his_emr_api_lab 1.1.29 → 1.1.31

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA256:
-  metadata.gz: e8830688d3c9f3a5c1eaf915060e61c89110b7602f44233d9a6d6c87628d7bfa
-  data.tar.gz: 394f57a548c41b25303ea9cf6f7cd205094a18c2c1b471d847d7d02a7828487a
+  metadata.gz: 88d310815f8d7efad226f84e50963754893da11220df2af7aedf173361452091
+  data.tar.gz: d01062b0a5ec36c1a1710d795a128ca810c265451f46c95b663cd47158667263
 SHA512:
-  metadata.gz: 8061088cf2210df529f524d410441f647386402ae0c706953d5dbf4b2a439b48c3d9377180b028ba5d456b5598f8b6c75c0a598f8550732785ce53853eafdb15
-  data.tar.gz: 06a06e00a9051548ee69387fa5c9078cb86d119968a5ef81a37fbddc3e60147fe57b743232aadc20fb7f9adbfa74caddd8f8eb1f6f05bb56219f96ca0762ccdd
+  metadata.gz: 881a7f78e83513207822d69980a884d19dd4b328b89192caa96b8d536e79a637e6c21bf1a07231e7e03a19464ec3693d03233dfbda1b0974cf41a7195a5882ff
+  data.tar.gz: 186e472eeb17f75bf7be3cac3478701f6b9b34d092da3368b96e9410f7522e0bdfaaec26099d919ed2a88366de8e57e755f492d52a16b50a584e2193e82f4887

data/app/controllers/lab/orders_controller.rb

@@ -2,6 +2,9 @@
 
 module Lab
   class OrdersController < ApplicationController
+    skip_before_action :authenticate, only: %i[order_status order_result]
+    before_action :authenticate_request, only: %i[order_status order_result]
+
     def create
       order_params_list = params.require(:orders)
       orders = order_params_list.map do |order_params|
@@ -39,5 +42,48 @@ module Lab
 
       render status: :no_content
     end
+
+    def order_status
+      order_params = params.permit(:tracking_number, :status, :status_time, :comments)
+      OrdersService.update_order_status(order_params)
+      render json: { message: "Status for order #{order_params['tracking_number']} successfully updated" }, status: :ok
+    end
+
+    def order_result
+      params.permit!
+      order_params = params[:data].to_h
+      OrdersService.update_order_result(order_params)
+      render json: { message: 'Results processed successfully' }, status: :ok
+    end
+
+    private
+
+    def authenticate_request
+      header = request.headers['Authorization']
+      content = header.split(' ')
+      auth_scheme = content.first
+      unless header
+        errors = ['Authorization token required']
+        render json: { errors: errors }, status: :unauthorized
+        return false
+      end
+      unless auth_scheme == 'Bearer'
+        errors = ['Authorization token bearer scheme required']
+        render json: { errors: errors }, status: :unauthorized
+        return false
+      end
+  
+      process_token(content.last)
+    end
+
+    def process_token(token)
+      browser = Browser.new(request.user_agent)
+      decoded = Lab::JsonWebTokenService.decode(token, request.remote_ip + browser.name + browser.version)
+      user(decoded)
+    end
+
+    def user(decoded)
+      User.current = User.find decoded[:user_id]
+    end
   end
 end

data/app/controllers/lab/users_controller.rb

@@ -0,0 +1,32 @@
+# frozen_string_literal: true
+
+# This controller handles creation and authentication of LIMS User
+module Lab
+  class UsersController < ::ApplicationController
+    skip_before_action :authenticate
+    # create a LIMS User that will be responsible for sending lab results
+    def create
+      user_params = params.permit(:username, :password)
+      service.create_lims_user(username: user_params['username'], password: user_params['password'])
+      render json: { message: 'User successfully created' }, status: 200
+    end
+
+    # authenticate the lims user
+    def login
+      user_params = params.permit(:username, :password)
+      result = service.authenticate_user(username: user_params['username'], password: user_params['password'],
+                                         user_agent: request.user_agent, request_ip: request.remote_ip)
+      if result.present?
+        render json: result, status: 200
+      else
+        render json: { message: 'Invalid Credentials Provided' }, status: 401
+      end
+    end
+
+    private
+
+    def service
+      Lab::UserService
+    end
+  end
+end

data/app/serializers/lab/lab_order_serializer.rb

@@ -26,6 +26,7 @@ module Lab
             concept_id: reason_for_test&.value_coded,
             name: concept_name(reason_for_test&.value_coded)
           },
+          delivery_mode: order&.lims_acknowledgement_status&.acknowledgement_type,
           tests: tests.map do |test|
             result_obs = test.children.first
 

data/app/services/lab/json_web_token_service.rb

@@ -0,0 +1,20 @@
+# frozen_string_literal: true
+
+module Lab
+  # This class is used to encode and decode the JWT token
+  module JsonWebTokenService
+    class << self
+      SECRET_KEY = Rails.application.secrets.secret_key_base.to_s
+
+      def encode(payload, request_ip, exp = 18.hours.from_now)
+        payload[:exp] = exp.to_i
+        JWT.encode(payload, SECRET_KEY + request_ip)
+      end
+
+      def decode(token, request_ip)
+        decoded = JWT.decode(token, SECRET_KEY + request_ip)[0]
+        HashWithIndifferentAccess.new decoded
+      end
+    end
+  end
+end

data/app/services/lab/lims/pull_worker.rb

@@ -57,6 +57,29 @@ module Lab
         end
       end
 
+      def process_order(order_dto)
+        patient = find_patient_by_nhid(order_dto[:patient][:id])
+        unless patient
+          logger.debug("Discarding order: Non local patient ##{order_dto[:patient][:id]} on order ##{order_dto[:tracking_number]}")
+          order_rejected(order_dto, "Patient NPID, '#{order_dto[:patient][:id]}', didn't match any local NPIDs")
+          return
+        end
+
+        if order_dto[:tests].empty?
+          logger.debug("Discarding order: Missing tests on order ##{order_dto[:tracking_number]}")
+          order_rejected(order_dto, 'Order is missing tests')
+          return
+        end
+
+        diff = match_patient_demographics(patient, order_dto['patient'])
+        if diff.empty?
+          save_order(patient, order_dto)
+          order_saved(order_dto)
+        else
+          save_failed_import(order_dto, 'Demographics not matching', diff)
+        end
+      end
+
       protected
 
       def order_saved(order_dto); end
@@ -182,30 +205,32 @@ module Lab
 
       def update_results(order, lims_results)
         logger.debug("Updating results for order ##{order[:accession_number]}: #{lims_results}")
-        
+
         lims_results.each do |test_name, test_results|
           test = find_test(order['id'], test_name)
           unless test
             logger.warn("Couldn't find test, #{test_name}, in order ##{order[:id]}")
             next
           end
-          
-          next if test.result || test_results['results'].blank?
 
+          next if test.result || test_results['results'].blank?
+          
+          result_date = Time.now
           measures = test_results['results'].map do |indicator, value|
             measure = find_measure(order, indicator, value)
+            result_date = value['result_date'] || result_date
             next nil unless measure
 
             measure
           end
-          
+
           measures = measures.compact
           next if measures.empty?
 
           creator = format_result_entered_by(test_results['result_entered_by'])
 
           ResultsService.create_results(test.id,  { provider_id: User.current.person_id,
-                                                    date: Utils.parse_date(test_results['date_result_entered'], order[:order_date].to_s),
+                                                    date: Utils.parse_date(test_results['date_result_entered'], result_date),
                                                     comments: "LIMS import: Entered by: #{creator}",
                                                     measures: measures } )
         end

data/app/services/lab/metadata.rb

@@ -10,6 +10,7 @@ module Lab
     TEST_RESULT_CONCEPT_NAME = 'Lab test result'
     TEST_RESULT_INDICATOR_CONCEPT_NAME = 'Lab test result indicator'
     TEST_TYPE_CONCEPT_NAME = 'Test type'
+    LAB_ORDER_STATUS_CONCEPT_NAME = 'lab order status'
     UNKNOWN_SPECIMEN = 'Unknown'
 
     # Encounter

data/app/services/lab/orders_service.rb

@@ -103,17 +103,84 @@ module Lab
         order.target_lab&.void(reason)
 
         order.tests.each { |test| test.void(reason) }
-        voided = order.void(reason)
-
-        voided
+        order.void(reason)
       end
 
       def check_tracking_number(tracking_number)
         accession_number_exists?(tracking_number) || nlims_accession_number_exists?(tracking_number)
       end
 
+      def update_order_status(order_params)
+        # find the order
+        order = find_order(order_params['tracking_number'])
+        concept = ConceptName.find_by_name Lab::Metadata::LAB_ORDER_STATUS_CONCEPT_NAME
+        ActiveRecord::Base.transaction do
+          void_order_status(order, concept)
+          Observation.create!(
+            person_id: order.patient_id,
+            encounter_id: order.encounter_id,
+            concept_id: concept.concept_id,
+            order_id: order.id,
+            obs_datetime: order_params['status_time'] || Time.now,
+            value_text: order_params['status'],
+            creator: User.current.id
+          )
+        end
+        create_rejection_notification(order_params) if order_params['status'] == 'test-rejected'
+      end
+
+      def update_order_result(order_params)
+        order = find_order(order_params['tracking_number'])
+        order_dto = Lab::Lims::OrderSerializer.serialize_order(order)
+        patch_order_dto_with_lims_results!(order_dto, order_params['results'])
+        Lab::Lims::PullWorker.new(nil).process_order(order_dto)
+      end
+
       private
 
+      def create_rejection_notification(order_params)
+        order = find_order order_params['tracking_number']
+        data = { 'type': 'LIMS',
+                 'accession_number': order&.accession_number,
+                 'order_date': order&.start_date,
+                 'arv_number': find_arv_number(order.patient_id),
+                 'patient_id': result.person_id,
+                 'ordered_by': order&.provider&.person&.name,
+                 'rejection_reason': order_params['comments']
+                }.as_json
+        NotificationService.new.create_notification('LIMS', data)
+      end
+
+      def find_arv_number(patient_id)
+        PatientIdentifier.joins(:type)
+                         .merge(PatientIdentifierType.where(name: 'ARV Number'))
+                         .where(patient_id: patient_id)
+                         .first&.identifier
+      end
+
+      def find_order(tracking_number)
+        Lab::LabOrder.find_by_accession_number(tracking_number)
+      end
+
+      def patch_order_dto_with_lims_results!(order_dto, results)
+        order_dto.merge!(
+          '_id' => order_dto[:tracking_number],
+          '_rev' => 0,
+          'test_results' => results.each_with_object({}) do |result, formatted_results|
+            test_name, measures = result
+            result_date = measures.delete('result_date')
+
+            formatted_results[test_name] = {
+              results: measures.each_with_object({}) do |measure, processed_measures|
+                processed_measures[measure[0]] = { 'result_value' => measure[1] }
+              end,
+              result_date: result_date,
+              result_entered_by: {}
+            }
+          end
+        )
+      end
+
       ##
       # Extract an encounter from the given parameters.
       #
@@ -228,6 +295,12 @@ module Lab
         order.reason_for_test&.delete
         add_reason_for_test(order, date: order.start_date, reason_for_test_id: concept_id)
       end
+
+      def void_order_status(order, concept)
+        Observation.where(order_id: order.id, concept_id: concept.concept_id).each do |obs|
+          obs.void('New Status Received from LIMS')
+        end
+      end
     end
   end
 end

data/app/services/lab/results_service.rb

@@ -45,6 +45,7 @@ module Lab
         data = { Type: result_enter_by,
                  'Test type': ConceptName.find_by(concept_id: result.test.value_coded)&.name,
                  'Accession number': order&.accession_number,
+                 'Orde date': order&.start_date,
                  'ARV-Number': find_arv_number(result.person_id),
                  PatientID: result.person_id,
                  'Ordered By': order&.provider&.person&.name,

data/app/services/lab/user_service.rb

@@ -0,0 +1,62 @@
+# frozen_string_literal: true
+
+module Lab
+  # Service for managing LIMS users
+  module UserService
+    class << self
+      include BCrypt
+
+      def create_lims_user(username:, password:)
+        validate username: username
+        ActiveRecord::Base.transaction do
+          person = create_lims_person
+          create_user username: username, password: password, person: person
+        end
+      end
+
+      def authenticate_user(username:, password:, user_agent:, request_ip:)
+        user = User.find_by_username username
+        encrypted_pass = Password.new(user.password)
+        if encrypted_pass == password
+          generate_token(user, user_agent, request_ip)
+        else
+          # throw authentication error
+          nil
+        end
+      end
+
+      private
+
+      ##
+      # Validate that the username doesn't already exists
+      def validate(username:)
+        raise UnprocessableEntityError, 'Username already exists' if User.find_by_username username
+      end
+
+      def create_lims_person
+        god_user = User.first
+        person = Person.create!(creator: god_user.id)
+        PersonName.create!(given_name: 'Lims', family_name: 'User', creator: god_user.id, person: person)
+        person
+      end
+
+      def create_user(username:, password:, person:)
+        salt = SecureRandom.base64
+        user = User.create!(
+          username: username,
+          password: Password.create(password),
+          salt: salt,
+          person: person,
+          creator: User.first.id
+        )
+      end
+
+      def generate_token(user, user_agent, request_ip)
+        browser = Browser.new(user_agent)
+        key_supplement = request_ip + browser.name + browser.version
+        token = Lab::JsonWebTokenService.encode({ user_id: user.id }, key_supplement)
+        { auth_token: token }
+      end
+    end
+  end
+end

data/config/routes.rb

@@ -1,7 +1,12 @@
 # frozen_string_literal: true
 
 Lab::Engine.routes.draw do
-  resources :orders, path: 'api/v1/lab/orders'
+  resources :orders, path: 'api/v1/lab/orders' do
+    collection do
+      post :order_status
+      post :order_result
+    end
+  end
   resources :tests, path: 'api/v1/lab/tests', except: %i[update] do # ?pending=true to select tests without results?
     resources :results, only: %i[index create destroy]
   end
@@ -15,4 +20,9 @@ Lab::Engine.routes.draw do
   resources :test_result_indicators, only: %i[index], path: 'api/v1/lab/test_result_indicators'
   resources :test_types, only: %i[index], path: 'api/v1/lab/test_types'
   resources :reasons_for_test, only: %i[index], path: 'api/v1/lab/reasons_for_test'
+  resources :users, only: %i[create], path: 'api/v1/lab/users' do
+    collection do
+      post :login
+    end
+  end
 end

data/lib/lab/version.rb

@@ -1,5 +1,5 @@
 # frozen_string_literal: true
 
 module Lab
-  VERSION = '1.1.29'
+  VERSION = '1.1.31'
 end

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: his_emr_api_lab
 version: !ruby/object:Gem::Version
-  version: 1.1.29
+  version: 1.1.31
 platform: ruby
 authors:
 - Elizabeth Glaser Pediatric Foundation Malawi
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2023-04-19 00:00:00.000000000 Z
+date: 2023-12-19 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: couchrest
@@ -247,6 +247,7 @@ files:
 - app/controllers/lab/test_result_indicators_controller.rb
 - app/controllers/lab/test_types_controller.rb
 - app/controllers/lab/tests_controller.rb
+- app/controllers/lab/users_controller.rb
 - app/jobs/lab/application_job.rb
 - app/jobs/lab/push_order_job.rb
 - app/jobs/lab/update_patient_orders_job.rb
@@ -267,6 +268,7 @@ files:
 - app/services/lab/accession_number_service.rb
 - app/services/lab/acknowledgement_service.rb
 - app/services/lab/concepts_service.rb
+- app/services/lab/json_web_token_service.rb
 - app/services/lab/labelling_service/order_label.rb
 - app/services/lab/lims/acknowledgement_serializer.rb
 - app/services/lab/lims/acknowledgement_worker.rb
@@ -290,6 +292,7 @@ files:
 - app/services/lab/orders_service.rb
 - app/services/lab/results_service.rb
 - app/services/lab/tests_service.rb
+- app/services/lab/user_service.rb
 - config/routes.rb
 - db/migrate/20210126092910_create_lab_lab_accession_number_counters.rb
 - db/migrate/20210310115457_create_lab_lims_order_mappings.rb
@@ -338,8 +341,7 @@ required_rubygems_version: !ruby/object:Gem::Requirement
     - !ruby/object:Gem::Version
       version: '0'
 requirements: []
-rubyforge_project: 
-rubygems_version: 2.7.6
+rubygems_version: 3.4.1
 signing_key: 
 specification_version: 4
 summary: Lab extension for the HIS-EMR-API