honeymoose
/
hapi-fhir
mirror of https://github.com/hapifhir/hapi-fhir.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Clean up authorization interceptor tests

This commit is contained in:
James 2016-11-03 08:10:54 -04:00
parent 3a5a771de7
commit 8c53ad24f7
3 changed files with 70 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
hapi-fhir-base/src/main/java/ca/uhn/fhir/rest/server/interceptor/auth/RuleImplOp.java
View File

@ -65,6 +65,7 @@ class RuleImplOp extends BaseRule implements IAuthRule {
if (theOutputResource == null) { if (theOutputResource == null) {
switch (theOperation) { switch (theOperation) {
case READ: case READ:
case VREAD:
appliesToResourceId = theInputResourceId; appliesToResourceId = theInputResourceId;
break; break;
case SEARCH_SYSTEM: case SEARCH_SYSTEM:

35
hapi-fhir-structures-dstu2/src/test/java/ca/uhn/fhir/rest/server/interceptor/auth/AuthorizationInterceptorDstu2Test.java
View File

@ -70,7 +70,6 @@ import ca.uhn.fhir.rest.server.IResourceProvider;
import ca.uhn.fhir.rest.server.RestfulServer; import ca.uhn.fhir.rest.server.RestfulServer;
import ca.uhn.fhir.rest.server.interceptor.IServerInterceptor; import ca.uhn.fhir.rest.server.interceptor.IServerInterceptor;
import ca.uhn.fhir.rest.server.interceptor.IServerInterceptor.ActionRequestDetails; import ca.uhn.fhir.rest.server.interceptor.IServerInterceptor.ActionRequestDetails;
import ca.uhn.fhir.rest.server.servlet.ServletRequestDetails;
import ca.uhn.fhir.util.PortUtil; import ca.uhn.fhir.util.PortUtil;
import ca.uhn.fhir.util.TestUtil; import ca.uhn.fhir.util.TestUtil;
@ -87,7 +86,6 @@ public class AuthorizationInterceptorDstu2Test {
private static Server ourServer; private static Server ourServer;
private static RestfulServer ourServlet; private static RestfulServer ourServlet;
@Before @Before
public void before() { public void before() {
ourCtx.setAddProfileTagWhenEncoding(AddProfileTagEnum.NEVER); ourCtx.setAddProfileTagWhenEncoding(AddProfileTagEnum.NEVER);
@ -331,6 +329,15 @@ public class AuthorizationInterceptorDstu2Test {
assertThat(response, containsString("Access denied by rule: Default Rule")); assertThat(response, containsString("Access denied by rule: Default Rule"));
assertEquals(403, status.getStatusLine().getStatusCode()); assertEquals(403, status.getStatusLine().getStatusCode());
assertFalse(ourHitMethod); assertFalse(ourHitMethod);
ourHitMethod = false;
httpGet = new HttpGet("http://localhost:" + ourPort + "/Patient/1/$opName");
status = ourClient.execute(httpGet);
response = extractResponseAndClose(status);
ourLog.info(response);
assertThat(response, containsString("Access denied by rule: Default Rule"));
assertEquals(403, status.getStatusLine().getStatusCode());
assertFalse(ourHitMethod);
} }
@Test @Test
@ -617,6 +624,14 @@ public class AuthorizationInterceptorDstu2Test {
assertEquals(200, status.getStatusLine().getStatusCode()); assertEquals(200, status.getStatusLine().getStatusCode());
assertTrue(ourHitMethod); assertTrue(ourHitMethod);
ourReturn = Arrays.asList(createPatient(2));
ourHitMethod = false;
httpGet = new HttpGet("http://localhost:" + ourPort + "/Patient/1/_history/222");
status = ourClient.execute(httpGet);
extractResponseAndClose(status);
assertEquals(200, status.getStatusLine().getStatusCode());
assertTrue(ourHitMethod);
ourReturn = Arrays.asList(createObservation(10, "Patient/2")); ourReturn = Arrays.asList(createObservation(10, "Patient/2"));
ourHitMethod = false; ourHitMethod = false;
httpGet = new HttpGet("http://localhost:" + ourPort + "/Observation/10"); httpGet = new HttpGet("http://localhost:" + ourPort + "/Observation/10");
@ -692,7 +707,6 @@ public class AuthorizationInterceptorDstu2Test {
} }
@Test @Test
public void testReadByCompartmentWrong() throws Exception { public void testReadByCompartmentWrong() throws Exception {
ourServlet.registerInterceptor(new AuthorizationInterceptor(PolicyEnum.DENY) { ourServlet.registerInterceptor(new AuthorizationInterceptor(PolicyEnum.DENY) {
@ -952,8 +966,6 @@ public class AuthorizationInterceptorDstu2Test {
assertFalse(ourHitMethod); assertFalse(ourHitMethod);
} }
@Test @Test
public void testWriteByCompartmentUpdateConditionalResolvesToInvalid() throws Exception { public void testWriteByCompartmentUpdateConditionalResolvesToInvalid() throws Exception {
ourConditionalCreateId = "1123"; ourConditionalCreateId = "1123";
@ -986,7 +998,6 @@ public class AuthorizationInterceptorDstu2Test {
} }
@Test @Test
public void testWriteByCompartmentUpdateConditionalResolvesToValid() throws Exception { public void testWriteByCompartmentUpdateConditionalResolvesToValid() throws Exception {
ourConditionalCreateId = "1"; ourConditionalCreateId = "1";
@ -1203,11 +1214,13 @@ public class AuthorizationInterceptorDstu2Test {
ourHitMethod = true; ourHitMethod = true;
return (Observation) ourReturn.get(0); return (Observation) ourReturn.get(0);
} }
@Search() @Search()
public List<IResource> search() { public List<IResource> search() {
ourHitMethod = true; ourHitMethod = true;
return ourReturn; return ourReturn;
} }
@Update() @Update()
public MethodOutcome update(@IdParam IdDt theId, @ResourceParam Observation theResource, @ConditionalUrlParam String theConditionalUrl, RequestDetails theRequestDetails) { public MethodOutcome update(@IdParam IdDt theId, @ResourceParam Observation theResource, @ConditionalUrlParam String theConditionalUrl, RequestDetails theRequestDetails) {
ourHitMethod = true; ourHitMethod = true;
@ -1229,12 +1242,10 @@ public class AuthorizationInterceptorDstu2Test {
return retVal; return retVal;
} }
} }
public static class DummyPatientResourceProvider implements IResourceProvider { public static class DummyPatientResourceProvider implements IResourceProvider {
@Create() @Create()
public MethodOutcome create(@ResourceParam Patient theResource, @ConditionalUrlParam String theConditionalUrl, RequestDetails theRequestDetails) { public MethodOutcome create(@ResourceParam Patient theResource, @ConditionalUrlParam String theConditionalUrl, RequestDetails theRequestDetails) {
@ -1255,7 +1266,6 @@ public class AuthorizationInterceptorDstu2Test {
return retVal; return retVal;
} }
@Delete() @Delete()
public MethodOutcome delete(IRequestOperationCallback theRequestOperationCallback, @IdParam IdDt theId, @ConditionalUrlParam String theConditionalUrl, RequestDetails theRequestDetails) { public MethodOutcome delete(IRequestOperationCallback theRequestOperationCallback, @IdParam IdDt theId, @ConditionalUrlParam String theConditionalUrl, RequestDetails theRequestDetails) {
ourHitMethod = true; ourHitMethod = true;
@ -1322,7 +1332,8 @@ public class AuthorizationInterceptorDstu2Test {
} }
@Validate @Validate
public MethodOutcome validate(@ResourceParam Patient theResource, @IdParam IdDt theId, @ResourceParam String theRawResource, @ResourceParam EncodingEnum theEncoding, @Validate.Mode ValidationModeEnum theMode, public MethodOutcome validate(@ResourceParam Patient theResource, @IdParam IdDt theId, @ResourceParam String theRawResource, @ResourceParam EncodingEnum theEncoding,
@Validate.Mode ValidationModeEnum theMode,
@Validate.Profile String theProfile, RequestDetails theRequestDetails) { @Validate.Profile String theProfile, RequestDetails theRequestDetails) {
ourHitMethod = true; ourHitMethod = true;
OperationOutcome oo = new OperationOutcome(); OperationOutcome oo = new OperationOutcome();
@ -1341,8 +1352,7 @@ public class AuthorizationInterceptorDstu2Test {
} }
public static class PlainProvider public static class PlainProvider {
{
@Operation(name = "opName", idempotent = true) @Operation(name = "opName", idempotent = true)
public Parameters operation() { public Parameters operation() {
@ -1350,7 +1360,6 @@ public class AuthorizationInterceptorDstu2Test {
return (Parameters) new Parameters().setId("1"); return (Parameters) new Parameters().setId("1");
} }
@Transaction() @Transaction()
public Bundle search(@TransactionParam Bundle theInput) { public Bundle search(@TransactionParam Bundle theInput) {
ourHitMethod = true; ourHitMethod = true;

11
hapi-fhir-structures-dstu3/src/test/java/ca/uhn/fhir/parser/JsonParserDstu3Test.java
View File

@ -1727,7 +1727,16 @@ public class JsonParserDstu3Test {
public void testParseNarrativeWithEmptyDiv() { public void testParseNarrativeWithEmptyDiv() {
String input = "{\"resourceType\":\"Basic\",\"id\":\"1\",\"text\":{\"status\":\"generated\",\"div\":\"<div/>\"}}"; String input = "{\"resourceType\":\"Basic\",\"id\":\"1\",\"text\":{\"status\":\"generated\",\"div\":\"<div/>\"}}";
Basic basic = ourCtx.newJsonParser().parseResource(Basic.class, input); Basic basic = ourCtx.newJsonParser().parseResource(Basic.class, input);
assertEquals("<div/>", basic.getText().getDivAsString()); assertEquals(null, basic.getText().getDivAsString());
input = "{\"resourceType\":\"Basic\",\"id\":\"1\",\"text\":{\"status\":\"generated\",\"div\":\"<div></div>\"}}";
basic = ourCtx.newJsonParser().parseResource(Basic.class, input);
assertEquals(null, basic.getText().getDivAsString());
input = "{\"resourceType\":\"Basic\",\"id\":\"1\",\"text\":{\"status\":\"generated\",\"div\":\"<div> </div>\"}}";
basic = ourCtx.newJsonParser().parseResource(Basic.class, input);
assertEquals("<div xmlns=\"http://www.w3.org/1999/xhtml\"> </div>", basic.getText().getDivAsString());
} }
/** /**