OH2-255 Revise and align permissions for CORE, API and UI (#411)

* General refactoring of endpoints, permissions and security. - remove duplicates - added missing - refactored some controllers and endpoints (resources in plurals) - made permission spelled like endpoint - sorted in alphabetical order, then CRUD - removed PATCH methods * Move /discharges to /admissions/discharges endpoint and so remove discharges.* permissions, admission.* ones will be used. * Fix one typo "visitss" * Update PR #411 (#415) * Modify duplicate @PostMapping in VisitsController Update oh.yaml Fix Tests * Removed "// TODO Auto-generated method stub" comments * Remapped /visit(s) endpoint * Align with develop --------- Co-authored-by: Niccolò Pasquetto <[email protected]>
informatici · Jan 9, 2024 · 0c626cb · 0c626cb
1 parent fcc7215
commit 0c626cb
Show file tree

Hide file tree

Showing 17 changed files with 1,366 additions and 1,035 deletions.
diff --git a/openapi/oh.yaml b/openapi/oh.yaml
diff --git a/src/main/java/org/isf/admission/rest/AdmissionController.java b/src/main/java/org/isf/admission/rest/AdmissionController.java
@@ -235,11 +235,11 @@ public ResponseEntity<List<AdmittedPatientDTO>> getAdmittedPatients(
  */
  @GetMapping(value = "/admissions", produces = MediaType.APPLICATION_JSON_VALUE)
  public ResponseEntity<Page<AdmissionDTO>> getAdmissions(
- @RequestParam(name = "admissionrange") @DateTimeFormat(iso = DateTimeFormat.ISO.DATE_TIME) @ArraySchema(schema = @Schema(implementation = String.class)) LocalDateTime[] admissionRange,
- @RequestParam(value = "page", required = false, defaultValue = "0") int page,
- @RequestParam(value = "size", required = false, defaultValue = DEFAULT_PAGE_SIZE) int size,
- @RequestParam(value = "paged", required = false, defaultValue = "false") boolean paged)
- throws OHServiceException {
+  @RequestParam(name = "admissionrange") @DateTimeFormat(iso = DateTimeFormat.ISO.DATE_TIME) @ArraySchema(schema = @Schema(implementation = String.class)) LocalDateTime[] admissionRange,
+  @RequestParam(value = "page", required = false, defaultValue = "0") int page,
+  @RequestParam(value = "size", required = false, defaultValue = DEFAULT_PAGE_SIZE) int size,
+  @RequestParam(value = "paged", required = false, defaultValue = "false") boolean paged)
+  throws OHServiceException {
  LOGGER.debug("Get admissions started between {} and {}", admissionRange[0], admissionRange[1]);
 
  Page<AdmissionDTO> admissionsPageableDTO = new Page<>();
@@ -267,7 +267,7 @@ public ResponseEntity<Page<AdmissionDTO>> getAdmissions(
  * @return the {@link List} of found {@link Admission} or NO_CONTENT otherwise.
  * @throws OHServiceException
  */
- @GetMapping(value = "/discharges", produces = MediaType.APPLICATION_JSON_VALUE)
+ @GetMapping(value = "/admissions/discharges", produces = MediaType.APPLICATION_JSON_VALUE)
  public ResponseEntity<Page<AdmissionDTO>> getDischarges(
  @RequestParam(name = "dischargerange") @DateTimeFormat(iso = DateTimeFormat.ISO.DATE_TIME) @ArraySchema(schema = @Schema(implementation = String.class)) LocalDateTime[] dischargeRange,
  @RequestParam(value = "page", required = false, defaultValue = "0") int page,

diff --git a/src/main/java/org/isf/config/SecurityConfig.java b/src/main/java/org/isf/config/SecurityConfig.java
diff --git a/src/main/java/org/isf/dlvrrestype/rest/DeliveryResultTypeController.java b/src/main/java/org/isf/dlvrrestype/rest/DeliveryResultTypeController.java
@@ -48,7 +48,7 @@
 import io.swagger.v3.oas.annotations.security.SecurityRequirement;
 import io.swagger.v3.oas.annotations.tags.Tag;
 
-@RestController(value = "/deliveryresulttype")
+@RestController(value = "/deliveryresulttypes")
 @Tag(name = "Delivery Result Type")
 @SecurityRequirement(name = "bearerAuth")
 public class DeliveryResultTypeController {
@@ -57,7 +57,7 @@ public class DeliveryResultTypeController {
 
  @Autowired
  protected DeliveryResultTypeBrowserManager dlvrrestManager;
- 
+
  @Autowired
  protected DeliveryResultTypeMapper mapper;
 
@@ -74,13 +74,13 @@ public DeliveryResultTypeController(DeliveryResultTypeBrowserManager dlvrrestMan
  */
  @PostMapping(value = "/deliveryresulttypes", produces = MediaType.APPLICATION_JSON_VALUE)
  ResponseEntity<DeliveryResultTypeDTO> newDeliveryResultType(@RequestBody DeliveryResultTypeDTO dlvrrestTypeDTO)
- throws OHServiceException {
+  throws OHServiceException {
  String code = dlvrrestTypeDTO.getCode();
  LOGGER.info("Create Delivery Result Type {}", code);
  dlvrrestManager.newDeliveryResultType(mapper.map2Model(dlvrrestTypeDTO));
  DeliveryResultType dlvrrestTypeCreated = null;
  List<DeliveryResultType> dlvrrestTypeFounds = dlvrrestManager.getDeliveryResultType().stream()
- .filter(ad -> ad.getCode().equals(code)).collect(Collectors.toList());
+  .filter(ad -> ad.getCode().equals(code)).collect(Collectors.toList());
  if (!dlvrrestTypeFounds.isEmpty()) {
  dlvrrestTypeCreated = dlvrrestTypeFounds.get(0);
  }
@@ -98,7 +98,7 @@ ResponseEntity<DeliveryResultTypeDTO> newDeliveryResultType(@RequestBody Deliver
  */
  @PutMapping(value = "/deliveryresulttypes", produces = MediaType.APPLICATION_JSON_VALUE)
  ResponseEntity<DeliveryResultTypeDTO> updateDeliveryResultTypes(@RequestBody DeliveryResultTypeDTO dlvrrestTypeDTO)
- throws OHServiceException {
+  throws OHServiceException {
  LOGGER.info("Update Delivery Result Type code: {}", dlvrrestTypeDTO.getCode());
  DeliveryResultType dlvrrestType = mapper.map2Model(dlvrrestTypeDTO);
  if (!dlvrrestManager.isCodePresent(dlvrrestType.getCode())) {
@@ -128,7 +128,7 @@ public ResponseEntity<List<DeliveryResultTypeDTO>> getDeliveryResultTypes() thro
  return ResponseEntity.ok(dlvrrestTypeDTOs);
  }
  }
- 
+
  /**
  * Delete {@link DeliveryResultType} for the specified code.
  * @param code
@@ -137,12 +137,12 @@ public ResponseEntity<List<DeliveryResultTypeDTO>> getDeliveryResultTypes() thro
  */
  @DeleteMapping(value = "/deliveryresulttypes/{code}", produces = MediaType.APPLICATION_JSON_VALUE)
  public ResponseEntity<Boolean> deleteDeliveryResultType(@PathVariable("code") String code)
- throws OHServiceException {
+  throws OHServiceException {
  LOGGER.info("Delete Delivery Result Type code: {}", code);
  if (dlvrrestManager.isCodePresent(code)) {
  List<DeliveryResultType> dlvrrestTypes = dlvrrestManager.getDeliveryResultType();
  List<DeliveryResultType> dlvrrestTypeFounds = dlvrrestTypes.stream().filter(ad -> ad.getCode().equals(code))
- .collect(Collectors.toList());
+  .collect(Collectors.toList());
  if (!dlvrrestTypeFounds.isEmpty()) {
  try {
  dlvrrestManager.deleteDeliveryResultType(dlvrrestTypeFounds.get(0));

diff --git a/src/main/java/org/isf/medicalstock/rest/MedicalStockMovementController.java b/src/main/java/org/isf/medicalstock/rest/MedicalStockMovementController.java
@@ -0,0 +1,230 @@
+/*
+ * Open Hospital (www.open-hospital.org)
+ * Copyright © 2006-2023 Informatici Senza Frontiere ([email protected])
+ *
+ * Open Hospital is a free and open source software for healthcare data management.
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * https://www.gnu.org/licenses/gpl-3.0-standalone.html
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see <https://www.gnu.org/licenses/>.
+ */
+package org.isf.medicalstock.rest;
+
+import java.time.LocalDateTime;
+import java.util.ArrayList;
+import java.util.List;
+
+import org.isf.medicals.manager.MedicalBrowsingManager;
+import org.isf.medicals.model.Medical;
+import org.isf.medicalstock.dto.LotDTO;
+import org.isf.medicalstock.dto.MovementDTO;
+import org.isf.medicalstock.manager.MovBrowserManager;
+import org.isf.medicalstock.manager.MovStockInsertingManager;
+import org.isf.medicalstock.mapper.LotMapper;
+import org.isf.medicalstock.mapper.MovementMapper;
+import org.isf.medicalstock.model.Lot;
+import org.isf.medicalstock.model.Movement;
+import org.isf.shared.exceptions.OHAPIException;
+import org.isf.utils.exception.OHServiceException;
+import org.isf.utils.exception.model.OHExceptionMessage;
+import org.isf.ward.model.Ward;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
+import io.swagger.v3.oas.annotations.tags.Tag;
+
+@RestController(value = "/medicalstockmovements")
+@Tag(name = "Stock Movements")
+@SecurityRequirement(name = "bearerAuth")
+public class MedicalStockMovementController {
+
+ @Autowired
+ private MovementMapper movMapper;
+
+ @Autowired
+ private LotMapper lotMapper;
+
+ @Autowired
+ private MovBrowserManager movManager;
+
+ @Autowired
+ private MovStockInsertingManager movInsertingManager;
+
+ @Autowired
+ private MedicalBrowsingManager medicalManager;
+
+ /**
+ * Insert a list of charging {@link Movement}s and related {@link Lot}s.
+ * 
+ * @param movementDTOs - the list of {@link Movement}s
+ * @param referenceNumber - the reference number to be set for all movements
+ * if {@link null}, each movement must have a different referenceNumber
+ * @return 
+ * @throws OHServiceException 
+ */
+ @PostMapping(value = "/medicalstockmovements/charge", produces = MediaType.APPLICATION_JSON_VALUE)
+ public ResponseEntity<Boolean> newMultipleChargingMovements(@RequestBody List<MovementDTO> movementDTOs,
+ @RequestParam(name = "ref", required = true) String referenceNumber) throws OHServiceException {
+ List<Movement> movements = new ArrayList<>(movMapper.map2ModelList(movementDTOs));
+ movInsertingManager.newMultipleChargingMovements(movements, referenceNumber);
+ return ResponseEntity.status(HttpStatus.CREATED).body(true);
+ }
+
+ /**
+ * Insert a list of discharging {@link Movement}s.
+ * 
+ * @param movementDTOs - the list of {@link Movement}s
+ * @param referenceNumber - the reference number to be set for all movements
+ * if {@link null}, each movement must have a different referenceNumber
+ * @return 
+ * @throws OHServiceException 
+ */
+ @PostMapping(value = "/medicalstockmovements/discharge", produces = MediaType.APPLICATION_JSON_VALUE)
+ public ResponseEntity<Boolean> newMultipleDischargingMovements(@RequestBody List<MovementDTO> movementDTOs,
+ @RequestParam(name = "ref", required = true) String referenceNumber) throws OHServiceException {
+ List<Movement> movements = new ArrayList<>(movMapper.map2ModelList(movementDTOs));
+ movInsertingManager.newMultipleDischargingMovements(movements, referenceNumber);
+ return ResponseEntity.status(HttpStatus.CREATED).body(true);
+ }
+
+ /**
+ * Retrieves all the {@link Movement}s.
+ * @return the retrieved movements.
+ * @throws OHServiceException 
+ */
+ @GetMapping(value = "/medicalstockmovements", produces = MediaType.APPLICATION_JSON_VALUE)
+ public ResponseEntity<List<MovementDTO>> getMovements() throws OHServiceException {
+ List<Movement> movements = movManager.getMovements();
+ return collectResults(movements);
+ }
+
+ /**
+ * Retrieves all the movement associated to the specified {@link Ward}.
+ * @param wardId
+ * @param dateFrom
+ * @param dateTo
+ * @return the retrieved movements.
+ * @throws OHServiceException
+ */
+ @GetMapping(value = "/medicalstockmovements/filter/v1", produces = MediaType.APPLICATION_JSON_VALUE)
+ public ResponseEntity<List<MovementDTO>> getMovements(
+ @RequestParam("ward_id") String wardId,
+ @RequestParam("from") LocalDateTime dateFrom,
+ @RequestParam("to") LocalDateTime dateTo) throws OHServiceException {
+ List<Movement> movements = movManager.getMovements(wardId, dateFrom, dateTo);
+ return collectResults(movements);
+ }
+
+ /**
+ * Retrieves all the movement associated to the specified reference number.
+ * @param refNo
+ * @return the retrieved movements
+ * @throws OHServiceException
+ */
+ @GetMapping(value = "/medicalstockmovements/{ref}", produces = MediaType.APPLICATION_JSON_VALUE)
+ public ResponseEntity<List<MovementDTO>> getMovements(@PathVariable("ref") String refNo) throws OHServiceException {
+ List<Movement> movements = movManager.getMovementsByReference(refNo);
+ return collectResults(movements);
+ }
+
+ /**
+ * Retrieves all the {@link Movement}s with the specified criteria.
+ * @param medicalCode
+ * @param medicalType
+ * @param wardId
+ * @param movType
+ * @param movFrom
+ * @param movTo
+ * @param lotPrepFrom
+ * @param lotPrepTo
+ * @param lotDueFrom
+ * @param lotDueTo
+ * @return the retrieved movements.
+ * @throws OHServiceException
+ */
+ @GetMapping(value = "/medicalstockmovements/filter/v2", produces = MediaType.APPLICATION_JSON_VALUE)
+ public ResponseEntity<List<MovementDTO>> getMovements(
+ @RequestParam(name = "med_code", required = false) Integer medicalCode,
+ @RequestParam(name = "med_type", required = false) String medicalType,
+ @RequestParam(name = "ward_id", required = false) String wardId,
+ @RequestParam(name = "mov_type", required = false) String movType,
+ @RequestParam(name = "mov_from", required = false) LocalDateTime movFrom,
+ @RequestParam(name = "mov_to", required = false) LocalDateTime movTo,
+ @RequestParam(name = "lot_prep_from", required = false) LocalDateTime lotPrepFrom,
+ @RequestParam(name = "lot_prep_to", required = false) LocalDateTime lotPrepTo,
+ @RequestParam(name = "lot_due_from", required = false) LocalDateTime lotDueFrom,
+ @RequestParam(name = "lot_due_to", required = false) LocalDateTime lotDueTo) throws OHServiceException {
+
+ List<Movement> movements = movManager.getMovements(medicalCode, medicalType, wardId, movType, movFrom, movTo, lotPrepFrom, lotPrepTo, lotDueFrom,
+ lotDueTo);
+ return collectResults(movements);
+ }
+
+ /**
+ * Retrieves all the {@link Lot} associated to the specified {@link Medical}, expiring first on top
+ * @param medCode
+ * @return the retrieved lots.
+ * @throws OHServiceException
+ */
+ @GetMapping(value = "/medicalstockmovements/lot/{med_code}", produces = MediaType.APPLICATION_JSON_VALUE)
+ public ResponseEntity<List<LotDTO>> getLotByMedical(@PathVariable("med_code") int medCode) throws OHServiceException {
+ Medical med = medicalManager.getMedical(medCode);
+ if (med == null) {
+ throw new OHAPIException(new OHExceptionMessage("Medical not found."));
+ }
+ List<Lot> lots = movInsertingManager.getLotByMedical(med);
+ List<LotDTO> mappedLots = lotMapper.map2DTOList(lots);
+ if (mappedLots.isEmpty()) {
+ return ResponseEntity.status(HttpStatus.NO_CONTENT).body(mappedLots);
+ } else {
+ return ResponseEntity.ok(mappedLots);
+ }
+ }
+
+ /**
+ * Checks if the provided quantity is under the medical limits. 
+ * @param medCode
+ * @param specifiedQuantity
+ * @return {@code true} if is under the limit, false otherwise
+ * @throws OHServiceException
+ */
+ @GetMapping(value = "/medicalstockmovements/critical/check", produces = MediaType.APPLICATION_JSON_VALUE)
+ public ResponseEntity<Boolean> alertCriticalQuantity(
+ @RequestParam("med_code") int medCode,
+ @RequestParam("qty") int specifiedQuantity) throws OHServiceException {
+ Medical med = medicalManager.getMedical(medCode);
+ if (med == null) {
+ throw new OHAPIException(new OHExceptionMessage("Medical not found."));
+ }
+ return ResponseEntity.ok(movInsertingManager.alertCriticalQuantity(med, specifiedQuantity));
+ }
+
+ private ResponseEntity<List<MovementDTO>> collectResults(List<Movement> movements) {
+ List<MovementDTO> mappedMovements = movMapper.map2DTOList(movements);
+ if (mappedMovements.isEmpty()) {
+ return ResponseEntity.status(HttpStatus.NO_CONTENT).body(mappedMovements);
+ } else {
+ return ResponseEntity.ok(mappedMovements);
+ }
+ }
+}