3110 zh disallow unknown extensions (#3009)

* Added allowKnownExtensionsOnly() method such which calls setAnyExtensionsAllowed() to set myAnyExtensionsAllowed to false and modified changelogs to add entry for this ticket.

* Modified docs to remove description for .allowAnyExtensions() and included it within a description for .allowKnownExtensionsOnly() and also added test for .allowKnownExtensionsOnly()

* refactored allowKnownExtensionsOnly() to rejectUnknownExtensions()
This commit is contained in:
Johnson Lu 2021-09-20 12:40:56 -07:00 committed by GitHub
parent 0eb6958701
commit f1f9c672ad
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
4 changed files with 44 additions and 3 deletions

View File

@ -28,7 +28,6 @@ import ca.uhn.fhir.jpa.interceptor.validation.RepositoryValidatingRuleBuilder;
import ca.uhn.fhir.validation.ResultSeverityEnum; import ca.uhn.fhir.validation.ResultSeverityEnum;
import org.springframework.context.ApplicationContext; import org.springframework.context.ApplicationContext;
import javax.annotation.Nonnull;
import java.util.List; import java.util.List;
@SuppressWarnings("unused") @SuppressWarnings("unused")
@ -121,8 +120,10 @@ public class RepositoryValidatingInterceptorExamples {
.forResourcesOfType("Patient") .forResourcesOfType("Patient")
.requireValidationToDeclaredProfiles() .requireValidationToDeclaredProfiles()
// Configure the validator to never reject extensions // Configure the validator to reject unknown extensions
.allowAnyExtensions() // by default, all extensions are accepted and to undo this rejection
// call allowAnyExtensions()
.rejectUnknownExtensions()
// Configure the validator to not perform terminology validation // Configure the validator to not perform terminology validation
.disableTerminologyChecks() .disableTerminologyChecks()

View File

@ -0,0 +1,4 @@
---
type: add
issue: 3110
title: "Added a functionality to deny unknown extensions."

View File

@ -305,6 +305,15 @@ public final class RepositoryValidatingRuleBuilder implements IRuleRoot {
return this; return this;
} }
/**
* Configure the validator to reject unknown extensions
*/
@Nonnull
public FinalizedRequireValidationRule rejectUnknownExtensions() {
myRule.getValidator().setAnyExtensionsAllowed(false);
return this;
}
/** /**
* Configure the validator to not perform terminology validation * Configure the validator to not perform terminology validation
*/ */

View File

@ -291,6 +291,33 @@ public class RepositoryValidatingInterceptorR4Test extends BaseJpaR4Test {
} }
} }
@Test
public void testRequireValidation_AdditionalOptions_Reject_UnKnown_Extensions() {
List<IRepositoryValidatingRule> rules = newRuleBuilder()
.forResourcesOfType("Observation")
.requireValidationToDeclaredProfiles()
.withBestPracticeWarningLevel("IGNORE")
.rejectUnknownExtensions()
.disableTerminologyChecks()
.errorOnUnknownProfiles()
.suppressNoBindingMessage()
.suppressWarningForExtensibleValueSetValidation()
.build();
myValInterceptor.setRules(rules);
Observation obs = new Observation();
obs.getCode().addCoding().setSystem("http://foo").setCode("123").setDisplay("help im a bug");
obs.setStatus(Observation.ObservationStatus.AMENDED);
try {
IIdType id = myObservationDao.create(obs).getId();
assertEquals("1", id.getVersionIdPart());
} catch (PreconditionFailedException e) {
// should not happen
fail(myFhirCtx.newJsonParser().setPrettyPrint(true).encodeResourceToString(e.getOperationOutcome()));
}
}
@Test @Test
public void testRequireValidation_FailNoRejectAndTag() { public void testRequireValidation_FailNoRejectAndTag() {
List<IRepositoryValidatingRule> rules = newRuleBuilder() List<IRepositoryValidatingRule> rules = newRuleBuilder()