Access to VistA Imaging System

2023-08-10 18:30:12 -04:00
parent 83c9f11c73
commit 3aa6a64f36
5 changed files with 292 additions and 0 deletions
--- a/main.py
+++ b/main.py
@@ -1,5 +1,6 @@
 #!/usr/bin/env python3

+import os
 import json
 import secrets
 import string
@@ -160,6 +161,29 @@ def application():
 			logger.exception(request.url)
 			return jsonify_error(ex, id=request.json.get('id'))

+	@app.get('/v1/vista/<cid>/imaging/<path:path>')
+	def cb_imaging(cid, path):
+		if 'view' in request.args:
+			adapter = 'view.' + path.rsplit('.', 1)[1].lower() + '.html'
+			if os.path.isfile('./htdocs/adapter/' + adapter):
+				return send_from_directory('./htdocs/adapter', adapter)
+		client = clients[cid]
+		frag = path.replace('\\', '/').strip('/').split('/')
+		winshare = '\\\\' + '\\'.join(frag[:2]).upper()
+		for item in client.MAG_GET_NETLOC('ALL', context=['MAG WINDOWS']):
+			if item.split('^')[1] == winshare:
+				break
+		else:
+			raise PermissionError(path)
+		try:
+			open('//' + '/'.join(frag)).close()
+		except PermissionError as ex:
+			credentials = client.MAGGUSER2(context=['MAG WINDOWS'])[2].split('^')
+			import subprocess, XWBHash
+			subprocess.run(['net', 'use', winshare, '/d'])
+			subprocess.run(['net', 'use', winshare, '/user:' + credentials[0], XWBHash.decrypt(credentials[1])])
+		return send_from_directory('//' + '/'.join(frag[:2]), '/'.join(frag[2:]), as_attachment=('dl' in request.args))
+
 	@app.get('/<path:path>')
 	def cb_static(path):
 		return send_from_directory('./htdocs', path if '.' in path.rsplit('/', 1)[-1] else 'index.html')