Merge branch 'master' into ks-in-memory-date-compare

This commit is contained in:
James Agnew 2019-09-10 13:25:29 -04:00 committed by GitHub
commit 9420bca341
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 74 additions and 4 deletions

View File

@ -313,7 +313,7 @@ public class ConsentInterceptorResourceProviderR4Test extends BaseResourceProvid
patient.setActive(true);
// Reject output
consentService.setTarget(new ConsentSvcRejectSeeingAnything());
consentService.setTarget(new ConsentSvcRejectCanSeeAnything());
HttpPost post = new HttpPost(ourServerBase + "/Patient");
post.addHeader(Constants.HEADER_PREFER, Constants.HEADER_PREFER_RETURN + '=' + Constants.HEADER_PREFER_RETURN_REPRESENTATION);
post.setEntity(toEntity(patient));
@ -356,7 +356,7 @@ public class ConsentInterceptorResourceProviderR4Test extends BaseResourceProvid
ourRestServer.getInterceptorService().registerInterceptor(myConsentInterceptor);
// Reject output
consentService.setTarget(new ConsentSvcRejectSeeingAnything());
consentService.setTarget(new ConsentSvcRejectCanSeeAnything());
patient = new Patient();
patient.setId(id);
patient.setActive(true);
@ -394,6 +394,32 @@ public class ConsentInterceptorResourceProviderR4Test extends BaseResourceProvid
}
@Test
public void testRejectWillSeeResource() throws IOException {
create50Observations();
ConsentSvcRejectWillSeeEvenNumbered consentService = new ConsentSvcRejectWillSeeEvenNumbered();
myConsentInterceptor = new ConsentInterceptor(consentService, IConsentContextServices.NULL_IMPL);
ourRestServer.getInterceptorService().registerInterceptor(myConsentInterceptor);
// Search for all
String url = ourServerBase + "/Observation?_pretty=true&_count=10";
ourLog.info("HTTP GET {}", url);
HttpGet get = new HttpGet(url);
get.addHeader(Constants.HEADER_ACCEPT, Constants.CT_JSON);
try (CloseableHttpResponse status = ourHttpClient.execute(get)) {
String responseString = IOUtils.toString(status.getEntity().getContent(), Charsets.UTF_8);
ourLog.info("Response: {}", responseString);
assertEquals(200, status.getStatusLine().getStatusCode());
Bundle result = myFhirCtx.newJsonParser().parseResource(Bundle.class, responseString);
List<IBaseResource> resources = BundleUtil.toListOfResources(myFhirCtx, result);
List<String> returnedIdValues = toUnqualifiedVersionlessIdValues(resources);
assertEquals(myObservationIdsOddOnly.subList(0, 5), returnedIdValues);
}
}
@Test
public void testGraphQL_Proceed() throws IOException {
createPatientAndOrg();
@ -727,7 +753,7 @@ public class ConsentInterceptorResourceProviderR4Test extends BaseResourceProvid
}
private static class ConsentSvcRejectSeeingAnything implements IConsentService {
private static class ConsentSvcRejectCanSeeAnything implements IConsentService {
@Override
public ConsentOutcome startOperation(RequestDetails theRequestDetails, IConsentContextServices theContextServices) {
@ -756,4 +782,43 @@ public class ConsentInterceptorResourceProviderR4Test extends BaseResourceProvid
}
private static class ConsentSvcRejectWillSeeEvenNumbered implements IConsentService {
@Override
public ConsentOutcome startOperation(RequestDetails theRequestDetails, IConsentContextServices theContextServices) {
return ConsentOutcome.PROCEED;
}
@Override
public ConsentOutcome canSeeResource(RequestDetails theRequestDetails, IBaseResource theResource, IConsentContextServices theContextServices) {
return ConsentOutcome.PROCEED;
}
@Override
public ConsentOutcome willSeeResource(RequestDetails theRequestDetails, IBaseResource theResource, IConsentContextServices theContextServices) {
if (theResource.getIdElement().isIdPartValidLong()) {
Long resIdLong = theResource.getIdElement().getIdPartAsLong();
if (resIdLong % 2 == 0) {
return new ConsentOutcome(ConsentOperationStatusEnum.REJECT);
}
}
return new ConsentOutcome(ConsentOperationStatusEnum.PROCEED);
}
@Override
public void completeOperationSuccess(RequestDetails theRequestDetails, IConsentContextServices theContextServices) {
// nothing
}
@Override
public void completeOperationFailure(RequestDetails theRequestDetails, BaseServerResponseException theException, IConsentContextServices theContextServices) {
// nothing
}
}
}

View File

@ -178,7 +178,7 @@ public class ConsentInterceptor {
alreadySeenResources.put(newOperationOutcome, true);
} else {
String resourceId = nextResource.getIdElement().getValue();
theRequestDetails.getFhirContext().newTerser().clear(nextResource);
thePreResourceShowDetails.setResource(i, null);
nextResource.setId(resourceId);
}
break;

View File

@ -128,6 +128,11 @@
<action type="add">
Add support for in-memory matching on date comparisons ge,gt,eq,lt,le.
</action>
<action type="fix">
When using the Consent Service and denying a resource via the "Will See Resource" method, the resource ID
and version were still returned to the user. This has been corrected so that no details about
the resource are leaked.
</action>
</release>
<release version="4.0.1" date="2019-09-03" description="Igloo (Point Release)">
<action type="fix">