fixes on na context

app/Http/Kernel.php

@@ -66,6 +66,8 @@ class Kernel extends HttpKernel
         'pro.auth' => \App\Http\Middleware\ProAuthenticated::class,
         'pro.auth.redirect' => \App\Http\Middleware\RedirectAuthenticatedPro::class,
         'pro.auth.admin' => \App\Http\Middleware\EnsureAdminPro::class,
+        'pro.auth.na' => \App\Http\Middleware\EnsureNaPro::class,
+        'pro.auth.mcp' => \App\Http\Middleware\EnsureMcpPro::class,
         'pro.auth.can-access-patient' => \App\Http\Middleware\EnsureProCanAccessPatient::class,
         'client.not-shadow-of-pro' => \App\Http\Middleware\EnsureClientIsNotShadowOfPro::class,
     ];

app/Http/Middleware/EnsureAdminPro.php

@@ -21,7 +21,8 @@ class EnsureAdminPro
         $authenticated = $sessionKey && $appSession && $appSession->pro && $appSession->pro->pro_type == 'ADMIN';
        
         if (!$authenticated) {
-            return redirect('/');
+            //return redirect('/');
+            return abort(403);
         }
 
         return $next($request);

app/Http/Middleware/EnsureMcpPro.php

@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Models\AppSession;
+use Closure;
+
+class EnsureMcpPro
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        $sessionKey = $request->cookie('sessionKey');
+        $appSession = AppSession::where('session_key', $sessionKey)->where('is_active', true)->first();
+        $authenticated = $sessionKey && $appSession && $appSession->pro && $appSession->pro->is_enrolled_as_mcp;
+
+        if (!$authenticated) {
+            return abort(403);
+        }
+
+        return $next($request);
+    }
+}

app/Http/Middleware/EnsureNaPro.php

@@ -0,0 +1,29 @@
+<?php
+
+namespace App\Http\Middleware;
+
+use App\Models\AppSession;
+use Closure;
+
+class EnsureNaPro
+{
+    /**
+     * Handle an incoming request.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Closure  $next
+     * @return mixed
+     */
+    public function handle($request, Closure $next)
+    {
+        $sessionKey = $request->cookie('sessionKey');
+        $appSession = AppSession::where('session_key', $sessionKey)->where('is_active', true)->first();
+        $authenticated = $sessionKey && $appSession && $appSession->pro && $appSession->pro->is_considered_for_dna;
+
+        if (!$authenticated) {
+            return abort(403);
+        }
+
+        return $next($request);
+    }
+}

resources/views/app/dna/my-bills.blade.php

@@ -48,7 +48,12 @@
                         </td>
                         <td>{{ $bill->bill_service_type }}</td>
                         <td class="border-0">{{$bill->generic_description}}</td>
-                        <td>{{ $bill->na_expected_payment_amount ? '$'.$bill->na_expected_payment_amount : '' }}</td>
+                        <td>
+                            @if($bill->bill_service_type === 'GENERIC')
+                            {{ $bill->generic_pro_expected_payment_amount ? '$'.friendly_money($bill->generic_pro_expected_payment_amount) : '' }}</td>
+                            @else 
+                            {{ $bill->na_expected_payment_amount ? '$'.friendly_money($bill->na_expected_payment_amount) : '' }}</td>
+                            @endif
                         <td>
                             @if($bill->is_submitted)
                             <span>YES</span>

resources/views/app/patient/note/dashboard.blade.php

@@ -1455,7 +1455,7 @@
                     </div>
 
                     @if($pro->pro_type === 'ADMIN')
-                                <table class="table table-sm tabe-striped mb-0 table-bordered">
+                    <table class="table table-sm tabe-striped mb-0 table-bordered">
                         <thead class="bg-light">
                         <tr class="text-secondary">
                             <?php /* <th class="border-bottom-0"></th> */ ?>
@@ -2085,14 +2085,15 @@
                         @endforeach
                         </tbody>
                     </table>
-                            @endif
+                    @endif
+
 
                 </div>
                     @else
                         <div class="p-3 d-flex  border-bottom">
-                    <p class="font-weight-bold mb-0 text-secondary">No bills in this note</p>
-                    @include('app/patient/note/_create-bill')
-                </div>
+                            <p class="font-weight-bold mb-0 text-secondary">No bills in this note</p>
+                            @include('app/patient/note/_create-bill')
+                        </div>
                     @endif
                     </div>
                 @endif

routes/web.php

@@ -72,7 +72,7 @@ Route::middleware('pro.auth')->group(function () {
 
     Route::get('/can-access-patient/{uid}', 'HomeController@canAccessPatient')->name('can-access-patient');
 
-    Route::name('mcp.')->prefix('m')->group(function () {
+    Route::name('mcp.')->prefix('m')->middleware('pro.auth.mcp')->group(function () {
 
         Route::get('dashboard', 'HomeController@dashboard_MCP')->name('dashboard');
 
@@ -145,51 +145,53 @@ Route::middleware('pro.auth')->group(function () {
 
     });
 
-    Route::name('dna.')->prefix('n')->group(function () {
-
-        Route::get('dashboard', 'HomeController@dashboard_DNA')->name('dashboard');
-
-        Route::get('patients', 'DnaController@patients')->name('patients');
-        Route::get('encounters', 'DnaController@encounters')->name('encounters');
-        Route::get('notes', 'DnaController@notes')->name('notes');
-        Route::get('appointments', 'DnaController@appointments')->name('appointments');
-        Route::get('care-months', 'DnaController@careMonths')->name('careMonths');
-        Route::get('financial-transactions', 'DnaController@financialTransactions')->name('financialTransactions');
-        Route::get('my-bills', 'DnaController@myBills')->name('myBills');
-        Route::get('my-clinical-teams', 'DnaController@myClinicalTeams')->name('myClinicalTeams');
-
-        Route::get('bills', 'DnaController@bills')->name('bills');
-        Route::get('erx-and-orders', 'DnaController@erx_and_orders')->name('erx_and_orders');
-        Route::get('reports', 'DnaController@reports')->name('reports');
-        Route::get('supply-orders', 'DnaController@supply_orders')->name('supply_orders');
-
-        Route::get('new_patients_awaiting_visit', 'DnaController@new_patients_awaiting_visit')->name('new_patients_awaiting_visit');
-        Route::get('notes_pending_signature', 'DnaController@notes_pending_signature')->name('notes_pending_signature');
-        Route::get('notes_pending_billing', 'DnaController@notes_pending_billing')->name('notes_pending_billing');
-        Route::get('reports_pending_signature', 'DnaController@reports_pending_signature')->name('reports_pending_signature');
-        Route::get('patients_without_appointments', 'DnaController@patients_without_appointments')->name('patients_without_appointments');
-        Route::get('patients_overdue_for_visit', 'DnaController@patients_overdue_for_visit')->name('patients_overdue_for_visit');
-        Route::get('cancelled_appointments_pending_review', 'DnaController@cancelled_appointments_pending_review')->name('cancelled_appointments_pending_review');
-        Route::get('cancelled_bills_pending_review', 'DnaController@cancelled_bills_pending_review')->name('cancelled_bills_pending_review');
-        Route::get('cancelled_supply_orders_pending_review', 'DnaController@cancelled_supply_orders_pending_review')->name('cancelled_supply_orders_pending_review');
-        Route::get('erx_and_orders_pending_signature', 'DnaController@erx_and_orders_pending_signature')->name('erx_and_orders_pending_signature');
-        Route::get('supply_orders_pending_signature', 'DnaController@supply_orders_pending_signature')->name('supply_orders_pending_signature');
-
-        //from the new spec
-        Route::get('my-patients', 'DnaController@myPatients')->name('my-patients');
-        Route::get('patients_awaiting_mcp_visit', 'DnaController@patientsAwaitingMcpVisit')->name('patients_awaiting_mcp_visit');
-        Route::get('patients_without_appointment', 'DnaController@patientsWithoutAppointment')->name('patients_without_appointment');
-        Route::get('encounters_pending_my_review', 'DnaController@encountersPendingMyReview')->name('encounters_pending_my_review');
-        Route::get('encounters_in_progress', 'DnaController@encountersInProgress')->name('encounters_in_progress');
-        Route::get('appointments_pending_confirmation', 'DnaController@appointmentsPendingConfirmation')->name('appointments_pending_confirmation');
-        Route::get('cancelled_appointments_pending_ack', 'DnaController@cancelledAppointmentsPendingAck')->name('cancelled_appointments_pending_ack');
-        Route::get('reports_pending_ack', 'DnaController@reportsPendingAck')->name('reports_pending_ack');
-        Route::get('supply_orders_pending_my_ack', 'DnaController@supplyOrdersPendingMyAck')->name('supply_orders_pending_my_ack');
-        Route::get('supply_orders_pending_hcp_approval', 'DnaController@supplyOrdersPendingHcpApproval')->name('supply_orders_pending_hcp_approval');
+    Route::middleware('pro.auth.na')->group(function(){
+        Route::name('dna.')->prefix('n')->group(function () {
+
+            Route::get('dashboard', 'HomeController@dashboard_DNA')->name('dashboard');
+
+            Route::get('patients', 'DnaController@patients')->name('patients');
+            Route::get('encounters', 'DnaController@encounters')->name('encounters');
+            Route::get('notes', 'DnaController@notes')->name('notes');
+            Route::get('appointments', 'DnaController@appointments')->name('appointments');
+            Route::get('care-months', 'DnaController@careMonths')->name('careMonths');
+            Route::get('financial-transactions', 'DnaController@financialTransactions')->name('financialTransactions');
+            Route::get('my-bills', 'DnaController@myBills')->name('myBills');
+            Route::get('my-clinical-teams', 'DnaController@myClinicalTeams')->name('myClinicalTeams');
+
+            Route::get('bills', 'DnaController@bills')->name('bills');
+            Route::get('erx-and-orders', 'DnaController@erx_and_orders')->name('erx_and_orders');
+            Route::get('reports', 'DnaController@reports')->name('reports');
+            Route::get('supply-orders', 'DnaController@supply_orders')->name('supply_orders');
+
+            Route::get('new_patients_awaiting_visit', 'DnaController@new_patients_awaiting_visit')->name('new_patients_awaiting_visit');
+            Route::get('notes_pending_signature', 'DnaController@notes_pending_signature')->name('notes_pending_signature');
+            Route::get('notes_pending_billing', 'DnaController@notes_pending_billing')->name('notes_pending_billing');
+            Route::get('reports_pending_signature', 'DnaController@reports_pending_signature')->name('reports_pending_signature');
+            Route::get('patients_without_appointments', 'DnaController@patients_without_appointments')->name('patients_without_appointments');
+            Route::get('patients_overdue_for_visit', 'DnaController@patients_overdue_for_visit')->name('patients_overdue_for_visit');
+            Route::get('cancelled_appointments_pending_review', 'DnaController@cancelled_appointments_pending_review')->name('cancelled_appointments_pending_review');
+            Route::get('cancelled_bills_pending_review', 'DnaController@cancelled_bills_pending_review')->name('cancelled_bills_pending_review');
+            Route::get('cancelled_supply_orders_pending_review', 'DnaController@cancelled_supply_orders_pending_review')->name('cancelled_supply_orders_pending_review');
+            Route::get('erx_and_orders_pending_signature', 'DnaController@erx_and_orders_pending_signature')->name('erx_and_orders_pending_signature');
+            Route::get('supply_orders_pending_signature', 'DnaController@supply_orders_pending_signature')->name('supply_orders_pending_signature');
+
+            //from the new spec
+            Route::get('my-patients', 'DnaController@myPatients')->name('my-patients');
+            Route::get('patients_awaiting_mcp_visit', 'DnaController@patientsAwaitingMcpVisit')->name('patients_awaiting_mcp_visit');
+            Route::get('patients_without_appointment', 'DnaController@patientsWithoutAppointment')->name('patients_without_appointment');
+            Route::get('encounters_pending_my_review', 'DnaController@encountersPendingMyReview')->name('encounters_pending_my_review');
+            Route::get('encounters_in_progress', 'DnaController@encountersInProgress')->name('encounters_in_progress');
+            Route::get('appointments_pending_confirmation', 'DnaController@appointmentsPendingConfirmation')->name('appointments_pending_confirmation');
+            Route::get('cancelled_appointments_pending_ack', 'DnaController@cancelledAppointmentsPendingAck')->name('cancelled_appointments_pending_ack');
+            Route::get('reports_pending_ack', 'DnaController@reportsPendingAck')->name('reports_pending_ack');
+            Route::get('supply_orders_pending_my_ack', 'DnaController@supplyOrdersPendingMyAck')->name('supply_orders_pending_my_ack');
+            Route::get('supply_orders_pending_hcp_approval', 'DnaController@supplyOrdersPendingHcpApproval')->name('supply_orders_pending_hcp_approval');
 
+        });
     });
 
-    Route::name('admin.')->prefix('a')->group(function () {
+    Route::name('admin.')->prefix('a')->middleware('pro.auth.admin')->group(function () {
         // TODO
 
         Route::get('dashboard', 'HomeController@dashboard_ADMIN')->name('dashboard');