@icure/api 7.0.0-beta.1 → 7.0.0-beta.3

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
Files changed (103) hide show
  1. package/icc-api/api/IccDataownerApi.d.ts +13 -2
  2. package/icc-api/api/IccDataownerApi.js +30 -4
  3. package/icc-api/api/IccDataownerApi.js.map +1 -1
  4. package/icc-api/api/IccPatientApi.d.ts +4 -0
  5. package/icc-api/api/IccPatientApi.js +17 -0
  6. package/icc-api/api/IccPatientApi.js.map +1 -1
  7. package/icc-api/model/CryptoActorStub.d.ts +55 -0
  8. package/icc-api/model/CryptoActorStub.js +35 -0
  9. package/icc-api/model/CryptoActorStub.js.map +1 -0
  10. package/icc-api/model/DataOwnerTypeEnum.d.ts +8 -0
  11. package/icc-api/model/DataOwnerTypeEnum.js +13 -0
  12. package/icc-api/model/DataOwnerTypeEnum.js.map +1 -0
  13. package/icc-api/model/DataOwnerWithType.d.ts +16 -3
  14. package/icc-api/model/DataOwnerWithType.js +22 -7
  15. package/icc-api/model/DataOwnerWithType.js.map +1 -1
  16. package/icc-api/model/Device.d.ts +4 -0
  17. package/icc-api/model/Device.js.map +1 -1
  18. package/icc-api/model/HealthcareParty.d.ts +4 -0
  19. package/icc-api/model/HealthcareParty.js.map +1 -1
  20. package/icc-api/model/Patient.d.ts +4 -0
  21. package/icc-api/model/Patient.js.map +1 -1
  22. package/icc-x-api/basexapi/EncryptedEntityXApi.d.ts +48 -0
  23. package/icc-x-api/basexapi/EncryptedEntityXApi.js +3 -0
  24. package/icc-x-api/basexapi/EncryptedEntityXApi.js.map +1 -0
  25. package/icc-x-api/crypto/AES.js +9 -1
  26. package/icc-x-api/crypto/AES.js.map +1 -1
  27. package/icc-x-api/crypto/BaseExchangeKeysManager.d.ts +4 -2
  28. package/icc-x-api/crypto/BaseExchangeKeysManager.js +32 -31
  29. package/icc-x-api/crypto/BaseExchangeKeysManager.js.map +1 -1
  30. package/icc-x-api/crypto/CryptoStrategies.d.ts +5 -4
  31. package/icc-x-api/crypto/CryptoStrategies.js.map +1 -1
  32. package/icc-x-api/crypto/EntitiesEncryption.d.ts +23 -4
  33. package/icc-x-api/crypto/EntitiesEncryption.js +48 -24
  34. package/icc-x-api/crypto/EntitiesEncryption.js.map +1 -1
  35. package/icc-x-api/crypto/ExchangeKeysManager.d.ts +3 -2
  36. package/icc-x-api/crypto/ExchangeKeysManager.js +3 -3
  37. package/icc-x-api/crypto/ExchangeKeysManager.js.map +1 -1
  38. package/icc-x-api/crypto/KeyManager.js +4 -4
  39. package/icc-x-api/crypto/KeyManager.js.map +1 -1
  40. package/icc-x-api/crypto/KeyRecovery.d.ts +2 -1
  41. package/icc-x-api/crypto/KeyRecovery.js.map +1 -1
  42. package/icc-x-api/crypto/LegacyCryptoStrategies.d.ts +5 -4
  43. package/icc-x-api/crypto/LegacyCryptoStrategies.js +1 -1
  44. package/icc-x-api/crypto/LegacyCryptoStrategies.js.map +1 -1
  45. package/icc-x-api/crypto/ShamirKeysManager.d.ts +4 -3
  46. package/icc-x-api/crypto/ShamirKeysManager.js +8 -7
  47. package/icc-x-api/crypto/ShamirKeysManager.js.map +1 -1
  48. package/icc-x-api/crypto/TransferKeysManager.d.ts +3 -2
  49. package/icc-x-api/crypto/TransferKeysManager.js +6 -6
  50. package/icc-x-api/crypto/TransferKeysManager.js.map +1 -1
  51. package/icc-x-api/crypto/utils.d.ts +7 -6
  52. package/icc-x-api/crypto/utils.js +4 -7
  53. package/icc-x-api/crypto/utils.js.map +1 -1
  54. package/icc-x-api/icc-accesslog-x-api.d.ts +27 -1
  55. package/icc-x-api/icc-accesslog-x-api.js +34 -1
  56. package/icc-x-api/icc-accesslog-x-api.js.map +1 -1
  57. package/icc-x-api/icc-calendar-item-x-api.d.ts +36 -1
  58. package/icc-x-api/icc-calendar-item-x-api.js +61 -1
  59. package/icc-x-api/icc-calendar-item-x-api.js.map +1 -1
  60. package/icc-x-api/icc-classification-x-api.d.ts +27 -1
  61. package/icc-x-api/icc-classification-x-api.js +34 -1
  62. package/icc-x-api/icc-classification-x-api.js.map +1 -1
  63. package/icc-x-api/icc-contact-x-api.d.ts +27 -1
  64. package/icc-x-api/icc-contact-x-api.js +34 -1
  65. package/icc-x-api/icc-contact-x-api.js.map +1 -1
  66. package/icc-x-api/icc-crypto-x-api.d.ts +6 -6
  67. package/icc-x-api/icc-crypto-x-api.js +4 -4
  68. package/icc-x-api/icc-crypto-x-api.js.map +1 -1
  69. package/icc-x-api/icc-data-owner-x-api.d.ts +21 -52
  70. package/icc-x-api/icc-data-owner-x-api.js +36 -68
  71. package/icc-x-api/icc-data-owner-x-api.js.map +1 -1
  72. package/icc-x-api/icc-document-x-api.d.ts +71 -4
  73. package/icc-x-api/icc-document-x-api.js +96 -6
  74. package/icc-x-api/icc-document-x-api.js.map +1 -1
  75. package/icc-x-api/icc-form-x-api.d.ts +27 -1
  76. package/icc-x-api/icc-form-x-api.js +34 -1
  77. package/icc-x-api/icc-form-x-api.js.map +1 -1
  78. package/icc-x-api/icc-helement-x-api.d.ts +27 -1
  79. package/icc-x-api/icc-helement-x-api.js +34 -1
  80. package/icc-x-api/icc-helement-x-api.js.map +1 -1
  81. package/icc-x-api/icc-icure-maintenance-x-api.js +4 -4
  82. package/icc-x-api/icc-icure-maintenance-x-api.js.map +1 -1
  83. package/icc-x-api/icc-invoice-x-api.d.ts +27 -1
  84. package/icc-x-api/icc-invoice-x-api.js +34 -1
  85. package/icc-x-api/icc-invoice-x-api.js.map +1 -1
  86. package/icc-x-api/icc-maintenance-task-x-api.d.ts +25 -2
  87. package/icc-x-api/icc-maintenance-task-x-api.js +26 -2
  88. package/icc-x-api/icc-maintenance-task-x-api.js.map +1 -1
  89. package/icc-x-api/icc-message-x-api.d.ts +30 -1
  90. package/icc-x-api/icc-message-x-api.js +37 -1
  91. package/icc-x-api/icc-message-x-api.js.map +1 -1
  92. package/icc-x-api/icc-patient-x-api.d.ts +67 -1
  93. package/icc-x-api/icc-patient-x-api.js +80 -6
  94. package/icc-x-api/icc-patient-x-api.js.map +1 -1
  95. package/icc-x-api/icc-receipt-x-api.d.ts +47 -2
  96. package/icc-x-api/icc-receipt-x-api.js +58 -4
  97. package/icc-x-api/icc-receipt-x-api.js.map +1 -1
  98. package/icc-x-api/icc-time-table-x-api.d.ts +25 -1
  99. package/icc-x-api/icc-time-table-x-api.js +27 -2
  100. package/icc-x-api/icc-time-table-x-api.js.map +1 -1
  101. package/icc-x-api/index.js +4 -3
  102. package/icc-x-api/index.js.map +1 -1
  103. package/package.json +1 -1
@@ -102,7 +102,33 @@ class IccMessageXApi extends icc_api_1.IccMessageApi {
102
102
  */
103
103
  shareWith(delegateId, message, shareSecretIds, options = {}) {
104
104
  return __awaiter(this, void 0, void 0, function* () {
105
- return yield this.modifyMessage(yield this.crypto.entities.entityWithAutoExtendedEncryptedMetadata(message, delegateId, shareSecretIds, options.shareEncryptionKey, options.sharePatientId));
105
+ return this.shareWithMany(message, { [delegateId]: Object.assign({ shareSecretIds }, options) });
106
+ });
107
+ }
108
+ /**
109
+ * Share an existing message with other data owners, allowing them to access the non-encrypted data of the message and optionally also
110
+ * the encrypted content.
111
+ * @param message the message to share.
112
+ * @param delegates sharing options for each delegate.
113
+ * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted
114
+ * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a
115
+ * message does not have encrypted content.
116
+ * - sharePatientId: specifies if the id of the patient that this message refers to should be shared with the delegate (defaults to
117
+ * {@link ShareMetadataBehaviour.IF_AVAILABLE}).
118
+ * - shareSecretIds the secret ids of the Message that the delegate will be given access to. Allows the delegate to search for data where the
119
+ * shared Message is the owning entity id.
120
+ * @return a promise which will contain the updated message
121
+ */
122
+ shareWithMany(message, delegates = {}) {
123
+ return __awaiter(this, void 0, void 0, function* () {
124
+ return yield this.modifyMessage(yield this.crypto.entities.entityWithAutoExtendedEncryptedMetadata(message, false, Object.fromEntries(Object.entries(delegates).map(([delegateId, options]) => [
125
+ delegateId,
126
+ {
127
+ shareSecretIds: options.shareSecretIds,
128
+ shareEncryptionKey: options.shareEncryptionKey,
129
+ shareOwningEntityIds: options.sharePatientId,
130
+ },
131
+ ]))));
106
132
  });
107
133
  }
108
134
  /**
@@ -113,6 +139,16 @@ class IccMessageXApi extends icc_api_1.IccMessageApi {
113
139
  decryptSecretIdsOf(message) {
114
140
  return this.crypto.entities.secretIdsOf(message, undefined);
115
141
  }
142
+ getDataOwnersWithAccessTo(entity) {
143
+ return __awaiter(this, void 0, void 0, function* () {
144
+ return yield this.crypto.entities.getDataOwnersWithAccessTo(entity);
145
+ });
146
+ }
147
+ getEncryptionKeysOf(entity) {
148
+ return __awaiter(this, void 0, void 0, function* () {
149
+ return yield this.crypto.entities.encryptionKeysOf(entity);
150
+ });
151
+ }
116
152
  }
117
153
  exports.IccMessageXApi = IccMessageXApi;
118
154
  //# sourceMappingURL=icc-message-x-api.js.map
@@ -1 +1 @@
1
- {"version":3,"file":"icc-message-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-message-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAA0C;AAG1C,4BAA2B;AAI3B,0EAAgG;AAChG,kDAAiD;AAGjD,MAAa,cAAe,SAAQ,uBAAa;IAG/C,YACE,IAAY,EACZ,OAAkC,EAC1B,MAAqB,EAC7B,YAA8B,EAC9B,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAT/C,WAAM,GAAN,MAAM,CAAe;QAU7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;IAClC,CAAC;IAED,qCAAqC;IACrC,WAAW,CAAC,IAAU,EAAE,CAAM;QAC5B,OAAO,IAAI,CAAC,sBAAsB,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;IACnD,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACG,sBAAsB,CAC1B,IAAU,EACV,OAAuB,EACvB,IAAS,EAAE,EACX,UAGI,EAAE;;;YAEN,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,YAAY;gBAAE,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAA;YAChI,MAAM,OAAO,GAAG,CAAC,CAAC,MAAM,CACtB;gBACE,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE;gBACvC,KAAK,EAAE,mCAAmC;gBAC1C,OAAO,EAAE,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE;gBAC7B,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE;gBAC9B,WAAW,EAAE,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC;gBACrD,MAAM,EAAE,IAAI,CAAC,EAAE;gBACf,KAAK,EAAE,EAAE;gBACT,IAAI,EAAE,EAAE;aACT,EACD,CAAC,IAAI,EAAE,CACR,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,mCAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YACpI,IAAI,OAAO,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,2CAA2C,OAAO,CAAC,EAAE,EAAE,CAAC,CAAA;YAC7F,MAAM,gBAAgB,GAAG;gBACvB,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC;gBAClD,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC;gBACpC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC;aACpD,CAAA;YACD,OAAO,IAAI,MAAM,CAAC,OAAO,CACvB,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ;iBACvB,sCAAsC,CAAC,OAAO,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,gBAAgB,CAAC;iBACzF,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;;KACF;IAED;;;;OAIG;IACG,kBAAkB,CAAC,OAAuB;;YAC9C,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;QACnE,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,SAAS,CACb,UAAkB,EAClB,OAAuB,EACvB,cAAwB,EACxB,UAGI,EAAE;;YAEN,OAAO,MAAM,IAAI,CAAC,aAAa,CAC7B,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,uCAAuC,CAChE,OAAO,EACP,UAAU,EACV,cAAc,EACd,OAAO,CAAC,kBAAkB,EAC1B,OAAO,CAAC,cAAc,CACvB,CACF,CAAA;QACH,CAAC;KAAA;IAED;;;;OAIG;IACH,kBAAkB,CAAC,OAAuB;QACxC,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;IAC7D,CAAC;CACF;AApID,wCAoIC","sourcesContent":["import { IccMessageApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\n\nimport * as _ from 'lodash'\n\nimport { Patient, User } from '../icc-api/model/models'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport * as models from '../icc-api/model/models'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\n\nexport class IccMessageXApi extends IccMessageApi {\n dataOwnerApi: IccDataOwnerXApi\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n private crypto: IccCryptoXApi,\n dataOwnerApi: IccDataOwnerXApi,\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n }\n\n // noinspection JSUnusedGlobalSymbols\n newInstance(user: User, m: any) {\n return this.newInstanceWithPatient(user, null, m)\n }\n\n /**\n * Creates a new instance of message with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this message refers to.\n * @param m initialised data for the message. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used. Currently only WRITE access is supported, but in future also read\n * access will be possible.\n * - preferredSfk: secret id of the patient to use as the secret foreign key to use for the classification. The default value will be a\n * secret id of patient known by the topmost parent in the current data owner hierarchy.\n * @return a new instance of message.\n */\n async newInstanceWithPatient(\n user: User,\n patient: Patient | null,\n m: any = {},\n options: {\n additionalDelegates?: { [dataOwnerId: string]: 'WRITE' }\n preferredSfk?: string\n } = {}\n ) {\n if (!patient && options.preferredSfk) throw new Error('You need to specify parent patient in order to use secret foreign keys.')\n const message = _.extend(\n {\n id: this.crypto.primitives.randomUuid(),\n _type: 'org.taktik.icure.entities.Message',\n created: new Date().getTime(),\n modified: new Date().getTime(),\n responsible: this.dataOwnerApi.getDataOwnerIdOf(user),\n author: user.id,\n codes: [],\n tags: [],\n },\n m || {}\n )\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk = patient ? options?.preferredSfk ?? (await this.crypto.confidential.getAnySecretIdSharedWithParents(patient)) : undefined\n if (patient && !sfk) throw new Error(`Couldn't find any sfk of parent patient ${patient.id}`)\n const extraDelegations = [\n ...Object.keys(options?.additionalDelegates ?? {}),\n ...(user.autoDelegations?.all ?? []),\n ...(user.autoDelegations?.medicalInformation ?? []),\n ]\n return new models.Message(\n await this.crypto.entities\n .entityWithInitialisedEncryptedMetadata(message, patient?.id, sfk, true, extraDelegations)\n .then((x) => x.updatedEntity)\n )\n }\n\n /**\n * @param message a message\n * @return the id of the patient that the message refers to, retrieved from the encrypted metadata. Normally there should only be one element\n * in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(message: models.Message): Promise<string[]> {\n return this.crypto.entities.owningEntityIdsOf(message, undefined)\n }\n\n /**\n * Share an existing message with other data owners, allowing them to access the non-encrypted data of the message and optionally also\n * the encrypted content.\n * @param delegateId the id of the data owner which will be granted access to the message.\n * @param message the message to share.\n * @param shareSecretIds the secret ids of the Message that the delegate will be given access to. Allows the delegate to search for data where the\n * shared Message is the owning entity id.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * message does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this message refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * @return a promise which will contain the updated message\n */\n async shareWith(\n delegateId: string,\n message: models.Message,\n shareSecretIds: string[],\n options: {\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.Message> {\n return await this.modifyMessage(\n await this.crypto.entities.entityWithAutoExtendedEncryptedMetadata(\n message,\n delegateId,\n shareSecretIds,\n options.shareEncryptionKey,\n options.sharePatientId\n )\n )\n }\n\n /**\n * @param message a message\n * @return the secret ids of the message, retrieved from the encrypted metadata. The result may be used to find entities where the message is\n * the 'owning entity', or in the {@link shareWith} method in order to share it with other data owners.\n */\n decryptSecretIdsOf(message: models.Message): Promise<string[]> {\n return this.crypto.entities.secretIdsOf(message, undefined)\n }\n}\n"]}
1
+ {"version":3,"file":"icc-message-x-api.js","sourceRoot":"","sources":["../../icc-x-api/icc-message-x-api.ts"],"names":[],"mappings":";;;;;;;;;;;;AAAA,wCAA0C;AAG1C,4BAA2B;AAI3B,0EAAgG;AAChG,kDAAiD;AAIjD,MAAa,cAAe,SAAQ,uBAAa;IAG/C,YACE,IAAY,EACZ,OAAkC,EAC1B,MAAqB,EAC7B,YAA8B,EAC9B,yBAAiD,IAAI,iDAAwB,EAAE,EAC/E,YAA2E,OAAO,MAAM,KAAK,WAAW;QACtG,CAAC,CAAC,MAAM,CAAC,KAAK;QACd,CAAC,CAAC,OAAO,IAAI,KAAK,WAAW;YAC7B,CAAC,CAAC,IAAI,CAAC,KAAK;YACZ,CAAC,CAAC,KAAK;QAET,KAAK,CAAC,IAAI,EAAE,OAAO,EAAE,sBAAsB,EAAE,SAAS,CAAC,CAAA;QAT/C,WAAM,GAAN,MAAM,CAAe;QAU7B,IAAI,CAAC,MAAM,GAAG,MAAM,CAAA;QACpB,IAAI,CAAC,YAAY,GAAG,YAAY,CAAA;IAClC,CAAC;IAED,qCAAqC;IACrC,WAAW,CAAC,IAAU,EAAE,CAAM;QAC5B,OAAO,IAAI,CAAC,sBAAsB,CAAC,IAAI,EAAE,IAAI,EAAE,CAAC,CAAC,CAAA;IACnD,CAAC;IAED;;;;;;;;;;;;;;OAcG;IACG,sBAAsB,CAC1B,IAAU,EACV,OAAuB,EACvB,IAAS,EAAE,EACX,UAGI,EAAE;;;YAEN,IAAI,CAAC,OAAO,IAAI,OAAO,CAAC,YAAY;gBAAE,MAAM,IAAI,KAAK,CAAC,yEAAyE,CAAC,CAAA;YAChI,MAAM,OAAO,GAAG,CAAC,CAAC,MAAM,CACtB;gBACE,EAAE,EAAE,IAAI,CAAC,MAAM,CAAC,UAAU,CAAC,UAAU,EAAE;gBACvC,KAAK,EAAE,mCAAmC;gBAC1C,OAAO,EAAE,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE;gBAC7B,QAAQ,EAAE,IAAI,IAAI,EAAE,CAAC,OAAO,EAAE;gBAC9B,WAAW,EAAE,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC;gBACrD,MAAM,EAAE,IAAI,CAAC,EAAE;gBACf,KAAK,EAAE,EAAE;gBACT,IAAI,EAAE,EAAE;aACT,EACD,CAAC,IAAI,EAAE,CACR,CAAA;YAED,MAAM,OAAO,GAAG,IAAI,CAAC,YAAY,CAAC,gBAAgB,CAAC,IAAI,CAAC,CAAA;YACxD,IAAI,OAAO,KAAK,CAAC,MAAM,IAAI,CAAC,YAAY,CAAC,qBAAqB,EAAE,CAAC;gBAAE,MAAM,IAAI,KAAK,CAAC,qDAAqD,CAAC,CAAA;YACzI,MAAM,GAAG,GAAG,OAAO,CAAC,CAAC,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,YAAY,mCAAI,CAAC,MAAM,IAAI,CAAC,MAAM,CAAC,YAAY,CAAC,+BAA+B,CAAC,OAAO,CAAC,CAAC,CAAC,CAAC,CAAC,SAAS,CAAA;YACpI,IAAI,OAAO,IAAI,CAAC,GAAG;gBAAE,MAAM,IAAI,KAAK,CAAC,2CAA2C,OAAO,CAAC,EAAE,EAAE,CAAC,CAAA;YAC7F,MAAM,gBAAgB,GAAG;gBACvB,GAAG,MAAM,CAAC,IAAI,CAAC,MAAA,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,mBAAmB,mCAAI,EAAE,CAAC;gBAClD,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,GAAG,mCAAI,EAAE,CAAC;gBACpC,GAAG,CAAC,MAAA,MAAA,IAAI,CAAC,eAAe,0CAAE,kBAAkB,mCAAI,EAAE,CAAC;aACpD,CAAA;YACD,OAAO,IAAI,MAAM,CAAC,OAAO,CACvB,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ;iBACvB,sCAAsC,CAAC,OAAO,EAAE,OAAO,aAAP,OAAO,uBAAP,OAAO,CAAE,EAAE,EAAE,GAAG,EAAE,IAAI,EAAE,gBAAgB,CAAC;iBACzF,IAAI,CAAC,CAAC,CAAC,EAAE,EAAE,CAAC,CAAC,CAAC,aAAa,CAAC,CAChC,CAAA;;KACF;IAED;;;;OAIG;IACG,kBAAkB,CAAC,OAAuB;;YAC9C,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,iBAAiB,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;QACnE,CAAC;KAAA;IAED;;;;;;;;;;;;;;OAcG;IACG,SAAS,CACb,UAAkB,EAClB,OAAuB,EACvB,cAAwB,EACxB,UAGI,EAAE;;YAEN,OAAO,IAAI,CAAC,aAAa,CAAC,OAAO,EAAE,EAAE,CAAC,UAAU,CAAC,kBAAI,cAAc,IAAK,OAAO,CAAE,EAAE,CAAC,CAAA;QACtF,CAAC;KAAA;IAED;;;;;;;;;;;;;OAaG;IACG,aAAa,CACjB,OAAuB,EACvB,YAMI,EAAE;;YAEN,OAAO,MAAM,IAAI,CAAC,aAAa,CAC7B,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,uCAAuC,CAChE,OAAO,EACP,KAAK,EACL,MAAM,CAAC,WAAW,CAChB,MAAM,CAAC,OAAO,CAAC,SAAS,CAAC,CAAC,GAAG,CAAC,CAAC,CAAC,UAAU,EAAE,OAAO,CAAC,EAAE,EAAE,CAAC;gBACvD,UAAU;gBACV;oBACE,cAAc,EAAE,OAAO,CAAC,cAAc;oBACtC,kBAAkB,EAAE,OAAO,CAAC,kBAAkB;oBAC9C,oBAAoB,EAAE,OAAO,CAAC,cAAc;iBAC7C;aACF,CAAC,CACH,CACF,CACF,CAAA;QACH,CAAC;KAAA;IAED;;;;OAIG;IACH,kBAAkB,CAAC,OAAuB;QACxC,OAAO,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,WAAW,CAAC,OAAO,EAAE,SAAS,CAAC,CAAA;IAC7D,CAAC;IAEK,yBAAyB,CAC7B,MAAsB;;YAEtB,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,yBAAyB,CAAC,MAAM,CAAC,CAAA;QACrE,CAAC;KAAA;IAEK,mBAAmB,CAAC,MAAsB;;YAC9C,OAAO,MAAM,IAAI,CAAC,MAAM,CAAC,QAAQ,CAAC,gBAAgB,CAAC,MAAM,CAAC,CAAA;QAC5D,CAAC;KAAA;CACF;AAhLD,wCAgLC","sourcesContent":["import { IccMessageApi } from '../icc-api'\nimport { IccCryptoXApi } from './icc-crypto-x-api'\n\nimport * as _ from 'lodash'\n\nimport { Patient, User } from '../icc-api/model/models'\nimport { IccDataOwnerXApi } from './icc-data-owner-x-api'\nimport { AuthenticationProvider, NoAuthenticationProvider } from './auth/AuthenticationProvider'\nimport * as models from '../icc-api/model/models'\nimport { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour'\nimport { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi'\n\nexport class IccMessageXApi extends IccMessageApi implements EncryptedEntityXApi<models.Message> {\n dataOwnerApi: IccDataOwnerXApi\n\n constructor(\n host: string,\n headers: { [key: string]: string },\n private crypto: IccCryptoXApi,\n dataOwnerApi: IccDataOwnerXApi,\n authenticationProvider: AuthenticationProvider = new NoAuthenticationProvider(),\n fetchImpl: (input: RequestInfo, init?: RequestInit) => Promise<Response> = typeof window !== 'undefined'\n ? window.fetch\n : typeof self !== 'undefined'\n ? self.fetch\n : fetch\n ) {\n super(host, headers, authenticationProvider, fetchImpl)\n this.crypto = crypto\n this.dataOwnerApi = dataOwnerApi\n }\n\n // noinspection JSUnusedGlobalSymbols\n newInstance(user: User, m: any) {\n return this.newInstanceWithPatient(user, null, m)\n }\n\n /**\n * Creates a new instance of message with initialised encryption metadata (not in the database).\n * @param user the current user.\n * @param patient the patient this message refers to.\n * @param m initialised data for the message. Metadata such as id, creation data, etc. will be automatically initialised, but you can specify\n * other kinds of data or overwrite generated metadata with this. You can't specify encryption metadata.\n * @param options optional parameters:\n * - additionalDelegates: delegates which will have access to the entity in addition to the current data owner and delegates from the\n * auto-delegations. Must be an object which associates each data owner id with the access level to give to that data owner. May overlap with\n * auto-delegations, in such case the access level specified here will be used. Currently only WRITE access is supported, but in future also read\n * access will be possible.\n * - preferredSfk: secret id of the patient to use as the secret foreign key to use for the classification. The default value will be a\n * secret id of patient known by the topmost parent in the current data owner hierarchy.\n * @return a new instance of message.\n */\n async newInstanceWithPatient(\n user: User,\n patient: Patient | null,\n m: any = {},\n options: {\n additionalDelegates?: { [dataOwnerId: string]: 'WRITE' }\n preferredSfk?: string\n } = {}\n ) {\n if (!patient && options.preferredSfk) throw new Error('You need to specify parent patient in order to use secret foreign keys.')\n const message = _.extend(\n {\n id: this.crypto.primitives.randomUuid(),\n _type: 'org.taktik.icure.entities.Message',\n created: new Date().getTime(),\n modified: new Date().getTime(),\n responsible: this.dataOwnerApi.getDataOwnerIdOf(user),\n author: user.id,\n codes: [],\n tags: [],\n },\n m || {}\n )\n\n const ownerId = this.dataOwnerApi.getDataOwnerIdOf(user)\n if (ownerId !== (await this.dataOwnerApi.getCurrentDataOwnerId())) throw new Error('Can only initialise entities as current data owner.')\n const sfk = patient ? options?.preferredSfk ?? (await this.crypto.confidential.getAnySecretIdSharedWithParents(patient)) : undefined\n if (patient && !sfk) throw new Error(`Couldn't find any sfk of parent patient ${patient.id}`)\n const extraDelegations = [\n ...Object.keys(options?.additionalDelegates ?? {}),\n ...(user.autoDelegations?.all ?? []),\n ...(user.autoDelegations?.medicalInformation ?? []),\n ]\n return new models.Message(\n await this.crypto.entities\n .entityWithInitialisedEncryptedMetadata(message, patient?.id, sfk, true, extraDelegations)\n .then((x) => x.updatedEntity)\n )\n }\n\n /**\n * @param message a message\n * @return the id of the patient that the message refers to, retrieved from the encrypted metadata. Normally there should only be one element\n * in the returned array, but in case of entity merges there could be multiple values.\n */\n async decryptPatientIdOf(message: models.Message): Promise<string[]> {\n return this.crypto.entities.owningEntityIdsOf(message, undefined)\n }\n\n /**\n * Share an existing message with other data owners, allowing them to access the non-encrypted data of the message and optionally also\n * the encrypted content.\n * @param delegateId the id of the data owner which will be granted access to the message.\n * @param message the message to share.\n * @param shareSecretIds the secret ids of the Message that the delegate will be given access to. Allows the delegate to search for data where the\n * shared Message is the owning entity id.\n * @param options optional parameters to customize the sharing behaviour:\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * message does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this message refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * @return a promise which will contain the updated message\n */\n async shareWith(\n delegateId: string,\n message: models.Message,\n shareSecretIds: string[],\n options: {\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n } = {}\n ): Promise<models.Message> {\n return this.shareWithMany(message, { [delegateId]: { shareSecretIds, ...options } })\n }\n\n /**\n * Share an existing message with other data owners, allowing them to access the non-encrypted data of the message and optionally also\n * the encrypted content.\n * @param message the message to share.\n * @param delegates sharing options for each delegate.\n * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted\n * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a\n * message does not have encrypted content.\n * - sharePatientId: specifies if the id of the patient that this message refers to should be shared with the delegate (defaults to\n * {@link ShareMetadataBehaviour.IF_AVAILABLE}).\n * - shareSecretIds the secret ids of the Message that the delegate will be given access to. Allows the delegate to search for data where the\n * shared Message is the owning entity id.\n * @return a promise which will contain the updated message\n */\n async shareWithMany(\n message: models.Message,\n delegates: {\n [delegateId: string]: {\n shareSecretIds: string[]\n shareEncryptionKey?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n sharePatientId?: ShareMetadataBehaviour // Defaults to ShareMetadataBehaviour.IF_AVAILABLE\n }\n } = {}\n ): Promise<models.Message> {\n return await this.modifyMessage(\n await this.crypto.entities.entityWithAutoExtendedEncryptedMetadata(\n message,\n false,\n Object.fromEntries(\n Object.entries(delegates).map(([delegateId, options]) => [\n delegateId,\n {\n shareSecretIds: options.shareSecretIds,\n shareEncryptionKey: options.shareEncryptionKey,\n shareOwningEntityIds: options.sharePatientId,\n },\n ])\n )\n )\n )\n }\n\n /**\n * @param message a message\n * @return the secret ids of the message, retrieved from the encrypted metadata. The result may be used to find entities where the message is\n * the 'owning entity', or in the {@link shareWith} method in order to share it with other data owners.\n */\n decryptSecretIdsOf(message: models.Message): Promise<string[]> {\n return this.crypto.entities.secretIdsOf(message, undefined)\n }\n\n async getDataOwnersWithAccessTo(\n entity: models.Message\n ): Promise<{ permissionsByDataOwnerId: { [p: string]: 'WRITE' }; hasUnknownAnonymousDataOwners: boolean }> {\n return await this.crypto.entities.getDataOwnersWithAccessTo(entity)\n }\n\n async getEncryptionKeysOf(entity: models.Message): Promise<string[]> {\n return await this.crypto.entities.encryptionKeysOf(entity)\n }\n}\n"]}
@@ -8,11 +8,13 @@ import { IccDocumentXApi } from './icc-document-x-api';
8
8
  import { IccHelementXApi } from './icc-helement-x-api';
9
9
  import { IccClassificationXApi } from './icc-classification-x-api';
10
10
  import * as models from '../icc-api/model/models';
11
+ import { Patient } from '../icc-api/model/models';
11
12
  import { IccCalendarItemXApi } from './icc-calendar-item-x-api';
12
13
  import { IccDataOwnerXApi } from './icc-data-owner-x-api';
13
14
  import { AuthenticationProvider } from './auth/AuthenticationProvider';
14
15
  import { ShareMetadataBehaviour } from './crypto/ShareMetadataBehaviour';
15
- export declare class IccPatientXApi extends IccPatientApi {
16
+ import { EncryptedEntityXApi } from './basexapi/EncryptedEntityXApi';
17
+ export declare class IccPatientXApi extends IccPatientApi implements EncryptedEntityXApi<models.Patient> {
16
18
  crypto: IccCryptoXApi;
17
19
  contactApi: IccContactXApi;
18
20
  formApi: IccFormXApi;
@@ -138,6 +140,25 @@ export declare class IccPatientXApi extends IccPatientApi {
138
140
  shareWith(delegateId: string, patient: models.Patient, shareSecretIds: string[], options?: {
139
141
  shareEncryptionKey?: ShareMetadataBehaviour;
140
142
  }): Promise<models.Patient>;
143
+ /**
144
+ * Share an existing patient with other data owners, allowing them to access the non-encrypted data of the patient and optionally also
145
+ * the encrypted content.
146
+ * @param patient the patient to share.
147
+ * @param delegates sharing options for each delegate.
148
+ * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted
149
+ * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a
150
+ * patient does not have encrypted content.
151
+ * - shareSecretIds the secret ids of the Patient that the delegate will be given access to. Allows the delegate to search for data where the
152
+ * shared Patient is the owning entity id.
153
+ * {@link ShareMetadataBehaviour.IF_AVAILABLE}).
154
+ * @return a promise which will contain the updated patient.
155
+ */
156
+ shareWithMany(patient: models.Patient, delegates: {
157
+ [delegateId: string]: {
158
+ shareSecretIds: string[];
159
+ shareEncryptionKey?: ShareMetadataBehaviour;
160
+ };
161
+ }): Promise<models.Patient>;
141
162
  /**
142
163
  * @param patient a patient
143
164
  * @return all the decryptable secret ids of the patient, retrieved from the encrypted metadata. The result may be used to find entities where the
@@ -156,4 +177,49 @@ export declare class IccPatientXApi extends IccPatientApi {
156
177
  * patient is the 'owning entity', or in the {@link shareWith} method in order to share it with other data owners.
157
178
  */
158
179
  decryptNonConfidentialSecretIdsOf(patient: models.Patient): Promise<string[]>;
180
+ getDataOwnersWithAccessTo(entity: models.Patient): Promise<{
181
+ permissionsByDataOwnerId: {
182
+ [p: string]: 'WRITE';
183
+ };
184
+ hasUnknownAnonymousDataOwners: boolean;
185
+ }>;
186
+ getEncryptionKeysOf(entity: models.Patient): Promise<string[]>;
187
+ /**
188
+ * Merge two patients into one. This method performs the following operations:
189
+ * - The `from` patient will be soft-deleted, and it will point to the `into` patient. Only the `deletionDate` and `mergeToPatientId` fields of the
190
+ * patient will be changed (automatically by this method). Note that the value of {@link from} is only used to verify that the client is aware of
191
+ * the last version of the `from` patient: any changes to its content and/or metadata compared to what is actually stored in the database will be
192
+ * ignored.
193
+ * - The metadata of the `into` patient will be automatically updated to contain also the metadata of the `from` patient and to keep track of the
194
+ * merge:
195
+ * - the `mergedIds` will be updated to contain the `from` patient id
196
+ * - all secret ids of the `from` patient will be added to the `into` patient
197
+ * - all data owners (including anonymous data owners) with access to the `from` patient will have the same access to the merged `into` patient
198
+ * (unless they already had greater access to the `into` patient, in which case they keep the greater access)
199
+ * - The content of the `into` patient will be updated to match the content (name, address, note, ...) of the provided {@link mergedInto} parameter.
200
+ * Note that since the metadata is automatically updated by this method you must not change the metadata of the `mergedInto` patient
201
+ * (`delegations`, mergedInto`, ...): if there is any change between the metadata of the provided `mergedInto` patient and the stored patient this
202
+ * method will fail with an error.
203
+ *
204
+ * In case the revisions of {@link from} and/or {@link mergedInto} does not match the latest revisions for these patients in the database this
205
+ * method will fail without soft-deleting the `from` patient and without updating the `into` patient with the merged content and metadata. You will
206
+ * have to retrieve the updated versions of both patients before retrying the merge.
207
+ *
208
+ * Finally, note that this method only merges existing data, and does not perform any automatic sharing of the data. The secret ids and encryption
209
+ * keys will not be shared with users that had access only to one of the entity, you will have to use the {@link shareWith} method after the merge
210
+ * if you want to do so.
211
+ * For example consider hcps A, B with access to P' and hcps A, C with access to P'', and we merge P'' into P'. After the merge:
212
+ * - A has access to all secret ids of the merged patient and to the encryption key of the merged patient
213
+ * - B has access to the encryption key of the merged patient (since it is the same as in P'), but only to the secret id which was originally from
214
+ * the unmerged P'
215
+ * - C has no access to the encryption key of the merged patient, and has access only to the secret id which was originally from the unmerged P''
216
+ *
217
+ * @param from the original, unmodified `from` patient. Its content will be unchanged and its metadata will be automatically updated by this method
218
+ * to reflect the merge.
219
+ * @param mergedInto the `into` patient with updated content result of the merge with the `from` patient, as specified by your application logic.
220
+ * The metadata of the `mergedInto` patient must not differ from the metadata of the stored version of the patient, since it will be automatically
221
+ * updated by the method.
222
+ * @return the updated `into` patient.
223
+ */
224
+ mergePatients(from: Patient, mergedInto: Patient): Promise<Patient>;
159
225
  }
@@ -18,7 +18,6 @@ const ModelHelper_1 = require("../icc-api/model/ModelHelper");
18
18
  const person_util_1 = require("./utils/person-util");
19
19
  const utils_1 = require("./utils");
20
20
  const AuthenticationProvider_1 = require("./auth/AuthenticationProvider");
21
- const ShareMetadataBehaviour_1 = require("./crypto/ShareMetadataBehaviour");
22
21
  // noinspection JSUnusedGlobalSymbols
23
22
  class IccPatientXApi extends icc_api_1.IccPatientApi {
24
23
  constructor(host, headers, crypto, contactApi, formApi, helementApi, invoiceApi, documentApi, hcpartyApi, classificationApi, dataOwnerApi, calendarItemaApi, encryptedKeys = ['note'], authenticationProvider = new AuthenticationProvider_1.NoAuthenticationProvider(), fetchImpl = typeof window !== 'undefined'
@@ -188,13 +187,13 @@ class IccPatientXApi extends icc_api_1.IccPatientApi {
188
187
  getPatientWithUser(user, patientId) {
189
188
  return super
190
189
  .getPatient(patientId)
191
- .then((p) => this.tryDecryptOrReturnOriginal(this.dataOwnerApi.getDataOwnerIdOf(user), [p], false))
190
+ .then((p) => this.tryDecryptOrReturnOriginal(this.dataOwnerApi.getDataOwnerIdOf(user), [p]))
192
191
  .then((pats) => pats[0].entity);
193
192
  }
194
193
  getPotentiallyEncryptedPatientWithUser(user, patientId) {
195
194
  return super
196
195
  .getPatient(patientId)
197
- .then((p) => this.tryDecryptOrReturnOriginal(this.dataOwnerApi.getDataOwnerIdOf(user), [p], false))
196
+ .then((p) => this.tryDecryptOrReturnOriginal(this.dataOwnerApi.getDataOwnerIdOf(user), [p]))
198
197
  .then((pats) => ({ patient: pats[0].entity, decrypted: pats[0].decrypted }));
199
198
  }
200
199
  getPatients(body) {
@@ -296,9 +295,9 @@ class IccPatientXApi extends icc_api_1.IccPatientApi {
296
295
  }
297
296
  // If patient can't be decrypted returns patient with encrypted data.
298
297
  decrypt(user, patients, fillDelegations = true) {
299
- return this.tryDecryptOrReturnOriginal(this.dataOwnerApi.getDataOwnerIdOf(user), patients, fillDelegations).then((ps) => ps.map((p) => p.entity));
298
+ return this.tryDecryptOrReturnOriginal(this.dataOwnerApi.getDataOwnerIdOf(user), patients).then((ps) => ps.map((p) => p.entity));
300
299
  }
301
- tryDecryptOrReturnOriginal(dataOwnerId, patients, fillDelegations = true) {
300
+ tryDecryptOrReturnOriginal(dataOwnerId, patients) {
302
301
  return Promise.all(patients.map((p) => __awaiter(this, void 0, void 0, function* () {
303
302
  return yield this.crypto.entities
304
303
  .decryptEntity(p, dataOwnerId, (x) => new models.Patient(x))
@@ -795,9 +794,27 @@ class IccPatientXApi extends icc_api_1.IccPatientApi {
795
794
  * @return a promise which will contain the updated patient.
796
795
  */
797
796
  shareWith(delegateId, patient, shareSecretIds, options = {}) {
797
+ return __awaiter(this, void 0, void 0, function* () {
798
+ return this.shareWithMany(patient, { [delegateId]: Object.assign({ shareSecretIds }, options) });
799
+ });
800
+ }
801
+ /**
802
+ * Share an existing patient with other data owners, allowing them to access the non-encrypted data of the patient and optionally also
803
+ * the encrypted content.
804
+ * @param patient the patient to share.
805
+ * @param delegates sharing options for each delegate.
806
+ * - shareEncryptionKey: specifies if the encryption key of the access log should be shared with the delegate, giving access to all encrypted
807
+ * content of the entity, excluding other encrypted metadata (defaults to {@link ShareMetadataBehaviour.IF_AVAILABLE}). Note that by default a
808
+ * patient does not have encrypted content.
809
+ * - shareSecretIds the secret ids of the Patient that the delegate will be given access to. Allows the delegate to search for data where the
810
+ * shared Patient is the owning entity id.
811
+ * {@link ShareMetadataBehaviour.IF_AVAILABLE}).
812
+ * @return a promise which will contain the updated patient.
813
+ */
814
+ shareWithMany(patient, delegates) {
798
815
  return __awaiter(this, void 0, void 0, function* () {
799
816
  const self = yield this.dataOwnerApi.getCurrentDataOwnerId();
800
- return yield this.modifyAs(self, yield this.crypto.entities.entityWithAutoExtendedEncryptedMetadata(patient, delegateId, shareSecretIds, options.shareEncryptionKey, ShareMetadataBehaviour_1.ShareMetadataBehaviour.IF_AVAILABLE));
817
+ return yield this.modifyAs(self, yield this.crypto.entities.entityWithAutoExtendedEncryptedMetadata(patient, false, delegates));
801
818
  });
802
819
  }
803
820
  /**
@@ -824,6 +841,63 @@ class IccPatientXApi extends icc_api_1.IccPatientApi {
824
841
  decryptNonConfidentialSecretIdsOf(patient) {
825
842
  return this.crypto.confidential.getSecretIdsSharedWithParents(patient);
826
843
  }
844
+ getDataOwnersWithAccessTo(entity) {
845
+ return __awaiter(this, void 0, void 0, function* () {
846
+ return yield this.crypto.entities.getDataOwnersWithAccessTo(entity);
847
+ });
848
+ }
849
+ getEncryptionKeysOf(entity) {
850
+ return __awaiter(this, void 0, void 0, function* () {
851
+ return yield this.crypto.entities.encryptionKeysOf(entity);
852
+ });
853
+ }
854
+ /**
855
+ * Merge two patients into one. This method performs the following operations:
856
+ * - The `from` patient will be soft-deleted, and it will point to the `into` patient. Only the `deletionDate` and `mergeToPatientId` fields of the
857
+ * patient will be changed (automatically by this method). Note that the value of {@link from} is only used to verify that the client is aware of
858
+ * the last version of the `from` patient: any changes to its content and/or metadata compared to what is actually stored in the database will be
859
+ * ignored.
860
+ * - The metadata of the `into` patient will be automatically updated to contain also the metadata of the `from` patient and to keep track of the
861
+ * merge:
862
+ * - the `mergedIds` will be updated to contain the `from` patient id
863
+ * - all secret ids of the `from` patient will be added to the `into` patient
864
+ * - all data owners (including anonymous data owners) with access to the `from` patient will have the same access to the merged `into` patient
865
+ * (unless they already had greater access to the `into` patient, in which case they keep the greater access)
866
+ * - The content of the `into` patient will be updated to match the content (name, address, note, ...) of the provided {@link mergedInto} parameter.
867
+ * Note that since the metadata is automatically updated by this method you must not change the metadata of the `mergedInto` patient
868
+ * (`delegations`, mergedInto`, ...): if there is any change between the metadata of the provided `mergedInto` patient and the stored patient this
869
+ * method will fail with an error.
870
+ *
871
+ * In case the revisions of {@link from} and/or {@link mergedInto} does not match the latest revisions for these patients in the database this
872
+ * method will fail without soft-deleting the `from` patient and without updating the `into` patient with the merged content and metadata. You will
873
+ * have to retrieve the updated versions of both patients before retrying the merge.
874
+ *
875
+ * Finally, note that this method only merges existing data, and does not perform any automatic sharing of the data. The secret ids and encryption
876
+ * keys will not be shared with users that had access only to one of the entity, you will have to use the {@link shareWith} method after the merge
877
+ * if you want to do so.
878
+ * For example consider hcps A, B with access to P' and hcps A, C with access to P'', and we merge P'' into P'. After the merge:
879
+ * - A has access to all secret ids of the merged patient and to the encryption key of the merged patient
880
+ * - B has access to the encryption key of the merged patient (since it is the same as in P'), but only to the secret id which was originally from
881
+ * the unmerged P'
882
+ * - C has no access to the encryption key of the merged patient, and has access only to the secret id which was originally from the unmerged P''
883
+ *
884
+ * @param from the original, unmodified `from` patient. Its content will be unchanged and its metadata will be automatically updated by this method
885
+ * to reflect the merge.
886
+ * @param mergedInto the `into` patient with updated content result of the merge with the `from` patient, as specified by your application logic.
887
+ * The metadata of the `mergedInto` patient must not differ from the metadata of the stored version of the patient, since it will be automatically
888
+ * updated by the method.
889
+ * @return the updated `into` patient.
890
+ */
891
+ mergePatients(from, mergedInto) {
892
+ const _super = Object.create(null, {
893
+ baseMergePatients: { get: () => super.baseMergePatients }
894
+ });
895
+ return __awaiter(this, void 0, void 0, function* () {
896
+ const encryptedMerged = (yield this.encryptAs(undefined, [mergedInto]))[0];
897
+ const merged = yield _super.baseMergePatients.call(this, from.id, from.rev, encryptedMerged);
898
+ return (yield this.tryDecryptOrReturnOriginal(undefined, [merged]))[0].entity;
899
+ });
900
+ }
827
901
  }
828
902
  exports.IccPatientXApi = IccPatientXApi;
829
903
  //# sourceMappingURL=icc-patient-x-api.js.map