Skip to content

Commit dadf711

Browse files
Feature/safo6 nrl 1949 assign pointer type perms via new model (#1165)
1 parent 707e286 commit dadf711

22 files changed

+606
-121
lines changed

scripts/get_s3_permissions.py

Lines changed: 39 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -49,6 +49,44 @@ def add_test_files(folder, file_name, local_path):
4949
json.dump(PointerTypes.list(), f)
5050

5151

52+
def _write_permission_file(folder_path, ods_code, pointer_types):
53+
folder_path.mkdir(parents=True, exist_ok=True)
54+
with open(folder_path / f"{ods_code}.json", "w") as f:
55+
json.dump({"types": pointer_types}, f)
56+
57+
58+
def add_feature_test_files(local_path):
59+
"""Bake in v2 permissions for the feature test application so that the
60+
v2 permissions model can be proven via feature tests without
61+
requiring a dynamic layer rebuild between test setup and test execution.
62+
"""
63+
64+
print("Adding feature test v2 permissions to temporary directory...")
65+
permissions = {
66+
"consumer": [
67+
(
68+
"z00z-y11y-x22x",
69+
"RX898",
70+
[PointerTypes.MENTAL_HEALTH_PLAN.value],
71+
), # http://snomed.info/sct|736253002
72+
],
73+
"producer": [
74+
(
75+
"z00z-y11y-x22x",
76+
"RX898",
77+
[PointerTypes.EOL_CARE_PLAN.value],
78+
), # http://snomed.info/sct|736373009
79+
],
80+
}
81+
[
82+
_write_permission_file(
83+
Path.joinpath(local_path, actor_type, app_id), ods_code, pointer_types
84+
)
85+
for actor_type, entries in permissions.items()
86+
for app_id, ods_code, pointer_types in entries
87+
]
88+
89+
5290
def download_files(s3_client, bucket_name, local_path, file_names, folders):
5391
print(f"Downloading {len(file_names)} S3 files to temporary directory...")
5492
local_path = Path(local_path)
@@ -65,6 +103,7 @@ def download_files(s3_client, bucket_name, local_path, file_names, folders):
65103
s3_client.download_file(bucket_name, file_name, str(file_path))
66104

67105
add_test_files("K6PerformanceTest", "Y05868.json", local_path)
106+
add_feature_test_files(local_path)
68107

69108

70109
def main(use_shared_resources: str, env: str, workspace: str, path_to_store: str):

terraform/account-wide-infrastructure/modules/permissions-store-bucket/s3.tf

Lines changed: 10 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -60,3 +60,13 @@ resource "aws_s3_bucket_versioning" "authorization-store" {
6060
status = "Enabled"
6161
}
6262
}
63+
# Need to pull these into state if they already exist
64+
resource "aws_s3_object" "consumer-object" {
65+
bucket = aws_s3_bucket.authorization-store.id
66+
key = "consumer/"
67+
}
68+
69+
resource "aws_s3_object" "producer-object" {
70+
bucket = aws_s3_bucket.authorization-store.id
71+
key = "producer/"
72+
}

tests/features/consumer/readDocumentReference-failure.feature

Lines changed: 6 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -6,7 +6,7 @@ Feature: Consumer - readDocumentReference - Failure Scenarios
66
And the organisation 'RX898' is authorised to access pointer types:
77
| system | value |
88
| http://snomed.info/sct | 736253002 |
9-
When consumer 'RX898' reads a DocumentReference with ID 'X26-000000000-000000000'
9+
When consumer v1 'RX898' reads a DocumentReference with ID 'X26-000000000-000000000'
1010
Then the response status code is 404
1111
And the response is an OperationOutcome with 1 issue
1212
And the OperationOutcome contains the issue:
@@ -33,7 +33,7 @@ Feature: Consumer - readDocumentReference - Failure Scenarios
3333
And the organisation 'RX898' is authorised to access pointer types:
3434
| system | value |
3535
| http://snomed.info/sct | 736253002 |
36-
When consumer 'RX898' reads a DocumentReference with ID 'X26`DROP TABLE 'pointers';--Something-000000000-000000000'
36+
When consumer v1 'RX898' reads a DocumentReference with ID 'X26`DROP TABLE 'pointers';--Something-000000000-000000000'
3737
Then the response status code is 404
3838
And the response is an OperationOutcome with 1 issue
3939
And the OperationOutcome contains the issue:
@@ -58,7 +58,7 @@ Feature: Consumer - readDocumentReference - Failure Scenarios
5858
Given the application 'DataShare' (ID 'z00z-y11y-x22x') is registered to access the API
5959
And the organisation 'RX898' is authorised to access pointer types:
6060
| system | value |
61-
When consumer 'RX898' reads a DocumentReference with ID 'X26-000000000-000000000'
61+
When consumer v1 'RX898' reads a DocumentReference with ID 'X26-000000000-000000000'
6262
Then the response status code is 403
6363
And the response is an OperationOutcome with 1 issue
6464
And the OperationOutcome contains the issue:
@@ -95,7 +95,7 @@ Feature: Consumer - readDocumentReference - Failure Scenarios
9595
| url | https://example.org/my-doc.pdf |
9696
| custodian | 02V |
9797
| author | 02V |
98-
When consumer 'RX898' reads a DocumentReference with ID '02V-1111111111-ReadDocRefNoAuthForType'
98+
When consumer v1 'RX898' reads a DocumentReference with ID '02V-1111111111-ReadDocRefNoAuthForType'
9999
Then the response status code is 403
100100
And the response is an OperationOutcome with 1 issue
101101
And the OperationOutcome contains the issue:
@@ -120,7 +120,7 @@ Feature: Consumer - readDocumentReference - Failure Scenarios
120120
Given the application 'DataShare' (ID 'z00z-y11y-x22x') is registered to access the API
121121
And the organisation 'RX898' is authorised to access pointer types:
122122
| system | value |
123-
When consumer 'RX898' reads a DocumentReference with ID 'X26-000000000-000000000'
123+
When consumer v1 'RX898' reads a DocumentReference with ID 'X26-000000000-000000000'
124124
Then the response status code is 403
125125
And the response is an OperationOutcome with 1 issue
126126
And the OperationOutcome contains the issue:
@@ -157,7 +157,7 @@ Feature: Consumer - readDocumentReference - Failure Scenarios
157157
| url | https://example.org/my-doc.pdf |
158158
| custodian | 02V |
159159
| author | 02V |
160-
When consumer 'RX898' reads a DocumentReference with ID '02V-1111111111-ReadDocRefNoAuthForTypeS3'
160+
When consumer v1 'RX898' reads a DocumentReference with ID '02V-1111111111-ReadDocRefNoAuthForTypeS3'
161161
Then the response status code is 403
162162
And the response is an OperationOutcome with 1 issue
163163
And the OperationOutcome contains the issue:

tests/features/consumer/readDocumentReference-success.feature

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ Feature: Consumer - readDocumentReference - Success Scenarios
1616
| url | https://example.org/my-doc.pdf |
1717
| custodian | RX898 |
1818
| author | RX898 |
19-
When consumer 'RX898' reads a DocumentReference with ID 'RX898-9999999999-ReadDocRefSameCustodian'
19+
When consumer v1 'RX898' reads a DocumentReference with ID 'RX898-9999999999-ReadDocRefSameCustodian'
2020
Then the response status code is 200
2121
And the response is a DocumentReference with JSON value:
2222
"""
@@ -133,7 +133,7 @@ Feature: Consumer - readDocumentReference - Success Scenarios
133133
| url | https://example.org/my-doc.pdf |
134134
| custodian | X26 |
135135
| author | RX898 |
136-
When consumer 'RX898' reads a DocumentReference with ID 'X26-9999999999-ReadDocRefDiffCustodian'
136+
When consumer v1 'RX898' reads a DocumentReference with ID 'X26-9999999999-ReadDocRefDiffCustodian'
137137
Then the response status code is 200
138138
And the response is a DocumentReference with JSON value:
139139
"""
@@ -250,5 +250,5 @@ Feature: Consumer - readDocumentReference - Success Scenarios
250250
| url | https://example.org/my-doc.pdf |
251251
| custodian | RX898\|001 |
252252
| author | RX898 |
253-
When consumer 'RX898' reads a DocumentReference with ID 'RX898%7C001-1234567890-ReadDocRefUrlEncoded'
253+
When consumer v1 'RX898' reads a DocumentReference with ID 'RX898%7C001-1234567890-ReadDocRefUrlEncoded'
254254
Then the response status code is 200

tests/features/consumer/searchDocumentReference-failure.feature

Lines changed: 11 additions & 11 deletions
Original file line numberDiff line numberDiff line change
@@ -5,7 +5,7 @@ Feature: Consumer - searchDocumentReference - Failure Scenarios
55
And the organisation 'RX898' is authorised to access pointer types:
66
| system | value |
77
| http://snomed.info/sct | 736253002 |
8-
When consumer 'RX898' searches for DocumentReferences with parameters:
8+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
99
| parameter | value |
1010
| subject | 9278693472 |
1111
| extra | parameter |
@@ -33,7 +33,7 @@ Feature: Consumer - searchDocumentReference - Failure Scenarios
3333
And the organisation 'RX898' is authorised to access pointer types:
3434
| system | value |
3535
| http://snomed.info/sct | 736253002 |
36-
When consumer 'RX898' searches for DocumentReferences with parameters:
36+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
3737
| parameter | value |
3838
Then the response status code is 400
3939
And the response is an OperationOutcome with 1 issue
@@ -59,7 +59,7 @@ Feature: Consumer - searchDocumentReference - Failure Scenarios
5959
And the organisation 'RX898' is authorised to access pointer types:
6060
| system | value |
6161
| http://snomed.info/sct | 736253002 |
62-
When consumer 'RX898' searches for DocumentReferences with parameters:
62+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
6363
| parameter | value |
6464
| subject | 9278693472 |
6565
| type | http://incorrect.info/sct\|736253002 |
@@ -87,7 +87,7 @@ Feature: Consumer - searchDocumentReference - Failure Scenarios
8787
And the organisation 'RX898' is authorised to access pointer types:
8888
| system | value |
8989
| http://snomed.info/sct | 736253002 |
90-
When consumer 'RX898' searches for DocumentReferences with parameters:
90+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
9191
| parameter | value |
9292
| subject | 9278693472 |
9393
| type | http://snomed.info/sct\|887701000000100 |
@@ -115,7 +115,7 @@ Feature: Consumer - searchDocumentReference - Failure Scenarios
115115
And the organisation 'RX898' is authorised to access pointer types:
116116
| system | value |
117117
| http://snomed.info/sct | 736253002 |
118-
When consumer 'RX898' searches for DocumentReferences with parameters:
118+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
119119
| parameter | value |
120120
| subject | 123 |
121121
Then the response status code is 400
@@ -141,7 +141,7 @@ Feature: Consumer - searchDocumentReference - Failure Scenarios
141141
Given the application 'DataShare' (ID 'z00z-y11y-x22x') is registered to access the API
142142
And the organisation 'RX898' is authorised to access pointer types:
143143
| system | value |
144-
When consumer 'RX898' searches for DocumentReferences with parameters:
144+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
145145
| parameter | value |
146146
| subject | 9278693472 |
147147
Then the response status code is 403
@@ -166,7 +166,7 @@ Feature: Consumer - searchDocumentReference - Failure Scenarios
166166
Given the application 'DataShare' (ID 'z00z-y11y-x22x') is registered to access the API
167167
And the organisation 'RX898' is authorised to access pointer types:
168168
| system | value |
169-
When consumer 'RX898' searches for DocumentReferences with parameters:
169+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
170170
| parameter | value |
171171
| subject | 9278693472 |
172172
| category | http://snomed.info/sct\|734163000 |
@@ -204,7 +204,7 @@ Feature: Consumer - searchDocumentReference - Failure Scenarios
204204
| url | https://example.org/my-doc.pdf |
205205
| custodian | 8FW23 |
206206
| author | 8FW23 |
207-
When consumer 'RX898' searches for DocumentReferences with parameters:
207+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
208208
| parameter | value |
209209
| subject | 9278693472 |
210210
| category | http://snomed.info/sct\|1102421000000108 |
@@ -227,7 +227,7 @@ Feature: Consumer - searchDocumentReference - Failure Scenarios
227227
| url | https://example.org/my-doc.pdf |
228228
| custodian | 8FW23 |
229229
| author | 8FW23 |
230-
When consumer 'Z26' searches for DocumentReferences with parameters:
230+
When consumer v1 'Z26' searches for DocumentReferences with parameters:
231231
| parameter | value |
232232
| subject | 9278693472 |
233233
| type | 736253002 |
@@ -254,7 +254,7 @@ Feature: Consumer - searchDocumentReference - Failure Scenarios
254254
And the organisation 'RX898' is authorised to access pointer types:
255255
| system | value |
256256
| http://snomed.info/sct | 736253002 |
257-
When consumer 'RX898' searches for DocumentReferences with parameters:
257+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
258258
| parameter | value |
259259
| subject | 9278693472 |
260260
| category | http://incorrect.info/sct\|736253002 |
@@ -282,7 +282,7 @@ Feature: Consumer - searchDocumentReference - Failure Scenarios
282282
And the organisation 'RX898' is authorised to access pointer types:
283283
| system | value |
284284
| http://snomed.info/sct | 736253002 |
285-
When consumer 'RX898' searches for DocumentReferences with parameters:
285+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
286286
| parameter | value |
287287
| subject | 9278693472 |
288288
| category | http://snomed.info/sct\|734163000,http://snomed.info/sct\|invalid |

tests/features/consumer/searchDocumentReference-success.feature

Lines changed: 12 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -16,7 +16,7 @@ Feature: Consumer - searchDocumentReference - Success Scenarios
1616
| url | https://example.org/my-doc.pdf |
1717
| custodian | 02V |
1818
| author | 02V |
19-
When consumer 'RX898' searches for DocumentReferences with parameters:
19+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
2020
| parameter | value |
2121
| subject | 9278693472 |
2222
Then the response status code is 200
@@ -53,7 +53,7 @@ Feature: Consumer - searchDocumentReference - Success Scenarios
5353
| custodian | 02V |
5454
| author | 02V |
5555
| identifier | 02V.123456789 |
56-
When consumer 'RX898' searches for DocumentReferences with parameters:
56+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
5757
| parameter | value |
5858
| subject | 9278693472 |
5959
Then the response status code is 200
@@ -90,7 +90,7 @@ Feature: Consumer - searchDocumentReference - Success Scenarios
9090
| url | https://example.org/my-doc.pdf |
9191
| custodian | 02V |
9292
| author | 02V |
93-
When consumer 'RX898' searches for DocumentReferences with parameters:
93+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
9494
| parameter | value |
9595
| subject | 9278693472 |
9696
| custodian | 02V |
@@ -138,7 +138,7 @@ Feature: Consumer - searchDocumentReference - Success Scenarios
138138
| url | https://example.org/my-doc.pdf |
139139
| custodian | DK94 |
140140
| author | DK94 |
141-
When consumer 'RX898' searches for DocumentReferences with parameters:
141+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
142142
| parameter | value |
143143
| subject | 9278693472 |
144144
| custodian | 02V |
@@ -186,7 +186,7 @@ Feature: Consumer - searchDocumentReference - Success Scenarios
186186
| url | https://example.org/my-doc.pdf |
187187
| custodian | 02V |
188188
| author | 02V |
189-
When consumer 'RX898' searches for DocumentReferences with parameters:
189+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
190190
| parameter | value |
191191
| subject | 9278693472 |
192192
| custodian | 02V |
@@ -245,7 +245,7 @@ Feature: Consumer - searchDocumentReference - Success Scenarios
245245
| url | https://example.org/my-doc-3.pdf |
246246
| custodian | 02V |
247247
| author | 02V |
248-
When consumer 'RX898' searches for DocumentReferences with parameters:
248+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
249249
| parameter | value |
250250
| subject | 9278693472 |
251251
Then the response status code is 200
@@ -298,8 +298,8 @@ Feature: Consumer - searchDocumentReference - Success Scenarios
298298
| url | https://example.org/my-doc.pdf |
299299
| custodian | DK94 |
300300
| author | N64 |
301-
When producer 'DK94' requests to delete DocumentReference with id 'DK94-111-DeleteDocRefTest1'
302-
And consumer 'RX898' searches for DocumentReferences with parameters:
301+
When producer v1 'DK94' requests to delete DocumentReference with id 'DK94-111-DeleteDocRefTest1'
302+
And consumer v1 'RX898' searches for DocumentReferences with parameters:
303303
| parameter | value |
304304
| subject | 9278693472 |
305305
| custodian | RX898 |
@@ -348,7 +348,7 @@ Feature: Consumer - searchDocumentReference - Success Scenarios
348348
| url | https://example.org/my-doc-3.pdf |
349349
| custodian | 02V |
350350
| author | 02V |
351-
When consumer 'RX898' searches for DocumentReferences with parameters:
351+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
352352
| parameter | value |
353353
| subject | 9278693472 |
354354
| category | http://snomed.info/sct\|734163000 |
@@ -409,7 +409,7 @@ Feature: Consumer - searchDocumentReference - Success Scenarios
409409
| url | https://example.org/my-doc-3.pdf |
410410
| custodian | 02V |
411411
| author | 02V |
412-
When consumer 'RX898' searches for DocumentReferences with parameters:
412+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
413413
| parameter | value |
414414
| subject | 9278693472 |
415415
| category | http://snomed.info/sct\|1102421000000108 |
@@ -450,7 +450,7 @@ Feature: Consumer - searchDocumentReference - Success Scenarios
450450
| url | https://example.org/my-doc-3.pdf |
451451
| custodian | 02V |
452452
| author | 02V |
453-
When consumer 'RX898' searches for DocumentReferences with parameters:
453+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
454454
| parameter | value |
455455
| subject | 9278693472 |
456456
| _summary | count |
@@ -510,7 +510,7 @@ Feature: Consumer - searchDocumentReference - Success Scenarios
510510
| url | https://example.org/my-doc-4.pdf |
511511
| custodian | 02V |
512512
| author | 02V |
513-
When consumer 'RX898' searches for DocumentReferences with parameters:
513+
When consumer v1 'RX898' searches for DocumentReferences with parameters:
514514
| parameter | value |
515515
| subject | 9278693472 |
516516
| category | http://snomed.info/sct\|734163000,http://snomed.info/sct\|823651000000106 |

0 commit comments

Comments
 (0)