Make care single source of truth for asset config on middleware

care/facility/api/serializers/asset.py

@@ -1,7 +1,10 @@
+import logging
 from datetime import datetime
 
 from django.core.cache import cache
-from django.db import transaction
+from django.db import models, transaction
+from django.db.models import F, Value
+from django.db.models.functions import Cast, Coalesce, NullIf
 from django.shortcuts import get_object_or_404
 from django.utils.timezone import now
 from drf_spectacular.utils import extend_schema_field
@@ -33,11 +36,14 @@
 from care.users.api.serializers.user import UserBaseMinimumSerializer
 from care.utils.assetintegration.hl7monitor import HL7MonitorAsset
 from care.utils.assetintegration.onvif import OnvifAsset
+from care.utils.assetintegration.push_config import push_config_to_middleware
 from care.utils.assetintegration.ventilator import VentilatorAsset
 from care.utils.queryset.facility import get_facility_queryset
 from config.serializers import ChoiceField
 from config.validators import MiddlewareDomainAddressValidator
 
+logger = logging.getLogger(__name__)
+
 
 class AssetLocationSerializer(ModelSerializer):
     facility = FacilityBareMinimumSerializer(read_only=True)
@@ -210,13 +216,55 @@
         ):
             raise ValidationError({"asset_class": "Cannot change asset class"})
 
+        if meta := attrs.get("meta"):
+            current_location = attrs.get(
+                "current_location", self.instance.current_location
+            )
+            ip_address = meta.get("local_ip_address")
+            middleware_hostname = (
+                meta.get("middleware_hostname")
+                or current_location.middleware_address
+                or current_location.facility.middleware_address
+            )
+            if ip_address and middleware_hostname:
+                assets_using_ip = (
+                    Asset.objects.filter(
+                        current_location__facility=current_location.facility
+                    )
+                    .annotate(
+                        resolved_middleware_hostname=Coalesce(
+                            NullIf(
+                                Cast(
+                                    F("meta__middleware_hostname"), models.CharField()
+                                ),
+                                Value('""'),
+                            ),
+                            NullIf(
+                                F("current_location__middleware_address"), Value("")
+                            ),
+                            F("current_location__facility__middleware_address"),
+                            output_field=models.CharField(),
+                        )
+                    )
+                    .filter(
+                        resolved_middleware_hostname=middleware_hostname,
+                        meta__local_ip_address=ip_address,
+                    )
+                    .exclude(id=self.instance.id if self.instance else None)
+                    .values_list("name", flat=True)
+                )
+                if assets_using_ip:
+                    raise ValidationError(
+                        f"IP Address {ip_address} is already in use by {', '.join(assets_using_ip)} asset(s)"
+                    )
+
         return super().validate(attrs)
 
     def create(self, validated_data):
         last_serviced_on = validated_data.pop("last_serviced_on", None)
         note = validated_data.pop("note", None)
         with transaction.atomic():
-            asset_instance = super().create(validated_data)
+            asset_instance: Asset = super().create(validated_data)
             if last_serviced_on or note:
                 asset_service = AssetService(
                     asset=asset_instance, serviced_on=last_serviced_on, note=note
@@ -226,7 +274,7 @@
                 asset_instance.save(update_fields=["last_service"])
         return asset_instance
 
-    def update(self, instance, validated_data):
+    def update(self, instance: Asset, validated_data):
         user = self.context["request"].user
         with transaction.atomic():
             if validated_data.get("last_serviced_on") and (
@@ -271,11 +319,54 @@
                     asset=instance,
                     performed_by=user,
                 ).save()
-            updated_instance = super().update(instance, validated_data)
+            old_hostname = instance.resolved_middleware.get("hostname")
+            updated_instance: Asset = super().update(instance, validated_data)
             cache.delete(f"asset:{instance.external_id}")
+            new_hostname = updated_instance.resolved_middleware.get("hostname")
+            response = push_config_to_middleware(
+                new_hostname,
+                updated_instance.external_id,
+                AssetConfigSerializer(updated_instance).data,
+                old_hostname,
+            )
+            logger.info(f"Asset update response from middleware: {response}")
         return updated_instance
 
 
+class AssetConfigSerializer(ModelSerializer):
+    id = UUIDField(source="external_id")
+    type = CharField(source="asset_class")
+    description = CharField(default="")
+    ip_address = CharField(default="")
+    access_key = CharField(default="")
+    username = CharField(default="")
+    password = CharField(default="")
+    port = serializers.IntegerField(default=80)
+
+    def to_representation(self, instance: Asset):
+        data = super().to_representation(instance)
+        data["ip_address"] = instance.meta.get("local_ip_address")
+        if camera_access_key := instance.meta.get("camera_access_key"):
+            values = camera_access_key.split(":")
+            if len(values) == 3:
+                data["username"], data["password"], data["access_key"] = values
+        return data
+
+    class Meta:
+        model = Asset
+        fields = (
+            "id",
+            "name",
+            "type",
+            "description",
+            "ip_address",
+            "access_key",
+            "username",
+            "password",
+            "port",
+        )
+
+
 class AssetTransactionSerializer(ModelSerializer):
     id = UUIDField(source="external_id", read_only=True)
     asset = AssetBareMinimumSerializer(read_only=True)

care/facility/api/serializers/patient_consultation.py

@@ -10,7 +10,10 @@
 from care.abdm.utils.api_call import AbdmGateway
 from care.facility.api.serializers import TIMESTAMP_FIELDS
 from care.facility.api.serializers.asset import AssetLocationSerializer
-from care.facility.api.serializers.bed import ConsultationBedSerializer
+from care.facility.api.serializers.bed import (
+    AssetBedSerializer,
+    ConsultationBedSerializer,
+)
 from care.facility.api.serializers.consultation_diagnosis import (
     ConsultationCreateDiagnosisSerializer,
     ConsultationDiagnosisSerializer,
@@ -765,14 +768,14 @@ def create(self, validated_data):
         raise NotImplementedError
 
 
-class PatientConsultationIDSerializer(serializers.ModelSerializer):
-    consultation_id = serializers.UUIDField(source="external_id", read_only=True)
-    patient_id = serializers.UUIDField(source="patient.external_id", read_only=True)
-    bed_id = serializers.UUIDField(source="current_bed.bed.external_id", read_only=True)
+class PatientConsultationIDSerializer(serializers.Serializer):
+    consultation_id = serializers.UUIDField(read_only=True)
+    patient_id = serializers.UUIDField(read_only=True)
+    bed_id = serializers.UUIDField(read_only=True)
+    asset_beds = AssetBedSerializer(many=True, read_only=True)
 
     class Meta:
-        model = PatientConsultation
-        fields = ("consultation_id", "patient_id", "bed_id")
+        fields = ("consultation_id", "patient_id", "bed_id", "asset_beds")
 
 
 class EmailDischargeSummarySerializer(serializers.Serializer):

care/facility/api/viewsets/asset.py

@@ -1,6 +1,9 @@
+import re
+
 from django.conf import settings
 from django.core.cache import cache
-from django.db.models import Exists, OuterRef, Q, Subquery
+from django.db.models import CharField, Exists, F, OuterRef, Q, Subquery, Value
+from django.db.models.functions import Cast, Coalesce, NullIf
 from django.db.models.signals import post_save
 from django.dispatch import receiver
 from django.http import Http404
@@ -9,7 +12,7 @@
 from django_filters import rest_framework as filters
 from django_filters.constants import EMPTY_VALUES
 from djqscsv import render_to_csv_response
-from drf_spectacular.utils import extend_schema, inline_serializer
+from drf_spectacular.utils import OpenApiParameter, extend_schema, inline_serializer
 from dry_rest_permissions.generics import DRYPermissions
 from rest_framework import exceptions
 from rest_framework import filters as drf_filters
@@ -29,6 +32,7 @@
 from rest_framework.viewsets import GenericViewSet
 
 from care.facility.api.serializers.asset import (
+    AssetConfigSerializer,
     AssetLocationSerializer,
     AssetSerializer,
     AssetServiceSerializer,
@@ -54,10 +58,12 @@
 from care.users.models import User
 from care.utils.assetintegration.asset_classes import AssetClasses
 from care.utils.assetintegration.base import BaseAssetIntegration
+from care.utils.assetintegration.push_config import delete_asset_from_middleware
 from care.utils.cache.cache_allowed_facilities import get_accessible_facilities
 from care.utils.filters.choicefilter import CareChoiceFilter, inverse_choices
 from care.utils.queryset.asset_location import get_asset_location_queryset
 from care.utils.queryset.facility import get_facility_queryset
+from config.authentication import MiddlewareAuthentication
 
 inverse_asset_type = inverse_choices(AssetTypeChoices)
 inverse_asset_status = inverse_choices(StatusChoices)
@@ -305,6 +311,11 @@
         )
         return queryset
 
+    def perform_destroy(self, instance: Asset) -> None:
+        if hostname := instance.resolved_middleware:
+            delete_asset_from_middleware(hostname["hostname"], instance.external_id)
+        return super().perform_destroy(instance)
+
     def list(self, request, *args, **kwargs):
         if settings.CSV_REQUEST_PARAMETER in request.GET:
             mapping = Asset.CSV_MAPPING.copy()
@@ -413,6 +424,72 @@
             )
 
 
+class AssetRetrieveConfigViewSet(ListModelMixin, GenericViewSet):
+    queryset = Asset.objects.all()
+    authentication_classes = [MiddlewareAuthentication]
+    permission_classes = [IsAuthenticated]
+    serializer_class = AssetConfigSerializer
+
+    @extend_schema(
+        tags=["asset"],
+        parameters=[
+            OpenApiParameter(
+                name="middleware_hostname",
+                location=OpenApiParameter.QUERY,
+            )
+        ],
+    )
+    def list(self, request, *args, **kwargs):
+        """
+        This API is used by the middleware to retrieve assets and their configurations
+        for a given facility and middleware hostname.
+        """
+        middleware_hostname = request.query_params.get("middleware_hostname")
+        if not middleware_hostname:
+            return Response(
+                {"middleware_hostname": "Middleware hostname is required"},
+                status=status.HTTP_400_BAD_REQUEST,
+            )
+
+        if match := re.match(r"^(https?://)?([^\s/]+)/?$", middleware_hostname):
+            middleware_hostname = match.group(2)  # extract the hostname from the URL
+        else:
+            return Response(
+                {"middleware_hostname": "Invalid middleware hostname"},
+                status=status.HTTP_400_BAD_REQUEST,
+            )
+
+        queryset = (
+            self.get_queryset()
+            .filter(
+                current_location__facility=self.request.user.facility,
+                asset_class__in=[
+                    AssetClasses.ONVIF.name,
+                    AssetClasses.HL7MONITOR.name,
+                ],
+            )
+            .annotate(
+                resolved_middleware_hostname=Coalesce(
+                    NullIf(
+                        Cast(F("meta__middleware_hostname"), CharField()),
+                        Value('""'),
+                    ),
+                    NullIf(F("current_location__middleware_address"), Value("")),
+                    F("current_location__facility__middleware_address"),
+                    output_field=CharField(),
+                )
+            )
+            .filter(resolved_middleware_hostname=middleware_hostname)
+            .exclude(
+                Q(meta__local_ip_address__isnull=True)
+                | Q(meta__local_ip_address__exact=""),
+            )
+        ).only("external_id", "meta", "description", "name", "asset_class")
+
+        serializer = self.get_serializer(queryset, many=True)
+        return Response(serializer.data)
+
+
 class AssetTransactionFilter(filters.FilterSet):
     qr_code_id = filters.CharFilter(field_name="asset__qr_code_id")
     external_id = filters.CharFilter(field_name="asset__external_id")

care/facility/api/viewsets/mixins/access.py

@@ -1,6 +1,6 @@
 from care.facility.models.mixins.permissions.asset import DRYAssetPermissions
 from care.users.models import User
-from config.authentication import MiddlewareAuthentication
+from config.authentication import MiddlewareAssetAuthentication
 
 
 class UserAccessMixin:
@@ -55,7 +55,7 @@ class AssetUserAccessMixin:
     asset_permissions = (DRYAssetPermissions,)
 
     def get_authenticators(self):
-        return [MiddlewareAuthentication()] + super().get_authenticators()
+        return [MiddlewareAssetAuthentication()] + super().get_authenticators()
 
     def get_permissions(self):
         """

care/facility/api/viewsets/open_id.py

@@ -1,16 +1,19 @@
 from django.conf import settings
+from django.utils.decorators import method_decorator
+from django.views.decorators.cache import cache_page
 from rest_framework.generics import GenericAPIView
 from rest_framework.permissions import AllowAny
 from rest_framework.response import Response
 
 
-class OpenIdConfigView(GenericAPIView):
+class PublicJWKsView(GenericAPIView):
     """
     Retrieve the OpenID Connect configuration
     """
 
     authentication_classes = ()
     permission_classes = (AllowAny,)
 
+    @method_decorator(cache_page(60 * 60 * 24))
     def get(self, *args, **kwargs):
         return Response(settings.JWKS.as_dict())

care/facility/api/viewsets/patient.py

@@ -74,7 +74,7 @@
 from config.authentication import (
     CustomBasicAuthentication,
     CustomJWTAuthentication,
-    MiddlewareAuthentication,
+    MiddlewareAssetAuthentication,
 )
 
 REVERSE_FACILITY_TYPES = covert_choice_dict(FACILITY_TYPES)
@@ -329,7 +329,7 @@ class PatientViewSet(
     authentication_classes = [
         CustomBasicAuthentication,
         CustomJWTAuthentication,
-        MiddlewareAuthentication,
+        MiddlewareAssetAuthentication,
     ]
     permission_classes = (IsAuthenticated, DRYPermissions)
     lookup_field = "external_id"