Merge pull request #762 from dconlan/master

Auth Interceptor - make sure Id has a type before trying to get its associated resource
2017-11-23 06:40:14 -05:00 · 2017-11-23 06:40:14 -05:00 · 193edea1a1
parent b9e2fedf73 1a7e43d2a8
commit 193edea1a1
1 changed files with 1 additions and 1 deletions
--- a/hapi-fhir-server/src/main/java/ca/uhn/fhir/rest/server/interceptor/auth/RuleImplOp.java
+++ b/hapi-fhir-server/src/main/java/ca/uhn/fhir/rest/server/interceptor/auth/RuleImplOp.java
@ -225,7 +225,7 @@ class RuleImplOp extends BaseRule /* implements IAuthRule */ {
 					return null;
 				}
 			}
-			if (appliesToResourceId != null) {
+			if (appliesToResourceId != null && appliesToResourceId.hasResourceType()) {
 				Class<? extends IBaseResource> type = theRequestDetails.getServer().getFhirContext().getResourceDefinition(appliesToResourceId.getResourceType()).getImplementingClass();
 				if (myAppliesToTypes.contains(type) == false) {
 					return null;