Skip to content
Open
Show file tree
Hide file tree
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
13 changes: 10 additions & 3 deletions FusionIIIT/Fusion/settings/common.py
Original file line number Diff line number Diff line change
Expand Up @@ -280,9 +280,16 @@
DATA_UPLOAD_MAX_NUMBER_FIELDS = 10240
YOUTUBE_DATA_API_KEY = 'api_key'



CORS_ORIGIN_ALLOW_ALL = True
# CORS Settings for frontend-backend communication with credentials
# When using credentials (withCredentials: true), we must specify exact origins
CORS_ORIGIN_ALLOW_ALL = False
CORS_ALLOWED_ORIGINS = [
"http://localhost:5173", # Vite dev server
"http://localhost:3000", # Alternative React dev server
"http://127.0.0.1:5173", # Localhost alternative
"http://localhost:8000", # Django dev server (same origin)
]
CORS_ALLOW_CREDENTIALS = True # Allow credentials in CORS requests
ALLOW_PASS_RESET = True

# session settings
Expand Down
4 changes: 4 additions & 0 deletions FusionIIIT/applications/__init__.py
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
"""
This file was created to make applications a standard python package
rather than a namespace package, to fix unittest path resolution in Python 3.8.
"""
3 changes: 2 additions & 1 deletion FusionIIIT/applications/globals/models.py
Original file line number Diff line number Diff line change
Expand Up @@ -17,7 +17,8 @@ class Constants:
('student', 'student'),
('staff', 'staff'),
('compounder', 'compounder'),
('faculty', 'faculty')
('faculty', 'faculty'),
('AUDITOR', 'auditor'),
)

RATING_CHOICES = (
Expand Down
80 changes: 80 additions & 0 deletions FusionIIIT/applications/health_center/Designated_Roles.md
Original file line number Diff line number Diff line change
@@ -0,0 +1,80 @@
# Module Name: Primary Health Centre (PHC)

## Designated User Roles & Permissions

### 1. Role Name: Compounder (PHC Staff / Module Admin)

* **Description:** The primary operational administrator of the Health Centre module. The Compounder manages the day-to-day operations of the PHC including doctor management, patient consultations, pharmacy inventory, ambulance fleet, and reimbursement processing. This is the most privileged role within the module.

* **Permissions:**
* **Doctor Management:** Full CRUD operations on doctor profiles (add, edit, activate/deactivate, delete doctors). Manage doctor schedules (create, update, delete weekly slots). Record and manage daily doctor attendance.
* **Consultation & Prescription:** Create new patient consultations with vitals and clinical findings. Create prescriptions linked to consultations with automatic stock deduction from pharmacy inventory. View and manage all consultation records.
* **Pharmacy & Inventory:** Full CRUD on medicine catalogue and stock entries. Manage expiry batches (add, delete, mark as returned). Create inventory requisitions for restocking. Mark requisitions as fulfilled upon receipt. View low-stock alerts and expiry warnings.
* **Hospital Admissions:** Admit patients to the health centre ward. Record bed assignments, admission reasons, and attending doctor. Process patient discharges with discharge notes and follow-up instructions.
* **Ambulance Fleet:** Full CRUD on ambulance vehicle records (registration, type, status). Log ambulance dispatch events with patient details, destination, and timestamps.
* **Reimbursement Processing:** View all employee reimbursement claims. Forward claims through the approval workflow (PHC Staff → Sanction Authority → Accounts). Process claims at the PHC Staff stage (approve/reject with remarks).
* **Announcements:** Create and broadcast health announcements to all portal users. Deactivate existing announcements.
* **Complaints:** View and respond to all patient complaints with resolution notes and status updates.
* **Reports & Audit:** Generate system-wide reports (consultation statistics, inventory summaries, reimbursement analytics). Access audit trail logs for all module operations.

---

### 2. Role Name: Patient (Student / Faculty / Staff — End User)

* **Description:** Any registered FusionIIIT portal user who accesses the Health Centre services as a consumer. Patients can view their medical history, file reimbursement claims, submit complaints, and access public health information.

* **Permissions:**
* **Medical History:** Read-only access to personal consultation history, prescriptions, and clinical records.
* **Prescriptions:** View personal prescriptions with medicine details, dosage, and instructions. Download prescription as a formatted PDF document.
* **Health Profile:** View personal health profile (blood group, allergies, chronic conditions, emergency contacts).
* **Doctor Schedules:** Read-only access to all doctor schedules and availability (public endpoint).
* **Reimbursement Claims:** Submit new reimbursement claims with expense details and supporting documents. View personal claim history and track claim status through the approval workflow. Upload claim documents (receipts, bills).
* **Complaints:** Submit new complaints/feedback about PHC services. View personal complaint history and track response status.
* **Announcements:** Read-only access to all active health announcements.

---

### 3. Role Name: Accounts Manager (Cross-Module — Financial Authority)

* **Description:** Responsible for the final financial verification and approval of reimbursement claims that have passed through PHC Staff and Sanction Authority stages. This role operates at the accounts verification stage of the reimbursement workflow.

* **Permissions:**
* View all reimbursement claims that have reached the `ACCOUNTS_REVIEW` stage.
* Approve claims for final payment disbursement.
* Reject claims with remarks at the accounts verification stage.
* View claim documents and supporting evidence uploaded by claimants.

---

### 4. Role Name: Approving Authority (Cross-Module — Institute Admin)

* **Description:** The sanctioning authority responsible for approving high-value reimbursement claims and inventory requisitions. This role is defined at the institute level and is pending integration with the global role management system.

* **Permissions (Implemented — Pending Activation):**
* Review and approve/reject inventory requisitions submitted by the Compounder.
* Sanction reimbursement claims at the authority review stage.
* **Note:** The backend API endpoints (`AuthorityInventoryRequisitionView`) are fully implemented but commented out, awaiting the cross-module `is_authority` role definition from the institute's global admin module.

---

## Role-Based Access Control (RBAC) Enforcement

| API Endpoint Group | Compounder | Patient | Accounts | Authority |
|---|---|---|---|---|
| Doctor Management (`/compounder/doctors/`) | ✅ Full CRUD | ❌ | ❌ | ❌ |
| Doctor Schedules (`/compounder/schedule/`) | ✅ Full CRUD | ✅ Read-Only | ❌ | ❌ |
| Attendance (`/compounder/attendance/`) | ✅ Full CRUD | ❌ | ❌ | ❌ |
| Consultations (`/compounder/consultation/`) | ✅ Full CRUD | ❌ | ❌ | ❌ |
| Prescriptions (`/compounder/prescription/`) | ✅ Full CRUD | ✅ Read + PDF | ❌ | ❌ |
| Medical History (`/patient/medical-history/`) | ❌ | ✅ Read-Only | ❌ | ❌ |
| Inventory & Stock (`/compounder/stock/`) | ✅ Full CRUD | ❌ | ❌ | ❌ |
| Expiry Batches (`/compounder/expiry/`) | ✅ Full CRUD | ❌ | ❌ | ❌ |
| Requisitions (`/compounder/requisition/`) | ✅ Create/Fulfill | ❌ | ❌ | ✅ Approve/Reject |
| Hospital Admissions (`/compounder/hospital-admit/`) | ✅ Full CRUD | ❌ | ❌ | ❌ |
| Ambulance Fleet (`/compounder/ambulance/`) | ✅ Full CRUD | ❌ | ❌ | ❌ |
| Ambulance Logs (`/compounder/ambulance-log/`) | ✅ Full CRUD | ❌ | ❌ | ❌ |
| Reimbursement Claims (`/reimbursement/`) | ✅ Process | ✅ Submit/View Own | ✅ Final Approve | ✅ Sanction |
| Complaints (`/complaint/`) | ✅ Respond | ✅ Submit/View Own | ❌ | ❌ |
| Announcements (`/announcements/`) | ✅ Create/Deactivate | ✅ Read-Only | ❌ | ❌ |
| System Reports (`/compounder/reports/`) | ✅ Generate | ❌ | ❌ | ❌ |
| Dashboard (`/dashboard/`) | ✅ Full Stats | ✅ Personal Stats | ❌ | ❌ |
Empty file.
206 changes: 187 additions & 19 deletions FusionIIIT/applications/health_center/admin.py
Original file line number Diff line number Diff line change
@@ -1,21 +1,189 @@
"""
Health Center Admin Configuration
====================================
Registers all health center models in the Django admin interface.
"""

from django.contrib import admin

from .models import *

admin.site.register(Doctor)
# admin.site.register(Appointment)
# admin.site.register(Ambulance_request)
# admin.site.register(Hospital_admit)
# admin.site.register(Complaint)
admin.site.register(Present_Stock)
# admin.site.register(Counter)
# admin.site.register(Expiry)
# admin.site.register(Hospital)
admin.site.register(All_Prescription)
admin.site.register(All_Medicine)
admin.site.register(All_Prescribed_medicine)
admin.site.register(Doctors_Schedule)
admin.site.register(Pathologist_Schedule)
# admin.site.register(Announcements)
# admin.site.register(SpecialRequest)
admin.site.register(Pathologist)
from .models import (
Doctor,
DoctorSchedule,
DoctorAttendance,
HealthProfile,
Appointment,
Consultation,
Medicine,
Stock,
Expiry,
Prescription,
PrescribedMedicine,
ComplaintV2,
HospitalAdmit,
AmbulanceRecordsV2,
ReimbursementClaim,
ClaimDocument,
InventoryRequisition,
LowStockAlert,
AuditLog,
)


@admin.register(Doctor)
class DoctorAdmin(admin.ModelAdmin):
list_display = ('id', 'doctor_name', 'specialization', 'is_active')
search_fields = ('doctor_name', 'specialization')
list_filter = ('is_active',)
ordering = ('doctor_name',)


@admin.register(DoctorSchedule)
class DoctorScheduleAdmin(admin.ModelAdmin):
list_display = ('id', 'doctor', 'day_of_week', 'start_time', 'end_time')
list_filter = ('day_of_week',)
ordering = ('doctor', 'day_of_week')


@admin.register(DoctorAttendance)
class DoctorAttendanceAdmin(admin.ModelAdmin):
list_display = ('id', 'doctor', 'attendance_date', 'status')
list_filter = ('status', 'attendance_date')
ordering = ('-attendance_date',)


@admin.register(HealthProfile)
class HealthProfileAdmin(admin.ModelAdmin):
list_display = ('id', 'patient', 'blood_group')
search_fields = ('patient__user__first_name', 'patient__user__last_name')
readonly_fields = ('created_at', 'updated_at')


@admin.register(Appointment)
class AppointmentAdmin(admin.ModelAdmin):
list_display = ('id', 'patient', 'doctor', 'appointment_date', 'status')
list_filter = ('status', 'appointment_date', 'appointment_type')
search_fields = ('patient__user__first_name', 'doctor__doctor_name')
readonly_fields = ('created_at',)
ordering = ('-appointment_date',)


@admin.register(Consultation)
class ConsultationAdmin(admin.ModelAdmin):
list_display = ('id', 'patient', 'doctor', 'consultation_date')
list_filter = ('consultation_date',)
search_fields = ('patient__user__first_name', 'doctor__doctor_name')
readonly_fields = ('created_at', 'updated_at')
ordering = ('-consultation_date',)


@admin.register(Medicine)
class MedicineAdmin(admin.ModelAdmin):
list_display = ('id', 'medicine_name', 'brand_name', 'unit', 'reorder_threshold')
search_fields = ('medicine_name', 'brand_name', 'generic_name')
ordering = ('medicine_name',)


@admin.register(Stock)
class StockAdmin(admin.ModelAdmin):
list_display = ('id', 'medicine', 'total_qty', 'last_updated')
search_fields = ('medicine__medicine_name',)
readonly_fields = ('created_at', 'last_updated')
ordering = ('medicine',)


@admin.register(Expiry)
class ExpiryAdmin(admin.ModelAdmin):
list_display = ('id', 'stock', 'batch_no', 'qty', 'expiry_date', 'is_returned')
list_filter = ('is_returned', 'expiry_date')
search_fields = ('stock__medicine__medicine_name', 'batch_no')
readonly_fields = ('created_at',)
ordering = ('expiry_date',) # FIFO: earliest expiry first


@admin.register(Prescription)
class PrescriptionAdmin(admin.ModelAdmin):
list_display = ('id', 'patient', 'doctor', 'issued_date', 'status')
list_filter = ('status', 'issued_date')
search_fields = ('patient__user__first_name', 'doctor__doctor_name')
readonly_fields = ('created_at', 'updated_at')
ordering = ('-issued_date',)


@admin.register(PrescribedMedicine)
class PrescribedMedicineAdmin(admin.ModelAdmin):
list_display = ('id', 'prescription', 'medicine', 'qty_prescribed', 'qty_dispensed', 'is_dispensed')
list_filter = ('is_dispensed', 'is_revoked', 'created_at')
search_fields = ('prescription__patient__user__first_name', 'medicine__medicine_name')
readonly_fields = ('created_at', 'updated_at')
ordering = ('-created_at',)


@admin.register(ComplaintV2)
class ComplaintV2Admin(admin.ModelAdmin):
list_display = ('id', 'patient', 'title', 'category', 'status', 'created_date')
list_filter = ('status', 'category', 'created_date')
search_fields = ('patient__user__first_name', 'patient__user__last_name', 'title')
readonly_fields = ('created_date', 'updated_at')
ordering = ('-created_date',)


@admin.register(HospitalAdmit)
class HospitalAdmitAdmin(admin.ModelAdmin):
list_display = ('id', 'patient', 'hospital_name', 'admission_date', 'discharge_date', 'referred_by')
list_filter = ('admission_date', 'discharge_date')
search_fields = ('patient__user__first_name', 'hospital_name', 'reason')
readonly_fields = ('created_at', 'updated_at')
ordering = ('-admission_date',)


@admin.register(AmbulanceRecordsV2)
class AmbulanceRecordsV2Admin(admin.ModelAdmin):
list_display = ('id', 'registration_number', 'vehicle_type', 'driver_name', 'status', 'is_active')
list_filter = ('status', 'is_active', 'vehicle_type')
search_fields = ('registration_number', 'driver_name', 'driver_contact')
readonly_fields = ('created_at', 'updated_at')
ordering = ('registration_number',)


@admin.register(ReimbursementClaim)
class ReimbursementClaimAdmin(admin.ModelAdmin):
list_display = ('id', 'patient', 'claim_amount', 'status', 'submission_date')
list_filter = ('status', 'submission_date')
search_fields = ('patient__user__first_name', 'patient__user__last_name')
readonly_fields = ('created_at', 'updated_at')
ordering = ('-submission_date',)


@admin.register(ClaimDocument)
class ClaimDocumentAdmin(admin.ModelAdmin):
list_display = ('id', 'claim', 'document_type', 'uploaded_at', 'verified')
list_filter = ('document_type', 'verified', 'uploaded_at')
ordering = ('-uploaded_at',)


@admin.register(InventoryRequisition)
class InventoryRequisitionAdmin(admin.ModelAdmin):
list_display = ('id', 'medicine', 'quantity_requested', 'status', 'created_date')
list_filter = ('status', 'created_date')
search_fields = ('medicine__medicine_name',)
readonly_fields = ('created_at', 'updated_at')
ordering = ('-created_date',)


@admin.register(LowStockAlert)
class LowStockAlertAdmin(admin.ModelAdmin):
list_display = ('id', 'medicine', 'current_stock', 'acknowledged')
list_filter = ('acknowledged', 'alert_triggered_at')
search_fields = ('medicine__medicine_name',)
readonly_fields = ('alert_triggered_at',)
ordering = ('-alert_triggered_at',)


@admin.register(AuditLog)
class AuditLogAdmin(admin.ModelAdmin):
list_display = ('id', 'user', 'action_type', 'entity_type', 'timestamp')
list_filter = ('action_type', 'entity_type', 'timestamp')
search_fields = ('user__user__first_name', 'entity_type')
readonly_fields = ('timestamp',)
ordering = ('-timestamp',)

Empty file.
Loading
Loading