health-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Health-dev] Group Access Permission Rule: How to filter by Patient

From: Cédric Krier
Subject: Re: [Health-dev] Group Access Permission Rule: How to filter by Patient Status = Hospitalized
Date: Fri, 12 Jun 2015 08:36:23 +0200
User-agent: Mutt/1.5.23 (2014-03-12) 
On 2015-06-11 21:31, Chris wrote:
> Hiya,
> 
> I just pushed a commit to add the searcher.
> 
> http://hg.savannah.gnu.org/hgweb/health/rev/f49b62f22358
> 
> To make it work, the domain value/operand must be True.
> 
> View only hospitalized patients:
> 
> [('patient_status', '=', True)]
> 
> However, I haven't added smart handling of the value and there is no
> robust pre-validation on the value anyways. The code ignores the
> operator ('=', 'like', etc.), consequently, these will return
> non-hospitalized patients:
> 
> [('patient_status', 'like', 'True')]
> [('patient_status', '=', False)]
> ...etc.

I think it is better to not have silent failure but instead adding just
a test on the operator and value like this:

    _, operator, value = clause

    if operator not in ['=', '!=']:
        raise ValueError('Wrong operator: %s' % operator)
    if value is not True and value is not False:
        raise ValueError('Wrong value: %s' % value)

Also the code return wrong result if '!=' is used.

Now, I have also looked at the 'get_patient_status' method despite it
uses raw SQL instead of python-sql query. It is really not optimal
because it generates a query per record. It should be a classmethod
searcher with a query that should look like this:


    @classmethod
    def get_patient_status(cls, ids, name):
        pool = Pool()
        Registration = pool.get('gnuhealth.inpatient.registration')
        registration = Registration.__table__()
        result = dict.fromkeys(ids, False)
        for sub_ids in grouped_slice(ids):
            clause_ids = reduce_ids(registration.id, sub_ids)
            query = registration.select(registration.patient, Literal(True),
                where=(registration.state == 'hospitalized') & clause_ids,
                group_by=registration.patient)
            cursor.execute(*query)
            result.update(cursor.dictfetchall())
        return result


-- 
Cédric Krier - B2CK SPRL
Email/Jabber: address@hidden
Tel: +32 472 54 46 59
Website: http://www.b2ck.com/

Attachment: pgpPiTprONSGD.pgp
Description: PGP signature

reply via email to
[Prev in Thread] Current Thread [Next in Thread]