Work on authorization interceptor

This commit is contained in:
James 2016-11-04 06:53:26 -04:00
parent 6cb502266c
commit f838b80373
2 changed files with 42 additions and 0 deletions

View File

@ -1,5 +1,7 @@
package ca.uhn.fhir.rest.server.interceptor.auth;
import org.apache.http.impl.client.HttpClientBuilder;
/*
* #%L
* HAPI FHIR - Core Library
@ -40,4 +42,9 @@ public interface IAuthRuleBuilderOperationNamed {
*/
IAuthRuleBuilderRuleOpClassifierFinished onInstance(IIdType theInstanceId);
/**
* Rule applies to invocations of this operation at the <code>instance</code> level on any instance of the given type
*/
IAuthRuleBuilderRuleOpClassifierFinished onInstancesOfType(Class<? extends IBaseResource> theType);
}

View File

@ -212,6 +212,31 @@ public class AuthorizationInterceptorDstu2Test {
assertEquals(403, status.getStatusLine().getStatusCode());
}
@Test
public void testOperationByInstanceOfTypeAllowed() throws Exception {
ourServlet.registerInterceptor(new AuthorizationInterceptor(PolicyEnum.DENY) {
@Override
public List<IAuthRule> buildRuleList(RequestDetails theRequestDetails) {
//@formatter:off
return new RuleBuilder()
.allow("Rule 1").operation().named("everything").onInstancesOfType(Patient.class)
.build();
//@formatter:on
}
});
HttpGet httpGet;
HttpResponse status;
String response;
ourReturn = Arrays.asList();
ourHitMethod = false;
httpGet = new HttpGet("http://localhost:" + ourPort + "/Patient/1/$everything");
status = ourClient.execute(httpGet);
response = extractResponseAndClose(status);
assertEquals(200, status.getStatusLine().getStatusCode());
}
@Test
public void testBatchWhenTransactionReadDenied() throws Exception {
ourServlet.registerInterceptor(new AuthorizationInterceptor(PolicyEnum.DENY) {
@ -1353,6 +1378,16 @@ public class AuthorizationInterceptorDstu2Test {
return (Parameters) new Parameters().setId("1");
}
@Operation(name = "everything", idempotent = true)
public Bundle everything(@IdParam IdDt theId) {
ourHitMethod = true;
Bundle retVal = new Bundle();
for (IResource next : ourReturn) {
retVal.addEntry().setResource(next);
}
return retVal;
}
@Operation(name = "opName2", idempotent = true)
public Parameters operation2(@IdParam IdDt theId) {
ourHitMethod = true;