openhim-core
Version:
The OpenHIM core application that provides logging and routing of http requests
219 lines (176 loc) • 8.3 kB
JavaScript
;
Object.defineProperty(exports, "__esModule", {
value: true
});
exports.addAudit = addAudit;
exports.getAudits = getAudits;
exports.getAuditById = getAuditById;
exports.getAuditsFilterOptions = getAuditsFilterOptions;
var _winston = require('winston');
var _winston2 = _interopRequireDefault(_winston);
var _atnaAudit = require('atna-audit');
var _atnaAudit2 = _interopRequireDefault(_atnaAudit);
var _os = require('os');
var _os2 = _interopRequireDefault(_os);
var _audits = require('../model/audits');
var _authorisation = require('./authorisation');
var authorisation = _interopRequireWildcard(_authorisation);
var _utils = require('../utils');
var utils = _interopRequireWildcard(_utils);
var _auditing = require('../auditing');
var auditing = _interopRequireWildcard(_auditing);
var _config = require('../config');
var _util = require('util');
function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } else { var newObj = {}; if (obj != null) { for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) newObj[key] = obj[key]; } } newObj.default = obj; return newObj; } }
function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }
_config.config.router = _config.config.get('router');
_config.config.api = _config.config.get('api');
const himSourceID = _config.config.get('auditing').auditEvents.auditSourceID;
const processAuditMeta = (0, _util.promisify)(auditing.processAuditMeta);
// function to construct projection object
function getProjectionObject(filterRepresentation) {
switch (filterRepresentation) {
case 'simpledetails':
// view minimum required data for audit details view
return {};
case 'full':
// view all audit data
return {};
default:
// no filterRepresentation supplied - simple view
// view minimum required data for audits
return { participantObjectIdentification: 0, activeParticipant: 0, rawMessage: 0 };
}
}
// Audit the audit record retrieval
function auditLogUsed(auditId, outcome, user) {
const groups = user.groups.join(',');
const uri = `https://${_config.config.router.externalHostname}:${_config.config.api.httpsPort}/audits/${auditId}`;
let audit = _atnaAudit2.default.construct.auditLogUsedAudit(outcome, himSourceID, _os2.default.hostname(), user.email, groups, groups, uri);
audit = _atnaAudit2.default.construct.wrapInSyslog(audit);
return auditing.sendAuditEvent(audit, () => _winston2.default.debug(`Processed audit log used message for user '${user.email}' and audit '${auditId}'`));
}
/*
* Adds a Audit
*/
async function addAudit(ctx) {
// Test if the user is authorised
if (!authorisation.inGroup('admin', ctx.authenticated)) {
utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to addAudit denied.`, 'info');
return;
}
const auditData = ctx.request.body;
try {
const audit = new _audits.AuditModel(auditData);
await audit.save();
await processAuditMeta(audit);
_winston2.default.info(`User ${ctx.authenticated.email} created audit with id ${audit.id}`);
ctx.body = 'Audit successfully created';
ctx.status = 201;
} catch (e) {
_winston2.default.error(`Could not add a audit via the API: ${e.message}`);
ctx.body = e.message;
ctx.status = 400;
}
}
/*
* Retrieves the list of Audits
*/
async function getAudits(ctx) {
// Must be admin
if (!authorisation.inGroup('admin', ctx.authenticated)) {
utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to getAudits denied.`, 'info');
return;
}
try {
let filters;
const filtersObject = ctx.request.query;
// get limit and page values
const filterLimit = filtersObject.filterLimit != null ? filtersObject.filterLimit : 0;
const filterPage = filtersObject.filterPage != null ? filtersObject.filterPage : 0;
const { filterRepresentation } = filtersObject;
// remove limit/page/filterRepresentation values from filtersObject (Not apart of filtering and will break filter if present)
delete filtersObject.filterLimit;
delete filtersObject.filterPage;
delete filtersObject.filterRepresentation;
// determine skip amount
const filterSkip = filterPage * filterLimit;
// get projection object
const projectionFiltersObject = getProjectionObject(filterRepresentation);
if (filtersObject.filters != null) {
filters = JSON.parse(filtersObject.filters);
} else {
filters = {};
}
// parse date to get it into the correct format for querying
if (filters['eventIdentification.eventDateTime']) {
filters['eventIdentification.eventDateTime'] = JSON.parse(filters['eventIdentification.eventDateTime']);
}
if (filters['participantObjectIdentification.participantObjectID']) {
// filter by AND on same property for patientID and objectID
if (filters['participantObjectIdentification.participantObjectID'].type) {
const patientID = new RegExp(filters['participantObjectIdentification.participantObjectID'].patientID);
const objectID = new RegExp(filters['participantObjectIdentification.participantObjectID'].objectID);
filters.$and = [{ 'participantObjectIdentification.participantObjectID': patientID }, { 'participantObjectIdentification.participantObjectID': objectID }];
// remove participantObjectIdentification.participantObjectID property as we create a new '$and' operator
delete filters['participantObjectIdentification.participantObjectID'];
} else {
const participantObjectID = JSON.parse(filters['participantObjectIdentification.participantObjectID']);
filters['participantObjectIdentification.participantObjectID'] = new RegExp(`${participantObjectID}`);
}
}
// execute the query
ctx.body = await _audits.AuditModel.find(filters, projectionFiltersObject).skip(filterSkip).limit(parseInt(filterLimit, 10)).sort({ 'eventIdentification.eventDateTime': -1 }).exec();
// audit each retrieved record, but only for non-basic representation requests
if (filterRepresentation === 'full' || filterRepresentation === 'simpledetails') {
Array.from(ctx.body).map(record => auditLogUsed(record._id, _atnaAudit2.default.constants.OUTCOME_SUCCESS, ctx.authenticated));
}
} catch (e) {
utils.logAndSetResponse(ctx, 500, `Could not retrieve audits via the API: ${e}`, 'error');
}
}
/*
* Retrieves the details for a specific Audit Record
*/
async function getAuditById(ctx, auditId) {
// Must be admin
if (!authorisation.inGroup('admin', ctx.authenticated)) {
utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to getAuditById denied.`, 'info');
return;
}
// Get the values to use
auditId = unescape(auditId);
try {
// get projection object
const projectionFiltersObject = getProjectionObject('full');
const result = await _audits.AuditModel.findById(auditId, projectionFiltersObject).exec();
// Test if the result if valid
if (!result) {
ctx.body = `Could not find audits record with ID: ${auditId}`;
ctx.status = 404;
return auditLogUsed(auditId, _atnaAudit2.default.constants.OUTCOME_MINOR_FAILURE, ctx.authenticated);
} else {
ctx.body = result;
return auditLogUsed(auditId, _atnaAudit2.default.constants.OUTCOME_SUCCESS, ctx.authenticated);
}
} catch (e) {
utils.logAndSetResponse(ctx, 500, `Could not get audit by ID via the API: ${e}`, 'error');
auditLogUsed(auditId, _atnaAudit2.default.constants.OUTCOME_MAJOR_FAILURE, ctx.authenticated);
}
}
/*
* construct audit filtering dropdown options
*/
async function getAuditsFilterOptions(ctx) {
// Must be admin
if (!authorisation.inGroup('admin', ctx.authenticated)) {
utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to getAudits denied.`, 'info');
return;
}
try {
ctx.body = await _audits.AuditMetaModel.findOne({}).exec();
} catch (e) {
utils.logAndSetResponse(ctx, 500, `Could not retrieve audits filter options via the API: ${e}`, 'error');
}
}
//# sourceMappingURL=audits.js.map