Class: DaVinciCRDTestKit::V221::HookRequestGrantedScopesTest
Constant Summary
TaggedRequestLoadHelper::ALL_HOOKS
Instance Method Summary
collapse
#crd_test_group, #hook_name, #load_hook_requests, #requests_to_analyze, #tags_to_load
#add_request_message, #parse_json_request_entity, #request_prefix, #requests_with_errors_prefix
Instance Method Details
#all_scopes_same_level?(granted_resource_scopes) ⇒ Boolean
118
119
120
|
# File 'lib/davinci_crd_test_kit/client/v2.2.1/verify_request/hook_request_granted_scopes_test.rb', line 118
def all_scopes_same_level?(granted_resource_scopes)
granted_resource_scopes.map { |s| s.split('/').first }.uniq.size <= 1
end
|
#check_granted_interactions(granted_resource_scopes, request_index) ⇒ Object
82
83
84
85
86
87
88
89
90
91
92
93
94
|
# File 'lib/davinci_crd_test_kit/client/v2.2.1/verify_request/hook_request_granted_scopes_test.rb', line 82
def check_granted_interactions(granted_resource_scopes, request_index)
return if granted_resource_scopes.all? { |scope| scope.split('.').last == 'rs' }
if granted_resource_scopes.all? { |scope| scope.split('.').last == 'read' }
add_request_message('warning',
'SMART v1 `read` scope used. Use of SMART v2 `rs` scope recommended.',
request_index)
return
end
add_request_message('error', 'Some granted resource scopes do not provide ' \
"requested 'rs' (read and search) interactions.", request_index)
end
|
#check_granted_resources(granted_resource_scopes, request_index) ⇒ Object
67
68
69
70
71
72
73
74
75
76
77
78
79
80
|
# File 'lib/davinci_crd_test_kit/client/v2.2.1/verify_request/hook_request_granted_scopes_test.rb', line 67
def check_granted_resources(granted_resource_scopes, request_index)
granted_scope_resources = granted_resource_scopes.map { |scope| scope.split('/').last.split('.').first }
missing_resources = requested_scope_resources - granted_scope_resources
= granted_scope_resources - requested_scope_resources
if missing_resources.present?
add_request_message('error', 'Granted scopes missing the following ' \
"requested resource types: #{missing_resources.join(', ')}", request_index)
end
return unless .present?
add_request_message('error', 'Granted scopes included the following resource types ' \
"beyond what was requested: #{.join(', ')}", request_index)
end
|
#check_granted_scopes_level(granted_resource_scopes, request_index) ⇒ Object
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
|
# File 'lib/davinci_crd_test_kit/client/v2.2.1/verify_request/hook_request_granted_scopes_test.rb', line 96
def check_granted_scopes_level(granted_resource_scopes, request_index)
level = scopes_level(granted_resource_scopes)
if level.blank?
add_request_message('error',
'Requested scopes did not use a consistent level of scope (patient or user).',
request_index)
return
end
return if ['user', 'patient'].include?(level)
add_request_message('error',
"Unexpected level for granted scopes: expected 'user' or 'patient', got '#{level}'.",
request_index)
end
|
#granted_resource_scopes(request_body) ⇒ Object
60
61
62
63
64
65
|
# File 'lib/davinci_crd_test_kit/client/v2.2.1/verify_request/hook_request_granted_scopes_test.rb', line 60
def granted_resource_scopes(request_body)
granted_scopes = request_body.dig('fhirAuthorization', 'scope')
return [] unless granted_scopes.present?
granted_scopes.split(' ').grep(%r{\A\S+/\S+\.\S+\z}) end
|
#requested_scope_resources ⇒ Object
#scopes_level(granted_resource_scopes) ⇒ Object
112
113
114
115
116
|
# File 'lib/davinci_crd_test_kit/client/v2.2.1/verify_request/hook_request_granted_scopes_test.rb', line 112
def scopes_level(granted_resource_scopes)
return nil unless granted_resource_scopes.present? && all_scopes_same_level?(granted_resource_scopes)
granted_resource_scopes.first.split('/').first
end
|