Session cookie for viewsensitive

htdocs/RoutePatient.vue

@@ -1,15 +1,19 @@
 <template>
 	<Subtitle value="Patient" />
-	<div v-if="(sensitive) && (!patient_info)" class="alert alert-danger text-center mb-3 shadow" role="alert">
+	<div v-if="(sensitive) && (!viewsensitive)" class="alert alert-danger text-center mb-3 shadow" role="alert">
 		<Subtitle value="Restricted Record" />
 		<h1>Warning: Restricted Record</h1>
 		<p>This record is protected by the Privacy Act of 1974 and the Health Insurance Portability and Accountability Act of 1996. If you elect to proceed, you will be required to prove you have a need to know. Accessing this patient is tracked, and your station Security Officer will contact you for your justification.</p>
-		<router-link class="btn btn-danger" :to="'/patient/' + patient_dfn + '?viewsensitive'">Proceed</router-link>
+		<button class="btn btn-danger" @click="viewsensitive = true">Proceed</button>
 	</div>
 	<template v-if="patient_info">
 		<Submenu :value="menu" />
 		<div class="card mb-3 shadow">
-			<div class="card-header">{{patient_info.name}} <span :title="patient_info.pid">{{patient_info.pid.slice(-4)}}</span> #{{patient_dfn}}</div>
+			<div v-if="sensitive" class="card-header alert-danger d-flex justify-content-between align-items-center">
+				<span>{{patient_info.name}} <span :title="patient_info.pid">{{patient_info.pid.slice(-4)}}</span> #{{patient_dfn}}</span>
+				<button class="btn-close" @click="viewsensitive = false"></button>
+			</div>
+			<div v-else class="card-header">{{patient_info.name}} <span :title="patient_info.pid">{{patient_info.pid.slice(-4)}}</span> #{{patient_dfn}}</div>
 			<div class="card-body row" style="font-family: monospace;">
 				<div class="col" v-if="patient_info.dob"><strong>DOB:</strong> {{strptime_vista(patient_info.dob).toLocaleDateString('sv-SE')}}</div>
 				<div class="col" v-if="patient_info.age"><strong>Age:</strong> {{patient_info.age}}</div>
@@ -25,6 +29,7 @@
 </template>
 
 <script>
+	import cookie from './cookie.mjs';
 	import { strptime_vista } from './util.mjs';
 
 	import Subtitle from './Subtitle.vue';
@@ -39,6 +44,7 @@
 		},
 		data() {
 			return {
+				viewsensitive: false,
 				sensitive: false,
 				patient_dfn: null,
 				patient_info: null
@@ -49,26 +55,23 @@
 				return this.patient_info ? {
 					name: this.patient_info.name,
 					items: [
-						{ name: 'Patient', href: '/patient/' + this.patient_dfn + (this.sensitive && '?viewsensitive' || '') },
+						{ name: 'Patient', href: '/patient/' + this.patient_dfn },
-						{ name: 'Visits', href: '/patient/' + this.patient_dfn + '/visits' + (this.sensitive && '?viewsensitive' || '') },
+						{ name: 'Visits', href: '/patient/' + this.patient_dfn + '/visits' },
-						{ name: 'Orders', href: '/patient/' + this.patient_dfn + '/orders' + (this.sensitive && '?viewsensitive' || '') },
+						{ name: 'Orders', href: '/patient/' + this.patient_dfn + '/orders' },
-						{ name: 'Reports', href: '/patient/' + this.patient_dfn + '/reports' + (this.sensitive && '?viewsensitive' || '') },
+						{ name: 'Reports', href: '/patient/' + this.patient_dfn + '/reports' },
-						{ name: 'Documents', href: '/patient/' + this.patient_dfn + '/document' + (this.sensitive && '?viewsensitive' || '') },
+						{ name: 'Documents', href: '/patient/' + this.patient_dfn + '/document' },
 					]
 				} : null;
 			}
 		},
 		methods: {
-			strptime_vista,
+			strptime_vista
-			async loadinfo(dfn, viewsensitive) {
-				this.patient_dfn = dfn;
-				this.sensitive = await this.client.ORWPT_SELCHK(dfn);
-				this.patient_info = (this.sensitive) && (!viewsensitive) ? null : await this.client.ORWPT16_ID_INFO(dfn);
-			}
 		},
-		async mounted() {
+		watch: {
-			if(this.$route.params.id.startsWith('$')) {
+			'$route.params.id': {
-				var id = this.$route.params.id.substring(1);
+				async handler(value) {
+					if(value.startsWith('$')) {
+						var id = value.substring(1);
 						if(id.length == 9) {
 							var patient = await this.client.ORWPT_FULLSSN(id);
 							this.$router.replace('/patient/' + patient[0].dfn);
@@ -80,11 +83,40 @@
 								break;
 							}
 						}
-			} else this.loadinfo(this.$route.params.id, this.$route.query.hasOwnProperty('viewsensitive'));
+					} else {
+						this.sensitive = await this.client.ORWPT_SELCHK(value);
+						this.patient_dfn = value;
+						var viewsensitive = cookie.get('viewsensitive');
+						this.viewsensitive = viewsensitive ? viewsensitive.split(',').indexOf(value) >= 0 : false;
+					}
+				}, immediate: true
 			},
-		async beforeRouteUpdate(to, from, next) {
+			viewsensitive(value) {
-			this.loadinfo(to.params.id, to.query.hasOwnProperty('viewsensitive'));
+				var viewsensitive = cookie.get('viewsensitive'), viewsensitive = viewsensitive !== null ? viewsensitive.split(',') : [], idx = viewsensitive.indexOf(this.patient_dfn);
-			next();
+				if(value) {
+					if(idx < 0) {
+						viewsensitive.push(this.patient_dfn);
+						cookie.set('viewsensitive', viewsensitive.join(','));
+					}
+				} else {
+					if(idx >= 0) {
+						viewsensitive.splice(idx, 1);
+						cookie.set('viewsensitive', viewsensitive.join(','));
+					}
+				}
+			}
+		},
+		created() {
+			this.$watch(
+				() => (this.client, this.patient_dfn, this.sensitive, this.viewsensitive, {}),
+				async function() {
+					if(this.client) {
+						if(this.patient_dfn) this.patient_info = (this.sensitive) && (!this.viewsensitive) ? null : await this.client.ORWPT16_ID_INFO(this.patient_dfn);
+						else this.patient_info = null;
+					}
+				},
+				{ immediate: true }
+			);
 		}
 	};
 </script>

htdocs/RoutePatientDocuments.vue

@@ -6,7 +6,7 @@
 			<div class="card mb-3 shadow">
 				<div class="card-header"><template v-if="resultset.length > 0">{{resultset.length}}<template v-if="has_more">+</template></template><template v-else-if="is_loading">Loading</template><template v-else>No</template> record{{resultset.length == 1 ? '' : 's'}}</div>
 				<ul class="scroller list-group list-group-flush" ref="scroller">
-					<router-link v-for="item in resultset" :to="'/patient/' + patient_dfn + '/document/' + item.IEN + (sensitive ? '?viewsensitive' : '')" replace custom v-slot="{ navigate, href }">
+					<router-link v-for="item in resultset" :to="'/patient/' + patient_dfn + '/document/' + item.IEN" replace custom v-slot="{ navigate, href }">
 						<li :key="item" class="record" :class="{ 'active': selection == item.IEN }" :title="datetimestring(strptime_vista(item.time)) + '\n' + item.title + '\n' + item.location + '\n' + item.author.byline" @click="navigate">
 							<div class="row">
 								<div class="cell col-4"><router-link :to="href" replace>{{datestring(strptime_vista(item.time))}}</router-link></div>