pvdgm_services 0.1.0

data/app/contexts/services/update_configured_facility_context.rb

@@ -0,0 +1,26 @@
+module Services
+
+  class UpdateConfiguredFacilityContext
+
+    attr_accessor :configured_facility, :cf_params, :cred_params
+
+    def self.call(configured_facility, cf_params, cred_params)
+      UpdateConfiguredFacilityContext.new(configured_facility, cf_params, cred_params).call
+    end
+
+    def initialize(configured_facility, cf_params, cred_params)
+      @configured_facility = configured_facility
+      @cf_params = cf_params
+      @cred_params = cred_params
+      @configured_facility.extend Services::ConfiguredFacilityUpdater
+    end
+
+    def call
+      configured_facility.update(cf_params).tap do | configured_facility |
+        UpdateCredentialContext.call(configured_facility, cred_params) 
+      end
+    end
+
+  end
+
+end

data/app/contexts/services/update_credential_context.rb

@@ -0,0 +1,23 @@
+module Services
+
+  class UpdateCredentialContext
+
+    attr_accessor :credentialled_object, :params
+
+    def self.call(credentialled_object, params)
+      UpdateCredentialContext.new(credentialled_object, params).call
+    end
+
+    def initialize(credentialled_object, params)
+      @credentialled_object = credentialled_object
+      @params = params
+      @credentialled_object.extend Services::CredentialUpdater
+    end
+
+    def call
+      credentialled_object.update_credential(params)
+    end
+
+  end
+
+end

data/app/contexts/services/update_facility_mapping_context.rb

@@ -0,0 +1,23 @@
+module Services
+
+  class UpdateFacilityMappingContext
+
+    attr_accessor :facility_mapping, :params
+
+    def self.call(facility_mapping, params)
+      UpdateFacilityMappingContext.new(facility_mapping, params).call
+    end
+
+    def initialize(facility_mapping, params)
+      @facility_mapping = facility_mapping
+      @params = params
+      @facility_mapping.extend Services::FacilityMappingUpdater
+    end
+
+    def call
+      facility_mapping.update(params)
+    end
+
+  end
+
+end

data/app/contexts/services/update_public_key_context.rb

@@ -0,0 +1,23 @@
+module Services
+
+  class UpdatePublicKeyContext 
+
+    attr_accessor :public_key, :params
+
+    def self.call(public_key, params)
+      UpdatePublicKeyContext.new(public_key, params).call
+    end
+
+    def initialize(public_key, params)
+      @public_key = public_key
+      @params = params
+      @public_key.extend Services::PublicKeyUpdater
+    end
+
+    def call
+      public_key.update(params)
+    end
+
+  end
+
+end

data/app/contexts/services/update_service_context.rb

@@ -0,0 +1,23 @@
+module Services
+
+  class UpdateServiceContext
+
+    attr_accessor :service, :params
+
+    def self.call(service, params)
+      UpdateServiceContext.new(service, params).call
+    end
+
+    def initialize(service, params)
+      @service = service
+      @params = params
+      @service.extend Services::ServiceUpdater
+    end
+
+    def call
+      service.update(params)
+    end
+
+  end
+
+end

data/app/contexts/services/update_service_definition_context.rb

@@ -0,0 +1,26 @@
+module Services
+
+  class UpdateServiceDefinitionContext
+
+    attr_accessor :service_definition, :sd_params, :cred_params
+
+    def self.call(service_definition, sd_params, cred_params)
+      UpdateServiceDefinitionContext.new(service_definition, sd_params, cred_params).call
+    end
+
+    def initialize(service_definition, sd_params, cred_params)
+      @service_definition = service_definition
+      @sd_params = sd_params
+      @cred_params = cred_params
+      @service_definition.extend Services::ServiceDefinitionUpdater
+    end
+
+    def call
+      service_definition.update(sd_params).tap do | service_definition |
+        UpdateCredentialContext.call(service_definition, cred_params)
+      end
+    end
+
+  end
+
+end

data/app/contexts/services/update_third_party_context.rb

@@ -0,0 +1,23 @@
+module Services
+
+  class UpdateThirdPartyContext
+
+    attr_accessor :third_party, :params
+
+    def self.call(third_party, params)
+      UpdateThirdPartyContext.new(third_party, params).call
+    end
+
+    def initialize(third_party, params)
+      @third_party = third_party
+      @params = params
+      third_party.extend Services::ThirdPartyUpdater
+    end
+
+    def call
+      third_party.update(params)
+    end
+
+  end
+
+end

data/app/controllers/services/account_mappings_controller.rb

@@ -0,0 +1,54 @@
+module Services
+
+  class AccountMappingsController < Services::ThirdPartyBaseController
+    attr_reader :account_mapping
+
+    respond_to :json
+
+    before_filter :must_have_account_mapping, only: [ :show, :update, :destroy ]
+
+    def index
+      @account_mappings = third_party.account_mappings
+    end
+
+    def show
+      # Nothing to do
+    end
+
+    def create
+      am = CreateAccountMappingContext.call(third_party, safe_params)
+      if am.errors.empty?
+        render json: { id: am.id }
+      else
+        render json: { validation_error: am.errors.full_messages }, status: 403
+      end
+    end
+
+    def update
+      UpdateAccountMappingContext.call(account_mapping, safe_params)
+      if account_mapping.errors.empty?
+        render json: { id: account_mapping.id }
+      else
+        render json: { validation_error: account_mapping.errors.full_messages }, status: 403
+      end
+    end
+
+    def destroy
+      account_mapping.destroy
+      render json: { id: account_mapping.id }
+    end
+
+    private
+
+    def safe_params
+      params.require(:account_mapping).permit(:account_id, :account_code)
+    end
+
+    def must_have_account_mapping
+      @account_mapping = third_party.account_mappings.where(id: params[:id]).first
+      render json: { error: "No account mapping with id: #{params[:id]}" }, status: 404 if @account_mapping.blank?
+    end
+
+  end
+
+end

data/app/controllers/services/adts_controller.rb

@@ -0,0 +1,35 @@
+module Services
+
+  class AdtsController < Services::ApplicationController
+
+    skip_before_action :restrict_access
+    before_action :verify_hl7_access
+
+    def create
+      request.body.rewind # Need this to deal with Rails 4 bug.
+
+      msg = AcceptHl7MessageContext.call(params[:messageType], request.body.read)
+
+      if msg.valid?
+        render json: { status: 'success' }, status: 200
+      else
+        render json: { status: 'error', errors: msg.errors.full_messages }, status: 400
+      end
+    end
+
+    private 
+
+    def verify_hl7_access
+      authenticate_or_request_with_http_token do |token, options|
+        # Authenticating through the service definition credential
+        tp = ThirdParty.where(key: ThirdParty::PROVIDIGM).first
+        svc = Service.where(key: Service::HL7_INBOUND).first
+        sd = ServiceDefinition.where(third_party_id: tp.id, service_id: svc.id).first
+        cred = sd.credentials.first
+        token == cred.token
+      end
+    end
+
+  end
+
+end

data/app/controllers/services/application_controller.rb

@@ -0,0 +1,17 @@
+module Services
+  class ApplicationController < ActionController::Base
+
+    MAX_LIST_LENGTH = 50
+
+    before_action :restrict_access
+
+    private
+
+    def restrict_access
+      authenticate_or_request_with_http_token do | token, options |
+        @api_key = ApiKey.where(access_token: token).first
+        @api_key.present? && @api_key.authenticateable.id == 1 # Providigm account
+      end
+    end
+  end
+end

data/app/controllers/services/assessment_requests_controller.rb

@@ -0,0 +1,48 @@
+module Services
+
+  class AssessmentRequestsController < Services::ApplicationController
+    include StatusMasking
+
+    respond_to :json
+
+    def index
+      where_clause = build_where_clause
+
+      if where_clause.present?
+        @assessment_requests = AssessmentRequest.where(where_clause).order("created_at DESC").limit(MAX_LIST_LENGTH)
+      else
+        @assessment_requests = AssessmentRequest.order("created_at DESC").limit(MAX_LIST_LENGTH)
+      end
+    end
+
+    def create
+      ca = ConfiguredAccount.find params[:configured_account_id]
+
+      RequestSltcBaselineContext.call(ca, safe_params)
+
+      render :index
+    end
+
+    private
+
+    def build_where_clause
+      where = ''
+      provider_id = params[:provider_id] || -1
+      where = "facility_code = #{provider_id}" if provider_id.to_i > 0
+      
+      status, operator = determine_status_operator(params[:status])
+
+      where += ' AND ' if status.present? && where.length > 0
+      where += "status #{operator} #{status}" if status.present?
+      where
+    end
+
+    def safe_params
+      params.permit(:configured_account_id, :provider_id, :uploaded_before, :uploaded_after)
+    end
+
+  end
+
+
+
+end

data/app/controllers/services/available_files_controller.rb

@@ -0,0 +1,19 @@
+module Services
+
+  class AvailableFilesController < Services::ConfiguredAccountBaseController
+    include StatusMasking
+
+    respond_to :json
+
+    def index
+      status, operator = determine_status_operator(params[:status])
+      if status.present?
+        @available_files = configured_account.available_files.where("status #{operator} ?", status).order("created_at DESC").limit(MAX_LIST_LENGTH)
+      else
+        @available_files = configured_account.available_files.order("created_at DESC").limit(MAX_LIST_LENGTH)
+      end
+    end
+
+  end
+
+end

data/app/controllers/services/configured_account_base_controller.rb

@@ -0,0 +1,17 @@
+module Services
+
+  class ConfiguredAccountBaseController < Services::ServiceDefinitionBaseController
+    attr_reader :configured_account
+
+    before_filter :must_have_configured_account
+
+    private
+
+    def must_have_configured_account
+      @configured_account = service_definition.configured_accounts.where(id: params[:configured_account_id]).first
+      render json: { error: "No configured account with id: #{params[:configured_account_id]}" }, status: 404 if @configured_account.blank?
+    end
+
+  end
+
+end

data/app/controllers/services/configured_accounts_controller.rb

@@ -0,0 +1,59 @@
+module Services
+
+  class ConfiguredAccountsController < Services::ServiceDefinitionBaseController
+    attr_reader :configured_account
+
+    respond_to :json
+
+    before_filter :must_have_configured_account, only: [ :show, :update, :destroy ]
+
+    def index
+      @configured_accounts = service_definition.configured_accounts.includes(:credentials)
+    end
+
+    def show
+      # nothing to do
+    end
+
+    def create
+      ca = CreateConfiguredAccountContext.call(service_definition, safe_ca_params, safe_cred_params)
+      if ca.errors.empty?
+        render json: { id: ca.id }
+      else
+        render json: { validation_error: ca.errors.full_messages }, status: 403
+      end
+    end
+
+    def update
+      UpdateConfiguredAccountContext.call(configured_account, safe_ca_params, safe_cred_params)
+      if configured_account.errors.empty?
+        render json: { id: configured_account.id }
+      else
+        render json: { validation_error: configured_account.errors.full_messages }, status: 403
+      end
+    end
+
+    def destroy
+      configured_account.destroy
+      render json: { id: configured_account.id }
+    end
+
+    private
+
+    def safe_ca_params
+      params.require(:configured_account).permit(:account_id, :username, :enabled)
+    end
+
+    def safe_cred_params
+      return {} if params[:credential].blank?
+      params.require(:credential).permit(:password, :token)
+    end
+
+    def must_have_configured_account
+      @configured_account = service_definition.configured_accounts.includes(:credentials).where(id: params[:id]).first
+      render json: { error: "No configured account with id: #{params[:id]}" }, status: 404 if @configured_account.blank?
+    end
+
+  end
+
+end

data/app/controllers/services/configured_facilities_controller.rb

@@ -0,0 +1,65 @@
+module Services
+
+  class ConfiguredFacilitiesController < Services::ServiceDefinitionBaseController
+    attr_reader :configured_facility
+
+    respond_to :json
+
+    before_filter :must_have_configured_facility, only: [ :show, :update, :destroy ]
+
+    def index
+      if params[:configured_account_id]
+        configured_account = ConfiguredAccount.find params[:configured_account_id]
+        enabled_facility_ids = ApplicationApi.api_impl.enabled_facilities_for_account_id(configured_account.account_id).pluck(:id)
+        @configured_facilities = ConfiguredFacility.where(facility_id: enabled_facility_ids).includes(:credentials)
+      else
+        @configured_facilities = service_definition.configured_facilities.includes(:credentials)
+      end
+    end
+
+    def show
+      # nothing to do
+    end
+
+    def create
+      cf = CreateConfiguredFacilityContext.call(service_definition, safe_fac_params, safe_cred_params)
+      if cf.errors.empty?
+        render json: { id: cf.id }
+      else
+        render json: { validation_error: cf.errors.full_messages }, status: 403
+      end
+    end
+
+    def update
+      UpdateConfiguredFacilityContext.call(configured_facility, safe_fac_params, safe_cred_params)
+      if configured_facility.errors.empty?
+        render json: { id: configured_facility.id }
+      else
+        render json: { validation_error: configured_facility.errors.full_messages }, status: 403
+      end
+    end
+
+    def destroy
+      configured_facility.destroy
+      render json: { id: configured_facility.id }
+    end
+
+    private
+
+    def safe_fac_params
+      params.require(:configured_facility).permit(:facility_id, :username, :enabled)
+    end
+
+    def safe_cred_params
+      return {} if params[:credential].blank?
+      params.require(:credential).permit(:password, :token)
+    end
+
+    def must_have_configured_facility
+      @configured_facility = service_definition.configured_facilities.includes(:credentials).where(id: params[:id]).first
+      render json: { error: "No configured facility with id: #{params[:id]}" }, status: 404 if @configured_facility.blank?
+    end
+
+  end
+
+end

data/app/controllers/services/facility_mappings_controller.rb

@@ -0,0 +1,58 @@
+module Services
+
+  class FacilityMappingsController < Services::ThirdPartyBaseController
+    attr_reader :facility_mapping
+    respond_to :json
+
+    before_filter :must_have_facility_mapping, only: [ :show, :update, :destroy ]
+
+    def index
+      if params[:configured_account_id]
+        configured_account = ConfiguredAccount.find params[:configured_account_id]
+        enabled_facility_ids = ApplicationApi.api_impl.enabled_facilities_for_account_id(configured_account.account_id).pluck(:id)
+        @facility_mappings = FacilityMapping.where(facility_id: enabled_facility_ids).order("facility_code ASC")
+      else
+        @facility_mappings = third_party.facility_mappings
+      end
+    end
+
+    def show
+      # Nothing to do
+    end
+
+    def create
+      fm = CreateFacilityMappingContext.call(third_party, safe_params)
+      if fm.errors.empty?
+        render json: { id: fm.id }
+      else
+        render json: { validation_error: fm.errors.full_messages }, status: 403
+      end
+    end
+
+    def update
+      UpdateFacilityMappingContext.call(facility_mapping, safe_params)
+      if facility_mapping.errors.empty?
+        render json: { id: facility_mapping.id }
+      else
+        render json: { validation_error: facility_mapping.errors.full_messages }, status: 403
+      end
+    end
+
+    def destroy
+      facility_mapping.destroy
+      render json: { id: facility_mapping.id }
+    end
+
+    private
+
+    def safe_params
+      params.require(:facility_mapping).permit(:facility_id, :facility_code, :top_level)
+    end
+
+    def must_have_facility_mapping
+      @facility_mapping = third_party.facility_mappings.where(id: params[:id]).first
+      render json: { error: "No facility mapping with id: #{params[:id]}" }, status: 404 if @facility_mapping.blank?
+    end
+  end
+
+end

data/app/controllers/services/mds_files_controller.rb

@@ -0,0 +1,75 @@
+module Services
+
+  class MdsFilesController < ApplicationController
+    include FileUploadHandler
+    include MdsUploadFilters
+    
+    # This will scan through the parameters after the request is complete and close/delete
+    # any files uploaded in the request.
+    after_action :clear_temporary_files, only: [ :create ]
+    before_action :must_have_uploaded_file
+    before_action :must_be_valid_mds_file, only: [ :create ]
+
+    rescue_from Exception, :with => :catch_all_exceptions
+
+    def create
+      @errors = MdsFileUploadContext.call(@upload_account, nil, @uploaded_file)
+    end
+
+    private
+
+    #
+    # This overrides the 'restrict_access' method on the ApplicationController.
+    # The authentication mechanism for MDS submission is different from the 
+    # other API authentication.
+    #
+    def restrict_access
+      account_id = request.headers["HTTP_ACCOUNT_ID"]
+      account_password = request.headers['HTTP_ACCOUNT_PASSWORD']
+
+      @upload_account = Account.where("id = ?", account_id).first
+
+      # Find the account credentials using the new service definition information.
+      configured_account = Services::AbaqisMdsPush.configured_account(account_id)
+      password = configured_account.credentials.first.try(:password) if configured_account.present?
+
+      @errors = []
+
+      @errors << "Unable to find specified account: #{account_id}."               unless @upload_account
+      @errors << "MDS Web Service account is disabled: #{account_id}."            unless @errors.present? || @upload_account.enabled?
+      @errors << "Account #{account_id} not configured for the MDS Web Services." unless @errors.present? || (configured_account.present? && configured_account.enabled?)
+      @errors << "Authentication failed for #{account_id}."                       unless @errors.present? || (password.present? && password == account_password) 
+
+      clear_temporary_files if @errors.present?
+      render params[:action] if @errors.present?
+    end
+
+    # DS: This is a catch-all exception handler. The idea is that we always want to
+    # return an XML document to the caller, so we can't let Rails handle these
+    # exceptions on it's own.
+    def catch_all_exceptions(ex)
+      logger.error "Error processing MDS 3.0 Upload: #{ex.message}\n#{ex.backtrace.join("\n")}"
+      @errors = [ ex.message ]
+
+      render action: :create
+    end
+
+    #
+    # Overridden from Services::MdsUploadFilters. The filter in the module assumes
+    # a controller that has an index action to display the errors. In this case, we
+    # simply want to render the 'create' template to provide the appropriate XML
+    # error response. Sorry. I wish we could share the code, but life is hard
+    # sometimes.
+    #
+    def must_be_valid_mds_file
+      uv = UnzipmeValidator.new(@uploaded_file.path)
+
+      if ! uv.valid_zip?
+        @errors = [ "You have uploaded an invalid MDS 3.0 or MDS 3.0 Composite file." ]
+        render action: :create
+      end
+
+    end
+  end
+
+end

data/app/controllers/services/mds_pull_accounts_controller.rb

@@ -0,0 +1,57 @@
+module Services
+
+  class MdsPullAccountsController < Services::ServiceBaseController
+    include StatusMasking
+
+    attr_reader :service_definition, :configured_account
+    respond_to :json
+
+    before_filter :must_have_valid_owner
+
+    def index
+      status, operator = determine_status_operator(params[:status])
+
+      if configured_account.present?
+
+        @mds_pull_accounts = configured_account.mds_pull_accounts.
+          order("created_at DESC").
+          limit(MAX_LIST_LENGTH)
+
+      elsif service_definition.present?
+
+        @mds_pull_accounts = MdsPullAccount.
+          joins(:configured_account).
+          where("services_configured_accounts.service_definition_id" => service_definition.id).
+          order("created_at DESC").
+          limit(MAX_LIST_LENGTH)
+
+      else
+
+        @mds_pull_accounts = MdsPullAccount.
+          joins(:configured_account, :service_definition).
+          where("services_service_definitions.service_id" => service.id).
+          order("created_at DESC").
+          limit(MAX_LIST_LENGTH)
+
+      end
+      @mds_pull_accounts = @mds_pull_accounts.where("status #{operator} ?", status).order("created_at DESC").limit(MAX_LIST_LENGTH) if status.present?
+    end
+
+    private
+
+    def must_have_valid_owner
+      if params[:service_definition_id].present?
+        @service_definition = service.service_definitions.where(id: params[:service_definition_id]).first
+        render(json: { error: "No service definition with id: #{params[:service_definition_id]}" }, status: 404) and return if @service_definition.blank?
+
+        if params[:configured_account_id].present?
+          @configured_account = service_definition.configured_accounts.where(id: params[:configured_account_id]).first
+          render(json: { error: "No configured account with id: #{params[:configured_account_id]}" }, status: 404) and return if @configured_account.blank?
+        end
+      end
+      # It's OK if this falls through; having just a service is enough...
+    end
+
+  end
+
+end