public async Task WhenHardDeletingAResource_GivenAUserWithNoHardDeletePermissions_TheServerShouldReturnForbidden() { FhirClient tempClient = Client.CreateClientForUser(TestUsers.WriteOnlyUser, TestApplications.NativeClient); Observation createdResource = await tempClient.CreateAsync(Samples.GetDefaultObservation().ToPoco <Observation>()); FhirException fhirException = await Assert.ThrowsAsync <FhirException>(async() => await tempClient.HardDeleteAsync(createdResource)); Assert.Equal(ForbiddenMessage, fhirException.Message); Assert.Equal(HttpStatusCode.Forbidden, fhirException.StatusCode); }
public static async Task <TResource[]> CreateResourcesAsync <TResource>(this FhirClient client, int count) where TResource : Resource, new() { TResource[] resources = new TResource[count]; for (int i = 0; i < resources.Length; i++) { TResource resource = new TResource(); resources[i] = await client.CreateAsync(resource); } return(resources); }
public async Task WhenGettingAResource_GivenAUserWithReadPermissions_TheServerShouldReturnSuccess() { FhirClient tempClient = Client.CreateClientForClientApplication(TestApplications.ServiceClient); Observation createdResource = await tempClient.CreateAsync(Samples.GetDefaultObservation().ToPoco <Observation>()); tempClient = Client.CreateClientForUser(TestUsers.ReadOnlyUser, TestApplications.NativeClient); FhirResponse <Observation> readResponse = await tempClient.ReadAsync <Observation>(ResourceType.Observation, createdResource.Id); Observation readResource = readResponse.Resource; Assert.Equal(createdResource.Id, readResource.Id); Assert.Equal(createdResource.Meta.VersionId, readResource.Meta.VersionId); Assert.Equal(createdResource.Meta.LastUpdated, readResource.Meta.LastUpdated); }
public async Task GivenAResource_WhenCreated_ThenAuditLogEntriesShouldBeCreated() { await ExecuteAndValidate( () => _client.CreateAsync(Samples.GetDefaultObservation().ToPoco()), "create", ResourceType.Observation, _ => "Observation", HttpStatusCode.Created); }
public static async Task <TResource[]> CreateResourcesAsync <TResource>(this FhirClient client, params Action <TResource>[] resourceCustomizer) where TResource : Resource, new() { TResource[] resources = new TResource[resourceCustomizer.Length]; for (int i = 0; i < resources.Length; i++) { TResource resource = new TResource(); resourceCustomizer[i](resource); resources[i] = await client.CreateAsync(resource); } return(resources); }
public async Task WhenUpdatingAResource_GivenAUserWithUpdatePermissions_TheServerShouldReturnSuccess() { FhirClient tempClient = Client.CreateClientForUser(TestUsers.AdminUser, TestApplications.NativeClient); Observation createdResource = await tempClient.CreateAsync(Samples.GetDefaultObservation().ToPoco <Observation>()); tempClient = Client.CreateClientForUser(TestUsers.ReadWriteUser, TestApplications.NativeClient); FhirResponse <Observation> updateResponse = await tempClient.UpdateAsync(createdResource); Assert.Equal(System.Net.HttpStatusCode.OK, updateResponse.StatusCode); Observation updatedResource = updateResponse.Resource; Assert.NotNull(updatedResource); Assert.Equal(createdResource.Id, updatedResource.Id); Assert.NotEqual(createdResource.Meta.VersionId, updatedResource.Meta.VersionId); Assert.NotEqual(createdResource.Meta.LastUpdated, updatedResource.Meta.LastUpdated); }
public async Task WhenHardDeletingAResource_GivenAUserWithHardDeletePermissions_TheServerShouldReturnSuccess() { FhirClient tempClient = Client.CreateClientForUser(TestUsers.WriteOnlyUser, TestApplications.NativeClient); Observation createdResource = await tempClient.CreateAsync(Samples.GetDefaultObservation().ToPoco <Observation>()); tempClient = Client.CreateClientForUser(TestUsers.HardDeleteUser, TestApplications.NativeClient); // Hard-delete the resource. await tempClient.HardDeleteAsync(createdResource); tempClient = Client.CreateClientForUser(TestUsers.ReadOnlyUser, TestApplications.NativeClient); // Getting the resource should result in NotFound. await ExecuteAndValidateNotFoundStatus(() => tempClient.ReadAsync <Observation>(ResourceType.Observation, createdResource.Id)); async Task <FhirException> ExecuteAndValidateNotFoundStatus(Func <Task> action) { FhirException exception = await Assert.ThrowsAsync <FhirException>(action); Assert.Equal(HttpStatusCode.NotFound, exception.StatusCode); return(exception); } }
public async Task WhenCreatingAResource_GivenAClientWithWrongAudience_TheServerShouldReturnUnauthorized() { FhirClient tempClient = Client.CreateClientForClientApplication(TestApplications.WrongAudienceClient); FhirException fhirException = await Assert.ThrowsAsync <FhirException>(async() => await tempClient.CreateAsync(Samples.GetDefaultObservation().ToPoco <Observation>())); Assert.Equal(UnauthorizedMessage, fhirException.Message); Assert.Equal(HttpStatusCode.Unauthorized, fhirException.StatusCode); }
public async Task WhenCreatingAResource_GivenAClientWithInvalidAuthToken_TheServerShouldReturnUnauthorized() { FhirClient tempClient = Client.CreateClientForClientApplication(TestApplications.InvalidClient).Clone(); tempClient.HttpClient.SetBearerToken(Invalidtoken); FhirException fhirException = await Assert.ThrowsAsync <FhirException>(async() => await tempClient.CreateAsync(Samples.GetDefaultObservation().ToPoco <Observation>())); Assert.Equal(UnauthorizedMessage, fhirException.Message); Assert.Equal(HttpStatusCode.Unauthorized, fhirException.StatusCode); }
public async Task WhenCreatingAResource_GivenAClientWithNoAuthToken_TheServerShouldReturnUnauthorized() { FhirClient tempClient = Client.CreateClientForClientApplication(TestApplications.InvalidClient); FhirException fhirException = await Assert.ThrowsAsync <FhirException>(async() => await tempClient.CreateAsync(Samples.GetDefaultObservation().ToPoco <Observation>())); Assert.Equal(UnauthorizedMessage, fhirException.Message); Assert.Equal(HttpStatusCode.Unauthorized, fhirException.StatusCode); List <AuthenticationHeaderValue> wwwAuthenticationHeaderValues = fhirException.Headers.WwwAuthenticate.Where(h => h.Scheme == "Bearer").ToList(); Assert.Single(wwwAuthenticationHeaderValues); Match matchResults = WwwAuthenticatePattern.Match(wwwAuthenticationHeaderValues.First().Parameter); Assert.Single(matchResults.Groups["authorization_uri"].Captures); var authorizationUri = matchResults.Groups["authorization_uri"].Captures[0].Value; Assert.Single(matchResults.Groups["realm"].Captures); var realm = matchResults.Groups["realm"].Captures[0].Value; Assert.Single(matchResults.Groups["resource_id"].Captures); var resourceId = matchResults.Groups["resource_id"].Captures[0].Value; Assert.Equal(AuthenticationSettings.Resource, realm); Assert.Equal(realm, resourceId); // We can only verify that this is a URI since a server with SmartOnFHIR enabled will not report the actual authorization server anywhere else. Assert.True(Uri.TryCreate(authorizationUri, UriKind.Absolute, out _)); }