protected void Page_Load(object sender, EventArgs e)
{
#region Page Validation
if (HttpContext.Current.Request.QueryString["Patient-NRIC"] == null)
{
Server.TransferRequest("~/Errors/401.aspx");
return;
}
Classes.Entity.Patient patient = new TherapistBLL().GetPatient(Convert.ToString(HttpContext.Current.Request.QueryString["Patient-NRIC"]));
if (!AccountBLL.IsNRICValid(patient.nric) || patient.permissionApproved == 0)
{
Server.TransferRequest("~/Errors/401.aspx");
return;
}
#endregion
Master.LiActivePatientMyRecords();
Master.LiActivePatientMyRecordNew();
LabelPatientNRIC.Text = patient.nric + ", " + patient.lastName + " " + patient.firstName;
Page.Form.Attributes.Add("enctype", "multipart/form-data");
// Show success modal
if (Session["NewRecordSuccess"] != null)
{
if (string.Equals(Session["NewRecordSuccess"].ToString(), "success"))
{
ScriptManager.RegisterStartupScript(this, GetType(), "open modal", "$('#modelSuccess').modal('show');", true);
Session.Remove("NewRecordSuccess");
}
else if (string.Equals(Session["NewRecordSuccess"].ToString(), "error"))
{
ScriptManager.RegisterStartupScript(this, GetType(), "alert", "toastr['error']('Error occured when Submitting a Record');", true);
Session.Remove("NewRecordSuccess");
}
}
if (!IsPostBack)
{
ResetPanel(patient);
}
}
protected void buttonSubmit_ServerClick(object sender, EventArgs e)
{
#region Page Validation
if (HttpContext.Current.Request.QueryString["Patient-NRIC"] == null)
{
Server.TransferRequest("~/Errors/401.aspx");
return;
}
// todo check if patient is in rtp table
Classes.Entity.Patient patient = new TherapistBLL().GetPatientPermissions(Convert.ToString(HttpContext.Current.Request.QueryString["Patient-NRIC"]));
if (!AccountBLL.IsNRICValid(patient.nric) || patient.permissionApproved == 0)
{
Server.TransferRequest("~/Errors/401.aspx");
return;
}
#endregion
Record record = new Record();
record.creatorNRIC = AccountBLL.GetNRIC();
record.patientNRIC = patient.nric;
record.title = inputTitle.Value.Trim();
record.description = inputDescription.Value.Trim();
record.content = string.Empty;
record.type = GetSelectedType();
record.isEmergency = patient.isEmergency;
#region Validation
bool[] validate = Enumerable.Repeat(true, 3).ToArray();
// If any fields are empty
if (!record.IsTitleValid())
{
validate[0] = false;
inputTitle.Attributes.Add("class", "form-control form-control-sm is-invalid");
}
else
{
inputTitle.Attributes.Add("class", "form-control form-control-sm is-valid");
}
if (!record.IsDescriptionValid())
{
validate[1] = false;
inputDescription.Attributes.Add("class", "form-control form-control-sm is-invalid");
}
else
{
inputDescription.Attributes.Add("class", "form-control form-control-sm is-valid");
}
if (record.type.isContent)
{
record.content = inputContent.Value.Trim();
if (!record.IsContentValid())
{
validate[2] = false;
inputContent.Attributes.Add("class", "form-control form-control-sm is-invalid");
}
else
{
inputContent.Attributes.Add("class", "form-control form-control-sm is-valid");
}
}
else
{
inputContent.Attributes.Add("class", "form-control form-control-sm is-invalid");
record.fileName = Path.GetFileNameWithoutExtension(inputFile.FileName);
record.fileExtension = Path.GetExtension(inputFile.FileName);
record.fileSize = inputFile.PostedFile.ContentLength;
if (!inputFile.HasFile)
{
validate[2] = false;
LabelFileError.Visible = true;
LabelFileError.Text = "<i class=\"fas fa-fw fa-exclamation-circle\"></i>No file chosen.";
}
else if (!record.IsFileValid())
{
validate[2] = false;
LabelFileError.Visible = true;
LabelFileError.Text = "<i class=\"fas fa-fw fa-exclamation-circle\"></i>Chosen file is of incorrect format or exceeding size for this type of record.";
}
else
{
LabelFileError.Visible = false;
}
}
#endregion
if (validate.Contains(false))
{
spanMessage.Visible = true;
}
else
{
spanMessage.Visible = false;
try
{
if (!record.type.isContent)
{
record.createTime = DateTime.Now;
Directory.CreateDirectory(record.GetFileServerPath() + "\\" + record.GetFileDirectoryNameHash());
inputFile.SaveAs(record.fullpath);
}
recordBLL.AddRecord(record);
Session["NewRecordSuccess"] = "success";
}
catch
{
Session["NewRecordSuccess"] = "error";
}
if (Master.IsLocalUrl(Request.RawUrl))
{
Response.Redirect(Request.RawUrl);
}
}
}
public HttpResponseMessage TherapistUpload([FromBody] dynamic credentials)
{
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Unauthorized);
string jwt;
string deviceID;
string retrievedNRIC;
AccountBLL accountBLL = new AccountBLL();
JWTBLL jwtBll = new JWTBLL();
HttpContext httpContext = HttpContext.Current;
string authHeader = httpContext.Request.Headers["Authorization"];
// Ensure Authorization Header exists
if (authHeader != null && authHeader.StartsWith("Bearer"))
{
string authHeaderValue = authHeader.Substring("Bearer ".Length).Trim();
string authHeaderValueDecoded = Encoding.UTF8.GetString(Convert.FromBase64String(authHeaderValue));
string[] authHeaderParts = authHeaderValueDecoded.Split(':');
jwt = authHeaderParts[0];
deviceID = authHeaderParts[1];
}
else
{
return(response);
}
// Ensure jwt, deviceID exists
if (!(!string.IsNullOrEmpty(jwt) && AccountBLL.IsDeviceIDValid(deviceID)))
{
return(response);
}
// Validate jwt
if (!jwtBll.ValidateJWT(jwt))
{
return(response);
}
else
{
retrievedNRIC = jwtBll.getNRIC(jwt);
}
// Validate deviceID for retrievedNRIC
if (!(accountBLL.IsValid(retrievedNRIC, deviceID)))
{
return(response);
}
// Upload record
accountBLL.SetRole(retrievedNRIC, "Therapist");
Account account = accountBLL.GetStatus(retrievedNRIC);
if (account.status == 1)
{
try
{
Classes.Entity.Patient patient = new TherapistBLL().GetPatientPermissions(Convert.ToString(credentials.patientNRIC));
Record record = new Record();
record.patientNRIC = credentials.patientNRIC;
record.creatorNRIC = retrievedNRIC;
record.title = System.Text.Encoding.Default.GetString(Convert.FromBase64String(Convert.ToString(credentials.title)));
record.description = System.Text.Encoding.Default.GetString(Convert.FromBase64String(Convert.ToString(credentials.description)));
record.type = RecordType.Get(Convert.ToString(credentials.type));
record.isEmergency = patient.isEmergency;
record.content = string.Empty;
if (!record.IsTitleValid())
{
return(Request.CreateResponse(HttpStatusCode.Forbidden, "Invalid record title"));
}
if (!record.IsDescriptionValid())
{
return(Request.CreateResponse(HttpStatusCode.Forbidden, "Invalid record description"));
}
if (record.type.isContent)
{
record.content = credentials.content;
if (!record.IsContentValid())
{
return(Request.CreateResponse(HttpStatusCode.Forbidden, "Invalid record content"));
}
}
else
{
record.fileName = System.Text.Encoding.Default.GetString(Convert.FromBase64String(Convert.ToString(credentials.fileName)));
record.fileExtension = System.Text.Encoding.Default.GetString(Convert.FromBase64String(Convert.ToString(credentials.fileExtension)));
byte[] fileContent = Convert.FromBase64String(Convert.ToString(credentials.fileContent));
record.fileSize = fileContent.Length;
if (Convert.ToInt64(record.fileSize) > Convert.ToInt64(credentials.fileSize))
{
return(Request.CreateResponse(HttpStatusCode.Forbidden, "Record file size mismatch"));
}
if (!record.IsFileValid())
{
return(Request.CreateResponse(HttpStatusCode.Forbidden, "Invalid record file"));
}
record.createTime = DateTime.Now;
Directory.CreateDirectory(record.GetFileServerPath() + "\\" + record.GetFileDirectoryNameHash());
File.WriteAllBytes(record.fullpath, fileContent);
}
recordBLL.AddRecord(record);
response = Request.CreateResponse(HttpStatusCode.OK);
response.Headers.Add("Authorization", "Bearer " + jwtBll.UpdateJWT(jwt));
}
catch
{
response = Request.CreateResponse(HttpStatusCode.InternalServerError);
}
return(response);
}
return(response);
}
public HttpResponseMessage TherapistScanPatient()
{
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Unauthorized);
string jwt;
string deviceID;
string tokenID;
string retrievedNRIC;
AccountBLL accountBLL = new AccountBLL();
JWTBLL jwtBll = new JWTBLL();
HttpContext httpContext = HttpContext.Current;
string authHeader = httpContext.Request.Headers["Authorization"];
// Ensure Authorization Header exists
if (authHeader != null && authHeader.StartsWith("Bearer"))
{
string authHeaderValue = authHeader.Substring("Bearer ".Length).Trim();
string authHeaderValueDecoded = Encoding.UTF8.GetString(Convert.FromBase64String(authHeaderValue));
string[] authHeaderParts = authHeaderValueDecoded.Split(':');
jwt = authHeaderParts[0];
deviceID = authHeaderParts[1];
tokenID = authHeaderParts[2];
}
else
{
return(response);
}
// Ensure jwt, deviceID, tokenID exists
if (!(!string.IsNullOrEmpty(jwt) && AccountBLL.IsDeviceIDValid(deviceID) && AccountBLL.IsTokenIDValid(tokenID)))
{
return(response);
}
// Validate jwt
if (!jwtBll.ValidateJWT(jwt))
{
return(response);
}
else
{
retrievedNRIC = jwtBll.getNRIC(jwt);
}
// Validate deviceID for retrievedNRIC
if (!(accountBLL.IsValid(retrievedNRIC, deviceID)))
{
return(response);
}
// Accept emergency patient and update JWT
accountBLL.SetRole(retrievedNRIC, "Therapist");
Account account = accountBLL.GetStatus(retrievedNRIC);
if (account.status == 1)
{
try
{
TherapistBLL therapistBLL = new TherapistBLL();
bool check = therapistBLL.AcceptEmergencyPatient(tokenID);
if (check)
{
response = Request.CreateResponse(HttpStatusCode.OK);
response.Headers.Add("Authorization", "Bearer " + jwtBll.UpdateJWT(jwt));
}
else
{
response = Request.CreateResponse(HttpStatusCode.Forbidden);
}
}
catch
{
response = Request.CreateResponse(HttpStatusCode.InternalServerError);
}
return(response);
}
return(response);
}
public HttpResponseMessage TherapistGetPermissions()
{
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Unauthorized);
string jwt;
string deviceID;
string patientNRIC;
string retrievedNRIC;
AccountBLL accountBLL = new AccountBLL();
JWTBLL jwtBll = new JWTBLL();
HttpContext httpContext = HttpContext.Current;
string authHeader = httpContext.Request.Headers["Authorization"];
// Ensure Authorization Header exists
if (authHeader != null && authHeader.StartsWith("Bearer"))
{
string authHeaderValue = authHeader.Substring("Bearer ".Length).Trim();
string authHeaderValueDecoded = Encoding.UTF8.GetString(Convert.FromBase64String(authHeaderValue));
string[] authHeaderParts = authHeaderValueDecoded.Split(':');
jwt = authHeaderParts[0];
deviceID = authHeaderParts[1];
patientNRIC = authHeaderParts[2];
}
else
{
return(response);
}
// Ensure jwt, deviceID, patientNRIC exists
if (!(!string.IsNullOrEmpty(jwt) && AccountBLL.IsDeviceIDValid(deviceID) && !string.IsNullOrEmpty(patientNRIC)))
{
return(response);
}
// Validate jwt
if (!jwtBll.ValidateJWT(jwt))
{
return(response);
}
else
{
retrievedNRIC = jwtBll.getNRIC(jwt);
}
// Validate deviceID for retrievedNRIC
if (!(accountBLL.IsValid(retrievedNRIC, deviceID)))
{
return(response);
}
// Get permissions
accountBLL.SetRole(retrievedNRIC, "Therapist");
Account account = accountBLL.GetStatus(retrievedNRIC);
if (account.status == 1)
{
try
{
Classes.Entity.Patient patient = new TherapistBLL().GetPatientPermissions(Convert.ToString(patientNRIC));
response = Request.CreateResponse(HttpStatusCode.OK, System.Convert.ToBase64String(Encoding.ASCII.GetBytes(patient.permissionApproved.ToString())));
}
catch
{
response = Request.CreateResponse(HttpStatusCode.InternalServerError);
}
return(response);
}
return(response);
}
public HttpResponseMessage TherapistGetPatients()
{
HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Unauthorized);
string jwt;
string deviceID;
string retrievedNRIC;
AccountBLL accountBLL = new AccountBLL();
JWTBLL jwtBll = new JWTBLL();
HttpContext httpContext = HttpContext.Current;
string authHeader = httpContext.Request.Headers["Authorization"];
// Ensure Authorization Header exists
if (authHeader != null && authHeader.StartsWith("Bearer"))
{
string authHeaderValue = authHeader.Substring("Bearer ".Length).Trim();
string authHeaderValueDecoded = Encoding.UTF8.GetString(Convert.FromBase64String(authHeaderValue));
string[] authHeaderParts = authHeaderValueDecoded.Split(':');
jwt = authHeaderParts[0];
deviceID = authHeaderParts[1];
}
else
{
return(response);
}
// Ensure jwt, deviceID exists
if (!(!string.IsNullOrEmpty(jwt) && AccountBLL.IsDeviceIDValid(deviceID)))
{
return(response);
}
// Validate jwt
if (!jwtBll.ValidateJWT(jwt))
{
return(response);
}
else
{
retrievedNRIC = jwtBll.getNRIC(jwt);
}
// Validate deviceID for retrievedNRIC
if (!(accountBLL.IsValid(retrievedNRIC, deviceID)))
{
return(response);
}
// Get all associated patients
accountBLL.SetRole(retrievedNRIC, "Therapist");
Account account = accountBLL.GetStatus(retrievedNRIC);
if (account.status == 1)
{
try
{
TherapistBLL therapistBLL = new TherapistBLL();
List <Classes.Entity.Patient> patients = therapistBLL.GetCurrentPatients("");
string names = "";
for (int i = 0; i < patients.Count; i++)
{
names += patients[i].nric + " " + patients[i].firstName + " " + patients[i].lastName;
if (i != patients.Count - 1)
{
names += "\r";
}
}
response = Request.CreateResponse(HttpStatusCode.OK, System.Convert.ToBase64String(Encoding.ASCII.GetBytes(names)));
}
catch
{
response = Request.CreateResponse(HttpStatusCode.InternalServerError);
}
return(response);
}
return(response);
}
