feat: filter observations by patient identifier

Author: s1monj

README.md

@@ -284,11 +284,20 @@ code=4AWKhgaaomTSf9PfwxN4ExnXjdSEqh&grant_type=authorization_code&redirect_uri=h
 #### Observations
 
 - The `FHIR Observation` endpoint returns a list of Observations as a FHIR Bundle
-- At least one of Study ID, passed as `patient._has:Group:member:_id` or Patient ID, passed as `patient` query parameters are required
+- At least one of Study ID, passed as `patient._has:Group:member:_id` or Patient ID, passed as `patient` or Patient Identifier passed as `patient.identifier=<system>|<value>` query parameters are required
 - `subject.reference` references a Patient ID
 - `device.reference` references a Data Source ID
 - `valueAttachment` is Base 64 Encoded Binary JSON
 
+| Query Parameter         | Example                                               | Description                                                  |
+| ----------------------- | ----------------------------------------------------- | ------------------------------------------------------------ |
+| `_has:Group:member:_id` | `30001`                                               | Filter by Patients that are in the Study with ID 30001       |
+| `patient`               | `40001`                                               | Filter by single Patient with ID 40001                       |
+| `patient.identifier`    | `http://ehr.example.com|abc123`                       | Filter by single Patient with Identifier System `http://ehr.example.com` and Value `abc123` |
+| `code`                  | `https://w3id.org/openmhealth|omh:blood-pressure:4.0` | Filter by Type/Scope with System `https://w3id.org/openmhealth` and Code `omh:blood-pressure:4.0` |
+
+
+
 ```json
 // GET /fhir/r5/Observation?patient._has:Group:member:_id=30001&patient=40001&code=https://w3id.org/openmhealth|omh:blood-pressure:4.0
 {

jhe/core/models.py

@@ -234,9 +234,9 @@ def for_practitioner_organization_study(practitioner_user_id, organization_id=No
         if study_id:
             study_sql_where = "AND core_study.id={study_id}".format(study_id=int(study_id))
 
-        patient_sql_where = ''
+        patient_id_sql_where = ''
         if patient_id:
-            patient_sql_where = "AND core_patient.id={patient_id}".format(patient_id=int(patient_id))
+            patient_id_sql_where = "AND core_patient.id={patient_id}".format(patient_id=int(patient_id))
 
 
         q = """
@@ -249,11 +249,11 @@ def for_practitioner_organization_study(practitioner_user_id, organization_id=No
             WHERE core_jheuserorganization.jhe_user_id=%(jhe_user_id)s
             {organization_sql_where}
             {study_sql_where}
-            {patient_sql_where}
+            {patient_id_sql_where}
             """.format(
                 organization_sql_where=organization_sql_where,
                 study_sql_where=study_sql_where,
-                patient_sql_where=patient_sql_where,
+                patient_id_sql_where=patient_id_sql_where,
             )
 
         return Patient.objects.raw(q, {'jhe_user_id': practitioner_user_id})
@@ -657,9 +657,9 @@ def for_practitioner_organization_study_patient(practitioner_user_id, organizati
       if study_id:
         study_sql_where = "AND core_study.id={study_id}".format(study_id=int(study_id))
 
-      patient_sql_where = ''
+      patient_id_sql_where = ''
       if patient_id:
-        patient_sql_where = "AND core_patient.id={patient_id}".format(patient_id=int(patient_id))
+        patient_id_sql_where = "AND core_patient.id={patient_id}".format(patient_id=int(patient_id))
 
       observation_sql_where = ''
       if observation_id:
@@ -684,14 +684,14 @@ def for_practitioner_organization_study_patient(practitioner_user_id, organizati
         WHERE core_jheuserorganization.jhe_user_id=%(jhe_user_id)s
         {organization_sql_where}
         {study_sql_where}
-        {patient_sql_where}
+        {patient_id_sql_where}
         {observation_sql_where}
         ORDER BY core_observation.last_updated DESC
         LIMIT %(pageSize)s OFFSET %(offset)s;
         """.format(
           organization_sql_where=organization_sql_where,
           study_sql_where=study_sql_where,
-          patient_sql_where=patient_sql_where,
+          patient_id_sql_where=patient_id_sql_where,
           observation_sql_where=observation_sql_where,
           pageSize=pageSize,
           offset=offset,
@@ -710,25 +710,29 @@ def practitioner_authorized(practitioner_user_id, observation_id):
         return True
 
     @staticmethod
-    def fhir_search(practitioner_user_id, study_id=None, patient_id=None, coding_system=None, coding_code=None, observation_id=None, offset=None, page=None):
+    def fhir_search(practitioner_user_id, study_id=None, patient_id=None, patient_identifier_system=None, patient_identifier_value=None, coding_system=None, coding_code=None, observation_id=None, offset=None, page=None):
         from core.serializers import FHIRObservationSerializer
 
         # Explicitly cast to ints so no injection vulnerability
         study_sql_where = ''
         if study_id:
             study_sql_where = "AND core_study.id={study_id}".format(study_id=int(study_id))
 
-        patient_sql_where = ''
+        patient_id_sql_where = ''
         if patient_id:
-            patient_sql_where = "AND core_patient.id={patient_id}".format(patient_id=int(patient_id))
+            patient_id_sql_where = "AND core_patient.id={patient_id}".format(patient_id=int(patient_id))
+
+        patient_identifier_value_sql_where = ''
+        if patient_identifier_value:
+            patient_identifier_value_sql_where = "AND core_patient.identifier=%(patient_identifier_value)s"
 
         observation_sql_where = ''
         if observation_id:
             observation_sql_where = "AND core_observation.id={observation_id}".format(observation_id=int(observation_id))
 
         # Set default values for pagination parameters
         offset = 0 if offset is None else int(offset)
-        limit = 10 if page is None else int(page)
+        limit = 1000 if page is None else int(page)
 
         # TBD: Query optimization: https://stackoverflow.com/a/6037376
         # pagination: https://github.com/mattbuck85/django-paginator-rawqueryset
@@ -777,10 +781,11 @@ def fhir_search(practitioner_user_id, study_id=None, patient_id=None, coding_sys
             LEFT JOIN core_study ON core_study.id=core_studypatient.study_id
             JOIN core_organization ON core_organization.id=core_patient.organization_id
             JOIN core_jheuserorganization ON core_jheuserorganization.organization_id=core_organization.id
-            WHERE core_jheuserorganization.jhe_user_id={jhe_user_id} AND
-            core_codeableconcept.coding_system LIKE %(coding_system)s AND core_codeableconcept.coding_code LIKE %(coding_code)s
+            WHERE core_jheuserorganization.jhe_user_id={jhe_user_id}
+            AND core_codeableconcept.coding_system LIKE %(coding_system)s AND core_codeableconcept.coding_code LIKE %(coding_code)s
             {study_sql_where}
-            {patient_sql_where}
+            {patient_id_sql_where}
+            {patient_identifier_value_sql_where}
             {observation_sql_where}
             GROUP BY core_observation.id, core_codeableconcept.coding_system, core_codeableconcept.coding_code
             ORDER BY core_observation.last_updated DESC
@@ -790,15 +795,17 @@ def fhir_search(practitioner_user_id, study_id=None, patient_id=None, coding_sys
                 SITE_URL=settings.SITE_URL,
                 jhe_user_id=practitioner_user_id,
                 study_sql_where=study_sql_where,
-                patient_sql_where=patient_sql_where,
+                patient_id_sql_where=patient_id_sql_where,
+                patient_identifier_value_sql_where=patient_identifier_value_sql_where,
                 observation_sql_where=observation_sql_where,
                 limit=limit,
                 offset=offset
             )
 
         records = Observation.objects.raw(q, {
             "coding_system": coding_system if coding_system else '%',
-            "coding_code": coding_code if coding_code else '%'
+            "coding_code": coding_code if coding_code else '%',
+            "patient_identifier_value": patient_identifier_value
         })
 
         for record in records:
@@ -832,9 +839,9 @@ def count_for_practitioner_organization_study_patient(practitioner_user_id, orga
       if study_id:
         study_sql_where = f"AND core_study.id={int(study_id)}"
 
-      patient_sql_where = ''
+      patient_id_sql_where = ''
       if patient_id:
-        patient_sql_where = f"AND core_patient.id={int(patient_id)}"
+        patient_id_sql_where = f"AND core_patient.id={int(patient_id)}"
 
       observation_sql_where = ''
       if observation_id:
@@ -859,7 +866,7 @@ class Meta:
         WHERE core_jheuserorganization.jhe_user_id = %(jhe_user_id)s
         {organization_sql_where}
         {study_sql_where}
-        {patient_sql_where}
+        {patient_id_sql_where}
         {observation_sql_where}
       """
 

jhe/core/views/observation.py

@@ -33,10 +33,11 @@ def get_queryset(self):
           study_id = self.request.GET.get('_has:_group:member:_id', None)
 
       patient_id = self.request.GET.get('patient', None)
+      patient_identifier_system_and_value = self.request.GET.get('patient.identifier', None)
       coding_system_and_value = self.request.GET.get('code', None)
 
-      if not (study_id or patient_id):
-          raise BadRequest("Request parameter patient._has:Group:member:_id=<study_id> or patient=<patient_id> must be provided.")
+      if not (study_id or patient_id or patient_identifier_system_and_value):
+          raise BadRequest("Request parameter patient._has:Group:member:_id=<study_id> or patient=<patient_id> or patient.identifier=<system>|<value> must be provided.")
 
       if study_id and (not Study.practitioner_authorized(self.request.user.id, study_id)):
           raise PermissionDenied("Current User does not have authorization to access this Study.")
@@ -47,14 +48,23 @@ def get_queryset(self):
       coding_system = None
       coding_value = None
       if coding_system_and_value:
-          coding_split = coding_system_and_value.split('|')
+          coding_split = coding_system_and_value.split('|') # TBD 400 for formatting error
           coding_system = coding_split[0]
           coding_value = coding_split[1]
 
+      patient_identifier_system = None
+      patient_identifier_value = None
+      if patient_identifier_system_and_value:
+          patient_identifier_split = patient_identifier_system_and_value.split('|') # TBD 400 for formatting error
+          patient_identifier_system = patient_identifier_split[0]
+          patient_identifier_value = patient_identifier_split[1]
+
       return Observation.fhir_search(
           self.request.user.id,
           study_id,
           patient_id,
+          patient_identifier_system,
+          patient_identifier_value,
           coding_system,
           coding_value
       )

jhe/jhe/settings.py

@@ -1,4 +1,4 @@
-JHE_VERSION = 'v0.0.1'
+JHE_VERSION = 'v0.0.2'
 
 """
 Django settings for jhe project.
@@ -70,7 +70,7 @@
     # uncomment if you need to revert to the default pagination class
     'DEFAULT_PAGINATION_CLASS': 'rest_framework.pagination.PageNumberPagination',
     #'DEFAULT_PAGINATION_CLASS': 'core.pagination.CustomPageNumberPagination',
-    'PAGE_SIZE': 20,
+    'PAGE_SIZE': 1000,
     'DEFAULT_AUTHENTICATION_CLASSES': (
         'oauth2_provider.contrib.rest_framework.OAuth2Authentication',
      ),