The Notes API

From OpenEMR Project Wiki

Using the Notes API

Including Notes Functionality

The Notes API is available in OpenEMR by including the following line in your code:

require_once("$srcdir/pnotes.inc");

Thos loads up all of the functions for dealing with notes.

Access Controls

Patient Notes

Once notes functionality has been included, it is important to use the appropriate ACL checks to ensure that users who are viewing/updating/deleting notes are authorized to do so. The 'patients/notes' ACO should be checked in the following situations:

Permission Operation
(empty string) Should be checked any time note contents are going to be displayed
'write','addonly' should be checked any time notes are going to be created, updated, or deleted

For information on checking an ACL, please refer to The OpenEMR API.

Squads

After the appropriate access to the notes have been established, it is important to also check if the patient is a member of any 'squad', and check to see if the user has permissions to the squad in question.

Squads are checked with the same ACL system used previously. for example, assuming pid is the ID of the current patient:

$tmp = getPatientData($pid, "squad");
if ($tmp['squad'] && ! acl_check('squads', $tmp['squad']))
 $thisauth = 0; /* current user is not authorized to see members of this squad */

Functions Available

Once pnotes.inc is included and you are satisfied the proper ACL checks have been performed, the following functions should be used to manipulate note data:

addPnote

returns: the ID of the newly added note.

deletePnote

getPnoteById

getPnotesByUser

updatePnote

updatePnoteMessageStatus

Dependencies

The Notes API uses the database table 'pnotes' to store its data.