/** * Retrieve a {@link Patient patient} by it's PhenoTips identifier. * * @param id the patient identifier, i.e. the serialized document reference * @return the patient data, or {@code null} if the requested patient does not exist, is not a valid patient, or is * not accessible by the current user */ public Patient get(String id) { try { return this.internalService.get(id); } catch (SecurityException ex) { return null; } }
/** * Creates and returns a new empty patient record, setting the currently logged in user as the creator. * * @return the created patient record, or {@code null} if the user does not have the right to create a new patient * record or the creation fails */ public Patient create() { try { return this.internalService.create(); } catch (SecurityException ex) { return null; } }
@Override public Response deletePatient(String id) { this.slf4Jlogger.debug("Deleting patient record [{}] via REST", id); Patient patient = this.repository.get(id); if (patient == null) { this.slf4Jlogger.debug("Patient record [{}] didn't exist", id); return Response.status(Status.NOT_FOUND).build(); } User currentUser = this.users.getCurrentUser(); if (!this.access.hasAccess(currentUser, Right.DELETE, patient.getDocumentReference())) { this.slf4Jlogger.debug("Delete access denied to user [{}] on patient record [{}]", currentUser, id); return Response.status(Status.FORBIDDEN).build(); } try { this.repository.delete(patient); } catch (Exception ex) { this.slf4Jlogger.warn("Failed to delete patient record [{}]: {}", id, ex.getMessage()); throw new WebApplicationException(Status.INTERNAL_SERVER_ERROR); } this.slf4Jlogger.debug("Deleted patient record [{}]", id); return Response.noContent().build(); } }
@Override public Response deletePatient(String eid) { this.slf4Jlogger.debug("Deleting patient record with external ID [{}] via REST", eid); Patient patient = this.repository.getByName(eid); if (patient == null) { return checkForMultipleRecords(patient, eid); } User currentUser = this.users.getCurrentUser(); if (!this.access.hasAccess(currentUser, Right.DELETE, patient.getDocumentReference())) { this.slf4Jlogger.debug("Delete access denied to user [{}] on patient record [{}]", currentUser, patient.getId()); return Response.status(Status.FORBIDDEN).build(); } try { this.repository.delete(patient); } catch (Exception ex) { this.slf4Jlogger.warn("Failed to delete patient record with external id [{}]: {}", eid, ex.getMessage()); throw new WebApplicationException(Status.INTERNAL_SERVER_ERROR); } this.slf4Jlogger.debug("Deleted patient record with external id [{}]", eid); return Response.noContent().build(); }
/** * Deletes a patient record. * * @param patient the patient record to delete * @return {@code true} if the patient record was successfully deleted, {@code false} if the user does not have the * right to delete the patient record or the deletion fails */ public boolean delete(Patient patient) { try { return this.internalService.delete(patient); } catch (Exception ex) { return false; } } }
/** * Retrieve a {@link Patient patient} by it's clinical identifier. Only works if external identifiers are enabled * and used. * * @param externalId the patient's clinical identifier, as set by the patient's reporter * @return the patient data, or {@code null} if the requested patient does not exist, is not a valid patient, or is * not accessible by the current user */ public Patient getPatientByExternalId(String externalId) { try { return this.internalService.getByName(externalId); } catch (SecurityException ex) { return null; } }
/** * Retrieves all accessible patient records, in a random order. * * @return an iterator over all patient records accessible by the current user, may be empty if no entities exist */ public Iterator<Patient> getAll() { return this.internalService.getAll(); }
@Override public boolean delete(Patient patient) { if (checkAccess(Right.DELETE, patient, this.userManager.getCurrentUser()) != null) { this.internalService.delete(patient); } return false; }
/** * Retrieve a {@link Patient patient} by it's clinical identifier. Only works if external identifiers are enabled * and used. * * @param name the patient's clinical identifier, as set by the patient's reporter * @return the patient data, or {@code null} if the requested patient does not exist, is not a valid patient, or is * not accessible by the current user */ public Patient getByName(String name) { try { return this.internalService.getByName(name); } catch (SecurityException ex) { return null; } }
@Override public Iterator<Patient> getAll() { Iterator<Patient> patientsIterator = this.internalService.getAll(); return new SecurePatientIterator(patientsIterator, this.access, this.userManager.getCurrentUser()); }
/** * Retrieve a {@link Patient patient} by it's PhenoTips identifier. * * @param id the patient identifier, i.e. the serialized document reference * @return the patient data, or {@code null} if the requested patient does not exist, is not a valid patient, or is * not accessible by the current user */ public Patient get(String id) { try { return this.internalService.get(id); } catch (SecurityException | IllegalArgumentException ex) { return null; } }
@Override public Response deletePatient(String label, String id) { this.logger.debug("Deleting patient record with label [{}] and corresponding external ID [{}] via REST", label, id); Patient patient; List<String> patients = getPatientInternalIdentifiersByLabelAndEid(label, id); if (patients.size() == 1) { patient = this.repository.get(patients.get(0)); } else { return returnIfEmptyOrMultipleExistResponse(patients, label, id); } User currentUser = this.users.getCurrentUser(); if (!this.access.hasAccess(currentUser, Right.DELETE, patient.getDocumentReference())) { this.logger.debug("Delete access denied to user [{}] on patient record [{}]", currentUser, patient.getId()); throw new WebApplicationException(Response.Status.FORBIDDEN); } try { this.repository.delete(patient); } catch (Exception ex) { this.logger.warn("Failed to delete patient record with label [{}] and corresponding external id [{}]: {}", label, id, ex.getMessage(), ex); throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR); } this.logger.debug("Deleted patient record with label [{}] corresponding external id [{}]", label, id); return Response.noContent().build(); }
/** * Create and return a new empty patient record. * * @return the created patient record, or {@code null} if the user does not have the right to create a new patient * record or the creation fails */ public Patient create() { try { return this.internalService.create(); } catch (SecurityException ex) { return null; } } }
@Override public boolean delete(Patient patient) { if (checkAccess(Right.DELETE, patient, this.userManager.getCurrentUser()) != null) { this.internalService.delete(patient); } return false; }
@Override public Patient getByName(String name) { Patient patient = this.internalService.getByName(name); return checkAccess(patient, this.userManager.getCurrentUser()); }
@Override public Iterator<Patient> getAll() { Iterator<Patient> patientsIterator = this.internalService.getAll(); return new SecurePatientIterator(patientsIterator, this.access, this.userManager.getCurrentUser()); }
/** * Retrieves a {@link Patient patient record} from the specified document. * * @param reference reference of the {@link Patient#getDocumentReference() document where the patient record is * stored} * @return the requested patient record, or {@code null} if the requested patient does not exist, is not a valid * patient, or is not accessible by the current user */ public Patient get(DocumentReference reference) { try { return this.internalService.get(reference); } catch (SecurityException | IllegalArgumentException ex) { return null; } }
/** * Import a new patient from its JSON representation. * * @param json the JSON representation of the new patient * @return the location of the newly created patient, if successful * @throws WebApplicationException if a {@link JSONObject} cannot be created * @throws NullPointerException if the patient was not created */ private Response addPatient(final String json) { JSONObject jsonObject; try { jsonObject = new JSONObject(json); } catch (Exception ex) { throw new WebApplicationException(Status.BAD_REQUEST); } final Patient patient = this.repository.create(); patient.updateFromJSON(jsonObject); return buildCreatedResponse(patient); }
@Override public synchronized boolean delete(final Family family, boolean deleteAllMembers) { // TODO: Should there be a SecureFamilyRepository to perform these checks (similar to SecurePatientRepository)? final User currentUser = this.userManager.getCurrentUser(); if (!canDeleteFamily(family, currentUser, deleteAllMembers, false)) { return false; } if (deleteAllMembers) { for (Patient patient : family.getMembers()) { if (!this.patientRepository.delete(patient)) { this.logger.error("Failed to delete patient [{}] - deletion of family [{}] aborted", patient.getId(), family.getId()); return false; } } } else if (!this.forceRemoveAllMembers(family, currentUser)) { return false; } return super.delete(family); }
@Override public Patient getByName(String name) { Patient patient = this.internalService.getByName(name); return checkAccess(patient, this.userManager.getCurrentUser()); }