SwanseaUniversityMedical
diff --git a/‎CodeListLibrary_project/clinicalcode/api/views/GenericEntity.py‎
Lines changed: 33 additions & 3 deletions b/‎CodeListLibrary_project/clinicalcode/api/views/GenericEntity.py‎
Lines changed: 33 additions & 3 deletions
diff --git a/‎CodeListLibrary_project/clinicalcode/entity_utils/api_utils.py‎
Lines changed: 7 additions & 2 deletions b/‎CodeListLibrary_project/clinicalcode/entity_utils/api_utils.py‎
Lines changed: 7 additions & 2 deletions
diff --git a/‎CodeListLibrary_project/clinicalcode/entity_utils/create_utils.py‎
Lines changed: 31 additions & 4 deletions b/‎CodeListLibrary_project/clinicalcode/entity_utils/create_utils.py‎
Lines changed: 31 additions & 4 deletions
@@ -26,7 +26,7 @@
 @swagger_auto_schema(method='post', auto_schema=None)
 @api_view(['POST'])
 @permission_classes([IsAuthenticated])
-def create_generic_entity(request):
+def create_generic_entity(request): 
     """
         Create a generic entity from request body, must be formatted in terms
           of a specific layout and is validated against it
@@ -40,13 +40,28 @@ def create_generic_entity(request):
             status=status.HTTP_403_FORBIDDEN
         )
 
+    params = { key: value for key, value in request.query_params.items() }
+    publish_immediately = params.pop('publish', False)
+    if publish_immediately and not request.user.is_superuser:
+        return Response(
+            data={
+                'message': 'Permission denied'
+            },
+            content_type='json',
+            status=status.HTTP_403_FORBIDDEN
+        )
+
     form = api_utils.validate_api_create_update_form(
         request, method=constants.FORM_METHODS.CREATE.value
     )
     if isinstance(form, Response):
         return form
 
-    entity = api_utils.create_update_from_api_form(request, form)
+    entity = api_utils.create_update_from_api_form(
+        request, 
+        form,
+        publish_immediately=publish_immediately
+    )
     if isinstance(entity, Response):
         return entity
 
@@ -87,14 +102,29 @@ def update_generic_entity(request):
             content_type='json',
             status=status.HTTP_403_FORBIDDEN
         )
+
+    params = { key: value for key, value in request.query_params.items() }
+    publish_immediately = params.pop('publish', False)
+    if publish_immediately and not request.user.is_superuser:
+        return Response(
+            data={
+                'message': 'Permission denied'
+            },
+            content_type='json',
+            status=status.HTTP_403_FORBIDDEN
+        )
 
     form = api_utils.validate_api_create_update_form(
         request, method=constants.FORM_METHODS.UPDATE.value
     )
     if isinstance(form, Response):
         return form
 
-    entity = api_utils.create_update_from_api_form(request, form)
+    entity = api_utils.create_update_from_api_form(
+        request, 
+        form,
+        publish_immediately=publish_immediately
+    )
     if isinstance(entity, Response):
         return entity
 
 
@@ -1353,21 +1353,26 @@ def validate_api_create_update_form(request, method):
 
     return form
 
-def create_update_from_api_form(request, form):
+def create_update_from_api_form(request, form, publish_immediately=False):
     """
       Create or updates an entity from an entity form dict
 
       Args:
         request (HTTPContext): Request context
         form (dict): Dict containing entity information
+        publish_immediately (bool): Whether to publish instantly, note that you need to perform permission checks beforehand
 
       Returns:
         Created/Updated entity if validation succeeds, otherwise returns
           400 response
     """
     form_errors = []
     entity = create_utils.create_or_update_entity_from_form(
-        request, form, form_errors)
+        request, 
+        form, 
+        form_errors,
+        publish_immediately=publish_immediately
+    )
     if entity is None:
         return Response(
             data={
 
@@ -21,6 +21,7 @@
 from ..models.CodingSystem import CodingSystem
 from ..models.Organisation import Organisation, OrganisationAuthority
 from ..models.GenericEntity import GenericEntity
+from ..models.PublishedGenericEntity import PublishedGenericEntity
 from ..models.ConceptCodeAttribute import ConceptCodeAttribute
 
 from . import (
@@ -1439,7 +1440,13 @@ def compute_brand_context(request, form_data, form_entity=None):
     return related_brands
 
 @transaction.atomic
-def create_or_update_entity_from_form(request, form, errors=[], override_dirty=False):
+def create_or_update_entity_from_form(
+    request, 
+    form, 
+    errors=[], 
+    override_dirty=False,
+    publish_immediately=False
+):
     """
         Used to create or update entities - this method assumes you have
         previously validated the content of the form using the validate_entity_form method
@@ -1448,15 +1455,16 @@ def create_or_update_entity_from_form(request, form, errors=[], override_dirty=F
             request (RequestContext): the request context of the form
             form (dict): a dict containing the validate_entity_form method result
             override_dirty (boolean): overrides the is_dirty check for child entity creation
-        
+            publish_immediately (boolean): Whether to publish instantly, note that you need to perform permission checks beforehand
+
         Returns:
             (GenericEntity|null) - null value is returned if this method fails
 
     """
     user = request.user
     if user is None:
         return
-    
+
     form_method = form.get('method')
     form_template = form.get('template')
     form_data = form.get('data')
@@ -1534,6 +1542,9 @@ def create_or_update_entity_from_form(request, form, errors=[], override_dirty=F
             # Create or update the entity
             template_data['version'] = form_template.template_version
             if form_method == constants.FORM_METHODS.CREATE:
+                if publish_immediately:
+                    metadata['publish_status'] = constants.APPROVAL_STATUS.APPROVED.value
+
                 entity = GenericEntity.objects.create(
                     **metadata,
                     template=template_instance,
@@ -1572,7 +1583,7 @@ def create_or_update_entity_from_form(request, form, errors=[], override_dirty=F
                 entity.template_version = form_template.template_version
                 entity.template_data = template_data
                 entity.updated = make_aware(datetime.now())
-                entity.publish_status = constants.APPROVAL_STATUS.ANY.value
+                entity.publish_status = constants.APPROVAL_STATUS.ANY.value if not publish_immediately else constants.APPROVAL_STATUS.APPROVED.value
                 entity.updated_by = user
                 entity.brands = related_brands
                 entity.save()
@@ -1584,6 +1595,22 @@ def create_or_update_entity_from_form(request, form, errors=[], override_dirty=F
                 for instance in instances:
                     setattr(instance, field, entity)
                     instance.save_without_historical_record()
+            
+            if publish_immediately:
+                PublishedGenericEntity.objects.update_or_create(
+                    entity_id=entity.id,
+                    entity_history_id=entity.history.latest().history_id,
+                    defaults={
+                        'moderator_id': 1, 
+                        'approval_status': constants.APPROVAL_STATUS.APPROVED.value,
+                    },
+                    create_defaults={
+                        'moderator_id': 1, 
+                        'created_by_id': entity.created_by.id,
+                        'approval_status': constants.APPROVAL_STATUS.APPROVED.value,
+                    }
+                )
+
     except IntegrityError as e:
         msg = 'Data integrity error when submitting form'
         errors.append(msg)