85e69b831e3c3329be923692011d403c4ab4d'
-  data.tar.gz: 6aa364d1c6e1965df73aa05cc1a6a3dc31b160171cf9443c974aa333fbcfd9d4
+  metadata.gz: bc253a7a3dc9dcee98dde9b842f2c390571d3ca3fe2a677b733444a091413900
+  data.tar.gz: 105357ada270cc5c735fa144401b357cb362867ef9684997cddfe851e7e185d9
 SHA512:
-  metadata.gz: 27809c7ad5e07ba4502665b4d289f007562fb159d81ba7b847d344fed25585fa8b3fe73e89def79cccd9d95a01adfdf6c82fa260e664f5cb51ad71ad27efc29f
-  data.tar.gz: 4326993c19083cbffa2521eddb16a04e719b7406940bdbd0fead6acedb408568c94628060fb5c359c99dbb6f22edbe504fbf64a533a2d0f861d1e627e8bc162f
+  metadata.gz: 4c1f681d9ecc0f6f14ae6cdcf8fb7cdfe91995a3961636825eff22bb31654cb2b2f10a11ce9f090446022c9d6ee5b8f49029cab14d8454b52c3d372856daff71
+  data.tar.gz: ae270f2c93ae6ba49aed7122e8f92f3ef7d1a250df3101395e9bffe610b990072cc6d06ef5a0fa1560b2e2ff7fd3abe6f3fb293a371965e25664f26ea5416cb8

data/app/controllers/lab/orders_controller.rb CHANGED Viewed

@@ -2,6 +2,9 @@
 module Lab
   class OrdersController < ApplicationController
+    skip_before_action :authenticate, only: %i[order_status order_result]
+    before_action :authenticate_request, only: %i[order_status order_result]
     def create
       order_params_list = params.require(:orders)
       orders = order_params_list.map do |order_params|
@@ -28,11 +31,59 @@ module Lab
       render json: OrdersSearchService.find_orders(filters)
     end
+    def verify_tracking_number
+      tracking_number = params.require(:accession_number)
+      render json: { exists: OrdersService.check_tracking_number(tracking_number) }, status: :ok
+    end
     def destroy
       OrdersService.void_order(params[:id], params[:reason])
       Lab::VoidOrderJob.perform_later(params[:id])
       render status: :no_content
     end
+    def order_status
+      order_params = params.permit(:tracking_number, :status, :status_time, :comments)
+      OrdersService.update_order_status(order_params)
+      render json: { message: "Status for order #{order_params['tracking_number']} successfully updated" }, status: :ok
+    end
+    def order_result
+      params.permit!
+      order_params = params[:data].to_h
+      OrdersService.update_order_result(order_params)
+      render json: { message: 'Results processed successfully' }, status: :ok
+    end
+    private
+    def authenticate_request
+      header = request.headers['Authorization']
+      content = header.split(' ')
+      auth_scheme = content.first
+      unless header
+        errors = ['Authorization token required']
+        render json: { errors: errors }, status: :unauthorized
+        return false
+      end
+      unless auth_scheme == 'Bearer'
+        errors = ['Authorization token bearer scheme required']
+        render json: { errors: errors }, status: :unauthorized
+        return false
+      end
+      process_token(content.last)
+    end
+    def process_token(token)
+      browser = Browser.new(request.user_agent)
+      decoded = Lab::JsonWebTokenService.decode(token, request.remote_ip + browser.name + browser.version)
+      user(decoded)
+    end
+    def user(decoded)
+      User.current = User.find decoded[:user_id]
+    end
   end
 end

data/app/controllers/lab/users_controller.rb ADDED Viewed

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+# This controller handles creation and authentication of LIMS User
+module Lab
+  class UsersController < ::ApplicationController
+    skip_before_action :authenticate
+    # create a LIMS User that will be responsible for sending lab results
+    def create
+      user_params = params.permit(:username, :password)
+      service.create_lims_user(username: user_params['username'], password: user_params['password'])
+      render json: { message: 'User successfully created' }, status: 200
+    end
+    # authenticate the lims user
+    def login
+      user_params = params.permit(:username, :password)
+      result = service.authenticate_user(username: user_params['username'], password: user_params['password'],
+                                         user_agent: request.user_agent, request_ip: request.remote_ip)
+      if result.present?
+        render json: result, status: 200
+      else
+        render json: { message: 'Invalid Credentials Provided' }, status: 401
+      end
+    end
+    private
+    def service
+      Lab::UserService
+    end
+  end
+end

data/app/services/lab/json_web_token_service.rb ADDED Viewed

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+module Lab
+  # This class is used to encode and decode the JWT token
+  module JsonWebTokenService
+    class << self
+      SECRET_KEY = Rails.application.secrets.secret_key_base.to_s
+      def encode(payload, request_ip, exp = 18.hours.from_now)
+        payload[:exp] = exp.to_i
+        JWT.encode(payload, SECRET_KEY + request_ip)
+      end
+      def decode(token, request_ip)
+        decoded = JWT.decode(token, SECRET_KEY + request_ip)[0]
+        HashWithIndifferentAccess.new decoded
+      end
+    end
+  end
+end

data/app/services/lab/lims/api/rest_api.rb CHANGED Viewed

@@ -87,6 +87,13 @@ class Lab::Lims::Api::RestApi
     end
   end
+  def verify_tracking_number(tracking_number)
+    find_lims_order(tracking_number)
+  rescue InvalidParameters => e
+    Rails.logger.error("Failed to verify tracking number #{tracking_number}: #{e.message}")
+    false
+  end
   private
   attr_reader :config

data/app/services/lab/lims/pull_worker.rb CHANGED Viewed

@@ -57,6 +57,29 @@ module Lab
         end
       end
+      def process_order(order_dto)
+        patient = find_patient_by_nhid(order_dto[:patient][:id])
+        unless patient
+          logger.debug("Discarding order: Non local patient ##{order_dto[:patient][:id]} on order ##{order_dto[:tracking_number]}")
+          order_rejected(order_dto, "Patient NPID, '#{order_dto[:patient][:id]}', didn't match any local NPIDs")
+          return
+        end
+        if order_dto[:tests].empty?
+          logger.debug("Discarding order: Missing tests on order ##{order_dto[:tracking_number]}")
+          order_rejected(order_dto, 'Order is missing tests')
+          return
+        end
+        diff = match_patient_demographics(patient, order_dto['patient'])
+        if diff.empty?
+          save_order(patient, order_dto)
+          order_saved(order_dto)
+        else
+          save_failed_import(order_dto, 'Demographics not matching', diff)
+        end
+      end
       protected
       def order_saved(order_dto); end
@@ -182,30 +205,32 @@ module Lab
       def update_results(order, lims_results)
         logger.debug("Updating results for order ##{order[:accession_number]}: #{lims_results}")
         lims_results.each do |test_name, test_results|
           test = find_test(order['id'], test_name)
           unless test
             logger.warn("Couldn't find test, #{test_name}, in order ##{order[:id]}")
             next
           end
-          next if test.result || test_results['results'].blank?
+          next if test.result || test_results['results'].blank?
+          result_date = Time.now
           measures = test_results['results'].map do |indicator, value|
             measure = find_measure(order, indicator, value)
+            result_date = value['result_date'] || result_date
             next nil unless measure
             measure
           end
           measures = measures.compact
           next if measures.empty?
           creator = format_result_entered_by(test_results['result_entered_by'])
           ResultsService.create_results(test.id,  { provider_id: User.current.person_id,
-                                                    date: Utils.parse_date(test_results['date_result_entered'], order[:order_date].to_s),
+                                                    date: Utils.parse_date(test_results['date_result_entered'], result_date),
                                                     comments: "LIMS import: Entered by: #{creator}",
                                                     measures: measures } )
         end

data/app/services/lab/metadata.rb CHANGED Viewed

@@ -10,6 +10,7 @@ module Lab
     TEST_RESULT_CONCEPT_NAME = 'Lab test result'
     TEST_RESULT_INDICATOR_CONCEPT_NAME = 'Lab test result indicator'
     TEST_TYPE_CONCEPT_NAME = 'Test type'
+    LAB_ORDER_STATUS_CONCEPT_NAME = 'lab order status'
     UNKNOWN_SPECIMEN = 'Unknown'
     # Encounter

data/app/services/lab/orders_service.rb CHANGED Viewed

@@ -52,6 +52,10 @@ module Lab
       def order_test(order_params)
         Order.transaction do
           encounter = find_encounter(order_params)
+          if order_params[:accession_number].present? && check_tracking_number(order_params[:accession_number])
+            raise 'Accession number already exists'
+          end
           order = create_order(encounter, order_params)
           Lab::TestsService.create_tests(order, order_params[:date], order_params[:tests])
@@ -99,13 +103,84 @@ module Lab
         order.target_lab&.void(reason)
         order.tests.each { |test| test.void(reason) }
-        voided = order.void(reason)
+        order.void(reason)
+      end
-        voided
+      def check_tracking_number(tracking_number)
+        accession_number_exists?(tracking_number) || nlims_accession_number_exists?(tracking_number)
+      end
+      def update_order_status(order_params)
+        # find the order
+        order = find_order(order_params['tracking_number'])
+        concept = ConceptName.find_by_name Lab::Metadata::LAB_ORDER_STATUS_CONCEPT_NAME
+        ActiveRecord::Base.transaction do
+          void_order_status(order, concept)
+          Observation.create!(
+            person_id: order.patient_id,
+            encounter_id: order.encounter_id,
+            concept_id: concept.concept_id,
+            order_id: order.id,
+            obs_datetime: order_params['status_time'] || Time.now,
+            value_text: order_params['status'],
+            creator: User.current.id
+          )
+        end
+        create_rejection_notification(order_params) if order_params['status'] == 'test-rejected'
+      end
+      def update_order_result(order_params)
+        order = find_order(order_params['tracking_number'])
+        order_dto = Lab::Lims::OrderSerializer.serialize_order(order)
+        patch_order_dto_with_lims_results!(order_dto, order_params['results'])
+        Lab::Lims::PullWorker.new(nil).process_order(order_dto)
       end
       private
+      def create_rejection_notification(order_params)
+        order = find_order order_params['tracking_number']
+        data = { 'type': 'LIMS',
+                 'accession_number': order&.accession_number,
+                 'order_date': order&.start_date,
+                 'arv_number': find_arv_number(order.patient_id),
+                 'patient_id': result.person_id,
+                 'ordered_by': order&.provider&.person&.name,
+                 'rejection_reason': order_params['comments']
+                }.as_json
+        NotificationService.new.create_notification('LIMS', data)
+      end
+      def find_arv_number(patient_id)
+        PatientIdentifier.joins(:type)
+                         .merge(PatientIdentifierType.where(name: 'ARV Number'))
+                         .where(patient_id: patient_id)
+                         .first&.identifier
+      end
+      def find_order(tracking_number)
+        Lab::LabOrder.find_by_accession_number(tracking_number)
+      end
+      def patch_order_dto_with_lims_results!(order_dto, results)
+        order_dto.merge!(
+          '_id' => order_dto[:tracking_number],
+          '_rev' => 0,
+          'test_results' => results.each_with_object({}) do |result, formatted_results|
+            test_name, measures = result
+            result_date = measures.delete('result_date')
+            formatted_results[test_name] = {
+              results: measures.each_with_object({}) do |measure, processed_measures|
+                processed_measures[measure[0]] = { 'result_value' => measure[1] }
+              end,
+              result_date: result_date,
+              result_entered_by: {}
+            }
+          end
+        )
+      end
       ##
       # Extract an encounter from the given parameters.
       #
@@ -141,6 +216,19 @@ module Lab
         )
       end
+      def accession_number_exists?(accession_number)
+        Lab::LabOrder.where(accession_number: accession_number).exists?
+      end
+      def nlims_accession_number_exists?(accession_number)
+        config = YAML.load_file('config/application.yml')
+        return false unless config['lims_api']
+        # fetch from the rest api and check if it exists
+        lims_api = Lab::Lims::ApiFactory.create_api
+        lims_api.verify_tracking_number(accession_number).present?
+      end
       ##
       # Attach the requesting clinician to an order
       def add_requesting_clinician(order, params)
@@ -207,6 +295,12 @@ module Lab
         order.reason_for_test&.delete
         add_reason_for_test(order, date: order.start_date, reason_for_test_id: concept_id)
       end
+      def void_order_status(order, concept)
+        Observation.where(order_id: order.id, concept_id: concept.concept_id).each do |obs|
+          obs.void('New Status Received from LIMS')
+        end
+      end
     end
   end
 end

data/app/services/lab/results_service.rb CHANGED Viewed

@@ -45,6 +45,7 @@ module Lab
         data = { Type: result_enter_by,
                  'Test type': ConceptName.find_by(concept_id: result.test.value_coded)&.name,
                  'Accession number': order&.accession_number,
+                 'Orde date': order&.start_date,
                  'ARV-Number': find_arv_number(result.person_id),
                  PatientID: result.person_id,
                  'Ordered By': order&.provider&.person&.name,

data/app/services/lab/user_service.rb ADDED Viewed

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+module Lab
+  # Service for managing LIMS users
+  module UserService
+    class << self
+      include BCrypt
+      def create_lims_user(username:, password:)
+        validate username: username
+        ActiveRecord::Base.transaction do
+          person = create_lims_person
+          create_user username: username, password: password, person: person
+        end
+      end
+      def authenticate_user(username:, password:, user_agent:, request_ip:)
+        user = User.find_by_username username
+        encrypted_pass = Password.new(user.password)
+        if encrypted_pass == password
+          generate_token(user, user_agent, request_ip)
+        else
+          # throw authentication error
+          nil
+        end
+      end
+      private
+      ##
+      # Validate that the username doesn't already exists
+      def validate(username:)
+        raise UnprocessableEntityError, 'Username already exists' if User.find_by_username username
+      end
+      def create_lims_person
+        god_user = User.first
+        person = Person.create!(creator: god_user.id)
+        PersonName.create!(given_name: 'Lims', family_name: 'User', creator: god_user.id, person: person)
+        person
+      end
+      def create_user(username:, password:, person:)
+        salt = SecureRandom.base64
+        user = User.create!(
+          username: username,
+          password: Password.create(password),
+          salt: salt,
+          person: person,
+          creator: User.first.id
+        )
+      end
+      def generate_token(user, user_agent, request_ip)
+        browser = Browser.new(user_agent)
+        key_supplement = request_ip + browser.name + browser.version
+        token = Lab::JsonWebTokenService.encode({ user_id: user.id }, key_supplement)
+        { auth_token: token }
+      end
+    end
+  end
+end

data/config/routes.rb CHANGED Viewed

@@ -1,12 +1,18 @@
 # frozen_string_literal: true
 Lab::Engine.routes.draw do
-  resources :orders, path: 'api/v1/lab/orders'
+  resources :orders, path: 'api/v1/lab/orders' do
+    collection do
+      post :order_status
+      post :order_result
+    end
+  end
   resources :tests, path: 'api/v1/lab/tests', except: %i[update] do # ?pending=true to select tests without results?
     resources :results, only: %i[index create destroy]
   end
   get 'api/v1/lab/labels/order', to: 'labels#print_order_label'
+  get 'api/v1/lab/accession_number', to: 'orders#verify_tracking_number'
   # Metadata
   # TODO: Move the following to namespace /concepts
@@ -14,4 +20,9 @@ Lab::Engine.routes.draw do
   resources :test_result_indicators, only: %i[index], path: 'api/v1/lab/test_result_indicators'
   resources :test_types, only: %i[index], path: 'api/v1/lab/test_types'
   resources :reasons_for_test, only: %i[index], path: 'api/v1/lab/reasons_for_test'
+  resources :users, only: %i[create], path: 'api/v1/lab/users' do
+    collection do
+      post :login
+    end
+  end
 end

data/lib/lab/version.rb CHANGED Viewed

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 module Lab
-  VERSION = '1.1.28'
+  VERSION = '1.1.30'
 end

metadata CHANGED Viewed

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: his_emr_api_lab
 version: !ruby/object:Gem::Version
-  version: 1.1.28
+  version: 1.1.30
 platform: ruby
 authors:
 - Elizabeth Glaser Pediatric Foundation Malawi
 autorequire:
 bindir: bin
 cert_chain: []
-date: 2023-03-15 00:00:00.000000000 Z
+date: 2023-06-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: couchrest
@@ -247,6 +247,7 @@ files:
 - app/controllers/lab/test_result_indicators_controller.rb
 - app/controllers/lab/test_types_controller.rb
 - app/controllers/lab/tests_controller.rb
+- app/controllers/lab/users_controller.rb
 - app/jobs/lab/application_job.rb
 - app/jobs/lab/push_order_job.rb
 - app/jobs/lab/update_patient_orders_job.rb
@@ -267,6 +268,7 @@ files:
 - app/services/lab/accession_number_service.rb
 - app/services/lab/acknowledgement_service.rb
 - app/services/lab/concepts_service.rb
+- app/services/lab/json_web_token_service.rb
 - app/services/lab/labelling_service/order_label.rb
 - app/services/lab/lims/acknowledgement_serializer.rb
 - app/services/lab/lims/acknowledgement_worker.rb
@@ -290,6 +292,7 @@ files:
 - app/services/lab/orders_service.rb
 - app/services/lab/results_service.rb
 - app/services/lab/tests_service.rb
+- app/services/lab/user_service.rb
 - config/routes.rb
 - db/migrate/20210126092910_create_lab_lab_accession_number_counters.rb
 - db/migrate/20210310115457_create_lab_lims_order_mappings.rb