protected void Page_Load(object sender, EventArgs e) { #region Page Validation if (HttpContext.Current.Request.QueryString["Patient-NRIC"] == null) { Server.TransferRequest("~/Errors/401.aspx"); return; } Classes.Entity.Patient patient = new TherapistBLL().GetPatient(Convert.ToString(HttpContext.Current.Request.QueryString["Patient-NRIC"])); if (!AccountBLL.IsNRICValid(patient.nric) || patient.permissionApproved == 0) { Server.TransferRequest("~/Errors/401.aspx"); return; } #endregion Master.LiActivePatientMyRecords(); Master.LiActivePatientMyRecordNew(); LabelPatientNRIC.Text = patient.nric + ", " + patient.lastName + " " + patient.firstName; Page.Form.Attributes.Add("enctype", "multipart/form-data"); // Show success modal if (Session["NewRecordSuccess"] != null) { if (string.Equals(Session["NewRecordSuccess"].ToString(), "success")) { ScriptManager.RegisterStartupScript(this, GetType(), "open modal", "$('#modelSuccess').modal('show');", true); Session.Remove("NewRecordSuccess"); } else if (string.Equals(Session["NewRecordSuccess"].ToString(), "error")) { ScriptManager.RegisterStartupScript(this, GetType(), "alert", "toastr['error']('Error occured when Submitting a Record');", true); Session.Remove("NewRecordSuccess"); } } if (!IsPostBack) { ResetPanel(patient); } }
protected void buttonSubmit_ServerClick(object sender, EventArgs e) { #region Page Validation if (HttpContext.Current.Request.QueryString["Patient-NRIC"] == null) { Server.TransferRequest("~/Errors/401.aspx"); return; } // todo check if patient is in rtp table Classes.Entity.Patient patient = new TherapistBLL().GetPatientPermissions(Convert.ToString(HttpContext.Current.Request.QueryString["Patient-NRIC"])); if (!AccountBLL.IsNRICValid(patient.nric) || patient.permissionApproved == 0) { Server.TransferRequest("~/Errors/401.aspx"); return; } #endregion Record record = new Record(); record.creatorNRIC = AccountBLL.GetNRIC(); record.patientNRIC = patient.nric; record.title = inputTitle.Value.Trim(); record.description = inputDescription.Value.Trim(); record.content = string.Empty; record.type = GetSelectedType(); record.isEmergency = patient.isEmergency; #region Validation bool[] validate = Enumerable.Repeat(true, 3).ToArray(); // If any fields are empty if (!record.IsTitleValid()) { validate[0] = false; inputTitle.Attributes.Add("class", "form-control form-control-sm is-invalid"); } else { inputTitle.Attributes.Add("class", "form-control form-control-sm is-valid"); } if (!record.IsDescriptionValid()) { validate[1] = false; inputDescription.Attributes.Add("class", "form-control form-control-sm is-invalid"); } else { inputDescription.Attributes.Add("class", "form-control form-control-sm is-valid"); } if (record.type.isContent) { record.content = inputContent.Value.Trim(); if (!record.IsContentValid()) { validate[2] = false; inputContent.Attributes.Add("class", "form-control form-control-sm is-invalid"); } else { inputContent.Attributes.Add("class", "form-control form-control-sm is-valid"); } } else { inputContent.Attributes.Add("class", "form-control form-control-sm is-invalid"); record.fileName = Path.GetFileNameWithoutExtension(inputFile.FileName); record.fileExtension = Path.GetExtension(inputFile.FileName); record.fileSize = inputFile.PostedFile.ContentLength; if (!inputFile.HasFile) { validate[2] = false; LabelFileError.Visible = true; LabelFileError.Text = "<i class=\"fas fa-fw fa-exclamation-circle\"></i>No file chosen."; } else if (!record.IsFileValid()) { validate[2] = false; LabelFileError.Visible = true; LabelFileError.Text = "<i class=\"fas fa-fw fa-exclamation-circle\"></i>Chosen file is of incorrect format or exceeding size for this type of record."; } else { LabelFileError.Visible = false; } } #endregion if (validate.Contains(false)) { spanMessage.Visible = true; } else { spanMessage.Visible = false; try { if (!record.type.isContent) { record.createTime = DateTime.Now; Directory.CreateDirectory(record.GetFileServerPath() + "\\" + record.GetFileDirectoryNameHash()); inputFile.SaveAs(record.fullpath); } recordBLL.AddRecord(record); Session["NewRecordSuccess"] = "success"; } catch { Session["NewRecordSuccess"] = "error"; } if (Master.IsLocalUrl(Request.RawUrl)) { Response.Redirect(Request.RawUrl); } } }
public HttpResponseMessage TherapistUpload([FromBody] dynamic credentials) { HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Unauthorized); string jwt; string deviceID; string retrievedNRIC; AccountBLL accountBLL = new AccountBLL(); JWTBLL jwtBll = new JWTBLL(); HttpContext httpContext = HttpContext.Current; string authHeader = httpContext.Request.Headers["Authorization"]; // Ensure Authorization Header exists if (authHeader != null && authHeader.StartsWith("Bearer")) { string authHeaderValue = authHeader.Substring("Bearer ".Length).Trim(); string authHeaderValueDecoded = Encoding.UTF8.GetString(Convert.FromBase64String(authHeaderValue)); string[] authHeaderParts = authHeaderValueDecoded.Split(':'); jwt = authHeaderParts[0]; deviceID = authHeaderParts[1]; } else { return(response); } // Ensure jwt, deviceID exists if (!(!string.IsNullOrEmpty(jwt) && AccountBLL.IsDeviceIDValid(deviceID))) { return(response); } // Validate jwt if (!jwtBll.ValidateJWT(jwt)) { return(response); } else { retrievedNRIC = jwtBll.getNRIC(jwt); } // Validate deviceID for retrievedNRIC if (!(accountBLL.IsValid(retrievedNRIC, deviceID))) { return(response); } // Upload record accountBLL.SetRole(retrievedNRIC, "Therapist"); Account account = accountBLL.GetStatus(retrievedNRIC); if (account.status == 1) { try { Classes.Entity.Patient patient = new TherapistBLL().GetPatientPermissions(Convert.ToString(credentials.patientNRIC)); Record record = new Record(); record.patientNRIC = credentials.patientNRIC; record.creatorNRIC = retrievedNRIC; record.title = System.Text.Encoding.Default.GetString(Convert.FromBase64String(Convert.ToString(credentials.title))); record.description = System.Text.Encoding.Default.GetString(Convert.FromBase64String(Convert.ToString(credentials.description))); record.type = RecordType.Get(Convert.ToString(credentials.type)); record.isEmergency = patient.isEmergency; record.content = string.Empty; if (!record.IsTitleValid()) { return(Request.CreateResponse(HttpStatusCode.Forbidden, "Invalid record title")); } if (!record.IsDescriptionValid()) { return(Request.CreateResponse(HttpStatusCode.Forbidden, "Invalid record description")); } if (record.type.isContent) { record.content = credentials.content; if (!record.IsContentValid()) { return(Request.CreateResponse(HttpStatusCode.Forbidden, "Invalid record content")); } } else { record.fileName = System.Text.Encoding.Default.GetString(Convert.FromBase64String(Convert.ToString(credentials.fileName))); record.fileExtension = System.Text.Encoding.Default.GetString(Convert.FromBase64String(Convert.ToString(credentials.fileExtension))); byte[] fileContent = Convert.FromBase64String(Convert.ToString(credentials.fileContent)); record.fileSize = fileContent.Length; if (Convert.ToInt64(record.fileSize) > Convert.ToInt64(credentials.fileSize)) { return(Request.CreateResponse(HttpStatusCode.Forbidden, "Record file size mismatch")); } if (!record.IsFileValid()) { return(Request.CreateResponse(HttpStatusCode.Forbidden, "Invalid record file")); } record.createTime = DateTime.Now; Directory.CreateDirectory(record.GetFileServerPath() + "\\" + record.GetFileDirectoryNameHash()); File.WriteAllBytes(record.fullpath, fileContent); } recordBLL.AddRecord(record); response = Request.CreateResponse(HttpStatusCode.OK); response.Headers.Add("Authorization", "Bearer " + jwtBll.UpdateJWT(jwt)); } catch { response = Request.CreateResponse(HttpStatusCode.InternalServerError); } return(response); } return(response); }
public HttpResponseMessage TherapistScanPatient() { HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Unauthorized); string jwt; string deviceID; string tokenID; string retrievedNRIC; AccountBLL accountBLL = new AccountBLL(); JWTBLL jwtBll = new JWTBLL(); HttpContext httpContext = HttpContext.Current; string authHeader = httpContext.Request.Headers["Authorization"]; // Ensure Authorization Header exists if (authHeader != null && authHeader.StartsWith("Bearer")) { string authHeaderValue = authHeader.Substring("Bearer ".Length).Trim(); string authHeaderValueDecoded = Encoding.UTF8.GetString(Convert.FromBase64String(authHeaderValue)); string[] authHeaderParts = authHeaderValueDecoded.Split(':'); jwt = authHeaderParts[0]; deviceID = authHeaderParts[1]; tokenID = authHeaderParts[2]; } else { return(response); } // Ensure jwt, deviceID, tokenID exists if (!(!string.IsNullOrEmpty(jwt) && AccountBLL.IsDeviceIDValid(deviceID) && AccountBLL.IsTokenIDValid(tokenID))) { return(response); } // Validate jwt if (!jwtBll.ValidateJWT(jwt)) { return(response); } else { retrievedNRIC = jwtBll.getNRIC(jwt); } // Validate deviceID for retrievedNRIC if (!(accountBLL.IsValid(retrievedNRIC, deviceID))) { return(response); } // Accept emergency patient and update JWT accountBLL.SetRole(retrievedNRIC, "Therapist"); Account account = accountBLL.GetStatus(retrievedNRIC); if (account.status == 1) { try { TherapistBLL therapistBLL = new TherapistBLL(); bool check = therapistBLL.AcceptEmergencyPatient(tokenID); if (check) { response = Request.CreateResponse(HttpStatusCode.OK); response.Headers.Add("Authorization", "Bearer " + jwtBll.UpdateJWT(jwt)); } else { response = Request.CreateResponse(HttpStatusCode.Forbidden); } } catch { response = Request.CreateResponse(HttpStatusCode.InternalServerError); } return(response); } return(response); }
public HttpResponseMessage TherapistGetPermissions() { HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Unauthorized); string jwt; string deviceID; string patientNRIC; string retrievedNRIC; AccountBLL accountBLL = new AccountBLL(); JWTBLL jwtBll = new JWTBLL(); HttpContext httpContext = HttpContext.Current; string authHeader = httpContext.Request.Headers["Authorization"]; // Ensure Authorization Header exists if (authHeader != null && authHeader.StartsWith("Bearer")) { string authHeaderValue = authHeader.Substring("Bearer ".Length).Trim(); string authHeaderValueDecoded = Encoding.UTF8.GetString(Convert.FromBase64String(authHeaderValue)); string[] authHeaderParts = authHeaderValueDecoded.Split(':'); jwt = authHeaderParts[0]; deviceID = authHeaderParts[1]; patientNRIC = authHeaderParts[2]; } else { return(response); } // Ensure jwt, deviceID, patientNRIC exists if (!(!string.IsNullOrEmpty(jwt) && AccountBLL.IsDeviceIDValid(deviceID) && !string.IsNullOrEmpty(patientNRIC))) { return(response); } // Validate jwt if (!jwtBll.ValidateJWT(jwt)) { return(response); } else { retrievedNRIC = jwtBll.getNRIC(jwt); } // Validate deviceID for retrievedNRIC if (!(accountBLL.IsValid(retrievedNRIC, deviceID))) { return(response); } // Get permissions accountBLL.SetRole(retrievedNRIC, "Therapist"); Account account = accountBLL.GetStatus(retrievedNRIC); if (account.status == 1) { try { Classes.Entity.Patient patient = new TherapistBLL().GetPatientPermissions(Convert.ToString(patientNRIC)); response = Request.CreateResponse(HttpStatusCode.OK, System.Convert.ToBase64String(Encoding.ASCII.GetBytes(patient.permissionApproved.ToString()))); } catch { response = Request.CreateResponse(HttpStatusCode.InternalServerError); } return(response); } return(response); }
public HttpResponseMessage TherapistGetPatients() { HttpResponseMessage response = Request.CreateResponse(HttpStatusCode.Unauthorized); string jwt; string deviceID; string retrievedNRIC; AccountBLL accountBLL = new AccountBLL(); JWTBLL jwtBll = new JWTBLL(); HttpContext httpContext = HttpContext.Current; string authHeader = httpContext.Request.Headers["Authorization"]; // Ensure Authorization Header exists if (authHeader != null && authHeader.StartsWith("Bearer")) { string authHeaderValue = authHeader.Substring("Bearer ".Length).Trim(); string authHeaderValueDecoded = Encoding.UTF8.GetString(Convert.FromBase64String(authHeaderValue)); string[] authHeaderParts = authHeaderValueDecoded.Split(':'); jwt = authHeaderParts[0]; deviceID = authHeaderParts[1]; } else { return(response); } // Ensure jwt, deviceID exists if (!(!string.IsNullOrEmpty(jwt) && AccountBLL.IsDeviceIDValid(deviceID))) { return(response); } // Validate jwt if (!jwtBll.ValidateJWT(jwt)) { return(response); } else { retrievedNRIC = jwtBll.getNRIC(jwt); } // Validate deviceID for retrievedNRIC if (!(accountBLL.IsValid(retrievedNRIC, deviceID))) { return(response); } // Get all associated patients accountBLL.SetRole(retrievedNRIC, "Therapist"); Account account = accountBLL.GetStatus(retrievedNRIC); if (account.status == 1) { try { TherapistBLL therapistBLL = new TherapistBLL(); List <Classes.Entity.Patient> patients = therapistBLL.GetCurrentPatients(""); string names = ""; for (int i = 0; i < patients.Count; i++) { names += patients[i].nric + " " + patients[i].firstName + " " + patients[i].lastName; if (i != patients.Count - 1) { names += "\r"; } } response = Request.CreateResponse(HttpStatusCode.OK, System.Convert.ToBase64String(Encoding.ASCII.GetBytes(names))); } catch { response = Request.CreateResponse(HttpStatusCode.InternalServerError); } return(response); } return(response); }