pcvolkmer/onkostar-plugin-dnpm
1
0
Fork 0
mirror of https://github.com/pcvolkmer/onkostar-plugin-dnpm.git synced 2025-07-03 01:32:55 +00:00
Code Issues Activity

Use DelegatingDataBasedPermissionEvaluator

Browse Source 
This will check person pool and form/procedure permissions to access ECOG status
This commit is contained in:
Paul-Christian Volkmer
2023-09-25 13:57:04 +02:00
parent 4949bfcc64
commit c8387c5094
2 changed files with 12 additions and 12 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
src/main/java/DNPM/analyzer/DNPMHelper.java
View File

@ -1,9 +1,9 @@
package DNPM.analyzer; package DNPM.analyzer;
import DNPM.VerweisVon; import DNPM.VerweisVon;
import DNPM.security.DelegatingDataBasedPermissionEvaluator;
import DNPM.security.IllegalSecuredObjectAccessException; import DNPM.security.IllegalSecuredObjectAccessException;
import DNPM.security.PermissionType; import DNPM.security.PermissionType;
import DNPM.security.PersonPoolBasedPermissionEvaluator;
import DNPM.services.systemtherapie.SystemtherapieService; import DNPM.services.systemtherapie.SystemtherapieService;
import com.fasterxml.jackson.core.JsonProcessingException; import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper; import com.fasterxml.jackson.databind.ObjectMapper;
@ -33,16 +33,16 @@ public class DNPMHelper extends BackendService {
private final SystemtherapieService systemtherapieService; private final SystemtherapieService systemtherapieService;
private final PersonPoolBasedPermissionEvaluator personPoolBasedPermissionEvaluator; private final DelegatingDataBasedPermissionEvaluator delegatingDataBasedPermissionEvaluator;
public DNPMHelper( public DNPMHelper(
final IOnkostarApi onkostarApi, final IOnkostarApi onkostarApi,
final SystemtherapieService systemtherapieService, final SystemtherapieService systemtherapieService,
final PersonPoolBasedPermissionEvaluator permissionEvaluator final DelegatingDataBasedPermissionEvaluator permissionEvaluator
) { ) {
this.onkostarApi = onkostarApi; this.onkostarApi = onkostarApi;
this.systemtherapieService = systemtherapieService; this.systemtherapieService = systemtherapieService;
this.personPoolBasedPermissionEvaluator = permissionEvaluator; this.delegatingDataBasedPermissionEvaluator = permissionEvaluator;
} }
@Override @Override
@ -237,7 +237,6 @@ public class DNPMHelper extends BackendService {
} }
// TODO Achtung, keine Sicherheitsprüfung, darüber kann für jeden Patienten die Liste mit ECOG-Status abgerufen werden!
public List<SystemtherapieService.EcogStatusWithDate> getEcogStatus(final Map<String, Object> input) { public List<SystemtherapieService.EcogStatusWithDate> getEcogStatus(final Map<String, Object> input) {
var pid = AnalyzerUtils.getRequiredId(input, "PatientId"); var pid = AnalyzerUtils.getRequiredId(input, "PatientId");
if (pid.isEmpty()) { if (pid.isEmpty()) {
@ -251,7 +250,7 @@ public class DNPMHelper extends BackendService {
return List.of(); return List.of();
} }
if (personPoolBasedPermissionEvaluator.hasPermission(SecurityContextHolder.getContext().getAuthentication(), patient, PermissionType.READ)) { if (delegatingDataBasedPermissionEvaluator.hasPermission(SecurityContextHolder.getContext().getAuthentication(), patient, PermissionType.READ)) {
return systemtherapieService.ecogStatus(patient); return systemtherapieService.ecogStatus(patient);
} }

13
src/test/java/DNPM/DNPMHelperTest.java
View File

@ -1,6 +1,7 @@
package DNPM; package DNPM;
import DNPM.analyzer.DNPMHelper; import DNPM.analyzer.DNPMHelper;
import DNPM.security.DelegatingDataBasedPermissionEvaluator;
import DNPM.security.IllegalSecuredObjectAccessException; import DNPM.security.IllegalSecuredObjectAccessException;
import DNPM.security.PermissionType; import DNPM.security.PermissionType;
import DNPM.security.PersonPoolBasedPermissionEvaluator; import DNPM.security.PersonPoolBasedPermissionEvaluator;
@ -36,7 +37,7 @@ class DNPMHelperTest {
private SystemtherapieService systemtherapieService; private SystemtherapieService systemtherapieService;
private PersonPoolBasedPermissionEvaluator personPoolBasedPermissionEvaluator; private DelegatingDataBasedPermissionEvaluator delegatingDataBasedPermissionEvaluator;
private DNPMHelper dnpmHelper; private DNPMHelper dnpmHelper;
@ -44,12 +45,12 @@ class DNPMHelperTest {
void setup( void setup(
@Mock IOnkostarApi onkostarApi, @Mock IOnkostarApi onkostarApi,
@Mock SystemtherapieService systemtherapieService, @Mock SystemtherapieService systemtherapieService,
@Mock PersonPoolBasedPermissionEvaluator personPoolBasedPermissionEvaluator @Mock DelegatingDataBasedPermissionEvaluator delegatingDataBasedPermissionEvaluator
) { ) {
this.onkostarApi = onkostarApi; this.onkostarApi = onkostarApi;
this.systemtherapieService = systemtherapieService; this.systemtherapieService = systemtherapieService;
this.personPoolBasedPermissionEvaluator = personPoolBasedPermissionEvaluator; this.delegatingDataBasedPermissionEvaluator = delegatingDataBasedPermissionEvaluator;
this.dnpmHelper = new DNPMHelper(onkostarApi, systemtherapieService, personPoolBasedPermissionEvaluator); this.dnpmHelper = new DNPMHelper(onkostarApi, systemtherapieService, delegatingDataBasedPermissionEvaluator);
} }
@Test @Test
@ -257,7 +258,7 @@ class DNPMHelperTest {
@Test @Test
void testShouldReturnEcogStatusList() { void testShouldReturnEcogStatusList() {
when(personPoolBasedPermissionEvaluator.hasPermission(any(), any(Patient.class), any(PermissionType.class))) when(delegatingDataBasedPermissionEvaluator.hasPermission(any(), any(Patient.class), any(PermissionType.class)))
.thenReturn(true); .thenReturn(true);
doAnswer(invocationOnMock -> { doAnswer(invocationOnMock -> {
@ -277,7 +278,7 @@ class DNPMHelperTest {
@Test @Test
void testShouldNotReturnEcogStatusListIfNoPermissionGranted() { void testShouldNotReturnEcogStatusListIfNoPermissionGranted() {
when(personPoolBasedPermissionEvaluator.hasPermission(any(), any(Patient.class), any(PermissionType.class))) when(delegatingDataBasedPermissionEvaluator.hasPermission(any(), any(Patient.class), any(PermissionType.class)))
.thenReturn(false); .thenReturn(false);
doAnswer(invocationOnMock -> { doAnswer(invocationOnMock -> {