Clean up authorization interceptor tests

2016-11-03 08:10:54 -04:00 · 2016-11-03 08:10:54 -04:00 · 8c53ad24f7
parent 3a5a771de7
commit 8c53ad24f7
3 changed files with 70 additions and 51 deletions
--- a/hapi-fhir-base/src/main/java/ca/uhn/fhir/rest/server/interceptor/auth/RuleImplOp.java
+++ b/hapi-fhir-base/src/main/java/ca/uhn/fhir/rest/server/interceptor/auth/RuleImplOp.java
@ -65,6 +65,7 @@ class RuleImplOp extends BaseRule implements IAuthRule {
 			if (theOutputResource == null) {
 				switch (theOperation) {
 				case READ:
+				case VREAD:
 					appliesToResourceId = theInputResourceId;
 					break;
 				case SEARCH_SYSTEM:
--- a/hapi-fhir-structures-dstu2/src/test/java/ca/uhn/fhir/rest/server/interceptor/auth/AuthorizationInterceptorDstu2Test.java
+++ b/hapi-fhir-structures-dstu2/src/test/java/ca/uhn/fhir/rest/server/interceptor/auth/AuthorizationInterceptorDstu2Test.java
@ -70,7 +70,6 @@ import ca.uhn.fhir.rest.server.IResourceProvider;
 import ca.uhn.fhir.rest.server.RestfulServer;
 import ca.uhn.fhir.rest.server.interceptor.IServerInterceptor;
 import ca.uhn.fhir.rest.server.interceptor.IServerInterceptor.ActionRequestDetails;
-import ca.uhn.fhir.rest.server.servlet.ServletRequestDetails;
 import ca.uhn.fhir.util.PortUtil;
 import ca.uhn.fhir.util.TestUtil;

@ -87,7 +86,6 @@ public class AuthorizationInterceptorDstu2Test {
 	private static Server ourServer;
 	private static RestfulServer ourServlet;

-
 	@Before
 	public void before() {
 		ourCtx.setAddProfileTagWhenEncoding(AddProfileTagEnum.NEVER);
@ -331,6 +329,15 @@ public class AuthorizationInterceptorDstu2Test {
 		assertThat(response, containsString("Access denied by rule: Default Rule"));
 		assertEquals(403, status.getStatusLine().getStatusCode());
 		assertFalse(ourHitMethod);
+
+		ourHitMethod = false;
+		httpGet = new HttpGet("http://localhost:" + ourPort + "/Patient/1/$opName");
+		status = ourClient.execute(httpGet);
+		response = extractResponseAndClose(status);
+		ourLog.info(response);
+		assertThat(response, containsString("Access denied by rule: Default Rule"));
+		assertEquals(403, status.getStatusLine().getStatusCode());
+		assertFalse(ourHitMethod);
 	}

 	@Test
@ -617,6 +624,14 @@ public class AuthorizationInterceptorDstu2Test {
 		assertEquals(200, status.getStatusLine().getStatusCode());
 		assertTrue(ourHitMethod);

+		ourReturn = Arrays.asList(createPatient(2));
+		ourHitMethod = false;
+		httpGet = new HttpGet("http://localhost:" + ourPort + "/Patient/1/_history/222");
+		status = ourClient.execute(httpGet);
+		extractResponseAndClose(status);
+		assertEquals(200, status.getStatusLine().getStatusCode());
+		assertTrue(ourHitMethod);
+
 		ourReturn = Arrays.asList(createObservation(10, "Patient/2"));
 		ourHitMethod = false;
 		httpGet = new HttpGet("http://localhost:" + ourPort + "/Observation/10");
@ -692,7 +707,6 @@ public class AuthorizationInterceptorDstu2Test {

 	}

-	
 	@Test
 	public void testReadByCompartmentWrong() throws Exception {
 		ourServlet.registerInterceptor(new AuthorizationInterceptor(PolicyEnum.DENY) {
@ -952,8 +966,6 @@ public class AuthorizationInterceptorDstu2Test {
 		assertFalse(ourHitMethod);
 	}

-	
-
 	@Test
 	public void testWriteByCompartmentUpdateConditionalResolvesToInvalid() throws Exception {
 		ourConditionalCreateId = "1123";
@ -986,7 +998,6 @@ public class AuthorizationInterceptorDstu2Test {

 	}

-	
 	@Test
 	public void testWriteByCompartmentUpdateConditionalResolvesToValid() throws Exception {
 		ourConditionalCreateId = "1";
@ -1203,11 +1214,13 @@ public class AuthorizationInterceptorDstu2Test {
 			ourHitMethod = true;
 			return (Observation) ourReturn.get(0);
 		}
+
 		@Search()
 		public List<IResource> search() {
 			ourHitMethod = true;
 			return ourReturn;
 		}
+
 		@Update()
 		public MethodOutcome update(@IdParam IdDt theId, @ResourceParam Observation theResource, @ConditionalUrlParam String theConditionalUrl, RequestDetails theRequestDetails) {
 			ourHitMethod = true;
@ -1229,12 +1242,10 @@ public class AuthorizationInterceptorDstu2Test {
 			return retVal;
 		}

-
 	}

 	public static class DummyPatientResourceProvider implements IResourceProvider {

-
 		@Create()
 		public MethodOutcome create(@ResourceParam Patient theResource, @ConditionalUrlParam String theConditionalUrl, RequestDetails theRequestDetails) {

@ -1255,7 +1266,6 @@ public class AuthorizationInterceptorDstu2Test {
 			return retVal;
 		}

-
 		@Delete()
 		public MethodOutcome delete(IRequestOperationCallback theRequestOperationCallback, @IdParam IdDt theId, @ConditionalUrlParam String theConditionalUrl, RequestDetails theRequestDetails) {
 			ourHitMethod = true;
@ -1322,7 +1332,8 @@ public class AuthorizationInterceptorDstu2Test {
 		}

 		@Validate
-		public MethodOutcome validate(@ResourceParam Patient theResource, @IdParam IdDt theId, @ResourceParam String theRawResource, @ResourceParam EncodingEnum theEncoding, @Validate.Mode ValidationModeEnum theMode,
+		public MethodOutcome validate(@ResourceParam Patient theResource, @IdParam IdDt theId, @ResourceParam String theRawResource, @ResourceParam EncodingEnum theEncoding,
+				@Validate.Mode ValidationModeEnum theMode,
 				@Validate.Profile String theProfile, RequestDetails theRequestDetails) {
 			ourHitMethod = true;
 			OperationOutcome oo = new OperationOutcome();
@ -1341,8 +1352,7 @@ public class AuthorizationInterceptorDstu2Test {

 	}

-	public static class PlainProvider
-	{
+	public static class PlainProvider {

 		@Operation(name = "opName", idempotent = true)
 		public Parameters operation() {
@ -1350,7 +1360,6 @@ public class AuthorizationInterceptorDstu2Test {
 			return (Parameters) new Parameters().setId("1");
 		}

-		
 		@Transaction()
 		public Bundle search(@TransactionParam Bundle theInput) {
 			ourHitMethod = true;
--- a/hapi-fhir-structures-dstu3/src/test/java/ca/uhn/fhir/parser/JsonParserDstu3Test.java
+++ b/hapi-fhir-structures-dstu3/src/test/java/ca/uhn/fhir/parser/JsonParserDstu3Test.java
@ -1727,7 +1727,16 @@ public class JsonParserDstu3Test {
 	public void testParseNarrativeWithEmptyDiv() {
 		String input = "{\"resourceType\":\"Basic\",\"id\":\"1\",\"text\":{\"status\":\"generated\",\"div\":\"<div/>\"}}";
 		Basic basic = ourCtx.newJsonParser().parseResource(Basic.class, input);
-		assertEquals("<div/>", basic.getText().getDivAsString());
+		assertEquals(null, basic.getText().getDivAsString());
+		
+		input = "{\"resourceType\":\"Basic\",\"id\":\"1\",\"text\":{\"status\":\"generated\",\"div\":\"<div></div>\"}}";
+		basic = ourCtx.newJsonParser().parseResource(Basic.class, input);
+		assertEquals(null, basic.getText().getDivAsString());
+
+		input = "{\"resourceType\":\"Basic\",\"id\":\"1\",\"text\":{\"status\":\"generated\",\"div\":\"<div> </div>\"}}";
+		basic = ourCtx.newJsonParser().parseResource(Basic.class, input);
+		assertEquals("<div xmlns=\"http://www.w3.org/1999/xhtml\"> </div>", basic.getText().getDivAsString());
+
 	}

 	/**