Passing an array of values in AQL query_parameters

Implementation Platform
1

I am trying to build and AQL using MATCHES in WHERE. The need to is to be able to pass an array of values to the WHERE condition. I am doing the following

{
    "q": "SELECT c1/uid/value as uid, c4/items[at0009]/items[at0010]/value/value as encounterId, c4/items[at0014]/items[at0016]/value/value as hiType FROM EHR e CONTAINS COMPOSITION c1 CONTAINS CLUSTER c4[openEHR-EHR-CLUSTER.ehrn_metadata.v1] WHERE c4/items[at0009]/items[at0010]/value/value MATCHES {$EncounterIdArray} and c4/items[at0014]/items[at0016]/value/value MATCHES {$hiTypeArray}",
    "offset": 0,
    "fetch": 10,
    "query_parameters": {
        "EncounterIdArray": "Encounter/ee2c037d-c499-4aa0-9097-03f6c7e7aa74",
        "hiTypeArray": "Prescription, DischargeSummary"
    }
}

However the quesry executed by EHRBase is as below

  "_executed_aql": "SELECT c1/uid/value AS uid, c4/items[at0009]/items[at0010]/value/value AS encounterId, c4/items[at0014]/items[at0016]/value/value AS hiType FROM EHR e CONTAINS COMPOSITION c1 CONTAINS CLUSTER c4[openEHR-EHR-CLUSTER.ehrn_metadata.v1] WHERE (c4/items[at0009]/items[at0010]/value/value MATCHES {'Encounter/ee2c037d-c499-4aa0-9097-03f6c7e7aa74'} AND c4/items[at0014]/items[at0016]/value/value MATCHES {'Prescription, DischargeSummary'}) LIMIT 10 OFFSET 0

The array of values passed in the query is being interpreted as one string by the server.

What is the correct syntax to pass an array of values in the query_parameters so that the server interprets them correctly?

regards

1 Like
2

I’m not sure whether EHRBase behaves in the same way, but Better EHR Server would want you to skip the curly braces in the AQL (x MATCHES $hiTypeArray) and then you’d pass a JSON array as a parameter, so "hiTypeArray": ["Prescription", "DischargeSummary"].

3

Thanks.

Will try it out

Regards

4

@matijap EHRBase does not seem to support this. In my understanding this is also not documented in the specs and so different implementers may end up with different implementations.

@sebastian.iancu This also could be another area that needs to be covered in the REST specs. My thoughts on how we can do this

  1. Option1 - The fully formed string that goes inside the curly brackets can be passed inside the variable(including the single quotes for each string in the array and comma as a separator)

  2. Option2 - define the comma (or some other character) as a delimiter so that the server can identify the end of each string and single quotes as required around each string separately are added by the server.

  3. Option3 - Adopt what Better has implemented

Any thoughts?

5

First two options seem quite insecure (“AQL-injection” prone) to me…