public ISmartScopeOutcome ProcessScopes(PyroSearchParameters PyroSearchParameters, FHIRAllTypes ServiceResourceType, bool Read, bool Write) { ISmartScopeOutcome SmartScopeOutcome = new SmartScopeOutcome() { ScopesOK = false }; // If FHIRApiAuthentication = false then no need to check and scopes, ScopesOK! if (!IGlobalProperties.FHIRApiAuthentication) { SmartScopeOutcome.ScopesOK = true; return(SmartScopeOutcome); } SmartEnum.Action SmartAction = GetActionEnum(Read, Write); if (System.Threading.Thread.CurrentPrincipal != null && System.Threading.Thread.CurrentPrincipal is ClaimsPrincipal Principal) { //Get Client Id, we need to log this somewere, maybe FHIR AuditEventy? System.Security.Claims.Claim ClientClaim = Principal.Claims.SingleOrDefault(x => x.Type == ClientIdName); //Get tye scopes List <System.Security.Claims.Claim> ScopeClaim = Principal.Claims.Where(x => x.Type == ScopeName).ToList(); //This should be injected ScopeParse ScopeParse = new ScopeParse(); List <ISmartScope> ScopeList = new List <ISmartScope>(); foreach (var ScopeString in ScopeClaim) { ISmartScope SmartScope = new SmartScope(); if (ScopeParse.Parse(ScopeString.Value, out SmartScope)) { ScopeList.Add(SmartScope); } else { string Message = $"Unable to parse the SMART on FHIR scope given. Scope was {ScopeString.Value}"; var OpOut = Common.Tools.FhirOperationOutcomeSupport.Create(OperationOutcome.IssueSeverity.Error, OperationOutcome.IssueType.Exception, Message); throw new Common.Exceptions.PyroException(System.Net.HttpStatusCode.InternalServerError, OpOut, Message); } } IEnumerable <ISmartScope> FoundScopesList = ScopeList.Where(x => x.Resource == ServiceResourceType && (x.Action == SmartAction || x.Action == SmartEnum.Action.All)); if (FoundScopesList.Count() > 0) { if (PyroSearchParameters.IncludeList != null && PyroSearchParameters.IncludeList.Count > 0) { foreach (var Include in PyroSearchParameters.IncludeList) { FoundScopesList = ScopeList.Where(x => x.Resource == Include.SourceResourceType && (x.Action == SmartAction || x.Action == SmartEnum.Action.All)); if (FoundScopesList.Count() == 0) { //Reject string Message = $"You do not have permission to access the {Include.SourceResourceType.GetLiteral()} Resource type found within your include or revinclude search parameters."; var OpOut = Common.Tools.FhirOperationOutcomeSupport.Create(OperationOutcome.IssueSeverity.Error, OperationOutcome.IssueType.Forbidden, Message); SmartScopeOutcome.OperationOutcome = OpOut; SmartScopeOutcome.ScopesOK = false; return(SmartScopeOutcome); } } } var SearchParametersThatHaveChainParametersList = PyroSearchParameters.SearchParametersList.Where(x => x.ChainedSearchParameter != null); if (SearchParametersThatHaveChainParametersList != null && SearchParametersThatHaveChainParametersList.Count() > 0) { foreach (ISearchParameterBase Chain in SearchParametersThatHaveChainParametersList) { string ResourceWithNoScopeAccess = RecursiveChainScoped(Chain, ScopeList, SmartAction); if (!string.IsNullOrWhiteSpace(ResourceWithNoScopeAccess)) { //Reject string Message = $"You do not have permission to access {ResourceWithNoScopeAccess} resources types which was one of the resources types within your chained search parameter."; var OpOut = Common.Tools.FhirOperationOutcomeSupport.Create(OperationOutcome.IssueSeverity.Error, OperationOutcome.IssueType.Forbidden, Message); SmartScopeOutcome.OperationOutcome = OpOut; SmartScopeOutcome.ScopesOK = false; return(SmartScopeOutcome); } } } //ALL GOOD! We have a scope for the resource and action. all ok. SmartScopeOutcome.ScopesOK = true; return(SmartScopeOutcome); } else { string Message = string.Empty; if (SmartAction == SmartEnum.Action.All) { Message = $"You do not have permission to access Resources {ServiceResourceType.GetLiteral()} types for Read or Write."; } else if (SmartAction == SmartEnum.Action.Read) { Message = $"You do not have permission to access Resources {ServiceResourceType.GetLiteral()} types for Read."; } else if (SmartAction == SmartEnum.Action.Read) { Message = $"You do not have permission to access Resources {ServiceResourceType.GetLiteral()} types for Write."; } var OpOut = Common.Tools.FhirOperationOutcomeSupport.Create(OperationOutcome.IssueSeverity.Error, OperationOutcome.IssueType.Forbidden, Message); SmartScopeOutcome.OperationOutcome = OpOut; SmartScopeOutcome.ScopesOK = false; return(SmartScopeOutcome); } } else { //System.Threading.Thread.CurrentPrincipal was null string Message = "Internal Server Error: System.Threading.Thread.CurrentPrincipal was null"; var OpOut = Common.Tools.FhirOperationOutcomeSupport.Create(OperationOutcome.IssueSeverity.Error, OperationOutcome.IssueType.Exception, Message); throw new Common.Exceptions.PyroException(System.Net.HttpStatusCode.InternalServerError, OpOut, Message); } }
public IResourceRepository GetRepository(FHIRAllTypes ResourceType) { switch (ResourceType) { case FHIRAllTypes.Account: return(IUnitOfWork.AccountRepository); case FHIRAllTypes.ActivityDefinition: return(IUnitOfWork.ActivityDefinitionRepository); case FHIRAllTypes.AdverseEvent: return(IUnitOfWork.AdverseEventRepository); case FHIRAllTypes.AllergyIntolerance: return(IUnitOfWork.AllergyIntoleranceRepository); case FHIRAllTypes.Appointment: return(IUnitOfWork.AppointmentRepository); case FHIRAllTypes.AppointmentResponse: return(IUnitOfWork.AppointmentResponseRepository); case FHIRAllTypes.AuditEvent: return(IUnitOfWork.AuditEventRepository); case FHIRAllTypes.Basic: return(IUnitOfWork.BasicRepository); case FHIRAllTypes.Binary: return(IUnitOfWork.BinaryRepository); case FHIRAllTypes.BodySite: return(IUnitOfWork.BodySiteRepository); case FHIRAllTypes.Bundle: return(IUnitOfWork.BundleRepository); case FHIRAllTypes.CapabilityStatement: return(IUnitOfWork.CapabilityStatementRepository); case FHIRAllTypes.CarePlan: return(IUnitOfWork.CarePlanRepository); case FHIRAllTypes.CareTeam: return(IUnitOfWork.CareTeamRepository); case FHIRAllTypes.ChargeItem: return(IUnitOfWork.ChargeItemRepository); case FHIRAllTypes.Claim: return(IUnitOfWork.ClaimRepository); case FHIRAllTypes.ClaimResponse: return(IUnitOfWork.ClaimResponseRepository); case FHIRAllTypes.ClinicalImpression: return(IUnitOfWork.ClinicalImpressionRepository); case FHIRAllTypes.CodeSystem: return(IUnitOfWork.CodeSystemRepository); case FHIRAllTypes.Communication: return(IUnitOfWork.CommunicationRepository); case FHIRAllTypes.CommunicationRequest: return(IUnitOfWork.CommunicationRequestRepository); case FHIRAllTypes.CompartmentDefinition: return(IUnitOfWork.CompartmentDefinitionRepository); case FHIRAllTypes.Composition: return(IUnitOfWork.CompositionRepository); case FHIRAllTypes.ConceptMap: return(IUnitOfWork.ConceptMapRepository); case FHIRAllTypes.Condition: return(IUnitOfWork.ConditionRepository); case FHIRAllTypes.Consent: return(IUnitOfWork.ConsentRepository); case FHIRAllTypes.Contract: return(IUnitOfWork.ContractRepository); case FHIRAllTypes.Coverage: return(IUnitOfWork.CoverageRepository); case FHIRAllTypes.DataElement: return(IUnitOfWork.DataElementRepository); case FHIRAllTypes.DetectedIssue: return(IUnitOfWork.DetectedIssueRepository); case FHIRAllTypes.Device: return(IUnitOfWork.DeviceRepository); case FHIRAllTypes.DeviceComponent: return(IUnitOfWork.DeviceComponentRepository); case FHIRAllTypes.DeviceMetric: return(IUnitOfWork.DeviceMetricRepository); case FHIRAllTypes.DeviceRequest: return(IUnitOfWork.DeviceRequestRepository); case FHIRAllTypes.DeviceUseStatement: return(IUnitOfWork.DeviceUseStatementRepository); case FHIRAllTypes.DiagnosticReport: return(IUnitOfWork.DiagnosticReportRepository); case FHIRAllTypes.DocumentManifest: return(IUnitOfWork.DocumentManifestRepository); case FHIRAllTypes.DocumentReference: return(IUnitOfWork.DocumentReferenceRepository); case FHIRAllTypes.EligibilityRequest: return(IUnitOfWork.EligibilityRequestRepository); case FHIRAllTypes.EligibilityResponse: return(IUnitOfWork.EligibilityResponseRepository); case FHIRAllTypes.Encounter: return(IUnitOfWork.EncounterRepository); case FHIRAllTypes.Endpoint: return(IUnitOfWork.EndpointRepository); case FHIRAllTypes.EnrollmentRequest: return(IUnitOfWork.EnrollmentRequestRepository); case FHIRAllTypes.EnrollmentResponse: return(IUnitOfWork.EnrollmentResponseRepository); case FHIRAllTypes.EpisodeOfCare: return(IUnitOfWork.EpisodeOfCareRepository); case FHIRAllTypes.ExpansionProfile: return(IUnitOfWork.ExpansionProfileRepository); case FHIRAllTypes.ExplanationOfBenefit: return(IUnitOfWork.ExplanationOfBenefitRepository); case FHIRAllTypes.FamilyMemberHistory: return(IUnitOfWork.FamilyMemberHistoryRepository); case FHIRAllTypes.Flag: return(IUnitOfWork.FlagRepository); case FHIRAllTypes.Goal: return(IUnitOfWork.GoalRepository); case FHIRAllTypes.GraphDefinition: return(IUnitOfWork.GraphDefinitionRepository); case FHIRAllTypes.Group: return(IUnitOfWork.GroupRepository); case FHIRAllTypes.GuidanceResponse: return(IUnitOfWork.GuidanceResponseRepository); case FHIRAllTypes.HealthcareService: return(IUnitOfWork.HealthcareServiceRepository); case FHIRAllTypes.ImagingManifest: return(IUnitOfWork.ImagingManifestRepository); case FHIRAllTypes.ImagingStudy: return(IUnitOfWork.ImagingStudyRepository); case FHIRAllTypes.Immunization: return(IUnitOfWork.ImmunizationRepository); case FHIRAllTypes.ImmunizationRecommendation: return(IUnitOfWork.ImmunizationRecommendationRepository); case FHIRAllTypes.ImplementationGuide: return(IUnitOfWork.ImplementationGuideRepository); case FHIRAllTypes.Library: return(IUnitOfWork.LibraryRepository); case FHIRAllTypes.Linkage: return(IUnitOfWork.LinkageRepository); case FHIRAllTypes.List: return(IUnitOfWork.ListRepository); case FHIRAllTypes.Location: return(IUnitOfWork.LocationRepository); case FHIRAllTypes.Measure: return(IUnitOfWork.MeasureRepository); case FHIRAllTypes.MeasureReport: return(IUnitOfWork.MeasureReportRepository); case FHIRAllTypes.Media: return(IUnitOfWork.MediaRepository); case FHIRAllTypes.Medication: return(IUnitOfWork.MedicationRepository); case FHIRAllTypes.MedicationAdministration: return(IUnitOfWork.MedicationAdministrationRepository); case FHIRAllTypes.MedicationDispense: return(IUnitOfWork.MedicationDispenseRepository); case FHIRAllTypes.MedicationRequest: return(IUnitOfWork.MedicationRequestRepository); case FHIRAllTypes.MedicationStatement: return(IUnitOfWork.MedicationStatementRepository); case FHIRAllTypes.MessageDefinition: return(IUnitOfWork.MessageDefinitionRepository); case FHIRAllTypes.MessageHeader: return(IUnitOfWork.MessageHeaderRepository); case FHIRAllTypes.NamingSystem: return(IUnitOfWork.NamingSystemRepository); case FHIRAllTypes.NutritionOrder: return(IUnitOfWork.NutritionOrderRepository); case FHIRAllTypes.Observation: return(IUnitOfWork.ObservationRepository); case FHIRAllTypes.OperationDefinition: return(IUnitOfWork.OperationDefinitionRepository); case FHIRAllTypes.OperationOutcome: return(IUnitOfWork.OperationOutcomeRepository); case FHIRAllTypes.Organization: return(IUnitOfWork.OrganizationRepository); case FHIRAllTypes.Parameters: return(IUnitOfWork.ParametersRepository); case FHIRAllTypes.Patient: return(IUnitOfWork.PatientRepository); case FHIRAllTypes.PaymentNotice: return(IUnitOfWork.PaymentNoticeRepository); case FHIRAllTypes.PaymentReconciliation: return(IUnitOfWork.PaymentReconciliationRepository); case FHIRAllTypes.Person: return(IUnitOfWork.PersonRepository); case FHIRAllTypes.PlanDefinition: return(IUnitOfWork.PlanDefinitionRepository); case FHIRAllTypes.Practitioner: return(IUnitOfWork.PractitionerRepository); case FHIRAllTypes.PractitionerRole: return(IUnitOfWork.PractitionerRoleRepository); case FHIRAllTypes.Procedure: return(IUnitOfWork.ProcedureRepository); case FHIRAllTypes.ProcedureRequest: return(IUnitOfWork.ProcedureRequestRepository); case FHIRAllTypes.ProcessRequest: return(IUnitOfWork.ProcessRequestRepository); case FHIRAllTypes.ProcessResponse: return(IUnitOfWork.ProcessResponseRepository); case FHIRAllTypes.Provenance: return(IUnitOfWork.ProvenanceRepository); case FHIRAllTypes.Questionnaire: return(IUnitOfWork.QuestionnaireRepository); case FHIRAllTypes.QuestionnaireResponse: return(IUnitOfWork.QuestionnaireResponseRepository); case FHIRAllTypes.ReferralRequest: return(IUnitOfWork.ReferralRequestRepository); case FHIRAllTypes.RelatedPerson: return(IUnitOfWork.RelatedPersonRepository); case FHIRAllTypes.RequestGroup: return(IUnitOfWork.RequestGroupRepository); case FHIRAllTypes.ResearchStudy: return(IUnitOfWork.ResearchStudyRepository); case FHIRAllTypes.ResearchSubject: return(IUnitOfWork.ResearchSubjectRepository); case FHIRAllTypes.RiskAssessment: return(IUnitOfWork.RiskAssessmentRepository); case FHIRAllTypes.Schedule: return(IUnitOfWork.ScheduleRepository); case FHIRAllTypes.SearchParameter: return(IUnitOfWork.SearchParameterRepository); case FHIRAllTypes.Sequence: return(IUnitOfWork.SequenceRepository); case FHIRAllTypes.ServiceDefinition: return(IUnitOfWork.ServiceDefinitionRepository); case FHIRAllTypes.Slot: return(IUnitOfWork.SlotRepository); case FHIRAllTypes.Specimen: return(IUnitOfWork.SpecimenRepository); case FHIRAllTypes.StructureDefinition: return(IUnitOfWork.StructureDefinitionRepository); case FHIRAllTypes.StructureMap: return(IUnitOfWork.StructureMapRepository); case FHIRAllTypes.Subscription: return(IUnitOfWork.SubscriptionRepository); case FHIRAllTypes.Substance: return(IUnitOfWork.SubstanceRepository); case FHIRAllTypes.SupplyDelivery: return(IUnitOfWork.SupplyDeliveryRepository); case FHIRAllTypes.SupplyRequest: return(IUnitOfWork.SupplyRequestRepository); case FHIRAllTypes.Task: return(IUnitOfWork.TaskRepository); case FHIRAllTypes.TestReport: return(IUnitOfWork.TestReportRepository); case FHIRAllTypes.TestScript: return(IUnitOfWork.TestScriptRepository); case FHIRAllTypes.ValueSet: return(IUnitOfWork.ValueSetRepository); case FHIRAllTypes.VisionPrescription: return(IUnitOfWork.VisionPrescriptionRepository); default: { string Message = $"The Resource name given: '{ResourceType.GetLiteral()}' has no matching server repository. "; var OpOutCome = FhirOperationOutcomeSupport.Create(OperationOutcome.IssueSeverity.Fatal, OperationOutcome.IssueType.Invalid, Message); throw new PyroException(HttpStatusCode.BadRequest, OpOutCome, Message); } } }