mirror of
https://github.com/hapifhir/hapi-fhir.git
synced 2025-02-28 00:59:14 +00:00
Interim code for ConsentInterceptorTest
This commit is contained in:
souradeepsaha
parent
b5953af239
commit
cdce5ec743
@ -52,13 +52,12 @@ public class ConsentInterceptors {
|
|||||||
@Override
|
@Override
|
||||||
public ConsentOutcome canSeeResource(RequestDetails theRequestDetails, IBaseResource theResource, IConsentContextServices theContextServices) {
|
public ConsentOutcome canSeeResource(RequestDetails theRequestDetails, IBaseResource theResource, IConsentContextServices theContextServices) {
|
||||||
// In this basic example, we will filter out lab results so that they
|
// In this basic example, we will filter out lab results so that they
|
||||||
// are never disclosed to the user. A real interceptor might do something
|
// are never disclosed to the user. A real interceptor might do something more nuance or entirely
|
||||||
// more nuanced.
|
// forbid the operation by returning ConsentOutcome.FORBID;
|
||||||
if (theResource instanceof Observation) {
|
if (theResource instanceof Observation) {
|
||||||
Observation obs = (Observation)theResource;
|
Observation obs = (Observation)theResource;
|
||||||
if (obs.getCategoryFirstRep().hasCoding("http://hl7.org/fhir/codesystem-observation-category.html", "laboratory")) {
|
if (obs.getCategoryFirstRep().hasCoding("http://hl7.org/fhir/codesystem-observation-category.html", "laboratory")) {
|
||||||
return ConsentOutcome.REJECT;
|
return ConsentOutcome.REJECT;
|
||||||
//return ConsentOutcome.FORBID;
|
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -0,0 +1,8 @@
|
|||||||
|
---
|
||||||
|
type: add
|
||||||
|
issue: 4941
|
||||||
|
jira: smile-6485
|
||||||
|
todo:
|
||||||
|
title: "The `@Interceptor` annotation can now be placed at the method level. This is used only
|
||||||
|
as a marker, and does not change the behaviour or interceptors in any way. Thanks to
|
||||||
|
Dominique Villard for the pull request!"
|
||||||
@ -244,7 +244,6 @@ public class ConsentInterceptor {
|
|||||||
skipSubsequentServices = true;
|
skipSubsequentServices = true;
|
||||||
break;
|
break;
|
||||||
case REJECT:
|
case REJECT:
|
||||||
authorizedResources.put(nextResource, Boolean.FALSE);
|
|
||||||
thePreResourceAccessDetails.setDontReturnResourceAtIndex(resourceIdx);
|
thePreResourceAccessDetails.setDontReturnResourceAtIndex(resourceIdx);
|
||||||
skipSubsequentServices = true;
|
skipSubsequentServices = true;
|
||||||
break;
|
break;
|
||||||
@ -300,6 +299,7 @@ public class ConsentInterceptor {
|
|||||||
}
|
}
|
||||||
continue;
|
continue;
|
||||||
case FORBID:
|
case FORBID:
|
||||||
|
throw toForbiddenOperationException(nextOutcome);
|
||||||
case REJECT:
|
case REJECT:
|
||||||
if (nextOutcome.getOperationOutcome() != null) {
|
if (nextOutcome.getOperationOutcome() != null) {
|
||||||
IBaseOperationOutcome newOperationOutcome = nextOutcome.getOperationOutcome();
|
IBaseOperationOutcome newOperationOutcome = nextOutcome.getOperationOutcome();
|
||||||
|
|||||||
@ -42,7 +42,8 @@ public enum ConsentOperationStatusEnum {
|
|||||||
|
|
||||||
/**
|
/**
|
||||||
* The requested operation cannot proceed, and an operation outcome suitable for
|
* The requested operation cannot proceed, and an operation outcome suitable for
|
||||||
* the user is available
|
* the user is forbidden. This was added to allow for 403 forbidden error from
|
||||||
|
* ConsentServices.
|
||||||
*/
|
*/
|
||||||
FORBID
|
FORBID
|
||||||
|
|
||||||
|
|||||||
@ -2,14 +2,11 @@ package ca.uhn.fhir.rest.server.interceptor;
|
|||||||
|
|
||||||
import ca.uhn.fhir.context.FhirContext;
|
import ca.uhn.fhir.context.FhirContext;
|
||||||
import ca.uhn.fhir.i18n.Msg;
|
import ca.uhn.fhir.i18n.Msg;
|
||||||
import ca.uhn.fhir.interceptor.api.Hook;
|
|
||||||
import ca.uhn.fhir.interceptor.api.Pointcut;
|
|
||||||
import ca.uhn.fhir.rest.annotation.Operation;
|
import ca.uhn.fhir.rest.annotation.Operation;
|
||||||
import ca.uhn.fhir.rest.annotation.OperationParam;
|
import ca.uhn.fhir.rest.annotation.OperationParam;
|
||||||
import ca.uhn.fhir.rest.annotation.RequiredParam;
|
import ca.uhn.fhir.rest.annotation.RequiredParam;
|
||||||
import ca.uhn.fhir.rest.annotation.Search;
|
import ca.uhn.fhir.rest.annotation.Search;
|
||||||
import ca.uhn.fhir.rest.api.Constants;
|
import ca.uhn.fhir.rest.api.Constants;
|
||||||
import ca.uhn.fhir.rest.api.RequestTypeEnum;
|
|
||||||
import ca.uhn.fhir.rest.api.server.RequestDetails;
|
import ca.uhn.fhir.rest.api.server.RequestDetails;
|
||||||
import ca.uhn.fhir.rest.client.api.IGenericClient;
|
import ca.uhn.fhir.rest.client.api.IGenericClient;
|
||||||
import ca.uhn.fhir.rest.param.StringParam;
|
import ca.uhn.fhir.rest.param.StringParam;
|
||||||
@ -56,7 +53,6 @@ import javax.servlet.ReadListener;
|
|||||||
import javax.servlet.ServletInputStream;
|
import javax.servlet.ServletInputStream;
|
||||||
import javax.servlet.http.HttpServletRequest;
|
import javax.servlet.http.HttpServletRequest;
|
||||||
import javax.servlet.http.HttpServletResponse;
|
import javax.servlet.http.HttpServletResponse;
|
||||||
import java.io.EOFException;
|
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
import java.io.InputStream;
|
import java.io.InputStream;
|
||||||
import java.io.PrintWriter;
|
import java.io.PrintWriter;
|
||||||
@ -67,18 +63,14 @@ import java.util.List;
|
|||||||
import static org.hamcrest.CoreMatchers.containsString;
|
import static org.hamcrest.CoreMatchers.containsString;
|
||||||
import static org.hamcrest.MatcherAssert.assertThat;
|
import static org.hamcrest.MatcherAssert.assertThat;
|
||||||
import static org.hamcrest.Matchers.not;
|
import static org.hamcrest.Matchers.not;
|
||||||
import static org.junit.jupiter.api.Assertions.assertDoesNotThrow;
|
|
||||||
import static org.junit.jupiter.api.Assertions.assertEquals;
|
import static org.junit.jupiter.api.Assertions.assertEquals;
|
||||||
import static org.junit.jupiter.api.Assertions.assertNull;
|
import static org.junit.jupiter.api.Assertions.assertNull;
|
||||||
import static org.mockito.ArgumentMatchers.any;
|
import static org.mockito.ArgumentMatchers.any;
|
||||||
import static org.mockito.Mockito.doThrow;
|
|
||||||
import static org.mockito.Mockito.reset;
|
import static org.mockito.Mockito.reset;
|
||||||
import static org.mockito.Mockito.timeout;
|
import static org.mockito.Mockito.timeout;
|
||||||
import static org.mockito.Mockito.times;
|
|
||||||
import static org.mockito.Mockito.verify;
|
import static org.mockito.Mockito.verify;
|
||||||
import static org.mockito.Mockito.verifyNoMoreInteractions;
|
import static org.mockito.Mockito.verifyNoMoreInteractions;
|
||||||
import static org.mockito.Mockito.when;
|
import static org.mockito.Mockito.when;
|
||||||
import static org.mockito.Mockito.withSettings;
|
|
||||||
|
|
||||||
@ExtendWith(MockitoExtension.class)
|
@ExtendWith(MockitoExtension.class)
|
||||||
public class ConsentInterceptorTest {
|
public class ConsentInterceptorTest {
|
||||||
@ -156,6 +148,32 @@ public class ConsentInterceptorTest {
|
|||||||
verify(myConsentSvc, timeout(2000).times(0)).completeOperationFailure(any(), any(), any());
|
verify(myConsentSvc, timeout(2000).times(0)).completeOperationFailure(any(), any(), any());
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@Test
|
||||||
|
public void testOutcomeForbidden() throws IOException {
|
||||||
|
Patient patientA = new Patient();
|
||||||
|
patientA.setId("PT-1-0");
|
||||||
|
patientA.setActive(true);
|
||||||
|
patientA.addName().setFamily("FAMILY").addGiven("GIVEN");
|
||||||
|
patientA.addIdentifier().setSystem("SYSTEM").setValue("VALUEA");
|
||||||
|
ourPatientProvider.store(patientA);
|
||||||
|
|
||||||
|
when(myConsentSvc.startOperation(any(), any())).thenReturn(ConsentOutcome.PROCEED);
|
||||||
|
when(myConsentSvc.canSeeResource(any(), any(), any())).thenReturn(ConsentOutcome.FORBID);
|
||||||
|
|
||||||
|
HttpPut httpPut = new HttpPut("http://localhost:" + myPort + "/Patient/PT-1-0");
|
||||||
|
httpPut.setHeader(HttpHeaders.CONTENT_TYPE, "application/json");
|
||||||
|
httpPut.setHeader("Authorization", "ingestfa_client iaamSmile123");
|
||||||
|
|
||||||
|
httpPut.setEntity(new StringEntity("{\"resourceType\": \"Patient\", \"id\": \"PT-1-0\",\"text\": {\"status\": \"generated\",\"div\": \"<div><p>A valid patient resource for testing purposes</p></div>\" },\"gender\": \"male\"}"));
|
||||||
|
|
||||||
|
try (CloseableHttpResponse status = myClient.execute(httpPut)) {
|
||||||
|
ourLog.info("RESULT {}", status);
|
||||||
|
assertEquals(403, status.getStatusLine().getStatusCode());
|
||||||
|
String responseContent = IOUtils.toString(status.getEntity().getContent(), Charsets.UTF_8);
|
||||||
|
ourLog.info("Response: {}", responseContent);
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testTotalModeIgnoredForConsentQueries() throws IOException {
|
public void testTotalModeIgnoredForConsentQueries() throws IOException {
|
||||||
Patient patientA = new Patient();
|
Patient patientA = new Patient();
|
||||||
@ -250,6 +268,8 @@ public class ConsentInterceptorTest {
|
|||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
@Test
|
@Test
|
||||||
public void testMetadataCallHasChecksSkipped() throws IOException{
|
public void testMetadataCallHasChecksSkipped() throws IOException{
|
||||||
HttpGet httpGet = new HttpGet("http://localhost:" + myPort + "/metadata");
|
HttpGet httpGet = new HttpGet("http://localhost:" + myPort + "/metadata");
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user