UNPKG

openhim-core

Version:

The OpenHIM core application that provides logging and routing of http requests

openhim.org

jembi/openhim-core-js

225 lines (171 loc) 8.85 kB
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
"use strict"; Object.defineProperty(exports, "__esModule", { value: true }); exports.addAudit = addAudit; exports.getAudits = getAudits; exports.getAuditById = getAuditById; exports.getAuditsFilterOptions = getAuditsFilterOptions; var _winston = _interopRequireDefault(require("winston")); var _atnaAudit = _interopRequireDefault(require("atna-audit")); var _os = _interopRequireDefault(require("os")); var _audits = require("../model/audits"); var authorisation = _interopRequireWildcard(require("./authorisation")); var utils = _interopRequireWildcard(require("../utils")); var auditing = _interopRequireWildcard(require("../auditing")); var _config = require("../config"); var _util = require("util"); function _getRequireWildcardCache() { if (typeof WeakMap !== "function") return null; var cache = new WeakMap(); _getRequireWildcardCache = function () { return cache; }; return cache; } function _interopRequireWildcard(obj) { if (obj && obj.__esModule) { return obj; } if (obj === null || typeof obj !== "object" && typeof obj !== "function") { return { default: obj }; } var cache = _getRequireWildcardCache(); if (cache && cache.has(obj)) { return cache.get(obj); } var newObj = {}; var hasPropertyDescriptor = Object.defineProperty && Object.getOwnPropertyDescriptor; for (var key in obj) { if (Object.prototype.hasOwnProperty.call(obj, key)) { var desc = hasPropertyDescriptor ? Object.getOwnPropertyDescriptor(obj, key) : null; if (desc && (desc.get || desc.set)) { Object.defineProperty(newObj, key, desc); } else { newObj[key] = obj[key]; } } } newObj.default = obj; if (cache) { cache.set(obj, newObj); } return newObj; } function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; } _config.config.router = _config.config.get('router'); _config.config.api = _config.config.get('api'); const himSourceID = _config.config.get('auditing').auditEvents.auditSourceID; const processAuditMeta = (0, _util.promisify)(auditing.processAuditMeta); // function to construct projection object function getProjectionObject(filterRepresentation) { switch (filterRepresentation) { case 'simpledetails': // view minimum required data for audit details view return {}; case 'full': // view all audit data return {}; default: // no filterRepresentation supplied - simple view // view minimum required data for audits return { participantObjectIdentification: 0, activeParticipant: 0, rawMessage: 0 }; } } // Audit the audit record retrieval function auditLogUsed(auditId, outcome, user) { const groups = user.groups.join(','); const uri = `https://${_config.config.router.externalHostname}:${_config.config.api.httpsPort}/audits/${auditId}`; let audit = _atnaAudit.default.construct.auditLogUsedAudit(outcome, himSourceID, _os.default.hostname(), user.email, groups, groups, uri); audit = _atnaAudit.default.construct.wrapInSyslog(audit); return auditing.sendAuditEvent(audit, () => _winston.default.debug(`Processed audit log used message for user '${user.email}' and audit '${auditId}'`)); } /* * Adds a Audit */ async function addAudit(ctx) { // Test if the user is authorised if (!authorisation.inGroup('admin', ctx.authenticated)) { utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to addAudit denied.`, 'info'); return; } const auditData = ctx.request.body; try { const audit = new _audits.AuditModel(auditData); await audit.save(); await processAuditMeta(audit); _winston.default.info(`User ${ctx.authenticated.email} created audit with id ${audit.id}`); ctx.body = 'Audit successfully created'; ctx.status = 201; } catch (e) { _winston.default.error(`Could not add a audit via the API: ${e.message}`); ctx.body = e.message; ctx.status = 400; } } /* * Retrieves the list of Audits */ async function getAudits(ctx) { // Must be admin if (!authorisation.inGroup('admin', ctx.authenticated)) { utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to getAudits denied.`, 'info'); return; } try { let filters; const filtersObject = ctx.request.query; // get limit and page values const filterLimit = filtersObject.filterLimit != null ? filtersObject.filterLimit : 0; const filterPage = filtersObject.filterPage != null ? filtersObject.filterPage : 0; const { filterRepresentation } = filtersObject; // remove limit/page/filterRepresentation values from filtersObject (Not apart of filtering and will break filter if present) delete filtersObject.filterLimit; delete filtersObject.filterPage; delete filtersObject.filterRepresentation; // determine skip amount const filterSkip = filterPage * filterLimit; // get projection object const projectionFiltersObject = getProjectionObject(filterRepresentation); if (filtersObject.filters != null) { filters = JSON.parse(filtersObject.filters); } else { filters = {}; } // parse date to get it into the correct format for querying if (filters['eventIdentification.eventDateTime']) { filters['eventIdentification.eventDateTime'] = JSON.parse(filters['eventIdentification.eventDateTime']); } if (filters['participantObjectIdentification.participantObjectID']) { // filter by AND on same property for patientID and objectID if (filters['participantObjectIdentification.participantObjectID'].type) { const patientID = new RegExp(filters['participantObjectIdentification.participantObjectID'].patientID); const objectID = new RegExp(filters['participantObjectIdentification.participantObjectID'].objectID); filters.$and = [{ 'participantObjectIdentification.participantObjectID': patientID }, { 'participantObjectIdentification.participantObjectID': objectID }]; // remove participantObjectIdentification.participantObjectID property as we create a new '$and' operator delete filters['participantObjectIdentification.participantObjectID']; } else { const participantObjectID = JSON.parse(filters['participantObjectIdentification.participantObjectID']); filters['participantObjectIdentification.participantObjectID'] = new RegExp(`${participantObjectID}`); } } // execute the query ctx.body = await _audits.AuditModel.find(filters, projectionFiltersObject).skip(filterSkip).limit(parseInt(filterLimit, 10)).sort({ 'eventIdentification.eventDateTime': -1 }).exec(); // audit each retrieved record, but only for non-basic representation requests if (filterRepresentation === 'full' || filterRepresentation === 'simpledetails') { Array.from(ctx.body).map(record => auditLogUsed(record._id, _atnaAudit.default.constants.OUTCOME_SUCCESS, ctx.authenticated)); } } catch (e) { utils.logAndSetResponse(ctx, 500, `Could not retrieve audits via the API: ${e}`, 'error'); } } /* * Retrieves the details for a specific Audit Record */ async function getAuditById(ctx, auditId) { // Must be admin if (!authorisation.inGroup('admin', ctx.authenticated)) { utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to getAuditById denied.`, 'info'); return; } // Get the values to use auditId = unescape(auditId); try { // get projection object const projectionFiltersObject = getProjectionObject('full'); const result = await _audits.AuditModel.findById(auditId, projectionFiltersObject).exec(); // Test if the result if valid if (!result) { ctx.body = `Could not find audits record with ID: ${auditId}`; ctx.status = 404; return auditLogUsed(auditId, _atnaAudit.default.constants.OUTCOME_MINOR_FAILURE, ctx.authenticated); } else { ctx.body = result; return auditLogUsed(auditId, _atnaAudit.default.constants.OUTCOME_SUCCESS, ctx.authenticated); } } catch (e) { utils.logAndSetResponse(ctx, 500, `Could not get audit by ID via the API: ${e}`, 'error'); auditLogUsed(auditId, _atnaAudit.default.constants.OUTCOME_MAJOR_FAILURE, ctx.authenticated); } } /* * construct audit filtering dropdown options */ async function getAuditsFilterOptions(ctx) { // Must be admin if (!authorisation.inGroup('admin', ctx.authenticated)) { utils.logAndSetResponse(ctx, 403, `User ${ctx.authenticated.email} is not an admin, API access to getAudits denied.`, 'info'); return; } try { ctx.body = await _audits.AuditMetaModel.findOne({}).exec(); } catch (e) { utils.logAndSetResponse(ctx, 500, `Could not retrieve audits filter options via the API: ${e}`, 'error'); } } //# sourceMappingURL=audits.js.map