src/Services/PatientPortalService.php

   1 <?php
   2
   3 /**
   4  * Portal Base Service
   5  *
   6  * @package   OpenEMR
   7  * @link      http://www.open-emr.org
   8  * @author    Jerry Padgett <sjpadgett@gmail.com>
   9  * @copyright Copyright (c) 2023 Jerry Padgett <sjpadgett@gmail.com>
  10  * @license   https://github.com/openemr/openemr/blob/master/LICENSE GNU General public License 3
  11  */
  12
  13 namespace OpenEMR\Services;
  14
  15 use Exception;
  16 use OpenEMR\Common\Acl\AclMain;
  17 use OpenEMR\Events\Messaging\SendNotificationEvent;
  18
  19 class PatientPortalService
  20 {
  21     public static bool $isSmsEnabled;
  22     public static bool $isEmailEnabled;
  23     public static bool $isFaxEnabled;
  24
  25     public function __construct()
  26     {
  27         self::setIsEnabledServices($GLOBALS['oefax_enable_fax'] ?? false, $GLOBALS['oefax_enable_sms'] ?? false, $GLOBALS['oe_enable_email'] ?? false);
  28     }
  29
  30     /**
  31      * @param bool $isSmsEnabled
  32      */
  33     public static function setIsEnabledServices(bool $fax, $sms, $email): void
  34     {
  35         self::$isFaxEnabled = $fax;
  36         self::$isSmsEnabled = $sms;
  37         self::$isEmailEnabled = $email;
  38     }
  39
  40     /**
  41      * @param $pid
  42      * @return array
  43      */
  44     public static function isValidPortalPatient($pid): array
  45     {
  46         $patient['valid'] = false;
  47         if (empty($pid)) {
  48             return $patient;
  49         }
  50         // ensure both portal and patient data match using portal account id.
  51         $patient = sqlQuery(
  52             "Select `pid`, `email`, `email_direct` From `patient_data` Where `pid` = ?",
  53             array($pid)
  54         );
  55         $portal = sqlQuery(
  56             "Select `pid`, `portal_username` From `patient_access_onsite` Where `pid` = ?",
  57             array($patient['pid'])
  58         );
  59
  60         $patient['valid'] = !empty($portal['portal_username']) && ((int)$pid === (int)$portal['pid']);
  61
  62         return $patient;
  63     }
  64
  65     /**
  66      * @param        $pid
  67      * @param        $details
  68      * @param string $content
  69      * @return bool|string
  70      * @throws Exception
  71      */
  72     public function dispatchPortalOneTimeDocumentRequest($pid, $details, string $content = ''): bool|string
  73     {
  74         $pid = $pid ?: $details['pid'] ?? 0;
  75         $document_id = $details['document_id'] ?? 0; // if 0 will allow a portal onetime login
  76         $audit_id = $details['audit_id'];
  77         $name = $details['document_name'];
  78         $period = $details['onetime_period'];
  79         $method = $details['notification_method'] ?? 'both';
  80
  81         if (empty($pid)) {
  82             throw new Exception(xlt("Error! Missing patient id."));
  83         }
  84         $message = '';
  85         if (!empty($content)) {
  86             $message = xl("Comment from provider") . ": " . $content . "\n";
  87         }
  88         $message = $message . xl("Please click the below link (only valid for 48 hours) to edit document") . ': "' . $name . "\".\n";
  89
  90         $statusMsg = xl("Notification requests are being sent!");
  91         $event_data = [
  92             'notification_method' => $method,
  93             'text_message' => $message,
  94             'html_message' => null,
  95             'document_id' => $document_id,
  96             'document_name' => $name,
  97             'audit_id' => $audit_id,
  98             'expiry_interval' => $period
  99         ];
 100         $eventDispatcher = $GLOBALS['kernel']->getEventDispatcher();
 101         $eventDispatcher->dispatch(new SendNotificationEvent($pid, $event_data), SendNotificationEvent::SEND_NOTIFICATION_SERVICE_ONETIME);
 102         return text($statusMsg);
 103     }
 104
 105     /**
 106      * @param $id
 107      * @return bool|array
 108      */
 109     public function getPatientDetails($id): bool|array
 110     {
 111         $query = "SELECT fname, lname, phone_cell as phone, email, hipaa_allowsms, hipaa_allowemail FROM patient_data WHERE pid = ?";
 112         $result = sqlQuery($query, array($id));
 113         return $result ?? false;
 114     }
 115
 116     /**
 117      * @param string $sect
 118      * @param string $v
 119      * @param string $u
 120      * @return bool
 121      */
 122     public static function verifyAcl(string $sect = 'admin', string $v = 'docs', string $u = ''): bool
 123     {
 124         return AclMain::aclCheckCore($sect, $v, $u);
 125     }
 126
 127     /**
 128      * @param $u
 129      * @return mixed
 130      */
 131     public static function isPortalUser($u = null)
 132     {
 133         $user = $u ?: $_SESSION['authUserID'];
 134         // test for either id or username
 135         return sqlQuery("SELECT `portal_user` FROM `users` WHERE `id` = ? OR username = ? LIMIT 1", array($user, $user))['portal_user'];
 136     }
 137
 138     /**
 139      * TODO Move this to AclMain class and refactor portal ACLs
 140      * It's important to rely on portal user and not ACL.
 141      * @param string $sect
 142      * @param string $v
 143      * @param        $u
 144      * @return bool
 145      */
 146     public static function authPortalUser(string $sect = 'admin', string $v = 'docs', $u = null): bool
 147     {
 148         if (empty(self::isPortalUser())) {
 149             // default is admin forms
 150             if (!self::verifyAcl($sect, $v)) {
 151                 return false;
 152             } else {
 153                 return true;
 154             }
 155         }
 156         return true;
 157     }
 158
 159     /**
 160      * @param $param
 161      * @param $default
 162      * If param not valid then entire super is returned.
 163      * @return mixed
 164      */
 165     public function getSession($param = null, $default = null): mixed
 166     {
 167         if ($param) {
 168             return $_SESSION[$param] ?? $default;
 169         }
 170
 171         return $_SESSION;
 172     }
 173
 174     /**
 175      * @param $param
 176      * @param $default
 177      * @return mixed
 178      */
 179     public function getRequest($param = null, $default = null): mixed
 180     {
 181         if ($param) {
 182             return $_REQUEST[$param] ?? $default;
 183         }
 184
 185         return $_REQUEST;
 186     }
 187
 188     /**
 189      * @param $param
 190      * @param $default
 191      * @return mixed
 192      */
 193     public function getPost($param = null, $default = null): mixed
 194     {
 195         if ($param) {
 196             return $_POST[$param] ?? $default;
 197         }
 198
 199         return $_POST;
 200     }
 201
 202     /**
 203      * @param $param
 204      * @param $default
 205      * @return mixed
 206      */
 207     public function getGET($param = null, $default = null): mixed
 208     {
 209         if ($param) {
 210             return $_GET[$param] ?? $default;
 211         }
 212
 213         return $_GET;
 214     }
 215
 216     /**
 217      * @return bool
 218      */
 219     public static function isSmsEnabled(): bool
 220     {
 221         return self::$isSmsEnabled;
 222     }
 223
 224     /**
 225      * @return bool
 226      */
 227     public static function isEmailEnabled(): bool
 228     {
 229         return self::$isEmailEnabled;
 230     }
 231
 232     /**
 233      * @return bool
 234      */
 235     public static function isFaxEnabled(): bool
 236     {
 237         return self::$isFaxEnabled;
 238     }
 239
 240     /**
 241      * Currently only used in portal theme setting
 242      * however the patient_settings table is useful anywhere.
 243      *
 244      * @param $setting_patient
 245      * @param $setting_label
 246      * @param $setting_value
 247      * @return int
 248      */
 249     public static function persistPatientSetting($setting_patient, $setting_label, $setting_value): int
 250     {
 251         $sql = "INSERT INTO `patient_settings` (`setting_patient`, `setting_label`, `setting_value`) VALUES (?, ?, ?) ON DUPLICATE KEY UPDATE `setting_patient` = ?,  `setting_label` = ?, `setting_value` = ?";
 252
 253         return sqlInsert(
 254             $sql,
 255             array(
 256                 $setting_patient ?? 0, $setting_label, $setting_value ?? '',
 257                 $setting_patient ?? 0, $setting_label, $setting_value ?? '')
 258         );
 259     }
 260 }