refactor: several changes related to code style and readability (#152)

* refactor: extract provision code extraction
* refactor: catch exceptions by type without later type check
* refactor: further code cleanup
* chore: log error with error level, not debug level

README.md

@@ -268,7 +268,7 @@ zur Nutzung des MTB-File-Endpunkts eine HTTP-Basic-Authentifizierung voraussetze
 ![Tokenverwaltung](docs/tokens.png)
 
 In diesem Fall kann der Endpunkt für das Onkostar-Plugin *
-*[onkostar-plugin-dnpmexport](https://github.com/CCC-MF/onkostar-plugin-dnpmexport)** wie folgt
+*[mv64e-onkostar-plugin-export](https://github.com/pcvolkmer/mv64e-onkostar-plugin-export)** wie folgt
 konfiguriert werden:
 
 ```
@@ -427,9 +427,9 @@ Die PEM-Datei mit dem/den Root CA Zertifikat(en) muss dabei im vorbereiteten Ver
 #### Integration zur Laufzeit
 
 Hier muss die Umgebungsvariable `SERVICE_BINDING_ROOT` z.B. auf den Wert `/bindings` gesetzt sein.
-Zudem muss ein Verzeichnis `bindings/ca-certificates` - analog zum Verzeichnis [
+Zudem muss ein Verzeichnis `bindings/ca-certificates` - analog zum Verzeichnis
-`bindings/ca-certificates`](bindings/ca-certificates) mit einer PEM-Datei als Docker-Volume
+[`bindings/ca-certificates`](bindings/ca-certificates) mit einer PEM-Datei und der 
-eingebunden werden.
+Datei [`bindings/ca-certificates/type`](bindings/ca-certificates/type) als Docker-Volume eingebunden werden.
 
 Beispiel für Docker-Compose:
 

build.gradle.kts

@@ -5,24 +5,24 @@ import org.springframework.boot.gradle.tasks.bundling.BootBuildImage
 
 plugins {
     war
-    id("org.springframework.boot") version "3.5.3"
+    id("org.springframework.boot") version "3.5.5"
     id("io.spring.dependency-management") version "1.1.7"
-    kotlin("jvm") version "1.9.25"
+    kotlin("jvm") version "2.2.10"
-    kotlin("plugin.spring") version "1.9.25"
+    kotlin("plugin.spring") version "2.2.10"
     jacoco
 }
 
 group = "dev.dnpm"
-version = "0.11.0-SNAPSHOT"
+version = "0.12.0-SNAPSHOT"
 
 var versions = mapOf(
     "mtb-dto" to "0.1.0-SNAPSHOT",
-    "hapi-fhir" to "7.6.1",
+    "hapi-fhir" to "8.4.0",
-    "mockito-kotlin" to "5.4.0",
+    "mockito-kotlin" to "6.0.0",
-    "archunit" to "1.3.0",
+    "archunit" to "1.4.1",
     // Webjars
     "webjars-locator" to "0.52",
-    "echarts" to "5.4.3",
+    "echarts" to "6.0.0",
     "htmx.org" to "1.9.12"
 )
 
@@ -111,6 +111,8 @@ dependencies {
     integrationTestImplementation("com.tngtech.archunit:archunit:${versions["archunit"]}")
     integrationTestImplementation("org.htmlunit:htmlunit")
     integrationTestImplementation("org.springframework:spring-webflux")
+    // Fix for CVE-2024-25710
+    integrationTestImplementation("org.apache.commons:commons-compress:1.26.0")
 }
 
 tasks.withType<KotlinCompile> {

dev-compose.yml

@@ -1,26 +1,121 @@
 services:
   kafka:
-    image: bitnami/kafka
+    image: apache/kafka
     hostname: kafka
     ports:
       - "9092:9092"
       - "9094:9094"
     environment:
       ALLOW_PLAINTEXT_LISTENER: "yes"
-      KAFKA_CFG_NODE_ID: "0"
+      KAFKA_NODE_ID: "0"
-      KAFKA_CFG_PROCESS_ROLES: "controller,broker"
+      KAFKA_KRAFT_CLUSTER_ID: "mv64e-etl-processor-dev"
-      KAFKA_CFG_LISTENERS: PLAINTEXT://:9092,CONTROLLER://:9093,EXTERNAL://:9094
+      KAFKA_CONTROLLER_QUORUM_VOTERS: 0@kafka:9093
-      KAFKA_CFG_ADVERTISED_LISTENERS: PLAINTEXT://kafka:9092,EXTERNAL://localhost:9094
+      KAFKA_PROCESS_ROLES: "controller,broker"
-      KAFKA_CFG_LISTENER_SECURITY_PROTOCOL_MAP: CONTROLLER:PLAINTEXT,EXTERNAL:PLAINTEXT,PLAINTEXT:PLAINTEXT
+      KAFKA_CONTROLLER_LISTENER_NAMES: CONTROLLER
-      KAFKA_CFG_INTER_BROKER_LISTENER_NAME: PLAINTEXT
+      KAFKA_INTER_BROKER_LISTENER_NAME: PLAINTEXT
-      KAFKA_CFG_AUTO_CREATE_TOPICS_ENABLE: true
+      KAFKA_OFFSETS_TOPIC_REPLICATION_FACTOR: "1"
-      KAFKA_CFG_CONTROLLER_QUORUM_VOTERS: 0@kafka:9093
+      KAFKA_TRANSACTION_STATE_LOG_REPLICATION_FACTOR: "1"
-      KAFKA_CFG_CONTROLLER_LISTENER_NAMES: CONTROLLER
+      KAFKA_TRANSACTION_STATE_LOG_MIN_ISR: "1"
-    healthcheck:
+      KAFKA_GROUP_INITIAL_REBALANCE_DELAY_MS: "0"
-      test: kafka-topics --bootstrap-server kafka:9092 --list
+      KAFKA_AUTO_CREATE_TOPICS_ENABLE: "true"
-      interval: 30s
+      # Without SSL
-      timeout: 10s
+      KAFKA_LISTENERS: PLAINTEXT://:9092,CONTROLLER://:9093,EXTERNAL://:9094
-      retries: 3
+      KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://kafka:9092,EXTERNAL://localhost:9094
+      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: CONTROLLER:PLAINTEXT,EXTERNAL:PLAINTEXT,PLAINTEXT:PLAINTEXT
+      # Using SSL
+#      KAFKA_LISTENERS: PLAINTEXT://:9092,CONTROLLER://:9093,EXTERNAL://:9094
+#      KAFKA_ADVERTISED_LISTENERS: PLAINTEXT://kafka:9092,EXTERNAL://localhost:9094
+#      KAFKA_LISTENER_SECURITY_PROTOCOL_MAP: CONTROLLER:PLAINTEXT,EXTERNAL:SSL,PLAINTEXT:PLAINTEXT
+#      KAFKA_SSL_KEYSTORE_TYPE: "PEM"
+#      KAFKA_SSL_KEYSTORE_CERTIFICATE_CHAIN: -----BEGIN CERTIFICATE-----
+#        MIIDCzCCAfOgAwIBAgIUaXNh4PahaKeLUaab2rUPSVESx28wDQYJKoZIhvcNAQEL
+#        BQAwFTETMBEGA1UEAwwKRXhhbXBsZSBDQTAeFw0yNTA4MjExODEyMTFaFw0zNTA4
+#        MTkxODEyMTFaMBUxEzARBgNVBAMMCkV4YW1wbGUgQ0EwggEiMA0GCSqGSIb3DQEB
+#        AQUAA4IBDwAwggEKAoIBAQCsqalqVOLFglVbX9oSHU91ebyL1kPyb/2N90UGQIcD
+#        UAjzKxxysId1Vdvtbbwgli6UgfPwlzFP2Wlw51h496yL4QU/9tNV956UJ1RoS/fG
+#        qBAEHctqavfMI27UQmIzw4pGMkGzEQxRMc6a9pdabBhbMMTJsjtmOv2YMYHj1HHK
+#        Dr7wTBTt2l0eRyCR0kZ8XGIMWhYowPa4EMpC7+4e5Nf/7LSJZWLLy9jXPpazsjkJ
+#        jEmDNlFfx2tZiq0Wz2Xj1pZSDLbcuIX4IHcLfMvagibfrCMX/h6+WuW42sWPRuBW
+#        wB6cHGlXs+K/gBBWxtD7sOTacO5hbHFsfaJOhSEIGoIpAgMBAAGjUzBRMB0GA1Ud
+#        DgQWBBT2S/C2++ECY+CSuN5KKql0umfbTDAfBgNVHSMEGDAWgBT2S/C2++ECY+CS
+#        uN5KKql0umfbTDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBj
+#        H4DdwqrOHg7sVsqiwDsZfTharpUDCYeG5XhrJQlnA9eKwyofTb929W/fjOwBdDtg
+#        9THT/omR0lA8/UyHtezMT6nMsCn4HG2mXvx6ghgvA3jrFTEY7R80dHkboLMTV3u4
+#        RYgC9S3BJPcbJYpM0cXzkp2T0F4FxWZlfqefuedHuX3zcCxpgVD56qQb2a131TX7
+#        O3UDJfVg8a65IFtehndqILgLVrf7w6+pbmDAlCg5RKrt2USEYyZXYdyTryJbdtn4
+#        BCLp0avYtSYVUGwgH0oUCpkjQRwMg1003TTz8SNnmE7mAXHYljyYejnjL8vBHfch
+#        8tTDVXQn08BT9H3jZTnF
+#        -----END CERTIFICATE-----
+#        -----BEGIN CERTIFICATE-----
+#        MIIC+TCCAeGgAwIBAgIUUoCwz8GS6xQ3mmI7RUUYSNPIOi4wDQYJKoZIhvcNAQEL
+#        BQAwFTETMBEGA1UEAwwKRXhhbXBsZSBDQTAeFw0yNTA4MjExODE0NDhaFw0zNTA4
+#        MTkxODE0NDhaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB
+#        BQADggEPADCCAQoCggEBAL9PW99MhhBwdEmTHyZgfnhfTrxZPrNU6z1UdV8b82Lk
+#        3p75o8eCKa9iOd7DDQlo75hQBhhX0+Xc3mucrstx5p8TYFMbypif8ojWh3LM++P8
+#        tz3ezQZlq86ycyKpm8dqlA03b227tFDfiYTev2eD2HN40BU7yDAYhhqd/QW8+MV2
+#        jkcRGv5cE21GZxWmPUpkVN+bNoBC8H90WmkST90LfeYF+wZnlsAJZH6AQzR1GnGD
+#        ICE5evMhC78hvRnpgeA310SyxssZEigkePL5lTZOBPY2IuzBqL05agyVTiVq4Xd6
+#        y3xOqXoxxOhZu06yd3nymorqeTgbF1fW8wQF0u3KsFECAwEAAaNCMEAwHQYDVR0O
+#        BBYEFHk9jMWRAAt2YsBSxUcOQVoWayoHMB8GA1UdIwQYMBaAFPZL8Lb74QJj4JK4
+#        3koqqXS6Z9tMMA0GCSqGSIb3DQEBCwUAA4IBAQBqabAA9INONDaLHqs9i9YQHm/g
+#        AnB7xRl/RFbERKKCTSMZUYM8oEaaH0W2ENoPMc/7xOB/R8a7Rm62PTr6syxwhZrY
+#        5NtGKJOD+rh90/5l83tulf93KqOJtGkiv6NBDvCNrITcA+UKRk/z4GcFi2YjWAl4
+#        wvY44lzTasMKSpjUQ5N0VNANcW3nVuEgPQ8rrr0NOK/5j4guPjsXDsixa47gqblA
+#        5xGfBKeVmEXdPbzawZfP4hPIw7DpX2m8Y0erswF1ZxkIV73V3TDsFSLcqSKSzZr6
+#        mtj8COlV9Us7zqaJbV5eOl7GN1T9orZJwZmX1Z46gCkkSLYDP/dqtl2j9JgN
+#        -----END CERTIFICATE-----
+#      KAFKA_SSL_KEYSTORE_KEY: -----BEGIN PRIVATE KEY-----
+#        MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC/T1vfTIYQcHRJ
+#        kx8mYH54X068WT6zVOs9VHVfG/Ni5N6e+aPHgimvYjneww0JaO+YUAYYV9Pl3N5r
+#        nK7LceafE2BTG8qYn/KI1odyzPvj/Lc93s0GZavOsnMiqZvHapQNN29tu7RQ34mE
+#        3r9ng9hzeNAVO8gwGIYanf0FvPjFdo5HERr+XBNtRmcVpj1KZFTfmzaAQvB/dFpp
+#        Ek/dC33mBfsGZ5bACWR+gEM0dRpxgyAhOXrzIQu/Ib0Z6YHgN9dEssbLGRIoJHjy
+#        +ZU2TgT2NiLswai9OWoMlU4lauF3est8Tql6McToWbtOsnd58pqK6nk4GxdX1vME
+#        BdLtyrBRAgMBAAECggEAC1wXfPlqxoQe65WAVoOJTvV90+JKvlRPCZu/wm+C8r7b
+#        Vz5Ekt6wQflHrWoQlpv0CivKSNzCONZ2IJazrGHti0mXwSeXzptEyApRDaiNVnrV
+#        mKdnrjcQThw7iPXgSaWS9/vwMmhgayLy5ABkBi4GhsjINlKP7wctw1vZP+N6NCNd
+#        Ql3taStvDKmG0SfJHF6/2o/XBpof3IJEL7ghbzyTTbWWaO34J1mJ8A+AmjGhj9GE
+#        Dp3XuOrO9W7MVd1nfZDtGBS8qf80AwROyodZZRma9vZuWJZ5aQFi2CnUEtU1T+Uv
+#        tW+F6tg2FOMr8M0Fb79wGIDwSF8u/QcTvwhEzZAfiQKBgQDioOofnE1oB1DOMnqZ
+#        SOFjs+vsirvS6G3lo27+HkE3TgvCHR4sk1305AiXtjmPu8iaUCo9qn18MtduY2RS
+#        CcKMOG/FxhmDyP5I29DhJRhvERIpJd0kcSDQOgtaoVPC1XzIlyTqte6nGX9kAnA/
+#        x/OOXrZ0hjhMNDcZzf2NasPYJQKBgQDYGqTobkVBk+eekNWklnTh41/649rUIgTu
+#        JStArtY2hgaEInYcGa2e7cEj7nIHA0iGy3EJ2yvwoUIyxtoXVcGohu2IrzlhS33T
+#        R4jA7nE2/yHZrEMEJovuSU0eMw7rgvEtL79Q0RToYnTY1EU6X/BBoFfiiEeNMHKz
+#        zjDOOQ6ZvQKBgGCWChIc0FSkwYiPtPZ9PCn89XCjk/cIPkYfiF9fT5Ydeh9pv4Fp
+#        8SI8yXi3HgMnGhDCV65eagqztGMEky3voO2X4/MbQaaL0+wDWxuJbsdvNBk7XOt6
+#        F20HP+2JUiR4Ti1DVWV+0k5/LG7YJzTXp/KmZQZ2aan4mv8xbn2F4h/NAoGAI4ou
+#        OLN53FEQtHkpSYoc6tFUBZTXdi+qE+g09sxKGmlsROrN9c0bSpnbO6eJRTH7CYAH
+#        tRFAZrB+jI87ar8FvEuEYQhALYoWxVpsWR5drCfFT2EPHG2icavIbQEEoSLFuyKx
+#        Gf9oqtcWVFqEkBcbEg/mpDC5Y7TmCEAOsrubdRkCgYEAl7B+EzIdG0rabGoti09q
+#        QXfyiTjR7nQYkhpLxMCeNlCpQ8Y15XSa8bm1UIGYqj/ZBpeBNhrj64IHoub5Vd43
+#        tzbb8yNgoLUd16TU1VvyccCMGQVPIF8RkDsAtEawV2eoXbHAstN99xbC8jsLNZRQ
+#        fcfgTiQaXRJmlVx6jfbfZd4=
+#        -----END PRIVATE KEY-----
+#      #KAFKA_SSL_KEYSTORE_CREDENTIALS: example
+#      KAFKA_SSL_KEY_CREDENTIALS: example
+#      KAFKA_SSL_TRUSTSTORE_TYPE: "PEM"
+#      KAFKA_SSL_TRUSTSTORE_CERTIFICATES: -----BEGIN CERTIFICATE-----
+#        MIIDCzCCAfOgAwIBAgIUaXNh4PahaKeLUaab2rUPSVESx28wDQYJKoZIhvcNAQEL
+#        BQAwFTETMBEGA1UEAwwKRXhhbXBsZSBDQTAeFw0yNTA4MjExODEyMTFaFw0zNTA4
+#        MTkxODEyMTFaMBUxEzARBgNVBAMMCkV4YW1wbGUgQ0EwggEiMA0GCSqGSIb3DQEB
+#        AQUAA4IBDwAwggEKAoIBAQCsqalqVOLFglVbX9oSHU91ebyL1kPyb/2N90UGQIcD
+#        UAjzKxxysId1Vdvtbbwgli6UgfPwlzFP2Wlw51h496yL4QU/9tNV956UJ1RoS/fG
+#        qBAEHctqavfMI27UQmIzw4pGMkGzEQxRMc6a9pdabBhbMMTJsjtmOv2YMYHj1HHK
+#        Dr7wTBTt2l0eRyCR0kZ8XGIMWhYowPa4EMpC7+4e5Nf/7LSJZWLLy9jXPpazsjkJ
+#        jEmDNlFfx2tZiq0Wz2Xj1pZSDLbcuIX4IHcLfMvagibfrCMX/h6+WuW42sWPRuBW
+#        wB6cHGlXs+K/gBBWxtD7sOTacO5hbHFsfaJOhSEIGoIpAgMBAAGjUzBRMB0GA1Ud
+#        DgQWBBT2S/C2++ECY+CSuN5KKql0umfbTDAfBgNVHSMEGDAWgBT2S/C2++ECY+CS
+#        uN5KKql0umfbTDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBj
+#        H4DdwqrOHg7sVsqiwDsZfTharpUDCYeG5XhrJQlnA9eKwyofTb929W/fjOwBdDtg
+#        9THT/omR0lA8/UyHtezMT6nMsCn4HG2mXvx6ghgvA3jrFTEY7R80dHkboLMTV3u4
+#        RYgC9S3BJPcbJYpM0cXzkp2T0F4FxWZlfqefuedHuX3zcCxpgVD56qQb2a131TX7
+#        O3UDJfVg8a65IFtehndqILgLVrf7w6+pbmDAlCg5RKrt2USEYyZXYdyTryJbdtn4
+#        BCLp0avYtSYVUGwgH0oUCpkjQRwMg1003TTz8SNnmE7mAXHYljyYejnjL8vBHfch
+#        8tTDVXQn08BT9H3jZTnF
+#        -----END CERTIFICATE-----
+#      KAFKA_SSL_CLIENT_AUTH: none
+      ###
 
   ## Use AKHQ as Kafka web frontend
   akhq:

src/integrationTest/kotlin/dev/dnpm/etl/processor/web/HomeControllerTest.kt

@@ -282,6 +282,30 @@ class HomeControllerTest {
             assertThat(page.querySelectorAll("tbody tr")).isEmpty()
             assertThat(page.querySelectorAll("div.notification.info")).hasSize(1)
         }
+
+        @Test
+        @WithMockUser(username = "admin", roles = ["ADMIN"])
+        fun testShouldShowNoConsentStatusBadge() {
+            whenever(requestService.findRequestByPatientId(anyValueClass(), any<Pageable>())).thenReturn(
+                PageImpl(
+                    listOf(
+                        Request(
+                            1L,
+                            randomRequestId(),
+                            PatientPseudonym("PSEUDO1"),
+                            PatientId("PATIENT1"),
+                            Fingerprint("ashdkasdh"),
+                            RequestType.MTB_FILE,
+                            RequestStatus.NO_CONSENT
+                        )
+                    )
+                )
+            )
+
+            val page = webClient.getPage<HtmlPage>("http://localhost/patient/PSEUDO1")
+            assertThat(page.querySelectorAll("tbody tr")).hasSize(1)
+            assertThat(page.querySelectorAll("tbody tr > td > small").first().textContent).isEqualTo("NO_CONSENT")
+        }
     }
 
 }

src/main/java/dev/dnpm/etl/processor/pseudonym/GpasPseudonymGenerator.java

@@ -23,8 +23,6 @@ import ca.uhn.fhir.context.FhirContext;
 import ca.uhn.fhir.parser.IParser;
 import dev.dnpm.etl.processor.config.AppFhirConfig;
 import dev.dnpm.etl.processor.config.GPasConfigProperties;
-import java.net.URI;
-import java.net.URISyntaxException;
 import org.apache.commons.lang3.NotImplementedException;
 import org.apache.commons.lang3.StringUtils;
 import org.apache.hc.core5.net.URIBuilder;
@@ -39,9 +37,11 @@ import org.springframework.http.*;
 import org.springframework.retry.support.RetryTemplate;
 import org.springframework.web.client.HttpClientErrorException.BadRequest;
 import org.springframework.web.client.HttpClientErrorException.Unauthorized;
-import org.springframework.web.client.RestClientException;
 import org.springframework.web.client.RestTemplate;
 
+import java.net.URI;
+import java.net.URISyntaxException;
+
 public class GpasPseudonymGenerator implements Generator {
 
     private final FhirContext r4Context;
@@ -52,10 +52,10 @@ public class GpasPseudonymGenerator implements Generator {
     private final RestTemplate restTemplate;
     private final @NotNull String genomDeTanDomain;
     private final @NotNull String pidPsnDomain;
-    protected final static String createOrGetPsn = "$pseudonymizeAllowCreate";
+    protected static final String CREATE_OR_GET_PSN = "$pseudonymizeAllowCreate";
-    protected final static String createMultiDomainPsn = "$pseudonymize-secondary";
+    protected static final String CREATE_MULTI_DOMAIN_PSN = "$pseudonymize-secondary";
-    private final static String SINGLE_PSN_PART_NAME = "pseudonym";
+    private static final String SINGLE_PSN_PART_NAME = "pseudonym";
-    private final static String MULTI_PSN_PART_NAME = "value";
+    private static final String MULTI_PSN_PART_NAME = "value";
 
     public GpasPseudonymGenerator(GPasConfigProperties gpasCfg, RetryTemplate retryTemplate,
         RestTemplate restTemplate, AppFhirConfig appFhirConfig) {
@@ -85,7 +85,7 @@ public class GpasPseudonymGenerator implements Generator {
         switch (domainType) {
             case SINGLE_PSN_DOMAIN -> {
                 final var requestBody = createSinglePsnRequestBody(id, pidPsnDomain);
-                final var responseEntity = getGpasPseudonym(requestBody, createOrGetPsn);
+                final var responseEntity = getGpasPseudonym(requestBody, CREATE_OR_GET_PSN);
                 final var gPasPseudonymResult = (Parameters) r4Context.newJsonParser()
                     .parseResource(responseEntity.getBody());
 
@@ -93,7 +93,7 @@ public class GpasPseudonymGenerator implements Generator {
             }
             case MULTI_PSN_DOMAIN -> {
                 final var requestBody = createMultiPsnRequestBody(id, genomDeTanDomain);
-                final var responseEntity = getGpasPseudonym(requestBody, createMultiDomainPsn);
+                final var responseEntity = getGpasPseudonym(requestBody, CREATE_MULTI_DOMAIN_PSN);
                 final var gPasPseudonymResult = (Parameters) r4Context.newJsonParser()
                     .parseResource(responseEntity.getBody());
 
@@ -150,23 +150,22 @@ public class GpasPseudonymGenerator implements Generator {
                 log.debug("API request succeeded. Response: {}", responseEntity.getStatusCode());
                 return responseEntity;
             }
-        } catch (RestClientException rce) {
+        } catch (BadRequest e) {
-            if (rce instanceof BadRequest) {
+            String msg = "gPas or request configuration is incorrect. Please check both."
-                String msg = "gPas or request configuration is incorrect. Please check both."
+                + e.getMessage();
-                    + rce.getMessage();
+            log.error(msg);
-                log.debug(
+            throw new PseudonymRequestFailed(msg, e);
-                    msg);
+        } catch (Unauthorized e) {
-                throw new PseudonymRequestFailed(msg, rce);
+            var msg = "gPas access credentials are invalid  check your configuration. msg:  '%s"
-            }
+                .formatted(e.getMessage());
-            if (rce instanceof Unauthorized) {
+            log.error(msg);
-                var msg = "gPas access credentials are invalid  check your configuration. msg:  '%s".formatted(
+            throw new PseudonymRequestFailed(msg, e);
-                    rce.getMessage());
+        }
-                log.error(msg);
+        catch (Exception unexpected) {
-                throw new PseudonymRequestFailed(msg, rce);
-            }
-        } catch (Exception unexpected) {
             throw new PseudonymRequestFailed(
-                "API request due unexpected error unsuccessful gPas unsuccessful.", unexpected);
+                "API request due unexpected error unsuccessful gPas unsuccessful.",
+                unexpected
+            );
         }
         throw new PseudonymRequestFailed(
             "API request due unexpected error unsuccessful gPas unsuccessful.");

src/main/kotlin/dev/dnpm/etl/processor/input/KafkaInputListener.kt

@@ -31,6 +31,7 @@ import org.apache.kafka.clients.consumer.ConsumerRecord
 import org.slf4j.LoggerFactory
 import org.springframework.http.MediaType
 import org.springframework.kafka.listener.MessageListener
+import java.nio.charset.Charset
 
 class KafkaInputListener(
     private val requestProcessor: RequestProcessor,
@@ -49,19 +50,16 @@ class KafkaInputListener(
         }
     }
 
-    private fun guessMimeType(record: ConsumerRecord<String, String>): String {
+    private fun guessMimeType(record: ConsumerRecord<String, String>): String? {
         if (record.headers().headers("contentType").toList().isEmpty()) {
             // Fallback if no contentType set (old behavior)
             return MediaType.APPLICATION_JSON_VALUE
         }
 
-        return record.headers().headers("contentType")?.firstOrNull()?.value().contentToString()
+        return record.headers().headers("contentType")?.firstOrNull()?.value()?.toString(Charset.forName("UTF-8"))
     }
 
     private fun handleDnpmV2Message(record: ConsumerRecord<String, String>) {
-        // Do not handle DNPM-V2 for now
-        logger.warn("Ignoring MTB File in DNPM V2 format: Not implemented yet")
-
         val mtbFile = objectMapper.readValue(record.value(), Mtb::class.java)
         val patientId = PatientId(mtbFile.patient.id)
         val firstRequestIdHeader = record.headers().headers("requestId")?.firstOrNull()

src/main/kotlin/dev/dnpm/etl/processor/monitoring/Request.kt

@@ -30,6 +30,7 @@ import org.springframework.data.relational.core.mapping.Table
 import org.springframework.data.repository.CrudRepository
 import org.springframework.data.repository.PagingAndSortingRepository
 import java.time.Instant
+import java.time.temporal.ChronoUnit
 import java.util.*
 
 @Table("request")
@@ -65,6 +66,12 @@ data class Request(
         processedAt: Instant
     ) :
             this(null, uuid, patientPseudonym, pid, fingerprint, type, status, processedAt)
+
+    fun isPendingUnknown(): Boolean {
+        return this.status == RequestStatus.UNKNOWN && this.processedAt.isBefore(
+            Instant.now().minus(10, ChronoUnit.MINUTES)
+        )
+    }
 }
 
 @JvmRecord
@@ -90,19 +97,23 @@ interface RequestRepository : CrudRepository<Request, Long>, PagingAndSortingRep
     @Query("SELECT count(*) AS count, status FROM request WHERE type = 'MTB_FILE' GROUP BY status ORDER BY status, count DESC;")
     fun countStates(): List<CountedState>
 
-    @Query("SELECT count(*) AS count, status FROM (" +
+    @Query(
-            "SELECT status, rank() OVER (PARTITION BY patient_pseudonym ORDER BY processed_at DESC) AS rank FROM request " +
+        "SELECT count(*) AS count, status FROM (" +
-            "WHERE type = 'MTB_FILE' AND status NOT IN ('DUPLICATION') " +
+                "SELECT status, rank() OVER (PARTITION BY patient_pseudonym ORDER BY processed_at DESC) AS rank FROM request " +
-            ") rank WHERE rank = 1 GROUP BY status ORDER BY status, count DESC;")
+                "WHERE type = 'MTB_FILE' AND status NOT IN ('DUPLICATION') " +
+                ") rank WHERE rank = 1 GROUP BY status ORDER BY status, count DESC;"
+    )
     fun findPatientUniqueStates(): List<CountedState>
 
     @Query("SELECT count(*) AS count, status FROM request WHERE type = 'DELETE' GROUP BY status ORDER BY status, count DESC;")
     fun countDeleteStates(): List<CountedState>
 
-    @Query("SELECT count(*) AS count, status FROM (" +
+    @Query(
-            "SELECT status, rank() OVER (PARTITION BY patient_pseudonym ORDER BY processed_at DESC) AS rank FROM request " +
+        "SELECT count(*) AS count, status FROM (" +
-            "WHERE type = 'DELETE'" +
+                "SELECT status, rank() OVER (PARTITION BY patient_pseudonym ORDER BY processed_at DESC) AS rank FROM request " +
-            ") rank WHERE rank = 1 GROUP BY status ORDER BY status, count DESC;")
+                "WHERE type = 'DELETE'" +
+                ") rank WHERE rank = 1 GROUP BY status ORDER BY status, count DESC;"
+    )
     fun findPatientUniqueDeleteStates(): List<CountedState>
 
 }

src/main/kotlin/dev/dnpm/etl/processor/output/KafkaMtbFileSender.kt

@@ -27,7 +27,6 @@ import dev.pcvolkmer.mv64e.mtb.Mtb
 import dev.pcvolkmer.mv64e.mtb.MvhMetadata
 import org.apache.kafka.clients.producer.ProducerRecord
 import org.slf4j.LoggerFactory
-import org.springframework.http.MediaType
 import org.springframework.kafka.core.KafkaTemplate
 import org.springframework.retry.support.RetryTemplate
 
@@ -47,8 +46,9 @@ class KafkaMtbFileSender(
                     ProducerRecord(
                         kafkaProperties.outputTopic,
                         key(request),
-                        objectMapper.writeValueAsString(request)
+                        objectMapper.writeValueAsString(request),
                     )
+                record.headers().add("requestId", request.requestId.value.toByteArray())
                 when (request) {
                     is DnpmV2MtbFileRequest -> record.headers()
                         .add(
@@ -82,7 +82,6 @@ class KafkaMtbFileSender(
                     ProducerRecord(
                         kafkaProperties.outputTopic,
                         key(request),
-                        // Always use old BwhcV1FileRequest with Consent REJECT
                         objectMapper.writeValueAsString(
                             DnpmV2MtbFileRequest(
                                 request.requestId,
@@ -90,7 +89,7 @@ class KafkaMtbFileSender(
                             )
                         )
                     )
-
+                record.headers().add("requestId", request.requestId.value.toByteArray())
                 val result = kafkaTemplate.send(record)
                 if (result.get() != null) {
                     logger.debug("Sent deletion request via KafkaMtbFileSender")

src/main/kotlin/dev/dnpm/etl/processor/services/ConsentProcessor.kt

@@ -137,15 +137,7 @@ class ConsentProcessor(
             }
 
             val provisionComponent: ProvisionComponent = provisions.first()
-
+            val provisionCode = getProvisionCode(provisionComponent)
-            var provisionCode: String? = null
-            if (provisionComponent.code != null && provisionComponent.code.isNotEmpty()) {
-                val codableConcept: CodeableConcept = provisionComponent.code.first()
-                if (codableConcept.coding != null && codableConcept.coding.isNotEmpty()) {
-                    provisionCode = codableConcept.coding.first().code
-                }
-            }
-
             if (provisionCode != null) {
                 try {
                     val modelProjectConsentPurpose =
@@ -177,6 +169,17 @@ class ConsentProcessor(
         }
     }
 
+    private fun getProvisionCode(provisionComponent: ProvisionComponent): String? {
+        var provisionCode: String? = null
+        if (provisionComponent.code != null && provisionComponent.code.isNotEmpty()) {
+            val codableConcept: CodeableConcept = provisionComponent.code.first()
+            if (codableConcept.coding != null && codableConcept.coding.isNotEmpty()) {
+                provisionCode = codableConcept.coding.first().code
+            }
+        }
+        return provisionCode
+    }
+
     private fun setGenomDeSubmissionType(mtbFile: Mtb) {
         if (appConfigProperties.genomDeTestSubmission) {
             mtbFile.metadata.type = MvhSubmissionType.TEST
@@ -238,9 +241,9 @@ class ConsentProcessor(
             consent.provision.provision.filter { subProvision ->
                 isRequestDateInRange(requestDate, subProvision.period)
                 // search coding entries of current provision for code and system
-                subProvision.code.map { c -> c.coding }.flatten().firstOrNull { code ->
+                subProvision.code.map { c -> c.coding }.flatten().any { code ->
                     targetCode.equals(code.code) && targetSystem.equals(code.system)
-                } != null
+                }
             }.map { subProvision ->
                 subProvision
             }
@@ -257,11 +260,11 @@ class ConsentProcessor(
         researchAllowedPolicySystem: String?,
         policyRules: Collection<Coding>
     ): Boolean {
-        return policyRules.find { code ->
+        return policyRules.any { code ->
             researchAllowedPolicySystem.equals(code.getSystem()) && (researchAllowedPolicyOid.equals(
                 code.getCode()
             ))
-        } != null
+        }
     }
 
     fun isRequestDateInRange(requestDate: Date?, provPeriod: Period): Boolean {

src/main/resources/application-dev.yml

@@ -18,13 +18,107 @@ spring:
             issuer-uri: https://dnpm.dev/auth/realms/intern
             user-name-attribute: name
 
+#  kafka:
+#    security:
+#      protocol: "SSL"
+#    ssl:
+#      key-store-type: "PEM"
+#      key-store-certificate-chain: -----BEGIN CERTIFICATE-----
+#        MIIDCzCCAfOgAwIBAgIUaXNh4PahaKeLUaab2rUPSVESx28wDQYJKoZIhvcNAQEL
+#        BQAwFTETMBEGA1UEAwwKRXhhbXBsZSBDQTAeFw0yNTA4MjExODEyMTFaFw0zNTA4
+#        MTkxODEyMTFaMBUxEzARBgNVBAMMCkV4YW1wbGUgQ0EwggEiMA0GCSqGSIb3DQEB
+#        AQUAA4IBDwAwggEKAoIBAQCsqalqVOLFglVbX9oSHU91ebyL1kPyb/2N90UGQIcD
+#        UAjzKxxysId1Vdvtbbwgli6UgfPwlzFP2Wlw51h496yL4QU/9tNV956UJ1RoS/fG
+#        qBAEHctqavfMI27UQmIzw4pGMkGzEQxRMc6a9pdabBhbMMTJsjtmOv2YMYHj1HHK
+#        Dr7wTBTt2l0eRyCR0kZ8XGIMWhYowPa4EMpC7+4e5Nf/7LSJZWLLy9jXPpazsjkJ
+#        jEmDNlFfx2tZiq0Wz2Xj1pZSDLbcuIX4IHcLfMvagibfrCMX/h6+WuW42sWPRuBW
+#        wB6cHGlXs+K/gBBWxtD7sOTacO5hbHFsfaJOhSEIGoIpAgMBAAGjUzBRMB0GA1Ud
+#        DgQWBBT2S/C2++ECY+CSuN5KKql0umfbTDAfBgNVHSMEGDAWgBT2S/C2++ECY+CS
+#        uN5KKql0umfbTDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBj
+#        H4DdwqrOHg7sVsqiwDsZfTharpUDCYeG5XhrJQlnA9eKwyofTb929W/fjOwBdDtg
+#        9THT/omR0lA8/UyHtezMT6nMsCn4HG2mXvx6ghgvA3jrFTEY7R80dHkboLMTV3u4
+#        RYgC9S3BJPcbJYpM0cXzkp2T0F4FxWZlfqefuedHuX3zcCxpgVD56qQb2a131TX7
+#        O3UDJfVg8a65IFtehndqILgLVrf7w6+pbmDAlCg5RKrt2USEYyZXYdyTryJbdtn4
+#        BCLp0avYtSYVUGwgH0oUCpkjQRwMg1003TTz8SNnmE7mAXHYljyYejnjL8vBHfch
+#        8tTDVXQn08BT9H3jZTnF
+#        -----END CERTIFICATE-----
+#        -----BEGIN CERTIFICATE-----
+#        MIIC+TCCAeGgAwIBAgIUUoCwz8GS6xQ3mmI7RUUYSNPIOi4wDQYJKoZIhvcNAQEL
+#        BQAwFTETMBEGA1UEAwwKRXhhbXBsZSBDQTAeFw0yNTA4MjExODE0NDhaFw0zNTA4
+#        MTkxODE0NDhaMBQxEjAQBgNVBAMMCWxvY2FsaG9zdDCCASIwDQYJKoZIhvcNAQEB
+#        BQADggEPADCCAQoCggEBAL9PW99MhhBwdEmTHyZgfnhfTrxZPrNU6z1UdV8b82Lk
+#        3p75o8eCKa9iOd7DDQlo75hQBhhX0+Xc3mucrstx5p8TYFMbypif8ojWh3LM++P8
+#        tz3ezQZlq86ycyKpm8dqlA03b227tFDfiYTev2eD2HN40BU7yDAYhhqd/QW8+MV2
+#        jkcRGv5cE21GZxWmPUpkVN+bNoBC8H90WmkST90LfeYF+wZnlsAJZH6AQzR1GnGD
+#        ICE5evMhC78hvRnpgeA310SyxssZEigkePL5lTZOBPY2IuzBqL05agyVTiVq4Xd6
+#        y3xOqXoxxOhZu06yd3nymorqeTgbF1fW8wQF0u3KsFECAwEAAaNCMEAwHQYDVR0O
+#        BBYEFHk9jMWRAAt2YsBSxUcOQVoWayoHMB8GA1UdIwQYMBaAFPZL8Lb74QJj4JK4
+#        3koqqXS6Z9tMMA0GCSqGSIb3DQEBCwUAA4IBAQBqabAA9INONDaLHqs9i9YQHm/g
+#        AnB7xRl/RFbERKKCTSMZUYM8oEaaH0W2ENoPMc/7xOB/R8a7Rm62PTr6syxwhZrY
+#        5NtGKJOD+rh90/5l83tulf93KqOJtGkiv6NBDvCNrITcA+UKRk/z4GcFi2YjWAl4
+#        wvY44lzTasMKSpjUQ5N0VNANcW3nVuEgPQ8rrr0NOK/5j4guPjsXDsixa47gqblA
+#        5xGfBKeVmEXdPbzawZfP4hPIw7DpX2m8Y0erswF1ZxkIV73V3TDsFSLcqSKSzZr6
+#        mtj8COlV9Us7zqaJbV5eOl7GN1T9orZJwZmX1Z46gCkkSLYDP/dqtl2j9JgN
+#        -----END CERTIFICATE-----
+#      ### For dev/testing purposes only!
+#      key-store-key: -----BEGIN PRIVATE KEY-----
+#        MIIEvQIBADANBgkqhkiG9w0BAQEFAASCBKcwggSjAgEAAoIBAQC/T1vfTIYQcHRJ
+#        kx8mYH54X068WT6zVOs9VHVfG/Ni5N6e+aPHgimvYjneww0JaO+YUAYYV9Pl3N5r
+#        nK7LceafE2BTG8qYn/KI1odyzPvj/Lc93s0GZavOsnMiqZvHapQNN29tu7RQ34mE
+#        3r9ng9hzeNAVO8gwGIYanf0FvPjFdo5HERr+XBNtRmcVpj1KZFTfmzaAQvB/dFpp
+#        Ek/dC33mBfsGZ5bACWR+gEM0dRpxgyAhOXrzIQu/Ib0Z6YHgN9dEssbLGRIoJHjy
+#        +ZU2TgT2NiLswai9OWoMlU4lauF3est8Tql6McToWbtOsnd58pqK6nk4GxdX1vME
+#        BdLtyrBRAgMBAAECggEAC1wXfPlqxoQe65WAVoOJTvV90+JKvlRPCZu/wm+C8r7b
+#        Vz5Ekt6wQflHrWoQlpv0CivKSNzCONZ2IJazrGHti0mXwSeXzptEyApRDaiNVnrV
+#        mKdnrjcQThw7iPXgSaWS9/vwMmhgayLy5ABkBi4GhsjINlKP7wctw1vZP+N6NCNd
+#        Ql3taStvDKmG0SfJHF6/2o/XBpof3IJEL7ghbzyTTbWWaO34J1mJ8A+AmjGhj9GE
+#        Dp3XuOrO9W7MVd1nfZDtGBS8qf80AwROyodZZRma9vZuWJZ5aQFi2CnUEtU1T+Uv
+#        tW+F6tg2FOMr8M0Fb79wGIDwSF8u/QcTvwhEzZAfiQKBgQDioOofnE1oB1DOMnqZ
+#        SOFjs+vsirvS6G3lo27+HkE3TgvCHR4sk1305AiXtjmPu8iaUCo9qn18MtduY2RS
+#        CcKMOG/FxhmDyP5I29DhJRhvERIpJd0kcSDQOgtaoVPC1XzIlyTqte6nGX9kAnA/
+#        x/OOXrZ0hjhMNDcZzf2NasPYJQKBgQDYGqTobkVBk+eekNWklnTh41/649rUIgTu
+#        JStArtY2hgaEInYcGa2e7cEj7nIHA0iGy3EJ2yvwoUIyxtoXVcGohu2IrzlhS33T
+#        R4jA7nE2/yHZrEMEJovuSU0eMw7rgvEtL79Q0RToYnTY1EU6X/BBoFfiiEeNMHKz
+#        zjDOOQ6ZvQKBgGCWChIc0FSkwYiPtPZ9PCn89XCjk/cIPkYfiF9fT5Ydeh9pv4Fp
+#        8SI8yXi3HgMnGhDCV65eagqztGMEky3voO2X4/MbQaaL0+wDWxuJbsdvNBk7XOt6
+#        F20HP+2JUiR4Ti1DVWV+0k5/LG7YJzTXp/KmZQZ2aan4mv8xbn2F4h/NAoGAI4ou
+#        OLN53FEQtHkpSYoc6tFUBZTXdi+qE+g09sxKGmlsROrN9c0bSpnbO6eJRTH7CYAH
+#        tRFAZrB+jI87ar8FvEuEYQhALYoWxVpsWR5drCfFT2EPHG2icavIbQEEoSLFuyKx
+#        Gf9oqtcWVFqEkBcbEg/mpDC5Y7TmCEAOsrubdRkCgYEAl7B+EzIdG0rabGoti09q
+#        QXfyiTjR7nQYkhpLxMCeNlCpQ8Y15XSa8bm1UIGYqj/ZBpeBNhrj64IHoub5Vd43
+#        tzbb8yNgoLUd16TU1VvyccCMGQVPIF8RkDsAtEawV2eoXbHAstN99xbC8jsLNZRQ
+#        fcfgTiQaXRJmlVx6jfbfZd4=
+#        -----END PRIVATE KEY-----
+#      trust-store-type: "PEM"
+#      trust-store-certificates: -----BEGIN CERTIFICATE-----
+#        MIIDCzCCAfOgAwIBAgIUaXNh4PahaKeLUaab2rUPSVESx28wDQYJKoZIhvcNAQEL
+#        BQAwFTETMBEGA1UEAwwKRXhhbXBsZSBDQTAeFw0yNTA4MjExODEyMTFaFw0zNTA4
+#        MTkxODEyMTFaMBUxEzARBgNVBAMMCkV4YW1wbGUgQ0EwggEiMA0GCSqGSIb3DQEB
+#        AQUAA4IBDwAwggEKAoIBAQCsqalqVOLFglVbX9oSHU91ebyL1kPyb/2N90UGQIcD
+#        UAjzKxxysId1Vdvtbbwgli6UgfPwlzFP2Wlw51h496yL4QU/9tNV956UJ1RoS/fG
+#        qBAEHctqavfMI27UQmIzw4pGMkGzEQxRMc6a9pdabBhbMMTJsjtmOv2YMYHj1HHK
+#        Dr7wTBTt2l0eRyCR0kZ8XGIMWhYowPa4EMpC7+4e5Nf/7LSJZWLLy9jXPpazsjkJ
+#        jEmDNlFfx2tZiq0Wz2Xj1pZSDLbcuIX4IHcLfMvagibfrCMX/h6+WuW42sWPRuBW
+#        wB6cHGlXs+K/gBBWxtD7sOTacO5hbHFsfaJOhSEIGoIpAgMBAAGjUzBRMB0GA1Ud
+#        DgQWBBT2S/C2++ECY+CSuN5KKql0umfbTDAfBgNVHSMEGDAWgBT2S/C2++ECY+CS
+#        uN5KKql0umfbTDAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQBj
+#        H4DdwqrOHg7sVsqiwDsZfTharpUDCYeG5XhrJQlnA9eKwyofTb929W/fjOwBdDtg
+#        9THT/omR0lA8/UyHtezMT6nMsCn4HG2mXvx6ghgvA3jrFTEY7R80dHkboLMTV3u4
+#        RYgC9S3BJPcbJYpM0cXzkp2T0F4FxWZlfqefuedHuX3zcCxpgVD56qQb2a131TX7
+#        O3UDJfVg8a65IFtehndqILgLVrf7w6+pbmDAlCg5RKrt2USEYyZXYdyTryJbdtn4
+#        BCLp0avYtSYVUGwgH0oUCpkjQRwMg1003TTz8SNnmE7mAXHYljyYejnjL8vBHfch
+#        8tTDVXQn08BT9H3jZTnF
+#        -----END CERTIFICATE-----
+
 app:
   rest:
     uri: http://localhost/api
   #kafka:
-  #  topic: test
-  #  response-topic: test_response
   #  servers: localhost:9094
+  #  group-id: "test1234"
+  #  input-topic: test_input
+  #  output-topic: test_output
+  #  output-response-topic: test_response
   security:
     admin-user: admin
     admin-password: "{noop}very-secret"

src/main/resources/application.yml

@@ -16,7 +16,5 @@ spring:
           content:
             enabled: true
             paths: /**/*.js,/**/*.css,/**/*.svg,/**/*.jpeg
-app:
-  isGenomDeTestSubmission: true
 server:
   forward-headers-strategy: framework

src/main/resources/banner.txt

@@ -0,0 +1,7 @@
+                 __   _  _                   _   _
+ _ __ _____   __/ /_ | || |   ___        ___| |_| |      _ __  _ __ ___   ___ ___  ___ ___  ___  _ __
+| '_ ` _ \ \ / / '_ \| || |_ / _ \_____ / _ \ __| |_____| '_ \| '__/ _ \ / __/ _ \/ __/ __|/ _ \| '__|
+| | | | | \ V /| (_) |__   _|  __/_____|  __/ |_| |_____| |_) | | | (_) | (_|  __/\__ \__ \ (_) | |
+|_| |_| |_|\_/  \___/   |_|  \___|      \___|\__|_|     | .__/|_|  \___/ \___\___||___/___/\___/|_|
+                                                        |_|
+ :: mv64e-etl-processor ::        ${application.formatted-version}

src/main/resources/templates/index.html

@@ -52,8 +52,10 @@
                         <td th:if="${request.status.value.contains('success')}" class="bg-green"><small>[[ ${request.status} ]]</small></td>
                         <td th:if="${request.status.value.contains('warning')}" class="bg-yellow"><small>[[ ${request.status} ]]</small></td>
                         <td th:if="${request.status.value.contains('error')}" class="bg-red"><small>[[ ${request.status} ]]</small></td>
-                        <td th:if="${request.status.value == 'unknown'}" class="bg-gray"><small>[[ ${request.status} ]]</small></td>
+                        <td th:if="${request.status.value == 'unknown' and not request.isPendingUnknown()}" class="bg-gray"><small>[[ ${request.status} ]]</small></td>
+                        <td th:if="${request.status.value == 'unknown' and request.isPendingUnknown()}" class="bg-yellow"><small>⏰ [[ ${request.status} ]] ⏰</small></td>
                         <td th:if="${request.status.value == 'duplication'}" class="bg-gray"><small>[[ ${request.status} ]]</small></td>
+                        <td th:if="${request.status.value == 'no-consent'}" class="bg-blue"><small>[[ ${request.status} ]]</small></td>
                         <td th:style="${request.type.value == 'delete'} ? 'color: red;'"><small>[[ ${request.type} ]]</small></td>
                         <td th:if="not ${request.report}">[[ ${request.uuid} ]]</td>
                         <td th:if="${request.report}">

src/test/kotlin/dev/dnpm/etl/processor/input/KafkaInputListenerTest.kt

@@ -244,7 +244,14 @@ class KafkaInputListenerTest {
     }
 
     @Test
-    fun shouldNotProcessDnpmV2Request() {
+    fun shouldProcessDnpmV2Request() {
+        whenever(consentEvaluator.check(any())).thenReturn(
+            ConsentEvaluation(
+                TtpConsentStatus.BROAD_CONSENT_GIVEN,
+                false
+            )
+        )
+
         val mtbFile = Mtb.builder()
             .patient(Patient.builder().id("DUMMY_12345678").build())
             .metadata(
@@ -285,7 +292,7 @@ class KafkaInputListenerTest {
                 Optional.empty()
             )
         )
-        verify(requestProcessor, times(0)).processDeletion(
+        verify(requestProcessor, times(1)).processDeletion(
             anyValueClass(), anyValueClass(), eq(
                 TtpConsentStatus.UNKNOWN_CHECK_FILE
             )

src/test/kotlin/dev/dnpm/etl/processor/output/KafkaMtbFileSenderTest.kt

@@ -163,6 +163,8 @@ class KafkaMtbFileSenderTest {
             assertThat(captor.firstValue.key()).isEqualTo("{\"pid\": \"PID\"}")
             assertThat(captor.firstValue.headers().headers("contentType")).isNotNull
             assertThat(captor.firstValue.headers().headers("contentType")?.firstOrNull()?.value()).isEqualTo(CustomMediaType.APPLICATION_VND_DNPM_V2_MTB_JSON_VALUE.toByteArray())
+            assertThat(captor.firstValue.headers().headers("requestId")).isNotNull
+            assertThat(captor.firstValue.headers().headers("requestId")?.firstOrNull()?.value()).isEqualTo(TEST_REQUEST_ID.value.toByteArray())
             assertThat(captor.firstValue.value()).isNotNull
             assertThat(captor.firstValue.value()).isEqualTo(objectMapper.writeValueAsString(dnmpV2kafkaRecordData(TEST_REQUEST_ID)))
         }