public void GivenAResourceWithInvalidId_WhenValidatingUpsert_ThenInvalidShouldBeReturned(string id, string maliciousNarrative) { var contextAccessor = Substitute.For <RequestContextAccessor <IFhirRequestContext> >(); var profileValidator = Substitute.For <IProfileValidator>(); var config = Substitute.For <IOptions <CoreFeatureConfiguration> >(); config.Value.Returns(new CoreFeatureConfiguration()); contextAccessor.RequestContext.RequestHeaders.Returns(new Dictionary <string, StringValues>()); var validator = new CreateResourceValidator( new ModelAttributeValidator(), new NarrativeHtmlSanitizer(NullLogger <NarrativeHtmlSanitizer> .Instance), profileValidator, contextAccessor, config); var defaultObservation = Samples.GetDefaultObservation().ToPoco <Observation>(); defaultObservation.Text.Div = maliciousNarrative; var defaultPatient = Samples.GetDefaultPatient().ToPoco <Patient>(); defaultPatient.Text.Div = maliciousNarrative; var bundle = new Bundle(); bundle.Entry.Add(new Bundle.EntryComponent { Resource = defaultObservation }); bundle.Entry.Add(new Bundle.EntryComponent { Resource = defaultPatient }); var resource = bundle.ToResourceElement() .UpdateId(id); var createResourceRequest = new CreateResourceRequest(resource); var result = validator.Validate(createResourceRequest); Assert.False(result.IsValid); Assert.True(result.Errors.Count >= 3); Assert.NotEmpty(result.Errors.Where(e => e.ErrorMessage.Contains("min. cardinality 1 cannot be null"))); Assert.NotEmpty(result.Errors.Where(e => e.ErrorMessage.Contains("XHTML content should be contained within a single <div> element"))); Assert.NotEmpty(result.Errors.Where(e => e.ErrorMessage.Contains("Id must be any combination of upper or lower case ASCII letters"))); }
public void GivenConfigOrHeader_WhenValidatingCreate_ThenProfileValidationShouldOrShouldntBeCalled(bool configValue, bool?headerValue, bool shouldCallProfileValidation) { var contextAccessor = Substitute.For <RequestContextAccessor <IFhirRequestContext> >(); var profileValidator = Substitute.For <IProfileValidator>(); var config = Substitute.For <IOptions <CoreFeatureConfiguration> >(); config.Value.Returns(new CoreFeatureConfiguration() { ProfileValidationOnCreate = configValue }); var headers = new Dictionary <string, StringValues>(); if (headerValue != null) { headers.Add(KnownHeaders.ProfileValidation, new StringValues(headerValue.Value.ToString())); } contextAccessor.RequestContext.RequestHeaders.Returns(headers); var validator = new CreateResourceValidator( new ModelAttributeValidator(), new NarrativeHtmlSanitizer(NullLogger <NarrativeHtmlSanitizer> .Instance), profileValidator, contextAccessor, config); var resource = Samples.GetDefaultObservation(); var createResourceRequest = new CreateResourceRequest(resource); validator.Validate(createResourceRequest); if (shouldCallProfileValidation) { profileValidator.Received().TryValidate(Arg.Any <ITypedElement>(), Arg.Any <string>()); } else { profileValidator.DidNotReceive().TryValidate(Arg.Any <ITypedElement>(), Arg.Any <string>()); } }
public void GivenAResourceWithoutInvalidId_WhenValidatingUpsert_ThenInvalidShouldBeReturned(string id) { var contextAccessor = Substitute.For <RequestContextAccessor <IFhirRequestContext> >(); var profileValidator = Substitute.For <IProfileValidator>(); var config = Substitute.For <IOptions <CoreFeatureConfiguration> >(); config.Value.Returns(new CoreFeatureConfiguration()); contextAccessor.RequestContext.RequestHeaders.Returns(new Dictionary <string, StringValues>()); var validator = new CreateResourceValidator( new ModelAttributeValidator(), new NarrativeHtmlSanitizer(NullLogger <NarrativeHtmlSanitizer> .Instance), profileValidator, contextAccessor, config); var resource = Samples.GetDefaultObservation() .UpdateId(id); var createResourceRequest = new CreateResourceRequest(resource); var result = validator.Validate(createResourceRequest); Assert.False(result.IsValid); }