public function testPrepare()
{
$this->_initSequenceTables();
// test audit first
$audit = new Audit();
$audit->_ormPersist = true;
$audit->objectClass = 'StdClass';
$audit->persist();
$this->assertTrue($audit->auditId > 0, 'Audit: Failed to persist');
if ($audit->auditId > 0) {
$audit->setPersistMode(WebVista_Model_ORM::DELETE);
$audit->persist();
}
$auditValue = new AuditValue();
$auditValue->_ormPersist = true;
$auditValue->key = 'Key';
$auditValue->value = 'Value';
$auditValue->persist();
$this->assertTrue($auditValue->auditValueId > 0, 'AuditValue: Failed to persist');
if ($auditValue->auditValueId > 0) {
$auditValue->setPersistMode(WebVista_Model_ORM::DELETE);
$auditValue->persist();
}
if ($this->_autoLoggedIn) {
$this->_setupAutoLogin();
}
}
public static function hookExpiredSession($sessionContents)
{
if (session_decode($sessionContents)) {
if (Zend_Auth::getInstance()->hasIdentity()) {
$identity = Zend_Auth::getInstance()->getIdentity();
$audit = new Audit();
$audit->objectClass = 'Logout';
$audit->userId = (int) $identity->personId;
$audit->message = __('user') . ': ' . $identity->username . ' ' . __('was logged out due to session expiration');
$audit->dateTime = date('Y-m-d H:i:s');
$audit->_ormPersist = true;
$audit->persist();
}
}
}
public function testUserLoggedOut()
{
$this->_objects = GeneralAlertHandler::generateUserLoggedOut();
$objects = array();
$db = Zend_Registry::get('dbAdapter');
$audit = new Audit();
$audit->_ormPersist = true;
$audit->objectClass = 'Logout';
$audit->objectId = 0;
$audit->dateTime = date('Y-m-d H:i:s');
$audit->type = WebVista_Model_ORM::REPLACE;
$audit->userId = (int) Zend_Auth::getInstance()->getIdentity()->personId;
$audit->persist();
$objects['audit'] = $audit;
$clinicalNote = new ClinicalNote();
$clinicalNote->personId = $this->_objects['person']->person_id;
$clinicalNote->visitId = 100;
$clinicalNote->clinicalNoteDefinitionId = 19;
$clinicalNote->dateTime = date('Y-m-d H:i:s');
$clinicalNote->eSignatureId = (int) Zend_Auth::getInstance()->getIdentity()->personId;
$clinicalNote->persist();
$objects['clinicalNote'] = $clinicalNote;
$eSign = new ESignature();
// cleanup all generalAlerts
$db->query('DELETE FROM ' . $eSign->_table);
$eSign->dateTime = date('Y-m-d H:i:s');
$eSign->signedDateTime = '0000-00-00 00:00:00';
$eSign->signingUserId = (int) Zend_Auth::getInstance()->getIdentity()->personId;
$eSign->objectId = $clinicalNote->clinicalNoteId;
$eSign->objectClass = get_class($clinicalNote);
$eSign->summary = ' **Unsigned**';
$eSign->persist();
$objects['eSignature'] = $eSign;
// cleanup all generalAlerts
$generalAlert = new GeneralAlert();
$db->query('DELETE FROM ' . $generalAlert->_table);
$process = Processingd::getInstance();
$process->clearProcesses();
$process->addProcess(new ProcessAlert());
$process->startProcessing(false);
$generalAlertIterator = $generalAlert->getIterator();
$ctr = 0;
foreach ($generalAlertIterator as $alert) {
$objects['generalAlert' . $ctr++] = $alert;
}
$this->assertEquals($ctr, 1, 'No alert created even with signed items');
$this->_cleanUpObjects($objects);
}
public function processAction()
{
$authAdapter = new Zend_Auth_Adapter_DbTable(Zend_Registry::get('dbAdapter'));
$authAdapter->setTableName('user')->setIdentityColumn('username')->setCredentialColumn('password')->setIdentity($_POST['username'])->setCredential($_POST['password']);
$auth = Zend_Auth::getInstance();
$result = $auth->authenticate($authAdapter);
$audit = new Audit();
$audit->objectClass = 'Login';
$audit->objectId = 0;
$data = array();
if ($result->isValid()) {
unset($this->_session->messages);
$identity = $auth->getIdentity();
$user = new User();
$user->username = $identity;
$user->populateWithUsername();
Zend_Auth::getInstance()->getStorage()->write($user);
//$this->_redirect('login/complete');
//$this->_forward('index','main');
$data['msg'] = __("Login successful.");
$data['code'] = 200;
$audit->message = __('user') . ': ' . $_POST['username'] . ' ' . __('login successful');
$audit->userId = $user->userId;
} else {
$auth->clearIdentity();
$this->_session->messages = $result->getMessages();
//$this->_redirect('login');
$data['err'] = __("Invalid username/password.");
$data['code'] = 404;
$audit->message = __('user') . ': ' . $_POST['username'] . ' ' . __('login failed due to bad password');
}
$audit->dateTime = date('Y-m-d H:i:s');
$audit->_ormPersist = true;
$audit->persist();
header('Content-Type: application/xml;');
$this->view->data = $data;
$this->completeAction();
//$this->render();
}
public function indexAction()
{
if (Zend_Auth::getInstance()->hasIdentity()) {
$identity = Zend_Auth::getInstance()->getIdentity();
$audit = new Audit();
$audit->objectClass = 'Logout';
$audit->userId = (int) $identity->personId;
$audit->message = __('user') . ': ' . $identity->username . ' ' . __('logged out');
$audit->dateTime = date('Y-m-d H:i:s');
$audit->_ormPersist = true;
$audit->persist();
// audit only if logged in to avoid multiple logouts
}
$noRedirect = (int) $this->_getParam('noRedirection', 0);
Zend_Auth::getInstance()->clearIdentity();
// comment-out session destroy to give way the session expiration in WebVista_Session_SaveHandler hook
//Zend_Session::destroy(true);
if ($noRedirect === 0) {
$this->_redirect('');
}
exit;
}
/**
* Store changes to the audit log
*/
function audit($obj)
{
$audit = new Audit();
$audit->objectClass = get_class($obj);
$classObjectIdKey = lcfirst($audit->objectClass);
$objectIdKey = $classObjectIdKey . "Id";
$objectLegacyIdKey = strtolower(preg_replace('/([A-Z]{1})/', '_\\1', $classObjectIdKey)) . "_id";
if (!isset($obj->{$objectIdKey}) && !isset($obj->{$objectLegacyIdKey})) {
//trigger_error("objIdKey not found: $objectIdKey for " . get_class($obj),E_USER_NOTICE);
return false;
}
$audit->objectId = $obj->{$objectIdKey};
$audit->userId = (int) Zend_Auth::getInstance()->getIdentity()->personId;
$audit->type = $obj->_persistMode;
$audit->dateTime = date('Y-m-d H:i:s');
$audit->persist();
if ($obj instanceof ORM) {
foreach ($obj->ORMFields() as $field) {
$auditValue = new AuditValue();
$auditValue->auditId = $audit->auditId;
$auditValue->key = $field;
if (is_object($obj->{$field})) {
$auditValue->value = get_class($obj->{$field});
} else {
$auditValue->value = (string) $obj->{$field};
}
$auditValue->persist();
}
}
}
public function processResendOutboundFaxAction()
{
$messagingId = (int) $this->_getParam('messagingId');
$faxNumber = $this->_getParam('faxNumber');
$messaging = new Messaging();
if ($messagingId > 0) {
$messaging->messagingId = $messagingId;
$messaging->populate();
}
if ($messagingId->auditId > 0) {
$messaging->faxNumber = '';
if (is_numeric($faxNumber) && strlen($faxNumber) > 9) {
$messaging->faxNumber = $faxNumber;
}
$messaging->resend = 1;
$messaging->persist();
$audit = new Audit();
$audit->auditId = $messagingAudit->auditId;
$audit->populate();
$audit->startProcessing = '0000-00-00 00:00:00';
$audit->endProcessing = '0000-00-00 00:00:00';
$audit->persist();
}
$json = Zend_Controller_Action_HelperBroker::getStaticHelper('json');
$json->suppressExit = true;
$json->direct(true);
}
public function install()
{
$filename = $this->getUploadFilename();
if (file_exists($filename)) {
$size = sprintf("%u", filesize($filename));
$units = array('B', 'KB', 'MB', 'GB', 'TB');
$pow = floor(($size ? log($size) : 0) / log(1024));
$pow = min($pow, count($units) - 1);
$size /= pow(1024, $pow);
if ($pow == 2 && round($size, 1) > 10 || $pow > 2) {
// queue if > 10 MB
$this->queue = 1;
$this->status = 'Pending';
$this->persist();
}
}
$audit = new Audit();
$audit->objectClass = 'UpdateManager';
$audit->userId = (int) Zend_Auth::getInstance()->getIdentity()->personId;
$audit->message = 'License of update file ' . $this->name . ' from ' . $this->channel . ' channel was accepted';
$audit->dateTime = date('Y-m-d H:i:s');
if ($this->queue) {
$audit->message .= ' and updates pending to apply.';
$ret = true;
} else {
$this->queue = 0;
$alterTable = new AlterTable();
$ret = $alterTable->generateSqlChanges($filename);
if ($ret === true) {
$alterTable->executeSqlChanges();
//$this->active = 0;
$this->status = 'Completed';
$this->persist();
$audit->message .= ' and updates applied successfully.';
} else {
$audit->message .= ' and updates failed to apply.';
$this->status = 'Error: ' . $ret;
$this->persist();
}
}
$audit->persist();
}
public static function auditAccess($controllerName, $actionName)
{
$audit = new Audit();
$audit->objectClass = 'AccessRecord';
$audit->message = 'IP Address ' . $_SERVER['REMOTE_ADDR'] . ' accessing ' . $controllerName . '/' . $actionName;
$audit->dateTime = date('Y-m-d H:i:s');
$audit->persist();
}
public static function auditAccess($controllerName, $actionName)
{
$audit = new Audit();
$audit->objectClass = 'AccessRecord';
$audit->message = 'Accessed ' . $controllerName . '/' . $actionName;
if (isset($_GET['person_id']) && $_GET['person_id'] > 0) {
$audit->patientId = (int) $_GET['person_id'];
}
if (isset($_GET['patient_id']) && $_GET['patient_id'] > 0) {
$audit->patientId = (int) $_GET['patient_id'];
}
if (isset($_GET['personId']) && $_GET['personId'] > 0) {
$audit->patientId = (int) $_GET['personId'];
}
if (isset($_GET['patientId']) && $_GET['patientId'] > 0) {
$audit->patientId = (int) $_GET['patientId'];
}
//trigger_error($audit->message . $audit->patientId,E_USER_NOTICE);
$audit->dateTime = date('Y-m-d H:i:s');
$audit->persist();
}
public static function generateTestTetanus()
{
$objects = array();
$person = new Person();
$person->last_name = 'ClearHealth';
$person->first_name = 'Test';
$person->middle_name = 'I';
$person->active = 1;
$person->persist();
$objects['person'] = $person;
$patient = new Patient();
$patient->person->_cascadePersist = false;
// to avoid persist() calls on person
$patient->person_id = $person->person_id;
$patient->recordNumber = 1000;
$patient->persist();
$objects['patient'] = $patient;
$medication = new Medication();
$medication->_shouldAudit = false;
// do not audit
$medication->hipaaNDC = 'hipaaNDC';
$medication->personId = $patient->person_id;
$medication->persist();
$objects['medication'] = $medication;
$audit = new Audit();
$audit->_ormPersist = true;
$audit->objectClass = get_class($medication);
$audit->objectId = $medication->medicationId;
$audit->dateTime = date('Y-m-d H:i:s');
$audit->type = WebVista_Model_ORM::REPLACE;
$audit->userId = (int) Zend_Auth::getInstance()->getIdentity()->personId;
$audit->persist();
$objects['audit'] = $audit;
$handler = new HealthStatusHandler();
$handler->name = 'Tetanus Shots Handler ' . NSDR::create_guid();
$handler->active = 1;
$handler->timeframe = '+1 month';
//$handler->condition = $audit->auditId;
$handlerName = Handler::normalizeHandlerName($handler->name);
$handler->handlerObject = <<<EOL
class {$handlerName}HealthStatusHandlerObject extends HealthStatusHandlerObjectAbstract {
\t//abstract requires at least this method
\tpublic static function matchAudit(HealthStatusHandler \$handler,Audit \$auditOrm) {
\t\t// check if the patientId of the item referenced by the audit is subscribed to the handler, if not return false (no match)
\t\t\$objectClass = \$auditOrm->objectClass;
\t\t\$obj = new \$objectClass();
\t\tforeach (\$obj->_primaryKeys as \$key) {
\t\t\t\$obj->\$key = \$auditOrm->objectId;
\t\t}
\t\t\$obj->populate();
\t\t\$patientId = \$obj->personId;
\t\tif (!HealthStatusHandlerPatient::isPatientSubscribed(\$handler->healthStatusHandlerId,\$patientId)) {
\t\t\treturn false;
\t\t}
\t\tif (\$auditOrm->objectClass == '{$audit->objectClass}' && \$auditOrm->type == '{$audit->type}') {
\t\t\treturn true;
\t\t}
\t\treturn false;
\t}
\tpublic static function fulfill(HealthStatusHandler \$handler,\$patientId) {
\t\t// fulfill sees if current patient has any open alerts linked to this handler
\t\t\$alert = new HealthStatusAlert();
\t\t\$alert->populateByHandlerPatientId(\$handler->healthStatusHandlerId,\$patientId);
\t\t// if there are open alerts then calls patientMatch again
\t\tif (strlen(\$alert->status) > 0) {
\t\t\t// if patientMatch returns FALSE then marks alerts as fulfilled if patientMatch return non-false alerts stay as is
\t\t\t// sees if any alerts exist for the patient that are for this handler and marks then as fulfilled if the same condition in patientMatch is reversed
\t\t\tif (self::patientMatch(\$handler,\$patientId) === false) {
\t\t\t\t\$alert->status = 'fulfilled';
\t\t\t\t\$alert->persist();
\t\t\t}
\t\t}
\t}
\tpublic static function patientMatch(HealthStatusHandler \$handler,\$patientId) {
\t\t// check if the patient does not have any record of a tetanus immunization (preferably by using NSDR)
\t\t// if it has, add the timeframe to the date of that immunization and check if that date is greater than today, if so then return true
\t\t// \$immunization = NSDR::populate(\$patientId.'::com.clearhealth.immunization');
\t\t// temporarily superseded NSDR
\t\t\$alert = new HealthStatusAlert();
\t\t\$alert->populateByHandlerPatientId(\$handler->healthStatusHandlerId,\$patientId);
\t\tif (!strlen(\$alert->status) > 0) {
\t\t\t// no existing alert, return true
\t\t\treturn true;
\t\t}
\t\t// would test to see if the date of a given patients last tetanus shot plus the timeframe is less than today
\t\t// if (strtotime(\$handler->timeframe,strtotime(\$alert->dateTime)) < strtotime(date('m/d/Y h:i A',strtotime('+1 month')))) {
\t\tif (\$alert->status == 'active') {
\t\t\tif (strtotime(\$alert->dateDue) < strtotime(date('m/d/Y h:i A',strtotime('+5 weeks')))) {
\t\t\t\t//self::fulfill(\$handler,\$patientId);
\t\t\t\treturn false;
\t\t\t}
\t\t\t// patientMatch checks if patient 1234 has NOT had a tetanus when date of last tetanus + timeframe < today and generates an alert
\t\t\treturn true;
\t\t}
\t\t/* \$alert->lastOccurence
\t\tif (\$alert->status == 'active' || \$alert->status == 'fulfilled' || \$alert->status == 'ignored') {
\t\t\t// would not match if patient already has an active, fulfilled or ignored alert
\t\t\treturn false;
\t\t}
\t\t*/
\t\treturn true;
\t}
}
EOL;
$handler->datasource = $handler->generateDefaultDatasource();
$handler->template = $handler->generateDefaultTemplate();
$handler->persist();
$objects['healthStatusHandler'] = $handler;
// subscribe patient to handler
$handlerPatient = new HealthStatusHandlerPatient();
$handlerPatient->healthStatusHandlerId = $handler->healthStatusHandlerId;
$handlerPatient->personId = $patient->personId;
$handlerPatient->persist();
$objects['healthStatusHandlerPatient'] = $handler;
return $objects;
}
public function testTetanusShotsFulfillWithAudit()
{
$this->_objects = HealthStatusHandler::generateTestTetanus();
$objects = array();
$timeTrigger = date('h:i A', strtotime('-10 minutes'));
$processHSA = new ProcessHSA($timeTrigger);
$process = Processingd::getInstance();
$process->clearProcesses();
$process->addProcess($processHSA);
$process->startProcessing(false);
$audit = new Audit();
$audit->_ormPersist = true;
$audit->objectClass = get_class($this->_objects['medication']);
$audit->objectId = $this->_objects['medication']->medicationId;
$audit->dateTime = date('Y-m-d H:i:s');
$audit->type = WebVista_Model_ORM::REPLACE;
$audit->userId = (int) Zend_Auth::getInstance()->getIdentity()->personId;
$audit->persist();
$objects['audit'] = $audit;
$time = date('h:i A', strtotime('-2 minutes'));
// advance the time to 2 minutes due to fast processing
$processHSA->setCurrentTime($time);
$process->clearProcesses();
$process->addProcess($processHSA);
$process->startProcessing(false);
$healthStatusAlert = new HealthStatusAlert();
$healthStatusAlert->populateByHandlerPatientId($this->_objects['healthStatusHandler']->healthStatusHandlerId, $this->_objects['patient']->personId);
$objects['healthStatusAlert'] = $healthStatusAlert;
$this->_cleanUpObjects($objects);
$this->assertTrue(strlen($healthStatusAlert->status) > 0, 'No alert created');
$this->assertEquals($healthStatusAlert->status, 'fulfilled', 'Alert is not fulfilled');
$this->assertEquals(date('Y-m-d', strtotime($healthStatusAlert->dateDue)), date('Y-m-d', strtotime('+1 month')), 'Due date is invalid');
}
public function processApplyAction()
{
$updateFileId = (int) $this->_getParam('updateFileId');
$updateFile = new UpdateFile();
$updateFile->updateFileId = $updateFileId;
$updateFile->populate();
$data = $updateFile->data;
$alterTable = new AlterTable();
$ret = $alterTable->generateSqlChanges($data);
if ($ret === true) {
$alterTable->executeSqlChanges();
$updateFile->active = 0;
$updateFile->persist();
$audit = new Audit();
$audit->objectClass = 'UpdateManager';
$audit->userId = (int) Zend_Auth::getInstance()->getIdentity()->personId;
$audit->message = 'License of update file ' . $updateFile->name . ' from ' . $updateFile->channel . ' channel was accepted and updates applied successfully.';
$audit->dateTime = date('Y-m-d H:i:s');
$audit->persist();
}
$json = Zend_Controller_Action_HelperBroker::getStaticHelper('json');
$json->suppressExit = true;
$json->direct($ret);
}
public static function processLogin($username, $password, Zend_Auth_Adapter_Interface $authAdapter = null)
{
if ($authAdapter === null) {
$authAdapter = new Zend_Auth_Adapter_DbTable(Zend_Registry::get('dbAdapter'));
}
$authAdapter->setTableName('user')->setIdentityColumn('username')->setCredentialColumn('password')->setIdentity($username)->setCredential($password);
$auth = Zend_Auth::getInstance();
$result = $auth->authenticate($authAdapter);
$audit = new Audit();
$audit->objectClass = 'Login';
$audit->objectId = 0;
if ($result->isValid()) {
$identity = $auth->getIdentity();
$user = new User();
$user->username = $identity;
$user->populateWithUsername();
if ($user->person->active) {
$auth->getStorage()->write($user);
$audit->userId = $user->userId;
$message = __('user') . ': ' . $user->username . ' ' . __('login successful');
} else {
$auth->clearIdentity();
$message = __('user') . ': ' . $username . ' ' . __('login failed due to inactive user');
$result = new Exception('Login failed due to inactive user');
}
} else {
$auth->clearIdentity();
$message = __('user') . ': ' . $username . ' ' . __('login failed due to bad password');
$result = new Exception('Invalid username/password');
}
$audit->message = $message;
$audit->dateTime = date('Y-m-d H:i:s');
$audit->_ormPersist = true;
$audit->persist();
return $result;
}
public static function generateClinicalNoteHandler()
{
$objects = self::_generatePatient();
$audit = new Audit();
$audit->_ormPersist = true;
$audit->objectClass = 'ClinicalNote';
$audit->objectId = $objects['patient']->person_id;
$audit->dateTime = date('Y-m-d H:i:s');
$audit->type = WebVista_Model_ORM::REPLACE;
$audit->userId = (int) Zend_Auth::getInstance()->getIdentity()->personId;
$audit->persist();
$objects['audit'] = $audit;
$handler = new GeneralAlertHandler();
$handler->name = 'Clinical Notes Handler ' . NSDR::create_guid();
$handler->active = 1;
$handler->condition = $audit->auditId;
$handler->handlerObject = $handler->generateDefaultHandlerObject();
$handlerName = Handler::normalizeHandlerName($handler->name);
$handler->datasource = <<<EOL
class {$handlerName}GeneralAlertDatasource extends GeneralAlertDatasourceAbstract {
\t//abstract requires at least this method
\tpublic static function sourceData(Audit \$audit) {
\t\t\$eSignIterator = new ESignatureIterator();
\t\t\$eSignIterator->setFilter(\$audit->userId,'signList');
\t\t\$ret = array();
\t\tforeach (\$eSignIterator as \$eSign) {
\t\t\t\$objectClass = \$eSign->objectClass;
\t\t\t\$obj = new \$objectClass();
\t\t\tforeach (\$obj->_primaryKeys as \$key) {
\t\t\t\t\$obj->\$key = \$eSign->objectId;
\t\t\t}
\t\t\t\$obj->populate();
\t\t\t\$personId = \$obj->personId;
\t\t\t\$patient = new Patient();
\t\t\t\$patient->personId = \$personId;
\t\t\t\$patient->populate();
\t\t\t\$teamId = \$patient->teamId;
\t\t\t\$row = array();
\t\t\t\$row['teamId'] = \$teamId;
\t\t\t\$row['signingUserId'] = \$eSign->signingUserId;
\t\t\t\$row['objectId'] = \$eSign->objectId;
\t\t\t\$row['objectClass'] = \$eSign->objectClass;
\t\t\t\$ret[] = \$row;
\t\t}
\t\treturn \$ret;
\t}
}
EOL;
$handler->template = $handler->generateDefaultTemplate();
$handler->persist();
$objects['generalAlertHandler'] = $handler;
return $objects;
}