Merge branch 'master' of github.com:jamesagnew/hapi-fhir

This commit is contained in:
James 2017-03-16 21:36:14 -04:00
commit 8a32e4bae5
11 changed files with 446 additions and 93 deletions

View File

@ -267,7 +267,10 @@ abstract class BaseValidatingInterceptor<T> extends InterceptorAdapter {
*/ */
protected void postProcessResult(RequestDetails theRequestDetails, ValidationResult theValidationResult) { } protected void postProcessResult(RequestDetails theRequestDetails, ValidationResult theValidationResult) { }
protected void validate(T theRequest, RequestDetails theRequestDetails) { /**
* Note: May return null
*/
protected ValidationResult validate(T theRequest, RequestDetails theRequestDetails) {
FhirValidator validator = theRequestDetails.getServer().getFhirContext().newValidator(); FhirValidator validator = theRequestDetails.getServer().getFhirContext().newValidator();
if (myValidatorModules != null) { if (myValidatorModules != null) {
for (IValidatorModule next : myValidatorModules) { for (IValidatorModule next : myValidatorModules) {
@ -276,7 +279,7 @@ abstract class BaseValidatingInterceptor<T> extends InterceptorAdapter {
} }
if (theRequest == null) { if (theRequest == null) {
return; return null;
} }
ValidationResult validationResult; ValidationResult validationResult;
@ -285,7 +288,7 @@ abstract class BaseValidatingInterceptor<T> extends InterceptorAdapter {
} catch (Exception e) { } catch (Exception e) {
if (myIgnoreValidatorExceptions) { if (myIgnoreValidatorExceptions) {
ourLog.warn("Validator threw an exception during validation", e); ourLog.warn("Validator threw an exception during validation", e);
return; return null;
} }
if (e instanceof BaseServerResponseException) { if (e instanceof BaseServerResponseException) {
throw (BaseServerResponseException)e; throw (BaseServerResponseException)e;
@ -312,7 +315,7 @@ abstract class BaseValidatingInterceptor<T> extends InterceptorAdapter {
for (SingleValidationMessage next : validationResult.getMessages()) { for (SingleValidationMessage next : validationResult.getMessages()) {
if (next.getSeverity().ordinal() >= myFailOnSeverity) { if (next.getSeverity().ordinal() >= myFailOnSeverity) {
fail(theRequestDetails, validationResult); fail(theRequestDetails, validationResult);
return; return validationResult;
} }
} }
} }
@ -342,6 +345,8 @@ abstract class BaseValidatingInterceptor<T> extends InterceptorAdapter {
} }
postProcessResult(theRequestDetails, validationResult); postProcessResult(theRequestDetails, validationResult);
return validationResult;
} }
private static class MyLookup extends StrLookup<String> { private static class MyLookup extends StrLookup<String> {

View File

@ -12,7 +12,7 @@ import static org.apache.commons.lang3.StringUtils.isBlank;
* you may not use this file except in compliance with the License. * you may not use this file except in compliance with the License.
* You may obtain a copy of the License at * You may obtain a copy of the License at
* *
* http://www.apache.org/licenses/LICENSE-2.0 * http://www.apache.org/licenses/LICENSE-2.0
* *
* Unless required by applicable law or agreed to in writing, software * Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS, * distributed under the License is distributed on an "AS IS" BASIS,
@ -27,6 +27,9 @@ import java.nio.charset.Charset;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
import org.hl7.fhir.instance.model.api.IBaseOperationOutcome;
import org.hl7.fhir.instance.model.api.IBaseResource;
import ca.uhn.fhir.rest.method.RequestDetails; import ca.uhn.fhir.rest.method.RequestDetails;
import ca.uhn.fhir.rest.param.ResourceParameter; import ca.uhn.fhir.rest.param.ResourceParameter;
import ca.uhn.fhir.rest.server.EncodingEnum; import ca.uhn.fhir.rest.server.EncodingEnum;
@ -51,6 +54,19 @@ public class RequestValidatingInterceptor extends BaseValidatingInterceptor<Stri
private static final org.slf4j.Logger ourLog = org.slf4j.LoggerFactory.getLogger(RequestValidatingInterceptor.class); private static final org.slf4j.Logger ourLog = org.slf4j.LoggerFactory.getLogger(RequestValidatingInterceptor.class);
/**
* A {@link RequestDetails#getUserData() user data} entry will be created with this
* key which contains the {@link ValidationResult} from validating the request.
*/
public static final String REQUEST_VALIDATION_RESULT = RequestValidatingInterceptor.class.getName() + "_REQUEST_VALIDATION_RESULT";
private boolean myAddValidationResultsToResponseOperationOutcome = true;
@Override
ValidationResult doValidate(FhirValidator theValidator, String theRequest) {
return theValidator.validateWithResult(theRequest);
}
@Override @Override
public boolean incomingRequestPostProcessed(RequestDetails theRequestDetails, HttpServletRequest theRequest, HttpServletResponse theResponse) throws AuthenticationException { public boolean incomingRequestPostProcessed(RequestDetails theRequestDetails, HttpServletRequest theRequest, HttpServletResponse theResponse) throws AuthenticationException {
EncodingEnum encoding = RestfulServerUtils.determineRequestEncodingNoDefault(theRequestDetails); EncodingEnum encoding = RestfulServerUtils.determineRequestEncodingNoDefault(theRequestDetails);
@ -67,11 +83,59 @@ public class RequestValidatingInterceptor extends BaseValidatingInterceptor<Stri
return true; return true;
} }
validate(requestText, theRequestDetails); ValidationResult validationResult = validate(requestText, theRequestDetails);
// The JPA server will use this
theRequestDetails.getUserData().put(REQUEST_VALIDATION_RESULT, validationResult);
return true; return true;
} }
/**
* If set to {@literal true} (default is true), the validation results
* will be added to the OperationOutcome being returned to the client,
* unless the response being returned is not an OperationOutcome
* to begin with (e.g. if the client has requested
* <code>Return: prefer=representation</code>)
*/
public boolean isAddValidationResultsToResponseOperationOutcome() {
return myAddValidationResultsToResponseOperationOutcome;
}
@Override
public boolean outgoingResponse(RequestDetails theRequestDetails, IBaseResource theResponseObject) {
if (myAddValidationResultsToResponseOperationOutcome) {
if (theResponseObject instanceof IBaseOperationOutcome) {
IBaseOperationOutcome oo = (IBaseOperationOutcome) theResponseObject;
if (theRequestDetails != null) {
ValidationResult validationResult = (ValidationResult) theRequestDetails.getUserData().get(RequestValidatingInterceptor.REQUEST_VALIDATION_RESULT);
if (validationResult != null) {
validationResult.populateOperationOutcome(oo);
}
}
}
}
return true;
}
@Override
String provideDefaultResponseHeaderName() {
return DEFAULT_RESPONSE_HEADER_NAME;
}
/**
* If set to {@literal true} (default is true), the validation results
* will be added to the OperationOutcome being returned to the client,
* unless the response being returned is not an OperationOutcome
* to begin with (e.g. if the client has requested
* <code>Return: prefer=representation</code>)
*/
public void setAddValidationResultsToResponseOperationOutcome(boolean theAddValidationResultsToResponseOperationOutcome) {
myAddValidationResultsToResponseOperationOutcome = theAddValidationResultsToResponseOperationOutcome;
}
/** /**
* Sets the name of the response header to add validation failures to * Sets the name of the response header to add validation failures to
@ -84,17 +148,4 @@ public class RequestValidatingInterceptor extends BaseValidatingInterceptor<Stri
super.setResponseHeaderName(theResponseHeaderName); super.setResponseHeaderName(theResponseHeaderName);
} }
@Override
String provideDefaultResponseHeaderName() {
return DEFAULT_RESPONSE_HEADER_NAME;
}
@Override
ValidationResult doValidate(FhirValidator theValidator, String theRequest) {
return theValidator.validateWithResult(theRequest);
}
} }

View File

@ -301,18 +301,6 @@ public class AuthorizationInterceptor extends InterceptorAdapter implements ISer
return true; return true;
} }
private List<IBaseResource> toListOfResourcesAndExcludeContainer(IBaseResource theResponseObject, FhirContext fhirContext) {
List<IBaseResource> resources;
resources = fhirContext.newTerser().getAllPopulatedChildElementsOfType(theResponseObject, IBaseResource.class);
// Exclude the container
if (resources.size() > 0 && resources.get(0) == theResponseObject) {
resources = resources.subList(1, resources.size());
}
return resources;
}
@CoverageIgnore @CoverageIgnore
@Override @Override
public boolean outgoingResponse(RequestDetails theRequestDetails, TagList theResponseObject) { public boolean outgoingResponse(RequestDetails theRequestDetails, TagList theResponseObject) {
@ -350,6 +338,18 @@ public class AuthorizationInterceptor extends InterceptorAdapter implements ISer
myDefaultPolicy = theDefaultPolicy; myDefaultPolicy = theDefaultPolicy;
} }
private List<IBaseResource> toListOfResourcesAndExcludeContainer(IBaseResource theResponseObject, FhirContext fhirContext) {
List<IBaseResource> resources;
resources = fhirContext.newTerser().getAllPopulatedChildElementsOfType(theResponseObject, IBaseResource.class);
// Exclude the container
if (resources.size() > 0 && resources.get(0) == theResponseObject) {
resources = resources.subList(1, resources.size());
}
return resources;
}
// private List<IBaseResource> toListOfResources(FhirContext fhirContext, IBaseBundle responseBundle) { // private List<IBaseResource> toListOfResources(FhirContext fhirContext, IBaseBundle responseBundle) {
// List<IBaseResource> retVal = BundleUtil.toListOfResources(fhirContext, responseBundle); // List<IBaseResource> retVal = BundleUtil.toListOfResources(fhirContext, responseBundle);
// for (int i = 0; i < retVal.size(); i++) { // for (int i = 0; i < retVal.size(); i++) {
@ -368,10 +368,10 @@ public class AuthorizationInterceptor extends InterceptorAdapter implements ISer
} }
private enum OperationExamineDirection { private enum OperationExamineDirection {
BOTH,
IN, IN,
NONE, NONE,
OUT, OUT,
BOTH,
} }
public static class Verdict { public static class Verdict {

View File

@ -35,6 +35,11 @@ public interface IAuthRuleBuilderOperationNamed {
*/ */
IAuthRuleBuilderRuleOpClassifierFinished onType(Class<? extends IBaseResource> theType); IAuthRuleBuilderRuleOpClassifierFinished onType(Class<? extends IBaseResource> theType);
/**
* Rule applies to invocations of this operation at the <code>type</code> level on any type
*/
IAuthRuleFinished onAnyType();
/** /**
* Rule applies to invocations of this operation at the <code>instance</code> level * Rule applies to invocations of this operation at the <code>instance</code> level
*/ */
@ -45,4 +50,9 @@ public interface IAuthRuleBuilderOperationNamed {
*/ */
IAuthRuleBuilderRuleOpClassifierFinished onInstancesOfType(Class<? extends IBaseResource> theType); IAuthRuleBuilderRuleOpClassifierFinished onInstancesOfType(Class<? extends IBaseResource> theType);
/**
* Rule applies to invocations of this operation at the <code>instance</code> level on any instance
*/
IAuthRuleFinished onAnyInstance();
} }

View File

@ -42,6 +42,8 @@ class OperationRule extends BaseRule implements IAuthRule {
private HashSet<Class<? extends IBaseResource>> myAppliesToTypes; private HashSet<Class<? extends IBaseResource>> myAppliesToTypes;
private List<IIdType> myAppliesToIds; private List<IIdType> myAppliesToIds;
private HashSet<Class<? extends IBaseResource>> myAppliesToInstancesOfType; private HashSet<Class<? extends IBaseResource>> myAppliesToInstancesOfType;
private boolean myAppliesToAnyType;
private boolean myAppliesToAnyInstance;
/** /**
* Must include the leading $ * Must include the leading $
@ -66,7 +68,9 @@ class OperationRule extends BaseRule implements IAuthRule {
} }
break; break;
case EXTENDED_OPERATION_TYPE: case EXTENDED_OPERATION_TYPE:
if (myAppliesToTypes != null) { if (myAppliesToAnyType) {
applies = true;
} else if (myAppliesToTypes != null) {
// TODO: Convert to a map of strings and keep the result // TODO: Convert to a map of strings and keep the result
for (Class<? extends IBaseResource> next : myAppliesToTypes) { for (Class<? extends IBaseResource> next : myAppliesToTypes) {
String resName = ctx.getResourceDefinition(next).getName(); String resName = ctx.getResourceDefinition(next).getName();
@ -78,7 +82,9 @@ class OperationRule extends BaseRule implements IAuthRule {
} }
break; break;
case EXTENDED_OPERATION_INSTANCE: case EXTENDED_OPERATION_INSTANCE:
if (theInputResourceId != null) { if (myAppliesToAnyInstance) {
applies = true;
} else if (theInputResourceId != null) {
if (myAppliesToIds != null) { if (myAppliesToIds != null) {
String instanceId = theInputResourceId.toUnqualifiedVersionless().getValue(); String instanceId = theInputResourceId.toUnqualifiedVersionless().getValue();
for (IIdType next : myAppliesToIds) { for (IIdType next : myAppliesToIds) {
@ -131,4 +137,12 @@ class OperationRule extends BaseRule implements IAuthRule {
myAppliesToInstancesOfType = theAppliesToTypes; myAppliesToInstancesOfType = theAppliesToTypes;
} }
public void appliesToAnyInstance() {
myAppliesToAnyInstance = true;
}
public void appliesToAnyType() {
myAppliesToAnyType = true;
}
} }

View File

@ -371,6 +371,22 @@ public class RuleBuilder implements IAuthRuleBuilder {
return appliesToTypes; return appliesToTypes;
} }
@Override
public IAuthRuleFinished onAnyType() {
OperationRule rule = createRule();
rule.appliesToAnyType();
myRules.add(rule);
return new RuleBuilderFinished();
}
@Override
public IAuthRuleFinished onAnyInstance() {
OperationRule rule = createRule();
rule.appliesToAnyInstance();
myRules.add(rule);
return new RuleBuilderFinished();
}
} }
} }

View File

@ -102,6 +102,14 @@ public class ValidationResult {
*/ */
public IBaseOperationOutcome toOperationOutcome() { public IBaseOperationOutcome toOperationOutcome() {
IBaseOperationOutcome oo = (IBaseOperationOutcome) myCtx.getResourceDefinition("OperationOutcome").newInstance(); IBaseOperationOutcome oo = (IBaseOperationOutcome) myCtx.getResourceDefinition("OperationOutcome").newInstance();
populateOperationOutcome(oo);
return oo;
}
/**
* Populate an operation outcome with the results of the validation
*/
public void populateOperationOutcome(IBaseOperationOutcome theOperationOutcome) {
for (SingleValidationMessage next : myMessages) { for (SingleValidationMessage next : myMessages) {
String location; String location;
if (isNotBlank(next.getLocationString())) { if (isNotBlank(next.getLocationString())) {
@ -112,15 +120,13 @@ public class ValidationResult {
location = null; location = null;
} }
String severity = next.getSeverity() != null ? next.getSeverity().getCode() : null; String severity = next.getSeverity() != null ? next.getSeverity().getCode() : null;
OperationOutcomeUtil.addIssue(myCtx, oo, severity, next.getMessage(), location, ExceptionHandlingInterceptor.PROCESSING); OperationOutcomeUtil.addIssue(myCtx, theOperationOutcome, severity, next.getMessage(), location, ExceptionHandlingInterceptor.PROCESSING);
} }
if (myMessages.isEmpty()) { if (myMessages.isEmpty()) {
String message = myCtx.getLocalizer().getMessage(ValidationResult.class, "noIssuesDetected"); String message = myCtx.getLocalizer().getMessage(ValidationResult.class, "noIssuesDetected");
OperationOutcomeUtil.addIssue(myCtx, oo, "information", message, null, "informational"); OperationOutcomeUtil.addIssue(myCtx, theOperationOutcome, "information", message, null, "informational");
} }
return oo;
} }
@Override @Override

View File

@ -138,6 +138,7 @@ import ca.uhn.fhir.rest.server.exceptions.InvalidRequestException;
import ca.uhn.fhir.rest.server.exceptions.PreconditionFailedException; import ca.uhn.fhir.rest.server.exceptions.PreconditionFailedException;
import ca.uhn.fhir.rest.server.exceptions.ResourceGoneException; import ca.uhn.fhir.rest.server.exceptions.ResourceGoneException;
import ca.uhn.fhir.rest.server.exceptions.UnprocessableEntityException; import ca.uhn.fhir.rest.server.exceptions.UnprocessableEntityException;
import ca.uhn.fhir.rest.server.interceptor.RequestValidatingInterceptor;
import ca.uhn.fhir.util.TestUtil; import ca.uhn.fhir.util.TestUtil;
import ca.uhn.fhir.util.UrlUtil; import ca.uhn.fhir.util.UrlUtil;
@ -402,6 +403,36 @@ public class ResourceProviderDstu3Test extends BaseResourceProviderDstu3Test {
ourClient.create().resource(input).execute().getResource(); ourClient.create().resource(input).execute().getResource();
} }
@Test
public void testCreateIncludesRequestValidatorInterceptorOutcome() throws IOException {
RequestValidatingInterceptor interceptor = new RequestValidatingInterceptor();
assertTrue(interceptor.isAddValidationResultsToResponseOperationOutcome());
interceptor.setFailOnSeverity(null);
ourRestServer.registerInterceptor(interceptor);
try {
// Missing status, which is mandatory
Observation obs = new Observation();
obs.addIdentifier().setSystem("urn:foo").setValue("bar");
IBaseResource outcome = ourClient.create().resource(obs).execute().getOperationOutcome();
String encodedOo = myFhirCtx.newJsonParser().setPrettyPrint(true).encodeResourceToString(outcome);
ourLog.info(encodedOo);
assertThat(encodedOo, containsString("cvc-complex-type.2.4.b"));
assertThat(encodedOo, containsString("Successfully created resource \\\"Observation/"));
interceptor.setAddValidationResultsToResponseOperationOutcome(false);
outcome = ourClient.create().resource(obs).execute().getOperationOutcome();
encodedOo = myFhirCtx.newJsonParser().setPrettyPrint(true).encodeResourceToString(outcome);
ourLog.info(encodedOo);
assertThat(encodedOo, not(containsString("cvc-complex-type.2.4.b")));
assertThat(encodedOo, containsString("Successfully created resource \\\"Observation/"));
} finally {
ourRestServer.unregisterInterceptor(interceptor);
}
}
@Test @Test
public void testCreateConditional() { public void testCreateConditional() {
Patient patient = new Patient(); Patient patient = new Patient();
@ -800,7 +831,7 @@ public class ResourceProviderDstu3Test extends BaseResourceProviderDstu3Test {
} }
// Delete should now have no matches // Delete should now have no matches
delete = new HttpDelete(ourServerBase + "/Patient?name=" + methodName); delete = new HttpDelete(ourServerBase + "/Patient?name=" + methodName);
response = ourHttpClient.execute(delete); response = ourHttpClient.execute(delete);
try { try {
@ -3658,7 +3689,8 @@ public class ResourceProviderDstu3Test extends BaseResourceProviderDstu3Test {
assertThat(resp, not(containsString("Resource has no id"))); assertThat(resp, not(containsString("Resource has no id")));
assertThat(resp, containsString("<pre>No issues detected during validation</pre>")); assertThat(resp, containsString("<pre>No issues detected during validation</pre>"));
assertThat(resp, assertThat(resp,
stringContainsInOrder("<issue>", "<severity value=\"information\"/>", "<code value=\"informational\"/>", "<diagnostics value=\"No issues detected during validation\"/>", "</issue>")); stringContainsInOrder("<issue>", "<severity value=\"information\"/>", "<code value=\"informational\"/>", "<diagnostics value=\"No issues detected during validation\"/>",
"</issue>"));
} finally { } finally {
IOUtils.closeQuietly(response.getEntity().getContent()); IOUtils.closeQuietly(response.getEntity().getContent());
response.close(); response.close();
@ -3684,7 +3716,8 @@ public class ResourceProviderDstu3Test extends BaseResourceProviderDstu3Test {
assertThat(resp, not(containsString("Resource has no id"))); assertThat(resp, not(containsString("Resource has no id")));
assertThat(resp, containsString("<pre>No issues detected during validation</pre>")); assertThat(resp, containsString("<pre>No issues detected during validation</pre>"));
assertThat(resp, assertThat(resp,
stringContainsInOrder("<issue>", "<severity value=\"information\"/>", "<code value=\"informational\"/>", "<diagnostics value=\"No issues detected during validation\"/>", "</issue>")); stringContainsInOrder("<issue>", "<severity value=\"information\"/>", "<code value=\"informational\"/>", "<diagnostics value=\"No issues detected during validation\"/>",
"</issue>"));
} finally { } finally {
IOUtils.closeQuietly(response.getEntity().getContent()); IOUtils.closeQuietly(response.getEntity().getContent());
response.close(); response.close();

View File

@ -5,6 +5,7 @@ import static org.junit.Assert.assertEquals;
import static org.junit.Assert.assertNotNull; import static org.junit.Assert.assertNotNull;
import static org.junit.Assert.assertThat; import static org.junit.Assert.assertThat;
import static org.mockito.Mockito.mock; import static org.mockito.Mockito.mock;
import static org.mockito.Mockito.reset;
import static org.mockito.Mockito.times; import static org.mockito.Mockito.times;
import static org.mockito.Mockito.any; import static org.mockito.Mockito.any;
import static org.mockito.Mockito.verify; import static org.mockito.Mockito.verify;
@ -13,6 +14,7 @@ import static org.mockito.Mockito.when;
import java.io.IOException; import java.io.IOException;
import java.nio.charset.StandardCharsets; import java.nio.charset.StandardCharsets;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse; import javax.servlet.http.HttpServletResponse;
@ -25,13 +27,17 @@ import org.hl7.fhir.dstu3.model.Bundle;
import org.hl7.fhir.dstu3.model.Bundle.BundleEntryComponent; import org.hl7.fhir.dstu3.model.Bundle.BundleEntryComponent;
import org.hl7.fhir.dstu3.model.Bundle.BundleType; import org.hl7.fhir.dstu3.model.Bundle.BundleType;
import org.hl7.fhir.dstu3.model.Bundle.HTTPVerb; import org.hl7.fhir.dstu3.model.Bundle.HTTPVerb;
import org.hl7.fhir.dstu3.model.Organization;
import org.hl7.fhir.dstu3.model.Patient; import org.hl7.fhir.dstu3.model.Patient;
import org.hl7.fhir.dstu3.model.Reference;
import org.hl7.fhir.instance.model.api.IBaseResource; import org.hl7.fhir.instance.model.api.IBaseResource;
import org.hl7.fhir.instance.model.api.IIdType;
import org.junit.After; import org.junit.After;
import org.junit.AfterClass; import org.junit.AfterClass;
import org.junit.Test; import org.junit.Test;
import org.mockito.ArgumentCaptor; import org.mockito.ArgumentCaptor;
import ca.uhn.fhir.parser.IParser;
import ca.uhn.fhir.rest.api.RestOperationTypeEnum; import ca.uhn.fhir.rest.api.RestOperationTypeEnum;
import ca.uhn.fhir.rest.method.RequestDetails; import ca.uhn.fhir.rest.method.RequestDetails;
import ca.uhn.fhir.rest.server.Constants; import ca.uhn.fhir.rest.server.Constants;
@ -64,21 +70,27 @@ public class ResourceProviderInterceptorDstu3Test extends BaseResourceProviderDs
myServerInterceptor = mock(IServerInterceptor.class); myServerInterceptor = mock(IServerInterceptor.class);
myDaoInterceptor = mock(IServerInterceptor.class); myDaoInterceptor = mock(IServerInterceptor.class);
resetServerInterceptor();
myDaoConfig.getInterceptors().add(myDaoInterceptor);
ourRestServer.registerInterceptor(myServerInterceptor);
ourRestServer.registerInterceptor(new InterceptorAdapter() {
@Override
public void incomingRequestPreHandled(RestOperationTypeEnum theOperation, ActionRequestDetails theProcessedRequest) {
super.incomingRequestPreHandled(theOperation, theProcessedRequest);
}
});
}
private void resetServerInterceptor() throws ServletException, IOException {
reset(myServerInterceptor);
when(myServerInterceptor.handleException(any(RequestDetails.class), any(BaseServerResponseException.class), any(HttpServletRequest.class), any(HttpServletResponse.class))).thenReturn(true); when(myServerInterceptor.handleException(any(RequestDetails.class), any(BaseServerResponseException.class), any(HttpServletRequest.class), any(HttpServletResponse.class))).thenReturn(true);
when(myServerInterceptor.incomingRequestPostProcessed(any(RequestDetails.class), any(HttpServletRequest.class), any(HttpServletResponse.class))).thenReturn(true); when(myServerInterceptor.incomingRequestPostProcessed(any(RequestDetails.class), any(HttpServletRequest.class), any(HttpServletResponse.class))).thenReturn(true);
when(myServerInterceptor.incomingRequestPreProcessed(any(HttpServletRequest.class), any(HttpServletResponse.class))).thenReturn(true); when(myServerInterceptor.incomingRequestPreProcessed(any(HttpServletRequest.class), any(HttpServletResponse.class))).thenReturn(true);
when(myServerInterceptor.outgoingResponse(any(RequestDetails.class), any(IBaseResource.class))).thenReturn(true); when(myServerInterceptor.outgoingResponse(any(RequestDetails.class), any(IBaseResource.class))).thenReturn(true);
when(myServerInterceptor.outgoingResponse(any(RequestDetails.class), any(IBaseResource.class), any(HttpServletRequest.class), any(HttpServletResponse.class))).thenReturn(true); when(myServerInterceptor.outgoingResponse(any(RequestDetails.class), any(IBaseResource.class), any(HttpServletRequest.class), any(HttpServletResponse.class))).thenReturn(true);
myDaoConfig.getInterceptors().add(myDaoInterceptor);
ourRestServer.registerInterceptor(myServerInterceptor);
ourRestServer.registerInterceptor(new InterceptorAdapter() {
@Override
public void incomingRequestPreHandled(RestOperationTypeEnum theOperation, ActionRequestDetails theProcessedRequest) {
super.incomingRequestPreHandled(theOperation, theProcessedRequest);
}});
} }
@Test @Test
@ -117,6 +129,55 @@ public class ResourceProviderInterceptorDstu3Test extends BaseResourceProviderDs
assertNotNull(ardCaptor.getValue().getResource()); assertNotNull(ardCaptor.getValue().getResource());
} }
@Test
public void testCreateResourceWithVersionedReference() throws IOException, ServletException {
String methodName = "testCreateResourceWithVersionedReference";
Organization org = new Organization();
org.setName("orgName");
IIdType orgId = ourClient.create().resource(org).execute().getId().toUnqualified();
assertNotNull(orgId.getVersionIdPartAsLong());
resetServerInterceptor();
Patient pt = new Patient();
pt.addName().setFamily(methodName);
pt.setManagingOrganization(new Reference(orgId));
IParser parser = myFhirCtx.newXmlParser();
parser.setDontStripVersionsFromReferencesAtPaths("Patient.managingOrganization");
parser.setPrettyPrint(true);
String resource = parser.encodeResourceToString(pt);
ourLog.info(resource);
HttpPost post = new HttpPost(ourServerBase + "/Patient");
post.setEntity(new StringEntity(resource, ContentType.create(Constants.CT_FHIR_XML, "UTF-8")));
CloseableHttpResponse response = ourHttpClient.execute(post);
try {
String resp = IOUtils.toString(response.getEntity().getContent(), StandardCharsets.UTF_8);
ourLog.info("Response was: {}", resp);
assertEquals(201, response.getStatusLine().getStatusCode());
String newIdString = response.getFirstHeader(Constants.HEADER_LOCATION_LC).getValue();
assertThat(newIdString, startsWith(ourServerBase + "/Patient/"));
} finally {
response.close();
}
ArgumentCaptor<ActionRequestDetails> ardCaptor = ArgumentCaptor.forClass(ActionRequestDetails.class);
ArgumentCaptor<RestOperationTypeEnum> opTypeCaptor = ArgumentCaptor.forClass(RestOperationTypeEnum.class);
verify(myServerInterceptor, times(1)).incomingRequestPreHandled(opTypeCaptor.capture(), ardCaptor.capture());
assertEquals(RestOperationTypeEnum.CREATE, opTypeCaptor.getValue());
assertEquals("Patient", ardCaptor.getValue().getResourceType());
assertNotNull(ardCaptor.getValue().getResource());
Patient patient;
patient = (Patient) ardCaptor.getAllValues().get(0).getResource();
assertEquals(orgId.getValue(), patient.getManagingOrganization().getReference());
}
@Test @Test
public void testCreateResourceInTransaction() throws IOException { public void testCreateResourceInTransaction() throws IOException {
String methodName = "testCreateResourceInTransaction"; String methodName = "testCreateResourceInTransaction";
@ -144,7 +205,7 @@ public class ResourceProviderInterceptorDstu3Test extends BaseResourceProviderDs
} }
/* /*
* Server Interceptor * Server Interceptor
*/ */
ArgumentCaptor<ActionRequestDetails> ardCaptor = ArgumentCaptor.forClass(ActionRequestDetails.class); ArgumentCaptor<ActionRequestDetails> ardCaptor = ArgumentCaptor.forClass(ActionRequestDetails.class);
@ -163,9 +224,9 @@ public class ResourceProviderInterceptorDstu3Test extends BaseResourceProviderDs
verify(myServerInterceptor, times(1)).incomingRequestPostProcessed(rdCaptor.capture(), srCaptor.capture(), sRespCaptor.capture()); verify(myServerInterceptor, times(1)).incomingRequestPostProcessed(rdCaptor.capture(), srCaptor.capture(), sRespCaptor.capture());
/* /*
* DAO Interceptor * DAO Interceptor
*/ */
ardCaptor = ArgumentCaptor.forClass(ActionRequestDetails.class); ardCaptor = ArgumentCaptor.forClass(ActionRequestDetails.class);
opTypeCaptor = ArgumentCaptor.forClass(RestOperationTypeEnum.class); opTypeCaptor = ArgumentCaptor.forClass(RestOperationTypeEnum.class);
verify(myDaoInterceptor, times(2)).incomingRequestPreHandled(opTypeCaptor.capture(), ardCaptor.capture()); verify(myDaoInterceptor, times(2)).incomingRequestPreHandled(opTypeCaptor.capture(), ardCaptor.capture());
@ -175,7 +236,7 @@ public class ResourceProviderInterceptorDstu3Test extends BaseResourceProviderDs
assertEquals(RestOperationTypeEnum.CREATE, opTypeCaptor.getAllValues().get(1)); assertEquals(RestOperationTypeEnum.CREATE, opTypeCaptor.getAllValues().get(1));
assertEquals("Patient", ardCaptor.getAllValues().get(1).getResourceType()); assertEquals("Patient", ardCaptor.getAllValues().get(1).getResourceType());
assertNotNull(ardCaptor.getAllValues().get(1).getResource()); assertNotNull(ardCaptor.getAllValues().get(1).getResource());
rdCaptor = ArgumentCaptor.forClass(RequestDetails.class); rdCaptor = ArgumentCaptor.forClass(RequestDetails.class);
srCaptor = ArgumentCaptor.forClass(HttpServletRequest.class); srCaptor = ArgumentCaptor.forClass(HttpServletRequest.class);
sRespCaptor = ArgumentCaptor.forClass(HttpServletResponse.class); sRespCaptor = ArgumentCaptor.forClass(HttpServletResponse.class);

View File

@ -99,12 +99,6 @@ public class AuthorizationInterceptorDstu2Test {
return retVal; return retVal;
} }
private IResource createPatient(Integer theId, int theVersion) {
IResource retVal = createPatient(theId);
retVal.setId(retVal.getId().withVersion(Integer.toString(theVersion)));
return retVal;
}
private IResource createPatient(Integer theId) { private IResource createPatient(Integer theId) {
Patient retVal = new Patient(); Patient retVal = new Patient();
if (theId != null) { if (theId != null) {
@ -113,6 +107,12 @@ public class AuthorizationInterceptorDstu2Test {
retVal.addName().addFamily("FAM"); retVal.addName().addFamily("FAM");
return retVal; return retVal;
} }
private IResource createPatient(Integer theId, int theVersion) {
IResource retVal = createPatient(theId);
retVal.setId(retVal.getId().withVersion(Integer.toString(theVersion)));
return retVal;
}
private String extractResponseAndClose(HttpResponse status) throws IOException { private String extractResponseAndClose(HttpResponse status) throws IOException {
if (status.getEntity() == null) { if (status.getEntity() == null) {
@ -497,6 +497,46 @@ public class AuthorizationInterceptorDstu2Test {
assertTrue(ourHitMethod); assertTrue(ourHitMethod);
} }
@Test
public void testHistoryWithReadAll() throws Exception {
ourServlet.registerInterceptor(new AuthorizationInterceptor(PolicyEnum.DENY) {
@Override
public List<IAuthRule> buildRuleList(RequestDetails theRequestDetails) {
//@formatter:off
return new RuleBuilder()
.allow("Rule 1").read().allResources().withAnyId()
.build();
//@formatter:on
}
});
HttpGet httpGet;
HttpResponse status;
ourReturn = Arrays.asList(createPatient(2, 1));
ourHitMethod = false;
httpGet = new HttpGet("http://localhost:" + ourPort + "/_history");
status = ourClient.execute(httpGet);
extractResponseAndClose(status);
assertEquals(200, status.getStatusLine().getStatusCode());
assertTrue(ourHitMethod);
ourHitMethod = false;
httpGet = new HttpGet("http://localhost:" + ourPort + "/Patient/_history");
status = ourClient.execute(httpGet);
extractResponseAndClose(status);
assertEquals(200, status.getStatusLine().getStatusCode());
assertTrue(ourHitMethod);
ourHitMethod = false;
httpGet = new HttpGet("http://localhost:" + ourPort + "/Patient/1/_history");
status = ourClient.execute(httpGet);
extractResponseAndClose(status);
assertEquals(200, status.getStatusLine().getStatusCode());
assertTrue(ourHitMethod);
}
@Test @Test
public void testMetadataAllow() throws Exception { public void testMetadataAllow() throws Exception {
ourServlet.registerInterceptor(new AuthorizationInterceptor(PolicyEnum.DENY) { ourServlet.registerInterceptor(new AuthorizationInterceptor(PolicyEnum.DENY) {
@ -747,6 +787,75 @@ public class AuthorizationInterceptorDstu2Test {
} }
@Test
public void testOperationInstanceLevelAnyInstance() throws Exception {
ourServlet.registerInterceptor(new AuthorizationInterceptor(PolicyEnum.DENY) {
@Override
public List<IAuthRule> buildRuleList(RequestDetails theRequestDetails) {
return new RuleBuilder()
.allow("RULE 1").operation().named("opName").onAnyInstance().andThen()
.build();
}
});
HttpGet httpGet;
HttpResponse status;
String response;
// Server
ourHitMethod = false;
ourReturn = Arrays.asList(createObservation(10, "Patient/2"));
httpGet = new HttpGet("http://localhost:" + ourPort + "/$opName");
status = ourClient.execute(httpGet);
response = extractResponseAndClose(status);
assertThat(response, containsString("Access denied by default policy"));
assertEquals(403, status.getStatusLine().getStatusCode());
assertFalse(ourHitMethod);
// Type
ourHitMethod = false;
ourReturn = Arrays.asList(createPatient(2));
httpGet = new HttpGet("http://localhost:" + ourPort + "/Patient/$opName");
status = ourClient.execute(httpGet);
response = extractResponseAndClose(status);
ourLog.info(response);
assertThat(response, containsString("Access denied by default policy"));
assertEquals(403, status.getStatusLine().getStatusCode());
assertFalse(ourHitMethod);
// Instance
ourHitMethod = false;
ourReturn = Arrays.asList(createPatient(2));
httpGet = new HttpGet("http://localhost:" + ourPort + "/Patient/1/$opName");
status = ourClient.execute(httpGet);
response = extractResponseAndClose(status);
ourLog.info(response);
assertEquals(200, status.getStatusLine().getStatusCode());
assertTrue(ourHitMethod);
// Another Instance
ourHitMethod = false;
ourReturn = Arrays.asList(createPatient(2));
httpGet = new HttpGet("http://localhost:" + ourPort + "/Observation/2/$opName");
status = ourClient.execute(httpGet);
response = extractResponseAndClose(status);
ourLog.info(response);
assertEquals(200, status.getStatusLine().getStatusCode());
assertTrue(ourHitMethod);
// Wrong name
ourHitMethod = false;
ourReturn = Arrays.asList(createPatient(2));
httpGet = new HttpGet("http://localhost:" + ourPort + "/Patient/2/$opName2");
status = ourClient.execute(httpGet);
response = extractResponseAndClose(status);
ourLog.info(response);
assertThat(response, containsString("Access denied by default policy"));
assertEquals(403, status.getStatusLine().getStatusCode());
assertFalse(ourHitMethod);
}
@Test @Test
public void testOperationNotAllowedWithWritePermissiom() throws Exception { public void testOperationNotAllowedWithWritePermissiom() throws Exception {
ourServlet.registerInterceptor(new AuthorizationInterceptor(PolicyEnum.DENY) { ourServlet.registerInterceptor(new AuthorizationInterceptor(PolicyEnum.DENY) {
@ -926,13 +1035,13 @@ public class AuthorizationInterceptorDstu2Test {
} }
@Test @Test
public void testHistoryWithReadAll() throws Exception { public void testOperationTypeLevelWildcard() throws Exception {
ourServlet.registerInterceptor(new AuthorizationInterceptor(PolicyEnum.DENY) { ourServlet.registerInterceptor(new AuthorizationInterceptor(PolicyEnum.DENY) {
@Override @Override
public List<IAuthRule> buildRuleList(RequestDetails theRequestDetails) { public List<IAuthRule> buildRuleList(RequestDetails theRequestDetails) {
//@formatter:off //@formatter:off
return new RuleBuilder() return new RuleBuilder()
.allow("Rule 1").read().allResources().withAnyId() .allow("RULE 1").operation().named("opName").onAnyType().andThen()
.build(); .build();
//@formatter:on //@formatter:on
} }
@ -940,29 +1049,59 @@ public class AuthorizationInterceptorDstu2Test {
HttpGet httpGet; HttpGet httpGet;
HttpResponse status; HttpResponse status;
String response;
ourReturn = Arrays.asList(createPatient(2, 1)); // Server
ourHitMethod = false; ourHitMethod = false;
httpGet = new HttpGet("http://localhost:" + ourPort + "/_history"); ourReturn = Arrays.asList(createObservation(10, "Patient/2"));
httpGet = new HttpGet("http://localhost:" + ourPort + "/$opName");
status = ourClient.execute(httpGet); status = ourClient.execute(httpGet);
extractResponseAndClose(status); response = extractResponseAndClose(status);
assertThat(response, containsString("Access denied by default policy"));
assertEquals(403, status.getStatusLine().getStatusCode());
assertFalse(ourHitMethod);
// Type
ourHitMethod = false;
ourReturn = Arrays.asList(createPatient(2));
httpGet = new HttpGet("http://localhost:" + ourPort + "/Patient/$opName");
status = ourClient.execute(httpGet);
response = extractResponseAndClose(status);
ourLog.info(response);
assertEquals(200, status.getStatusLine().getStatusCode()); assertEquals(200, status.getStatusLine().getStatusCode());
assertTrue(ourHitMethod); assertTrue(ourHitMethod);
// Another type
ourHitMethod = false; ourHitMethod = false;
httpGet = new HttpGet("http://localhost:" + ourPort + "/Patient/_history"); ourReturn = Arrays.asList(createPatient(2));
httpGet = new HttpGet("http://localhost:" + ourPort + "/Observation/$opName");
status = ourClient.execute(httpGet); status = ourClient.execute(httpGet);
extractResponseAndClose(status); response = extractResponseAndClose(status);
ourLog.info(response);
assertEquals(200, status.getStatusLine().getStatusCode()); assertEquals(200, status.getStatusLine().getStatusCode());
assertTrue(ourHitMethod); assertTrue(ourHitMethod);
// Wrong name
ourHitMethod = false; ourHitMethod = false;
httpGet = new HttpGet("http://localhost:" + ourPort + "/Patient/1/_history"); ourReturn = Arrays.asList(createPatient(2));
httpGet = new HttpGet("http://localhost:" + ourPort + "/Patient/$opName2");
status = ourClient.execute(httpGet); status = ourClient.execute(httpGet);
extractResponseAndClose(status); response = extractResponseAndClose(status);
assertEquals(200, status.getStatusLine().getStatusCode()); ourLog.info(response);
assertTrue(ourHitMethod); assertThat(response, containsString("Access denied by default policy"));
assertEquals(403, status.getStatusLine().getStatusCode());
assertFalse(ourHitMethod);
// Instance
ourHitMethod = false;
ourReturn = Arrays.asList(createPatient(2));
httpGet = new HttpGet("http://localhost:" + ourPort + "/Patient/1/$opName");
status = ourClient.execute(httpGet);
response = extractResponseAndClose(status);
ourLog.info(response);
assertThat(response, containsString("Access denied by default policy"));
assertEquals(403, status.getStatusLine().getStatusCode());
assertFalse(ourHitMethod);
} }
@Test @Test
@ -1711,19 +1850,6 @@ public class AuthorizationInterceptorDstu2Test {
return retVal; return retVal;
} }
@History()
public List<IResource> history() {
ourHitMethod = true;
return (ourReturn);
}
@History()
public List<IResource> history(@IdParam IdDt theId) {
ourHitMethod = true;
return (ourReturn);
}
@Delete() @Delete()
public MethodOutcome delete(IRequestOperationCallback theRequestOperationCallback, @IdParam IdDt theId, @ConditionalUrlParam String theConditionalUrl, RequestDetails theRequestDetails) { public MethodOutcome delete(IRequestOperationCallback theRequestOperationCallback, @IdParam IdDt theId, @ConditionalUrlParam String theConditionalUrl, RequestDetails theRequestDetails) {
ourHitMethod = true; ourHitMethod = true;
@ -1744,11 +1870,24 @@ public class AuthorizationInterceptorDstu2Test {
return retVal; return retVal;
} }
@Override @Override
public Class<? extends IResource> getResourceType() { public Class<? extends IResource> getResourceType() {
return Patient.class; return Patient.class;
} }
@History()
public List<IResource> history() {
ourHitMethod = true;
return (ourReturn);
}
@History()
public List<IResource> history(@IdParam IdDt theId) {
ourHitMethod = true;
return (ourReturn);
}
@Operation(name = "opName", idempotent = true) @Operation(name = "opName", idempotent = true)
public Parameters operation() { public Parameters operation() {
ourHitMethod = true; ourHitMethod = true;
@ -1767,6 +1906,12 @@ public class AuthorizationInterceptorDstu2Test {
return (Parameters) new Parameters().setId("1"); return (Parameters) new Parameters().setId("1");
} }
@Operation(name = "opName2", idempotent = true)
public Parameters operation2() {
ourHitMethod = true;
return (Parameters) new Parameters().setId("1");
}
@Read(version = true) @Read(version = true)
public Patient read(@IdParam IdDt theId) { public Patient read(@IdParam IdDt theId) {
ourHitMethod = true; ourHitMethod = true;
@ -1821,6 +1966,12 @@ public class AuthorizationInterceptorDstu2Test {
public static class PlainProvider { public static class PlainProvider {
@History()
public List<IResource> history() {
ourHitMethod = true;
return (ourReturn);
}
@Operation(name = "opName", idempotent = true) @Operation(name = "opName", idempotent = true)
public Parameters operation() { public Parameters operation() {
ourHitMethod = true; ourHitMethod = true;
@ -1833,12 +1984,6 @@ public class AuthorizationInterceptorDstu2Test {
return (Bundle) ourReturn.get(0); return (Bundle) ourReturn.get(0);
} }
@History()
public List<IResource> history() {
ourHitMethod = true;
return (ourReturn);
}
} }

View File

@ -166,6 +166,18 @@
JPA server interceptor methods for create/update/delete provided JPA server interceptor methods for create/update/delete provided
the wrong version ID to the interceptors the wrong version ID to the interceptors
</action> </action>
<action type="add">
A post-processing hook for subclasses of BaseValidatingInterceptor is now available.
</action>
<action type="add" issue="585">
AuthorizationInterceptor can now authorize (allow/deny) extended operations
on instances and types by wildcard (on any type, or on any instance)
</action>
<action type="add" issue="595">
When RequestValidatingInterceptor is used, the validation results
are now populated into the OperationOutcome produced by
create and update operations
</action>
</release> </release>
<release version="2.2" date="2016-12-20"> <release version="2.2" date="2016-12-20">
<action type="add"> <action type="add">