3110 zh disallow unknown extensions (#3009)

* Added allowKnownExtensionsOnly() method such which calls setAnyExtensionsAllowed() to set myAnyExtensionsAllowed to false and modified changelogs to add entry for this ticket.

* Modified docs to remove description for .allowAnyExtensions() and included it within a description for .allowKnownExtensionsOnly() and also added test for .allowKnownExtensionsOnly()

* refactored allowKnownExtensionsOnly() to rejectUnknownExtensions()

hapi-fhir-docs/src/main/java/ca/uhn/hapi/fhir/docs/RepositoryValidatingInterceptorExamples.java

@@ -28,7 +28,6 @@ import ca.uhn.fhir.jpa.interceptor.validation.RepositoryValidatingRuleBuilder;
 import ca.uhn.fhir.validation.ResultSeverityEnum;
 import org.springframework.context.ApplicationContext;
 
-import javax.annotation.Nonnull;
 import java.util.List;
 
 @SuppressWarnings("unused")
@@ -121,8 +120,10 @@ public class RepositoryValidatingInterceptorExamples {
 			.forResourcesOfType("Patient")
 			.requireValidationToDeclaredProfiles()
 
-			// Configure the validator to never reject extensions
+			// Configure the validator to reject unknown extensions
-			.allowAnyExtensions()
+			// by default, all extensions are accepted and to undo this rejection
+			// call allowAnyExtensions()
+			.rejectUnknownExtensions()
 
 			// Configure the validator to not perform terminology validation
 			.disableTerminologyChecks()

hapi-fhir-docs/src/main/resources/ca/uhn/hapi/fhir/changelog/5_6_0/3110-add-toggle-to-deny-unknown-extensions.yaml

@@ -0,0 +1,4 @@
+---
+type: add
+issue: 3110
+title: "Added a functionality to deny unknown extensions."

hapi-fhir-jpaserver-base/src/main/java/ca/uhn/fhir/jpa/interceptor/validation/RepositoryValidatingRuleBuilder.java

@@ -305,6 +305,15 @@ public final class RepositoryValidatingRuleBuilder implements IRuleRoot {
 				return this;
 			}
 
+			/**
+			 * Configure the validator to reject unknown extensions
+			 */
+			@Nonnull
+			public FinalizedRequireValidationRule rejectUnknownExtensions() {
+				myRule.getValidator().setAnyExtensionsAllowed(false);
+				return this;
+			}
+
 			/**
 			 * Configure the validator to not perform terminology validation
 			 */

hapi-fhir-jpaserver-base/src/test/java/ca/uhn/fhir/jpa/interceptor/validation/RepositoryValidatingInterceptorR4Test.java

@@ -291,6 +291,33 @@ public class RepositoryValidatingInterceptorR4Test extends BaseJpaR4Test {
 		}
 	}
 
+	@Test
+	public void testRequireValidation_AdditionalOptions_Reject_UnKnown_Extensions() {
+		List<IRepositoryValidatingRule> rules = newRuleBuilder()
+			.forResourcesOfType("Observation")
+			.requireValidationToDeclaredProfiles()
+			.withBestPracticeWarningLevel("IGNORE")
+			.rejectUnknownExtensions()
+			.disableTerminologyChecks()
+			.errorOnUnknownProfiles()
+			.suppressNoBindingMessage()
+			.suppressWarningForExtensibleValueSetValidation()
+			.build();
+
+		myValInterceptor.setRules(rules);
+
+		Observation obs = new Observation();
+		obs.getCode().addCoding().setSystem("http://foo").setCode("123").setDisplay("help im a bug");
+		obs.setStatus(Observation.ObservationStatus.AMENDED);
+		try {
+			IIdType id = myObservationDao.create(obs).getId();
+			assertEquals("1", id.getVersionIdPart());
+		} catch (PreconditionFailedException e) {
+			// should not happen
+			fail(myFhirCtx.newJsonParser().setPrettyPrint(true).encodeResourceToString(e.getOperationOutcome()));
+		}
+	}
+
 	@Test
 	public void testRequireValidation_FailNoRejectAndTag() {
 		List<IRepositoryValidatingRule> rules = newRuleBuilder()