From a6238c14e3c08b4f7ee7045824eae4e47890ccd3 Mon Sep 17 00:00:00 2001 From: Paul-Christian Volkmer Date: Wed, 12 Jul 2023 10:11:11 +0200 Subject: Issue #29: Backend-Service für ECOG-Status hinzugefügt --- src/main/java/DNPM/DNPMHelper.java | 19 ++++++++++++++++++- 1 file changed, 18 insertions(+), 1 deletion(-) (limited to 'src/main/java/DNPM/DNPMHelper.java') diff --git a/src/main/java/DNPM/DNPMHelper.java b/src/main/java/DNPM/DNPMHelper.java index cc8126a..50b153e 100644 --- a/src/main/java/DNPM/DNPMHelper.java +++ b/src/main/java/DNPM/DNPMHelper.java @@ -45,7 +45,7 @@ public class DNPMHelper implements IProcedureAnalyzer { @Override public String getVersion() { - return "0.3.0"; + return "0.4.0"; } @Override @@ -249,4 +249,21 @@ public class DNPMHelper implements IProcedureAnalyzer { } } + + // TODO Achtung, keine Sicherheitsprüfung, darüber kann für jeden Patienten die Liste mit ECOG-Status abgerufen werden! + public List getEcogStatus(final Map input) { + var pid = AnalyzerUtils.getRequiredId(input, "PatientId"); + if (pid.isEmpty()) { + logger.error("Kein Parameter 'PatientId' angegeben, gebe leere Liste zurück"); + return List.of(); + } + + var patient = onkostarApi.getPatient(pid.get()); + if (null == patient) { + logger.error("Patient nicht gefunden, gebe leere Liste zurück"); + return List.of(); + } + + return systemtherapieService.ecogSatus(patient); + } } \ No newline at end of file -- cgit v1.2.3 From 35f1aa0d757900e1a5d22d04ab85c9b22882a07b Mon Sep 17 00:00:00 2001 From: Paul-Christian Volkmer Date: Mon, 28 Aug 2023 14:39:43 +0200 Subject: Issue #29: Abgesicherter Zugriff auf ECOG Verlauf --- src/main/java/DNPM/DNPMHelper.java | 19 +++++++++++++++++-- 1 file changed, 17 insertions(+), 2 deletions(-) (limited to 'src/main/java/DNPM/DNPMHelper.java') diff --git a/src/main/java/DNPM/DNPMHelper.java b/src/main/java/DNPM/DNPMHelper.java index 50b153e..838ca9a 100644 --- a/src/main/java/DNPM/DNPMHelper.java +++ b/src/main/java/DNPM/DNPMHelper.java @@ -1,6 +1,9 @@ package DNPM; import DNPM.analyzer.AnalyzerUtils; +import DNPM.security.IllegalSecuredObjectAccessException; +import DNPM.security.PermissionType; +import DNPM.security.PersonPoolBasedPermissionEvaluator; import DNPM.services.systemtherapie.SystemtherapieService; import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.databind.ObjectMapper; @@ -17,6 +20,7 @@ import org.hibernate.transform.Transformers; import org.hibernate.type.StandardBasicTypes; import org.slf4j.Logger; import org.slf4j.LoggerFactory; +import org.springframework.security.core.context.SecurityContextHolder; import java.util.ArrayList; import java.util.HashMap; @@ -31,9 +35,16 @@ public class DNPMHelper implements IProcedureAnalyzer { private final SystemtherapieService systemtherapieService; - public DNPMHelper(final IOnkostarApi onkostarApi, final SystemtherapieService systemtherapieService) { + private final PersonPoolBasedPermissionEvaluator personPoolBasedPermissionEvaluator; + + public DNPMHelper( + final IOnkostarApi onkostarApi, + final SystemtherapieService systemtherapieService, + final PersonPoolBasedPermissionEvaluator permissionEvaluator + ) { this.onkostarApi = onkostarApi; this.systemtherapieService = systemtherapieService; + this.personPoolBasedPermissionEvaluator = permissionEvaluator; } @Override @@ -264,6 +275,10 @@ public class DNPMHelper implements IProcedureAnalyzer { return List.of(); } - return systemtherapieService.ecogSatus(patient); + if (personPoolBasedPermissionEvaluator.hasPermission(SecurityContextHolder.getContext().getAuthentication(), patient, PermissionType.READ)) { + return systemtherapieService.ecogSatus(patient); + } + + throw new IllegalSecuredObjectAccessException("Kein Zugriff auf diesen Patienten"); } } \ No newline at end of file -- cgit v1.2.3