Try to fix tests
This commit is contained in:
parent
8bb00839d0
commit
a8b121d868
|
@ -0,0 +1,34 @@
|
|||
package example;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import ca.uhn.fhir.model.dstu2.resource.Patient;
|
||||
import ca.uhn.fhir.rest.method.RequestDetails;
|
||||
import ca.uhn.fhir.rest.server.interceptor.auth.AuthorizationInterceptor;
|
||||
import ca.uhn.fhir.rest.server.interceptor.auth.IAuthRule;
|
||||
import ca.uhn.fhir.rest.server.interceptor.auth.RuleBuilder;
|
||||
|
||||
public class AuthorizationInterceptors {
|
||||
|
||||
public class PatientAndAdminAuthorizationInterceptor extends AuthorizationInterceptor {
|
||||
@Override
|
||||
public List<IAuthRule> buildRuleList(RequestDetails theRequestDetails) {
|
||||
|
||||
String authHeader = theRequestDetails.getHeader("Authorization");
|
||||
/*
|
||||
* Process authorization header - The following is a fake
|
||||
* implementation. Obviously we'd want something more real
|
||||
* for a production scenario.
|
||||
*/
|
||||
|
||||
// If the authorization header was determined to be
|
||||
Long callerIsPatientId = null;
|
||||
|
||||
return new RuleBuilder()
|
||||
.deny("Rule 1").read().resourcesOfType(Patient.class).withAnyId().andThen()
|
||||
.allowAll("Default Rule")
|
||||
.build();
|
||||
}
|
||||
}
|
||||
|
||||
}
|
|
@ -171,7 +171,7 @@ public class ResourceProviderDstu3Test extends BaseResourceProviderDstu3Test {
|
|||
client.create().resource(resBody).execute().getId();
|
||||
fail();
|
||||
} catch (UnprocessableEntityException e) {
|
||||
assertThat(e.getMessage(), containsString("Unable to store a Bundle resource on this server with a Bundle.type value other than 'document' - Value was: transaction"));
|
||||
assertThat(e.getMessage(), containsString("Unable to store a Bundle resource on this server with a Bundle.type value of: transaction"));
|
||||
}
|
||||
}
|
||||
|
||||
|
|
|
@ -78,7 +78,24 @@
|
|||
has the appropriate permission to perform a given task on a FHIR server. This is
|
||||
done by declaring
|
||||
</p>
|
||||
<p class="doc_info_bubble">
|
||||
AuthorizationInterceptor is a new feature in HAPI FHIR, and has not yet
|
||||
been heavily tested. Use with caution, and do lots of testing! We welcome
|
||||
feedback and suggestions on this feature.
|
||||
</p>
|
||||
|
||||
<p>
|
||||
The AuthorizationInterceptor works by allowing you to declare
|
||||
permissions based on an individual request coming in. In other
|
||||
words, you could have code that examines an incoming request and
|
||||
determines that it is being made by a Patient with ID 123. You
|
||||
could then declare that the requesting user has access to read and
|
||||
write any resource in compartment "Patient/123", which corresponds
|
||||
to any Observation, MedicationOrder etc with a subject of
|
||||
"<code>Patient/123</code>". On the other hand, another request
|
||||
might be detemrined to belong to an administrator user, and
|
||||
could be declared to be allowed to do anything.
|
||||
</p>
|
||||
</section>
|
||||
|
||||
</body>
|
||||
|
|
Loading…
Reference in New Issue