From 8d9b60751f8359a5457d65f3dec74e64dc4a3b11 Mon Sep 17 00:00:00 2001
From: souradeepsaha <souradeep.saha@smilecdr.com>
Date: Mon, 5 Jun 2023 10:04:50 -0400
Subject: [PATCH] Interim code for ConsentInterceptorTest

---
 .../interceptor/ConsentInterceptorTest.java   | 26 +++++++++++++++----
 1 file changed, 21 insertions(+), 5 deletions(-)

diff --git a/hapi-fhir-structures-r4/src/test/java/ca/uhn/fhir/rest/server/interceptor/ConsentInterceptorTest.java b/hapi-fhir-structures-r4/src/test/java/ca/uhn/fhir/rest/server/interceptor/ConsentInterceptorTest.java
index b3dddf721ea..11cbdaf3239 100644
--- a/hapi-fhir-structures-r4/src/test/java/ca/uhn/fhir/rest/server/interceptor/ConsentInterceptorTest.java
+++ b/hapi-fhir-structures-r4/src/test/java/ca/uhn/fhir/rest/server/interceptor/ConsentInterceptorTest.java
@@ -161,7 +161,6 @@ public class ConsentInterceptorTest {
 
 		HttpPut httpPut = new HttpPut("http://localhost:" + myPort + "/Patient/PT-1-0");
 		httpPut.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
-		httpPut.setHeader("Authorization", "ingestfa_client iaamSmile123");
 
 		httpPut.setEntity(new StringEntity("{\"resourceType\": \"Patient\", \"id\": \"PT-1-0\",\"text\": {\"status\": \"generated\",\"div\": \"<div><p>A valid patient resource for testing purposes</p></div>\" },\"gender\": \"male\"}"));
 
@@ -185,8 +184,6 @@ public class ConsentInterceptorTest {
 		when(myConsentSvc.canSeeResource(any(), any(), any())).thenReturn(ConsentOutcome.FORBID);
 
 		HttpGet httpGet = new HttpGet("http://localhost:" + myPort + "/Patient/PT-1-0");
-		httpGet.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
-		httpGet.setHeader("Authorization", "ingestfa_client iaamSmile123");
 
 		try (CloseableHttpResponse status = myClient.execute(httpGet)) {
 			ourLog.info("RESULT {}", status);
@@ -208,8 +205,27 @@ public class ConsentInterceptorTest {
 		when(myConsentSvc.willSeeResource(any(), any(), any())).thenReturn(ConsentOutcome.FORBID);
 
 		HttpGet httpGet = new HttpGet("http://localhost:" + myPort + "/Patient/PT-1-0");
-		httpGet.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
-		httpGet.setHeader("Authorization", "ingestfa_client iaamSmile123");
+
+		try (CloseableHttpResponse status = myClient.execute(httpGet)) {
+			ourLog.info("RESULT {}", status);
+			assertEquals(403, status.getStatusLine().getStatusCode());
+			String responseContent = IOUtils.toString(status.getEntity().getContent(), Charsets.UTF_8);
+			ourLog.info("Response: {}", responseContent);
+		}
+	}
+
+	@Test
+	public void testContentService_whenForbiddingOperationOnServerOutgoingResponse_returnsForbidden() throws IOException {
+		Patient patientA = new Patient();
+		patientA.setId("PT-1-0");
+		patientA.setActive(true);
+		patientA.addName().setFamily("FAMILY").addGiven("GIVEN");
+		patientA.addIdentifier().setSystem("SYSTEM").setValue("VALUEA");
+		ourPatientProvider.store(patientA);
+
+		when(myConsentSvc.willSeeResource(any(), any(), any())).thenReturn(ConsentOutcome.FORBID);
+
+		HttpGet httpGet = new HttpGet("http://localhost:" + myPort + "/Patient/PT-1-0");
 
 		try (CloseableHttpResponse status = myClient.execute(httpGet)) {
 			ourLog.info("RESULT {}", status);