token = $_POST["token"]; $post->cmd = $_POST["cmd"]; $post->data = json_decode($_POST["data"]); */ } } else { $post = new stdClass(); $post->token = $json->token; $post->cmd = $json->cmd; if (is_string($json->data)) { $post->data = json_decode($json->data); } else { $post->data = $json->data; } } if (!isset($post->cmd)) { showObj("Well someone is up to some fishing 2."); //showObj($json); //header('Location: '.$newURL); /* redirect to fake results with hints to drill down futher. If they take the bait, blacklist ip. */ //header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found", true, 404); die(); } die(); $cmd = $post->cmd; if ($cmd != "getTextractionStatus" && $cmd != "getQueueMessages" && $cmd != "getCommonDxCodes" && $cmd != "getReportName" && $cmd != "GetNextJob" && $cmd != "BatchAction" && $cmd != "ParseData") { showObj(" "); showObj(" "); showObj(" "); showObj($cmd); } $token = ""; if (isset($post->token)) { $token = $post->token; } if (!isset($post->data)) { showObj("Well someone is up to some fishing 2!!!!!."); showObj($json); header($_SERVER["SERVER_PROTOCOL"]." 404 Not Found", true, 404); die(); } $data = $post->data; $requestDetails = new stdClass(); $requestDetails->cmd = $cmd; $requestDetails->ipAddress = $_SERVER['REMOTE_ADDR']; $requestDetails->requestTime = microtime(true); $requestDetails->userId = ""; $requestDetails->token = $token; $requestDetails->tokenType = "API"; $requestDetails->permissions = array(); $response = getResponseObject(); $response->msgs[] = "A_OK::" . $cmd; $response->debug->requestDetails = $requestDetails; $cacheManager = new CacheManager(); $logger = new Logger(); //showObj($cmd); //showObj($json); $mySQLCon = new MySQLConnection(); switch ($cmd) { case "EchoRequest": { $response->data = $data; unset ($response->message); echo json_encode(sanatizeResponse($response)); $logger->logMessage($requestDetails, "API_CAll", "A_OK", "EchoRequest"); return; } case "DateCheck": { if (!isset($data->date)) { $response->msgs[] = "ERR:Date var missing"; echo json_encode(sanatizeResponse($response)); return; } $data->date = str_replace("-", "/", $data->date); $date = new DateTime($data->date); $response->data = new stdClass(); $response->data->fullDate = $date->Format('Y-m-d'); $response->data->year = $date->Format('Y'); $response->data->month = $date->Format('m'); $response->data->day = $date->Format('d'); echo json_encode(sanatizeResponse($response)); $logger->logMessage($requestDetails, "API_CAll", "A_OK", "DateCheck"); return; } case "GetToken": { if (!isset($data->accessKey)) { $response->msgs[] = "ERR:Access Key var Missing"; echo json_encode(sanatizeResponse($response)); return; } if (!isset($data->secret)) { $response->msgs[] = "ERR:Secret var Missing"; echo json_encode(sanatizeResponse($response)); return; } $authManager = new AuthManager($data); $response = $authManager->getAuthResponse(); $requestDetails->userId = $response->data->userId; unset($response->data->nameUser); unset($response->data->url); unset($response->data->userId); $resp = sanatizeResponse($response); echo json_encode($resp); $logger->logMessage($requestDetails, "API_CAll", $resp->msg , "GetToken"); return; } } $authManager = new AuthManager($requestDetails); $authResp = $authManager->getAuthResponse(); if (!isA_OK($authResp)) { showObj("ACCESS DENIED MID"); rejectRequest("Access Denied"); return; } switch ($cmd) { case "GetLabs": { $userManager = new ApiKeyManager($requestDetails->userId); $labs = $userManager->getLinksForTable()->data->pagedResults; showObj($labs); $response->data->labs = []; for ($i = 0; $i < count($labs); $i++) { $labManager = new LabManager($labs[$i]->id); $obj = $labManager->getLab(["labId", "nameLab", "clia"]); //$obj->outputs = $labManager->getPreferences()->io->outputs; $response->data->providers = $labManager->getLinkedUsersByPermission("PROVIDER"); $response->data->labs[] = $obj; } //$response->data->labs = $userManager->getLinksForTable()->data->pagedResults; /* $response->data->labs = array(); $response->data->labs[] = (object)([ "labId" => "{D0CD90EC-B66A-1145-4A3C-AA1AC55C3C36}", "nameLab" => "Test Labs", "clia" => "45D1234567", "outputs" => ["API","FAX"] ]); */ echo json_encode(sanatizeResponse($response)); $logger->logMessage($requestDetails, "API_CAll", "A_OK", "GetLabs"); return; } case "GetLabOrderObject": { $labOrder = new LabOrder(); $desc = isset($data->descriptions) ? $data->descriptions : false; if (is_string($data->descriptions) && strtoupper($data->descriptions) != "TRUE") { $desc = false; } $response->data->labOrder = $labOrder->getOrderSample($desc); echo json_encode(sanatizeResponse($response)); return; } case "BuildLabOrder": { if (!userHasPermission(["API_ACCESS"])) { rejectRequest("ACCESS_DENIED"); return; } if (!isset($data->labId)) { rejectRequest("ERR::labId var is missing"); return; } if (!isset($data->labOrder)) { rejectRequest("ERR::labOrder var is missing"); return; } $labManager = new LabManager($data->labId); if (!$labManager->validId()) { rejectRequest("ERR::Lab not found"); return; } if (!userLinkedToLab($data->labId)) { rejectRequest("ERR::access denied to Lab"); return; } $dataSource = $labManager->getDataSourceByType("CELLAPI", "INPUT"); if (is_null($dataSource)) { rejectRequest("ERR::Lab isn't configured for API Access"); return; } $dataSourceManager = new DataSourceManager($data->labId); $dataSourceManager->setDataSource($dataSource); $processIfReady = $data->processIfReady ?? false; showObj(($processIfReady) ? "true" : "false"); $dataSourceManager->addData($data->labOrder, null, "JSON", $processIfReady); showObj("POST ADD DATA"); if ($data->processIfReady) { $dataSource = $labManager->getDataSourceByType("CELLAPI", "OUTPUT"); showObj($dataSourceManager->pdf); if (!is_null($dataSource) && !is_null($dataSourceManager->pdf)) { $response->data->pdf = $dataSourceManager->pdf; $response->data->filename = $dataSourceManager->filename; } } $labOrder = $dataSourceManager->getLabOrder(); //$response->data->labOrder = $labOrder->getLabOrder("INPUT_DATA"); $response->data->reportId = $labOrder->reportId(); $response->data->reportStatus = $labOrder->orderStatus(); $missingItems = $labOrder->getMissingItems(); if (count($missingItems) > 0) { $response->data->missingItems = $missingItems; } echo json_encode(sanatizeResponse($response)); $logger->logMessage($requestDetails, "API_CAll", "A_OK", "BuildLabOrder", $response->data->reportId); return; } case "ProcessLabOrder": { if (!userHasPermission(["API_ACCESS"])) { rejectRequest("ACCESS_DENIED"); return; } $dataSourceManager = new DataSourceManager($data->labId); $dataSourceManager->setLabOrder($data->reportId); $dataSourceManager->processOrder(); $dataSourceManager->outputData(); $logger->logMessage($requestDetails, "API_CAll", "A_OK", "ProcessLabOrder", $data->reportId); return; } case "ProcessLabOrder2": { if (!userHasPermission(["SYS_ADMIN"])) { $response->msgs[] = "ERR::access denied"; echo json_encode(sanatizeResponse($response)); return; } if (!isset($data->labId)) { $response->msgs[] = "ERR::labId var is missing"; echo json_encode(sanatizeResponse($response)); return; } if (!isset($data->reportId)) { $response->msgs[] = "ERR::reportId var is missing"; echo json_encode(sanatizeResponse($response)); return; } $labOrder = new LabOrder($data); $order = $labOrder->getLabOrder(); $response->data->labOrder = $order; $labOrderProcessor = new LabOrderProcessor(); $labOrder = new LabOrder($data); $pdfManager = new PdfManager(); if (strtoupper($data->docType) == "SOMN") { $response->data->labOrder = $labOrderProcessor->processSomn($order); $response->data->pdf = $pdfManager->generateSomn($response->data->labOrder); $response->data->filename = $order->patientDemo->nameLast . " " . $order->patientDemo->nameFirst . " SOMN (" . $order->dateOfService . ").PDF"; } else if (strtoupper($data->docType) == "APPEAL") { $response->data->labOrder = $labOrderProcessor->processAppeal($order); $response->data->pdf = $pdfManager->generateAppeal($response->data->labOrder); $response->data->filename = $order->patientDemo->nameLast . " " . $order->patientDemo->nameFirst . " Appeal (" . $order->dateOfService . ").PDF"; } echo json_encode(sanatizeResponse($response)); return; } case "GetLabOrderStatus": { if (!isset($data->labId)) { $response->msgs[] = "ERR::labId var is missing"; echo json_encode(sanatizeResponse($response)); return; } if (!isset($data->reportId) && !isset($data->accessionId)) { if (!isset($data->reportId)) { $response->msgs[] = "ERR::reportId var is missing"; echo json_encode(sanatizeResponse($response)); return; } if (!isset($data->accessionId)) { $response->msgs[] = "ERR::accessionId var is missing"; echo json_encode(sanatizeResponse($response)); return; } } if ($data->labId != "{D0CD90EC-B66A-1145-4A3C-AA1AC55C3C36}") { $response->msgs[] = "ERR::Lab access not found"; echo json_encode(sanatizeResponse($response)); return; } $labOrder = new LabOrder($data); if (userHasPermission(["SYS_ADMIN"])) { $response->data->labOrder = $labOrder->getLabOrder("INPUT_DATA"); } $response->data->reportStatus = $labOrder->orderStatus(); $response->data->missingItems = $labOrder->getMissingItems(); /* $outputs = isset($data->outputs) ? $data->outputs : false; if (is_string($data->outputs) && strtoupper($data->outputs) != "TRUE") { $outputs = false; } */ if ($outputs) { $response->data->outputs = []; $response->data->outputs[] = (object) ([ "output" => "API", "status" => "DELIVERED"]); $response->data->outputs[] = (object) ([ "output" => "FAX", "status" => "DELIVERED"]); } echo json_encode(sanatizeResponse($response)); $logger->logMessage($requestDetails, "API_CAll", "A_OK", "GetLabOrderStatus"); return; } case "GetLabDoc": { if (!userHasPermission(["API_ACCESS"])) { rejectRequest("ACCESS_DENIED"); return; } if (!isset($data->labId)) { rejectRequest("ERR::labId var is missing"); return; } if (!isset($data->reportId)) { rejectRequest("ERR::reportId var is missing"); return; } if (!isset($data->docType)) { $data->docType = "SOMN"; } $labManager = new LabManager($data->labId); if (!$labManager->validId()) { rejectRequest("ERR::Lab not found"); return; } if (!userLinkedToLab($data->labId)) { rejectRequest("ERR::access denied to Lab"); return; } $fileIo = $labManager->getFileIoByDocTypeFromSource("CELLAPI", $data->docType, "OUTPUT"); if (is_null($fileIo)) { rejectRequest("ERR::docType not available"); return; } $labOrder = new LabOrder($data->reportId); $response->data->pdf = $labOrder->getFile($data->docType); $filenameFormat = $labManager->getFilename("CELLAPI", "SOMN"); $response->data->filename = $labOrder->getFilename($filenameFormat, $data->docType); echo json_encode(sanatizeResponse($response)); $logger->logMessage($requestDetails, "API_CAll", "A_OK", "GetLabDoc"); return; if (strtoupper($data->docType) == "SOMN") { $labOrder = new LabOrder($data); $order = $labOrder->getLabOrder(); $response->data->labOrder = $order; $labOrderProcessor = new LabOrderProcessor(); $response->data->labOrder = $labOrderProcessor->processSomn($order); $pdfManager = new PdfManager(); $response->data->pdf = $pdfManager->generateSomn($response->data->labOrder); $response->data->filename = $order->patientDemo->nameLast . " " . $order->patientDemo->nameFirst . " SOMN (" . $order->dateOfService . ").PDF"; } else if (strtoupper($data->docType) == "APPEAL") { $labOrder = new LabOrder($data); $order = $labOrder->getLabOrder(); $response->data->labOrder = $order; $labOrderProcessor = new LabOrderProcessor(); $response->data->labOrder = $labOrderProcessor->processAppeal($order); $pdfManager = new PdfManager(); $response->data->pdf = $pdfManager->generateAppeal($response->data->labOrder); $response->data->filename = $order->patientDemo->nameLast . " " . $order->patientDemo->nameFirst . " APPEAL (" . $order->dateOfService . ").PDF"; } else { $response->msgs[] = "ERR::DocType not available or recognized"; echo json_encode(sanatizeResponse($response)); return; } if (!userHasPermission(["SYS_ADMIN"])) { unset($response->data->labOrder); } echo json_encode(sanatizeResponse($response)); $logger->logMessage($requestDetails, "API_CAll", "A_OK", "GetLabDoc"); return; } case "GetApiEndpoint": { if (!userHasPermission(["API_ACCESS"])) { rejectRequest("ACCESS_DENIED"); return; } if (!isset($data->labId)) { rejectRequest("ERR::labId var is missing"); return; } $labManager = new LabManager($data->labId); $response->data->endpoint = $labManager->getApiEndpoint(); $response->msgs[] = (is_null($response->data->endpoint)) ? "ERR": "A_OK"; echo json_encode(sanatizeResponse($response)); $logger->logMessage($requestDetails, "API_CAll", $response->msg , "GetApiEndpoint", $data->labId, $response->data->endpoint); return; } case "SetApiEndpoint": { if (!userHasPermission(["API_ACCESS"])) { rejectRequest("ACCESS_DENIED"); return; } if (!isset($data->url)) { rejectRequest("ERR::url var is missing"); return; } if (!filter_var($data->url, FILTER_VALIDATE_URL) && $data->url != "" && !is_null($data->url)) { rejectRequest("ERR::Endpoint not valid url"); return; } $labManager = new LabManager($data->labId); $labManager->setApiEnpoint($data->url); echo json_encode(sanatizeResponse($response)); $logger->logMessage($requestDetails, "API_CAll", "A_OK", "SetApiEndpoint", $data->labId, $data->url); return; $object = new stdClass; $object->data = new stdClass(); $object->data->MessageSource = "CELLARIAN_LAB"; $object->data->MessageType = "REPORT_STATUS_UPDATE"; $object->data->ReportStatus = "READY_TO_PRINT"; $curl = new \GuzzleHttp\Client(['verify' => false]); $postData = json_encode($object); $endpointParts = parse_url($data->url); $endpointParts['path'] = $endpointParts['path'] ?? '/'; $endpointParts['port'] = $endpointParts['port'] ?? $endpointParts['scheme'] === 'https' ? 443 : 80; $contentLength = strlen($postData); $request = "POST {$endpointParts['path']} HTTP/1.1\r\n"; $request .= "Host: {$endpointParts['host']}\r\n"; $request .= "User-Agent: Loglia Laravel Client v2.2.0\r\n"; $request .= "Authorization: API USER PROVIDED\r\n"; $request .= "Content-Length: {$contentLength}\r\n"; $request .= "Content-Type: application/json\r\n\r\n"; $request .= $postData; $prefix = substr($data->url, 0, 8) === 'https://' ? 'tls://' : ''; $socket = fsockopen($prefix.$endpointParts['host'], $endpointParts['port']); fwrite($socket, $request); fclose($socket); echo json_encode(sanatizeResponse($response)); $logger->logMessage($requestDetails, "API_CAll", "A_OK", "SetApiEndpoint"); return; } case "GetNextJob": //Node Job Manager { showObj("GetNextJob"); //showObj($requestDetails); if (!userHasPermission(["NODE_ACCESS"])) { rejectRequest("Access Denied"); return; } $jobManager = new JobManager($data->jobId); $task = $jobManager->getNextTask(); //showObj($task); if (!is_null($task)) { $response->data = (object)[ "jobId" => $task->jobId, "taskId" => $task->taskId, "task" => $task->task ]; } else { $jobs = $jobManager->getJobs(); if (!is_null($jobs)) { $jobs = (is_array($jobs)) ? $jobs : [$jobs]; for ($i = 0; $i < count($jobs); $i++) { $jobManager->startJob($jobs[$i]->jobId); } } $response->data = null; } $response->msgs[] = "A_OK"; echo json_encode(sanatizeResponse($response)); return; } case "BatchAction": { if (!userHasPermission(["NODE_ACCESS"])) { rejectRequest("Access Denied"); return; } $task = new Task($data->taskId); $taskObj = $task->getTask(); $request = $taskObj->jobData; unset($taskObj->jobData); $request->data = (object) array_merge((array) $request->data, (array) $taskObj); unset ($request->data->jobId); unset ($request->data->taskId); unset ($request->data->task); $response = makeWebRequest(serverURL . "service.router.php", $request->data, $request->token, $request->cmd); $task->setCompleted(); $response->msgs[] = "A_OK"; //sleep(3); echo json_encode(sanatizeResponse($response)); return; } case "ProcessImportStart": { if (!userHasPermission(["NODE_ACCESS"])) { rejectRequest("Access Denied"); return; } $task = new Task($data->taskId); $taskObj = $task->getTask(); $importJobId = $taskObj->jobData; $importJobManager = new ImportJobManager($importJobId, $task); $response->data = $importJobManager->runJob(); showObj("Process Import Start: " . $importJobId); $response->msgs[] = "A_OK"; //sleep(3); echo json_encode(sanatizeResponse($response)); return; } case "ParseLabOrder": { if (!userHasPermission(["NODE_ACCESS"])) { rejectRequest("Access Denied"); return; } $task = new Task($data->taskId); $taskObj = $task->getTask(); $jobData = $taskObj->jobData; $labOrder = new LabOrder($jobData->inputData, $jobData); $labOrder->rebuildOrder(); $labOrder->saveLabOrder(); $taskObj = $task->setCompleted(); $response->msgs[] = "A_OK"; //sleep(3); echo json_encode(sanatizeResponse($response)); return; } case "ParseData": { //showObj("ParseData"); if (!userHasPermission(["NODE_ACCESS"])) { rejectRequest("Access Denied"); return; } $jobManager = new JobManager($data->id); $jobData = $jobManager->getJob($data->id); $job = $jobData->jobData; $dataSourceManager = new DataSourceManager($job->labId); $dataSourceManager->setDataSource($job->dataSourceId); $dataSourceManager->setFileIo($job->fileIoId); $importOrder = $dataSourceManager->addData($job->labOrder, $job->filename, "JSON"); $jobManager->setJobComplete($jobData->id); $dataSourceManager->getNextIO($jobData->jobData->dataSourceId); $response->msgs[] = "A_OK"; echo json_encode(sanatizeResponse($response)); return; } case "testFire": { if (!userHasPermission(["SYS_ADMIN","CELLARIAN_STAFF"])) { rejectRequest("ACCESS_DENIED"); return; } //makeFireAndForgetRequest(node1Address . ":" . node1Port, $searchObj, "", "JOB_WAITING_LIS"); //makeFireAndForgetRequest(node2Address . ":" . node2Port, $searchObj, "", "JOB_WAITING"); $nodeJsManager = new NodeJSManager(); //makeWebRequest(node1Address . ":" . node1Port, new stdClass(), "", "JOB_WAITING_LIS"); //$nodeJsManager->sendSearchToNode((object)["test"=>"test], JOB_WAITING"); //$nodeJsManager->sendCommandToJobManager("JOB_WAITING2"); echo json_encode(sanatizeResponse($response)); return; } //Node Commands case "GetNextNodeRequest": //Node Phastom JS Process { if (!userHasPermission(["NODE_ACCESS"])) { rejectRequest("Access Denied"); return; } showObj("GetNextNodeRequest"); $jobManager = new JobManager(); $nextjob = $jobManager->getUncompletedJobsBySourceType("NODEJS"); showObj($nextjob); if (is_null($nextjob)) { $response->data->msgs[] = "A_OK"; $response->data = false; echo json_encode(sanatizeResponse($response)); return; } $labManager = new LabManager($nextjob[0]->labId); $dataSource = $labManager->getDataSource($nextjob[0]->dataSourceId); $labOrder = new LabOrder($nextjob[0]->reportId); $order = $labOrder->getLabOrder(); //$order2 = $labOrder->getLabOrder("IMPORT_DATA"); //$order->accessionId = $order2->importData[0]->inputData->accessionId; //return; $nodeJsManager = new NodeJSManager(); $response = $nodeJsManager->sendSearchToNode($order, $nextjob[0]->dataSourceId); echo json_encode(sanatizeResponse($response)); return; } case "getLisObj": { if (!userHasPermission(["NODE_ACCESS"])) { rejectRequest("Access Denied"); return; } $labManager = new LabManager($data->labId); $dataSource = $labManager->getDataSource($data->dataSourceId); $obj = new stdClass(); $obj->client = new stdClass(); $obj->client->model = $dataSource->model; $obj->client->name = $labManager->getLab("nameLab")->nameLab; $obj->client->urlBase = $dataSource->lisUrl; $obj->client->username = $dataSource->username; $obj->client->password = $dataSource->password; $obj->client->initCommand = $dataSource->initCommand; $response->msgs[] = "A_OK"; $response->data = $obj; echo json_encode(sanatizeResponse($response)); return; } case "GetNewPassword": { if (!userHasPermission(["NODE_ACCESS"])) { rejectRequest("Access Denied"); return; } $labManager = new LabManager($data->labId); $dataSource = $labManager->getDataSource($data->dataSourceId); showObj($dataSource); $logger->logMessage($requestDetails, "API_CAll_PASSWORD_CHANGE", "A_OK", $data->labId . "|" . $dataSource->id, "prev:" . $dataSource->password); showObj("prev:" . $dataSource->password); $response->data->newPassword = generateStrongPassword(15); $labManager->changePassword($data->dataSourceId, $response->data->newPassword); $logger->logMessage($requestDetails, "API_CAll_PASSWORD_CHANGE", "A_OK", $data->labId . "|" . $dataSource->id, "new:" . $response->data->newPassword); showObj("new:" . $response->data->newPassword); echo json_encode(sanatizeResponse($response)); return; } case "UploadPatientLISData": { if (!userHasPermission(["NODE_ACCESS"])) { rejectRequest("Access Denied"); return; } //showObj("UploadPatientLISData"); //showObj($data); $dataSourceManager = new DataSourceManager($data->labId); $dataSourceManager->setDataSource($data->dataSourceId); $dataSourceManager->setLabOrder($data->reportId); $importOrder = $dataSourceManager->addData($data->labOrder); $jobManager = new JobManager($data->labId); $jobManager->setJobComplete($data->reportId); $dataSourceManager->getNextIO($data->dataSourceId); $response->msgs[] = "A_OK"; echo json_encode(sanatizeResponse($response)); return; } case "UpdateOrderStatus": { if (!userHasPermission(["NODE_ACCESS"])) { rejectRequest("Access Denied"); return; } $labOrder = new LabOrder($data->reportId); $labOrder->orderStatus($data->status); $labOrder->saveLabOrder(); $jobManager = new JobManager(); $jobManager->setCompleted($data->dataSourceId, $data->reportId); $response->msgs[] = "A_OK"; echo json_encode(sanatizeResponse($response)); return; } //HL7 Section case "SendHl7Message": { //showObj("WHAT"); //showObj($data->msg); if (!userHasPermission(["NODE_ACCESS"])) { rejectRequest("Access Denied"); return; } $hl7Parser = new Hl7Manager($data->msg); $msgStatus = $hl7Parser->logMessage(); if ($msgStatus) { //$dataObj = $hl7Parser->convertToJson(); $labManager = new LabManager($hl7Parser->labId); $dataSourceManager = new DataSourceManager($labManager); $dataSource = $dataSourceManager->setDataSource($data->id); if (is_null($dataSource)) { $logger->logMessage2("HL7_SENT_NO_DATA_SOURCE_FOUND_BY_ID", "ERR", $data->id); $response->msgs[] = "ERR"; echo json_encode(sanatizeResponse($response)); return; } //addData($data, $filename = null, $dataType = null, $processIfReady = true) $dataSourceManager->addData($hl7Parser, $hl7Parser->nameS3, "HL7", false); } $response->msgs[] = "A_OK"; echo json_encode(sanatizeResponse($response)); return; } //Open AI Section case "GetAPIKey": { if (!userHasPermission(["NODE_ACCESS"])) { rejectRequest("Access Denied"); return; } $response->data->apiKey = openAIkey; echo json_encode(sanatizeResponse($response)); $logger->logMessage($requestDetails, "API_CAll", $resp->msg , "GetAPIKey"); return; } } $response->msgs[] = "ERR::COMMAND NOT FOUND"; echo json_encode(sanatizeResponse($response)); return;