Pesquisar

Artigo
· Jul. 15 3min de leitura

Guidelines for using Generative AI when writing posts on Developer Community

#Perguntas Frequentes do Developer Community #Developer Community Oficial

Our goal on the Developer Community is to foster a high-quality, trustworthy, and original body of technical content created by and for developers. While AI tools like ChatGPT can be helpful in the writing process, we expect all published content to reflect authentic expertise and personal understanding. If you have any questions or wish to discuss your coding problem with an AI, consider using our Developer Community AI chat.

Acceptable Use of AI

We recognize that AI tools can assist with editing and clarity. You may use them in the following ways:

  • To fix grammar, spelling, and punctuation.
  • To improve sentence structure and readability.
  • To rephrase your own content more clearly.
  • As a writing assistant, not as the source of technical ideas or explanations.

Example: Writing an article on how to use the %JSON.Adaptor class yourself, and using ChatGPT to improve sentence flow and clarity.

What’s Not Allowed

To protect the integrity of our platform, the following uses of AI-generated content are not permitted:

  • Writing full articles (or substantial portions) using ChatGPT, Copilot, Gemini, or other large language models.
  • Publishing AI-generated explanations, tutorials, or code descriptions as if they are your own insight.
  • Submitting content that was primarily generated by AI with only minimal editing or review.

Example: Prompting ChatGPT to 'Write a lengthy article highlighting the benefits of the FHIR standard' and posting the response as your own work.

Transparency

To maintain a high quality of content and preserve trust in the community, you should strive to be transparent regarding the use of Generative AI. Specifically:

  • If AI contributed to the writing in a substantial way — even if edited — you should disclose this in a note at the end of the article.
  • You are not required to disclose minor editorial use of AI (e.g. grammar fixes, edits for clarity).

Example: This article was edited using ChatGPT for grammar and readability.

Programming Contests

Generative AI can be a powerful tool when used to accelerate programming and development, but just like human coders it can make mistakes. Coding assistants (e.g. Cursor, Windsurf) and other generative AI products can be used when developing applications to be submitted to a Programming Contest in line with the guidelines above.

Additionally, contest participants are responsible for ensuring that their application meets all contest criteria and represents their own expertise. Submissions that leverage generative AI in their production are subject to the same standards of quality as entirely human-authored code.

Consequences of Misuse

We reserve the right to reject or remove articles or disqualify contest submissions that don’t align with these principles. Repeated violations may result in restrictions on publishing privileges.

Why This Matters

AI can be a helpful assistant, but it cannot replace your perspective. What makes a technical article valuable is your thought process, experience, and understanding. That’s what we want to highlight and support in our community.

Let your voice lead. Use tools responsibly.

4 novos comentários
Discussão (4)3
Entre ou crie uma conta para continuar
Anúncio
· Jul. 15

Discover what's new in Deltanji at our upcoming User Group

#George James Software #Controle de Fonte #Webinar #HealthShare #InterSystems IRIS #InterSystems IRIS for Health #Open Exchange

Join us on Thursday to see the new features of Deltanji source control, version 8.1.

We'll be demoing our new Git Location Driver along with other functionality and usability improvements.

The Git Location Driver enables Deltanji to integrate directly with Git repositories, makes Deltanji the perfect source control companion to those who use Git-based repos by providing tighter integration with InterSystems IRIS.

Date: Thursday, July 17th 
Time: 11 - 12pm EDT | 4 - 5pm BST | 5 - 6pm CET
Location: Online (register for details) 

Can't make it? Email info@georgejames.com and we'll send you the recording. 

Register here > https://forms.gle/f3cMcnvgoXmyj5tS8

Unfamiliar with Deltanji? 

Deltanji is an enterprise-grade source control solution built for InterSystems IRIS environments, with tight integration directly at the workface. Trusted by organizations globally, Deltanji’s advanced features includes a fully configurable workflow, advanced CI/CD, concurrent development and HealthShare integration. 

Visit our website to find out more, or email us at info@georgejames.com to arrange a demo.

Discussão (0)1
Entre ou crie uma conta para continuar
Pergunta
· Jul. 15

Exposing HealthInsight Dashboards on Internet via CSP Web App – 404 Not Found issue

#Autenticação #CSP #Painéis #MDX #Segurança #Web Gateway #ZEN #InterSystems IRIS for Health #InterSystems IRIS #InterSystems IRIS BI (DeepSee)

Hello,

I need to expose InterSystems HealthInsight dashboards over the internet to external operators. The authentication flow is managed externally. When a user is authenticated, our system receives an HTTP request with specific headers (e.g., operator’s fiscal code and hospital identifier) that we need to extract in order to:

  • Authorize the user to access the dashboards.
  • Apply row-level security on the dashboards, filtering the data by hospital and user role.

I created a new Web Application on IRIS as shown in the screenshot:

I follow this page of the documentation for the settings: https://docs.intersystems.com/irislatest/csp/docbook/DocBook.UI.Page.cls?KEY=GCSP_appdef

Then I created a custom Login Page class (extending %CSP.Login) to:

  • Intercept incoming HTTP calls
  • Read the headers (X-FiscalCode, X-HospitalCode, etc.)
  • Authorize the user
  • Redirect them to the proper HealthInsight dashboard with filtered data

However, I’m facing the following problem. When I try to reach the endpoint using curl:
curl -v http://localhost:57772/csp/healthshare/erogaspec/healthinsight
I get this error:

> GET /csp/healthshare/erogaspec/healthinsight HTTP/1.1

< HTTP/1.1 404 Not Found

But I see the request coming into the the Web Gateway. I am wandering if I am missing something or this procedure is not suitable for the abovementioned purpose. Any help or hints from someone who already exposed HealthInsight dashboards this way would be greatly appreciated.

Thanks in advance!

1 novo comentário
Discussão (2)2
Entre ou crie uma conta para continuar
Artigo
· Jul. 15 6min de leitura

Composing an OpenAPI 2.0 specification.

#API #InterSystems API Manager (IAM) #REST API #InterSystems IRIS

REST API (Representational State Transfer Application Programming Interface) is a standardized way for web applications to communicate with each other using HTTP methods like GET, POST, PUT, DELETE, etc. It's designed around resources, which can be anything from a user to a file. Each resource is identified by a unique URL, and interactions with these resources are stateless, meaning each request from a client to a server must contain all the information needed to understand and process the request. This statelessness, along with the use of standard HTTP methods, makes REST APIs highly scalable, easy to understand, and straightforward to integrate with different systems. By following REST principles, developers can create APIs that are consistent, easy to use, and capable of handling a wide range of tasks.

InterSystems supports REST API development with a variety of tools and techniques. In this article series, I am going to go over the ones that I personally prefer. The articles are divided as listed below.

  • Composing an OpenAPI 2.0 specification.
  • Documenting and Developing REST APIs using OpenAPI 2.0 specification.
  • Developing an IRIS production pipeline to serve REST API calls.

As perquisite to following the steps and instructions laid out in this article series, you should have the below setup.

  1. InterSystems IRIS for Health
  2. InterSystems IAM with Dev Portal deployed and enabled.
  3. Postman or any other API testing software.

Let’s assume that we are developing a workflow for managing clinic appointments. We will focus on an appointment resource and how to develop GET, POST, PUT methods for it. You can use the same steps even to develop a DELETE method, but I am not going to do it because I personally do not prefer it.

First, you need to start with composing an OpenAPI 2.0 spec for your application APIs. I use the swagger editor for this task to be able to develop in YAML format, and then convert the spec file to JSON. I then can use the JSON file to use with IRIS API management tools. You can use the online swagger editor for free or you can download and deploy a container of it locally from here.

When I compose an OpenAPI spec, I think of the file as three sections. The intro section is where you lay out the description information. It includes fields that describe the nature of the application such as the description, license, tags that categorizes different endpoints and the URL by combining the host and base URL. It also includes the confines in the which it can operate if any such as the schemas and security definitions.

The below code block has a sample intro section that going to be reference from here on. If you paste it into an open swagger editor, you will notice that the groundwork of the API documentation is taking shape.

 

swagger: "2.0"
info:
  description: "This is a sample server to be as an example Clinic server.  You can find out more about Swagger at [http://swagger.io](http://swagger.io). For this sample, you can use the api key `special-key` or Basic Auth user `Basic` with password `Basic` to test the authorization filters."
  version: "1.0.0"
  title: "Clinic Management"
  termsOfService: "http://swagger.io/terms/"
  contact:
    email: "raef.youssef@intersystems.com"
  license:
    name: "Apache 2.0"
    url: "http://www.apache.org/licenses/LICENSE-2.0.html"
host: "apigatewaydns"
basePath: "/clinic"
tags:
- name: "Scheduling"
  description: "Everything about your Pets"
  externalDocs:
    description: "Find out more"
    url: "http://intersystems.com"
schemes:
- "http"
- "https"
securityDefinitions:
  BasicAuth:
    type: "basic"
    name: "Basic"
  api_key:
    type: "apiKey"
    name: "api_key"
    in: "header"

Second section of the spec file is the body. This is where you list the different paths, aka endpoints, and the methods that are available for each. For the purpose of this demo, we will just compose spec for the “/appointment” end point. Below is the text for that.


paths:
  /appointment:
    get:
      tags:
        - Scheduling
      summary: "Fetches an existing appointment details"
      security:
      - Basic: []
      description: "Fetches an existing appointment details by providing its ID"
      operationId: "getAppointmentByID"
      produces:
      - "application/json"
      parameters:
      - in: "query"
        name: "id"
        type: "integer"
        format: "int64"
        description: "ID of the appointment sought"
        required: true
      responses:
        '200':
          description: successful operation
#          schema:
#            $ref: '#/definitions/appointment'
    post:
      tags:
        - Scheduling
      summary: ""
      security:
      - api_key: []
      description: ""
      operationId: "postAppointment"
      consumes:
      - "application/json"
      - "application/xml"
      produces:
      - "application/json"
      - "application/xml"
      parameters:
      - in: "formData"
        name: "Date"
        type: "string"
        format: "date-time"
        description: ""
        required: true
      - in: "formData"
        name: "duration"
        type: "integer"
        format: "int64"
        description: "number of half hour slots of the appointment duration"
        required: true
      responses:
        '200':
          description: successful operation
        '405':
          description: Time not available
    put:
      tags:
        - Scheduling
      summary: ""
      security:
      - BasicAuth: []
      description: ""
      operationId: "updateAppointment"
      consumes:
      - "application/json"
      - "application/xml"
      produces:
      - "application/json"
      - "application/xml"
      parameters:
      - in: "query"
        name: "id"
        type: "integer"
        format: "int64"
        description: "ID of the appointment sought"
        required: true
      - in: "body"
        name: "body"
        description: ""
        required: true
#        schema:
#          $ref: "#/definitions/appointment"
      responses:
        '200':
          description: successful operation
        '405' :
          description: Time not available
        '406' :
          description: Appointment Not Found

A few things to note in the paths section. First, you can assign a different authentication mechanism for each method. There is an “OperationID” field which would be used to name the backend process that serves the respective method call. Furthermore, you can define a schema for a request JSON body and response, it commented out here so it won’t error when you paste as we have not defined it yet. Finally, you can define custom response codes and messages.

The last section is where different message schemas are defined. In this example, we will compose the appointment schema to include appointment ID, Date, Duration, and Provider of service name. Below is the text of the YAML definition. After pasting the below in your editor, you can uncomment the lines where the schema definition is referenced.

definitions:
    appointment:
        type: "object"
        properties:
            id:
                type: "integer"
                format: "int64"
            Provider:
                type: "string"
                format: "string"
            Date:
                type: "string"
                format: "date-time"
            Duration:
                type: "integer"
                format: "int64"

This concludes this part of the series. We are going to use this spec in the later parts of the series. They are coming soon so be on the lookout. For more information on developing OpenAPI 2.0 specification please refer to the documentation here.

Discussão (0)1
Entre ou crie uma conta para continuar
Pergunta
· Jul. 15

Read-Only Role for HealthShare Messaging and Production Monitoring, to assign it to a new user.

#CSP #Ambiente de Desenvolvimento #Interoperabilidade #Monitoramento #HealthShare

Hello InterSystems Community,

I'm working with HealthShare, and need to create a user account for our development environment with specific access requirements. This user will need only to:

    Review messaging and environments
    See production and namespaces
    NOT modify anything (read-only access)

After reviewing the documentation on user roles and rights management, I can see the default roles available in our system include:

Ensemble/Interoperability Roles:

    %EnsRole_Administrator - Interoperability Administrator
    %EnsRole_AlertAdministrator - Interoperability user with administrative Alert access
    %EnsRole_AlertOperator - Interoperability user with Alert access
    %EnsRole_Developer - Interoperability Developer
    %EnsRole_Monitor - Interoperability Monitor
    %EnsRole_Operator - Interoperability Operator

HealthShare Specific Roles:

    %HS_Administrator
    %HS_Clinician
    %HS_Clerical
    Various BFC (Business Function Component) related roles

My Question:

Is there a predefined role in HealthShare that would allow a user to:

    View and navigate through production environments
    Access messaging systems for monitoring/troubleshooting
    Review system status and incidents (event logs)
    BUT prevent any editing or modification capabilities

I'm particularly interested in the %EnsRole_Monitor role - would this be appropriate for read-only access to messaging and production monitoring?

Or should I be looking at creating a custom role by combining specific privileges? If so, what would be the recommended approach for a read-only monitoring user?

Any guidance on best practices for this type of user setup would be greatly appreciated.

Thank you.

I have also read, before asking here:

    https://community.intersystems.com/post/user-roles-and-rights-management
    
    https://docs.intersystems.com/iris20241/csp/docbook/Doc.View.cls?KEY=GSA...
    
    https://docs.intersystems.com/iris20241/csp/docbook/Doc.View.cls?KEY=GSA...
    

Thank you again sincerely.

2 Comments
Discussão (2)2
Entre ou crie uma conta para continuar