The Online Backend is implemented in Django (in Python programming language).

Django is used for:

• ORM Mapping, and help manage the database scheme (via migrations)

• Generic (out if the box) features (User management,...)

• Generic administration interface (not intended to final users, but is useful for implementation phase and, in production, trouble shooting)

Django is NOT used to build user interfaces (i.e. the Django Templates are not used).

Instead, a REST interface is built on top of the services/models via Django REST Framework, with the JSON Api extension 

The Django REST Framework

• support various formats (JSON, XML,...)

• provides, on top of the actual REST API, a (browsable) documentation.

The JSON Api extension of the Django REST Framework, is dedicated to provide an interface compliant with the {json:api} standard

Under consideration: the implementation of a GraphQL, using Graphene.

Modularity

Desired modularity will be achieved by combining two techniques:

• Plugins and Contributions

• Events

Security

The backend security is based on django (django REST framework) default mechanisms, that have been configured/customized in 3 main areas:

• ensure (backward/concurrent) compatibility with current openIMIS implementation (way to define users, grant access to features,...)

• prepare the integration with openHIE ecosystem (integration with a SSO platform)

• provide fine-grained (object level) RBAC security model.

Note: the backend must be run behind a gateway.

The security models and concepts describe the core elements of the backend security.

Special notices highlight the important aspects related to the various (security-related) actors of an openIMIS concrete implementation:

• for deployers (implementers) the Backend security - Implementers highlights presents the backend securization, along its interactions with other components

• for administrator, the Backend security - Administrators highlights is given on how to manage the various openIMIS backend accesses

• for developers, the Backend security - Developers guidelines are provided to ensure the endpoints opened along the various modules are secured.

Testing

Backend modules are unittested via python/django classic unit test framework.

Test coverage is gathered by continuous build (via travis-ci) and reported on codeclimat

To register a module for code coverage and metrics:

• login on https://codeclimate.com/ using your github account ('Quality' login) and select the 'Open Source repositories'

• click on "Add repo" and choose the repo of your module

• In the 'Repo Settings' | 'Analysis' | 'Test Coverage' section, copy the 'TEST REPORTER ID' in your clipboard.

• login on https://travis-ci.org using your github account

• select the 'openimis/openimis-be_py' repository and go 'Settings'

• add an environment variable named  CC_TEST_REPORTER_ID_<your module (logical)name> (example CC_TEST_REPORTER_ID_claim)

• ... with the code climat 'TEST REPORTER ID' as value.

The behave python library is shipped with openIMIS backend, so that gherkin can be used for more functional testing.

Documentation and Tutorials

(official) Django documentation is very complete and is clearly THE privileged source of information.

Some other material of interest:

• Python programming language on edx.org 

• Django tutorial on youtube

• Books of interest:

  • REST APIs with Django: Build powerful web APIs with Python and Django, by William S. Vincent

To setup a development environment, the use of pip, pipenv and virtualenv is highly recommended, please visit https://docs.python-guide.org/dev/virtualenvs/ for detailed information.