/// <summary>
/// Audit an operation that was exceuted
/// </summary>
private void AuditOperationAction(string resourceType, string operationName, OutcomeIndicator outcome, params Resource[] objects)
{
var audit = new AuditData(DateTime.Now, ActionType.Execute, outcome, EventIdentifierType.ApplicationActivity, new AuditCode(Hl7.Fhir.Utility.EnumUtility.GetLiteral(SystemRestfulInteraction.Batch), "http://hl7.org/fhir/ValueSet/system-restful-interaction"));
AuditUtil.AddLocalDeviceActor(audit);
AuditUtil.AddUserActor(audit);
var handler = ExtensionUtil.GetOperation(resourceType, operationName);
audit.AuditableObjects.Add(new AuditableObject()
{
IDTypeCode = AuditableObjectIdType.Uri,
ObjectId = handler?.Uri.ToString() ?? $"urn:uuid:{Guid.Empty}",
QueryData = RestOperationContext.Current?.IncomingRequest.Url.ToString(),
ObjectData = RestOperationContext.Current?.IncomingRequest.Headers.AllKeys.Select(o => new ObjectDataExtension(o, RestOperationContext.Current.IncomingRequest.Headers.Get(o))).ToList(),
Role = AuditableObjectRole.Job,
Type = AuditableObjectType.SystemObject
});
audit.AuditableObjects.AddRange(objects.SelectMany(o => this.CreateAuditObjects(o, AuditableObjectLifecycle.NotSet)));
AuditUtil.SendAudit(audit);
}
/// <summary>
/// Audit data action on FHIR interface
/// </summary>
private void AuditDataAction(TypeRestfulInteraction type, OutcomeIndicator outcome, params Resource[] objects)
{
AuditData audit = new AuditData(DateTime.Now, ActionType.Execute, outcome, EventIdentifierType.ApplicationActivity, new AuditCode(Hl7.Fhir.Utility.EnumUtility.GetLiteral(type), "http://hl7.org/fhir/ValueSet/type-restful-interaction"));
AuditableObjectLifecycle lifecycle = AuditableObjectLifecycle.NotSet;
switch (type)
{
case TypeRestfulInteraction.Create:
audit.ActionCode = ActionType.Create;
audit.EventIdentifier = EventIdentifierType.Import;
lifecycle = AuditableObjectLifecycle.Creation;
break;
case TypeRestfulInteraction.Delete:
audit.ActionCode = ActionType.Delete;
audit.EventIdentifier = EventIdentifierType.Import;
lifecycle = AuditableObjectLifecycle.LogicalDeletion;
break;
case TypeRestfulInteraction.HistoryInstance:
case TypeRestfulInteraction.HistoryType:
case TypeRestfulInteraction.SearchType:
audit.ActionCode = ActionType.Execute;
audit.EventIdentifier = EventIdentifierType.Query;
lifecycle = AuditableObjectLifecycle.Disclosure;
audit.AuditableObjects.Add(new AuditableObject()
{
QueryData = RestOperationContext.Current?.IncomingRequest.Url.ToString(),
Role = AuditableObjectRole.Query,
Type = AuditableObjectType.SystemObject,
ObjectData = RestOperationContext.Current?.IncomingRequest.Headers.AllKeys.Where(o => o.Equals("accept", StringComparison.OrdinalIgnoreCase)).Select(o => new ObjectDataExtension(o, RestOperationContext.Current.IncomingRequest.Headers.Get(o))).ToList()
});
break;
case TypeRestfulInteraction.Update:
case TypeRestfulInteraction.Patch:
audit.ActionCode = ActionType.Update;
audit.EventIdentifier = EventIdentifierType.Import;
lifecycle = AuditableObjectLifecycle.Amendment;
break;
case TypeRestfulInteraction.Vread:
case TypeRestfulInteraction.Read:
audit.ActionCode = ActionType.Read;
audit.EventIdentifier = EventIdentifierType.Query;
lifecycle = AuditableObjectLifecycle.Disclosure;
audit.AuditableObjects.Add(new AuditableObject()
{
QueryData = RestOperationContext.Current?.IncomingRequest.Url.ToString(),
Role = AuditableObjectRole.Query,
Type = AuditableObjectType.SystemObject,
ObjectData = RestOperationContext.Current?.IncomingRequest.Headers.AllKeys.Where(o => o.Equals("accept", StringComparison.OrdinalIgnoreCase)).Select(o => new ObjectDataExtension(o, RestOperationContext.Current.IncomingRequest.Headers.Get(o))).ToList()
});
break;
}
AuditUtil.AddLocalDeviceActor(audit);
AuditUtil.AddUserActor(audit);
audit.AuditableObjects.AddRange(objects.SelectMany(o => this.CreateAuditObjects(o, lifecycle)));
AuditUtil.SendAudit(audit);
}
/// <summary>
/// Hydrate the query
/// </summary>
/// <param name="queryId"></param>
/// <returns></returns>
private BisResultContext HydrateQuery(String queryId)
{
AuditData audit = new AuditData(DateTimeOffset.Now, ActionType.Execute, OutcomeIndicator.Success, EventIdentifierType.Query, AuditUtil.CreateAuditActionCode(EventTypeCodes.SecondaryUseQuery));
try
{
// First we want to grab the appropriate source for this ID
var viewDef = this.m_metadataRepository.Get <BiViewDefinition>(queryId);
if (viewDef == null)
{
var queryDef = this.m_metadataRepository.Get <BiQueryDefinition>(queryId);
if (queryDef == null) // Parameter value
{
var parmDef = this.m_metadataRepository.Get <BiParameterDefinition>(queryId);
if (parmDef == null)
{
throw new KeyNotFoundException($"Could not find a Parameter, Query or View to hydrate named {queryId}");
}
queryDef = parmDef?.Values as BiQueryDefinition;
queryDef.Id = queryDef.Id ?? queryId;
}
viewDef = new BiViewDefinition()
{
Id = queryDef.Id,
Query = queryDef
};
}
viewDef = SanteDB.BI.Util.BiUtils.ResolveRefs(viewDef) as BiViewDefinition;
var dsource = viewDef.Query?.DataSources.FirstOrDefault(o => o.Name == "main") ?? viewDef.Query?.DataSources.FirstOrDefault();
if (dsource == null)
{
throw new KeyNotFoundException("Query does not contain a data source");
}
IBiDataSource providerImplementation = null;
if (dsource.ProviderType != null && this.m_metadataRepository.IsLocal)
{
providerImplementation = this.m_serviceManager.CreateInjected(dsource.ProviderType) as IBiDataSource;
}
else
{
providerImplementation = ApplicationServiceContext.Current.GetService <IBiDataSource>(); // Global default
}
// Populate data about the query
audit.AuditableObjects.Add(new AuditableObject()
{
IDTypeCode = AuditableObjectIdType.ReportNumber,
LifecycleType = AuditableObjectLifecycle.Report,
ObjectId = queryId,
QueryData = RestOperationContext.Current.IncomingRequest.Url.Query,
Role = AuditableObjectRole.Query,
Type = AuditableObjectType.SystemObject
});
var parameters = this.CreateParameterDictionary();
// Aggregations and groups?
if (RestOperationContext.Current.IncomingRequest.QueryString["_groupBy"] != null)
{
var aggRx = new Regex(@"(\w*)\((.*?)\)");
viewDef.AggregationDefinitions = new List <BiAggregationDefinition>()
{
new BiAggregationDefinition()
{
Groupings = RestOperationContext.Current.IncomingRequest.QueryString.GetValues("_groupBy").Select(o => new BiSqlColumnReference()
{
ColumnSelector = o.Contains("::") ? $"CAST({o.Substring(0, o.IndexOf(":"))} AS {o.Substring(o.IndexOf(":") + 2)})" : o,
Name = o.Contains("::") ? o.Substring(0, o.IndexOf(":")) : o
}).ToList(),
Columns = RestOperationContext.Current.IncomingRequest.QueryString.GetValues("_select").Select(o => {
var match = aggRx.Match(o);
if (!match.Success)
{
throw new InvalidOperationException("Aggregation function must be in format AGGREGATOR(COLUMN)");
}
return(new BiAggregateSqlColumnReference()
{
Aggregation = (BiAggregateFunction)Enum.Parse(typeof(BiAggregateFunction), match.Groups[1].Value, true),
ColumnSelector = match.Groups[2].Value,
Name = match.Groups[2].Value
});
}).ToList()
}
};
}
int offset = 0, count = 100;
if (!Int32.TryParse(RestOperationContext.Current.IncomingRequest.QueryString["_offset"] ?? "0", out offset))
{
throw new FormatException("_offset is not in the correct format");
}
if (!Int32.TryParse(RestOperationContext.Current.IncomingRequest.QueryString["_count"] ?? "100", out count))
{
throw new FormatException("_count is not in the correct format");
}
var queryData = providerImplementation.ExecuteView(viewDef, parameters, offset, count);
return(queryData);
}
catch (KeyNotFoundException)
{
audit.Outcome = OutcomeIndicator.MinorFail;
throw;
}
catch (Exception e)
{
audit.Outcome = OutcomeIndicator.MinorFail;
this.m_tracer.TraceError("Error rendering query: {0}", e);
throw new FaultException(500, $"Error rendering query {queryId}", e);
}
finally
{
AuditUtil.AddLocalDeviceActor(audit);
AuditUtil.AddUserActor(audit);
AuditUtil.SendAudit(audit);
}
}
