public ISmartScopeOutcome ProcessScopes(PyroSearchParameters PyroSearchParameters, FHIRAllTypes ServiceResourceType, bool Read, bool Write)
{
ISmartScopeOutcome SmartScopeOutcome = new SmartScopeOutcome()
{
ScopesOK = false
};
// If FHIRApiAuthentication = false then no need to check and scopes, ScopesOK!
if (!IGlobalProperties.FHIRApiAuthentication)
{
SmartScopeOutcome.ScopesOK = true;
return(SmartScopeOutcome);
}
SmartEnum.Action SmartAction = GetActionEnum(Read, Write);
if (System.Threading.Thread.CurrentPrincipal != null && System.Threading.Thread.CurrentPrincipal is ClaimsPrincipal Principal)
{
//Get Client Id, we need to log this somewere, maybe FHIR AuditEventy?
System.Security.Claims.Claim ClientClaim = Principal.Claims.SingleOrDefault(x => x.Type == ClientIdName);
//Get tye scopes
List <System.Security.Claims.Claim> ScopeClaim = Principal.Claims.Where(x => x.Type == ScopeName).ToList();
//This should be injected
ScopeParse ScopeParse = new ScopeParse();
List <ISmartScope> ScopeList = new List <ISmartScope>();
foreach (var ScopeString in ScopeClaim)
{
ISmartScope SmartScope = new SmartScope();
if (ScopeParse.Parse(ScopeString.Value, out SmartScope))
{
ScopeList.Add(SmartScope);
}
else
{
string Message = $"Unable to parse the SMART on FHIR scope given. Scope was {ScopeString.Value}";
var OpOut = Common.Tools.FhirOperationOutcomeSupport.Create(OperationOutcome.IssueSeverity.Error, OperationOutcome.IssueType.Exception, Message);
throw new Common.Exceptions.PyroException(System.Net.HttpStatusCode.InternalServerError, OpOut, Message);
}
}
IEnumerable <ISmartScope> FoundScopesList = ScopeList.Where(x => x.Resource == ServiceResourceType && (x.Action == SmartAction || x.Action == SmartEnum.Action.All));
if (FoundScopesList.Count() > 0)
{
if (PyroSearchParameters.IncludeList != null && PyroSearchParameters.IncludeList.Count > 0)
{
foreach (var Include in PyroSearchParameters.IncludeList)
{
FoundScopesList = ScopeList.Where(x => x.Resource == Include.SourceResourceType && (x.Action == SmartAction || x.Action == SmartEnum.Action.All));
if (FoundScopesList.Count() == 0)
{
//Reject
string Message = $"You do not have permission to access the {Include.SourceResourceType.GetLiteral()} Resource type found within your include or revinclude search parameters.";
var OpOut = Common.Tools.FhirOperationOutcomeSupport.Create(OperationOutcome.IssueSeverity.Error, OperationOutcome.IssueType.Forbidden, Message);
SmartScopeOutcome.OperationOutcome = OpOut;
SmartScopeOutcome.ScopesOK = false;
return(SmartScopeOutcome);
}
}
}
var SearchParametersThatHaveChainParametersList = PyroSearchParameters.SearchParametersList.Where(x => x.ChainedSearchParameter != null);
if (SearchParametersThatHaveChainParametersList != null && SearchParametersThatHaveChainParametersList.Count() > 0)
{
foreach (ISearchParameterBase Chain in SearchParametersThatHaveChainParametersList)
{
string ResourceWithNoScopeAccess = RecursiveChainScoped(Chain, ScopeList, SmartAction);
if (!string.IsNullOrWhiteSpace(ResourceWithNoScopeAccess))
{
//Reject
string Message = $"You do not have permission to access {ResourceWithNoScopeAccess} resources types which was one of the resources types within your chained search parameter.";
var OpOut = Common.Tools.FhirOperationOutcomeSupport.Create(OperationOutcome.IssueSeverity.Error, OperationOutcome.IssueType.Forbidden, Message);
SmartScopeOutcome.OperationOutcome = OpOut;
SmartScopeOutcome.ScopesOK = false;
return(SmartScopeOutcome);
}
}
}
//ALL GOOD! We have a scope for the resource and action. all ok.
SmartScopeOutcome.ScopesOK = true;
return(SmartScopeOutcome);
}
else
{
string Message = string.Empty;
if (SmartAction == SmartEnum.Action.All)
{
Message = $"You do not have permission to access Resources {ServiceResourceType.GetLiteral()} types for Read or Write.";
}
else if (SmartAction == SmartEnum.Action.Read)
{
Message = $"You do not have permission to access Resources {ServiceResourceType.GetLiteral()} types for Read.";
}
else if (SmartAction == SmartEnum.Action.Read)
{
Message = $"You do not have permission to access Resources {ServiceResourceType.GetLiteral()} types for Write.";
}
var OpOut = Common.Tools.FhirOperationOutcomeSupport.Create(OperationOutcome.IssueSeverity.Error, OperationOutcome.IssueType.Forbidden, Message);
SmartScopeOutcome.OperationOutcome = OpOut;
SmartScopeOutcome.ScopesOK = false;
return(SmartScopeOutcome);
}
}
else
{
//System.Threading.Thread.CurrentPrincipal was null
string Message = "Internal Server Error: System.Threading.Thread.CurrentPrincipal was null";
var OpOut = Common.Tools.FhirOperationOutcomeSupport.Create(OperationOutcome.IssueSeverity.Error, OperationOutcome.IssueType.Exception, Message);
throw new Common.Exceptions.PyroException(System.Net.HttpStatusCode.InternalServerError, OpOut, Message);
}
}
public IResourceRepository GetRepository(FHIRAllTypes ResourceType)
{
switch (ResourceType)
{
case FHIRAllTypes.Account:
return(IUnitOfWork.AccountRepository);
case FHIRAllTypes.ActivityDefinition:
return(IUnitOfWork.ActivityDefinitionRepository);
case FHIRAllTypes.AdverseEvent:
return(IUnitOfWork.AdverseEventRepository);
case FHIRAllTypes.AllergyIntolerance:
return(IUnitOfWork.AllergyIntoleranceRepository);
case FHIRAllTypes.Appointment:
return(IUnitOfWork.AppointmentRepository);
case FHIRAllTypes.AppointmentResponse:
return(IUnitOfWork.AppointmentResponseRepository);
case FHIRAllTypes.AuditEvent:
return(IUnitOfWork.AuditEventRepository);
case FHIRAllTypes.Basic:
return(IUnitOfWork.BasicRepository);
case FHIRAllTypes.Binary:
return(IUnitOfWork.BinaryRepository);
case FHIRAllTypes.BodySite:
return(IUnitOfWork.BodySiteRepository);
case FHIRAllTypes.Bundle:
return(IUnitOfWork.BundleRepository);
case FHIRAllTypes.CapabilityStatement:
return(IUnitOfWork.CapabilityStatementRepository);
case FHIRAllTypes.CarePlan:
return(IUnitOfWork.CarePlanRepository);
case FHIRAllTypes.CareTeam:
return(IUnitOfWork.CareTeamRepository);
case FHIRAllTypes.ChargeItem:
return(IUnitOfWork.ChargeItemRepository);
case FHIRAllTypes.Claim:
return(IUnitOfWork.ClaimRepository);
case FHIRAllTypes.ClaimResponse:
return(IUnitOfWork.ClaimResponseRepository);
case FHIRAllTypes.ClinicalImpression:
return(IUnitOfWork.ClinicalImpressionRepository);
case FHIRAllTypes.CodeSystem:
return(IUnitOfWork.CodeSystemRepository);
case FHIRAllTypes.Communication:
return(IUnitOfWork.CommunicationRepository);
case FHIRAllTypes.CommunicationRequest:
return(IUnitOfWork.CommunicationRequestRepository);
case FHIRAllTypes.CompartmentDefinition:
return(IUnitOfWork.CompartmentDefinitionRepository);
case FHIRAllTypes.Composition:
return(IUnitOfWork.CompositionRepository);
case FHIRAllTypes.ConceptMap:
return(IUnitOfWork.ConceptMapRepository);
case FHIRAllTypes.Condition:
return(IUnitOfWork.ConditionRepository);
case FHIRAllTypes.Consent:
return(IUnitOfWork.ConsentRepository);
case FHIRAllTypes.Contract:
return(IUnitOfWork.ContractRepository);
case FHIRAllTypes.Coverage:
return(IUnitOfWork.CoverageRepository);
case FHIRAllTypes.DataElement:
return(IUnitOfWork.DataElementRepository);
case FHIRAllTypes.DetectedIssue:
return(IUnitOfWork.DetectedIssueRepository);
case FHIRAllTypes.Device:
return(IUnitOfWork.DeviceRepository);
case FHIRAllTypes.DeviceComponent:
return(IUnitOfWork.DeviceComponentRepository);
case FHIRAllTypes.DeviceMetric:
return(IUnitOfWork.DeviceMetricRepository);
case FHIRAllTypes.DeviceRequest:
return(IUnitOfWork.DeviceRequestRepository);
case FHIRAllTypes.DeviceUseStatement:
return(IUnitOfWork.DeviceUseStatementRepository);
case FHIRAllTypes.DiagnosticReport:
return(IUnitOfWork.DiagnosticReportRepository);
case FHIRAllTypes.DocumentManifest:
return(IUnitOfWork.DocumentManifestRepository);
case FHIRAllTypes.DocumentReference:
return(IUnitOfWork.DocumentReferenceRepository);
case FHIRAllTypes.EligibilityRequest:
return(IUnitOfWork.EligibilityRequestRepository);
case FHIRAllTypes.EligibilityResponse:
return(IUnitOfWork.EligibilityResponseRepository);
case FHIRAllTypes.Encounter:
return(IUnitOfWork.EncounterRepository);
case FHIRAllTypes.Endpoint:
return(IUnitOfWork.EndpointRepository);
case FHIRAllTypes.EnrollmentRequest:
return(IUnitOfWork.EnrollmentRequestRepository);
case FHIRAllTypes.EnrollmentResponse:
return(IUnitOfWork.EnrollmentResponseRepository);
case FHIRAllTypes.EpisodeOfCare:
return(IUnitOfWork.EpisodeOfCareRepository);
case FHIRAllTypes.ExpansionProfile:
return(IUnitOfWork.ExpansionProfileRepository);
case FHIRAllTypes.ExplanationOfBenefit:
return(IUnitOfWork.ExplanationOfBenefitRepository);
case FHIRAllTypes.FamilyMemberHistory:
return(IUnitOfWork.FamilyMemberHistoryRepository);
case FHIRAllTypes.Flag:
return(IUnitOfWork.FlagRepository);
case FHIRAllTypes.Goal:
return(IUnitOfWork.GoalRepository);
case FHIRAllTypes.GraphDefinition:
return(IUnitOfWork.GraphDefinitionRepository);
case FHIRAllTypes.Group:
return(IUnitOfWork.GroupRepository);
case FHIRAllTypes.GuidanceResponse:
return(IUnitOfWork.GuidanceResponseRepository);
case FHIRAllTypes.HealthcareService:
return(IUnitOfWork.HealthcareServiceRepository);
case FHIRAllTypes.ImagingManifest:
return(IUnitOfWork.ImagingManifestRepository);
case FHIRAllTypes.ImagingStudy:
return(IUnitOfWork.ImagingStudyRepository);
case FHIRAllTypes.Immunization:
return(IUnitOfWork.ImmunizationRepository);
case FHIRAllTypes.ImmunizationRecommendation:
return(IUnitOfWork.ImmunizationRecommendationRepository);
case FHIRAllTypes.ImplementationGuide:
return(IUnitOfWork.ImplementationGuideRepository);
case FHIRAllTypes.Library:
return(IUnitOfWork.LibraryRepository);
case FHIRAllTypes.Linkage:
return(IUnitOfWork.LinkageRepository);
case FHIRAllTypes.List:
return(IUnitOfWork.ListRepository);
case FHIRAllTypes.Location:
return(IUnitOfWork.LocationRepository);
case FHIRAllTypes.Measure:
return(IUnitOfWork.MeasureRepository);
case FHIRAllTypes.MeasureReport:
return(IUnitOfWork.MeasureReportRepository);
case FHIRAllTypes.Media:
return(IUnitOfWork.MediaRepository);
case FHIRAllTypes.Medication:
return(IUnitOfWork.MedicationRepository);
case FHIRAllTypes.MedicationAdministration:
return(IUnitOfWork.MedicationAdministrationRepository);
case FHIRAllTypes.MedicationDispense:
return(IUnitOfWork.MedicationDispenseRepository);
case FHIRAllTypes.MedicationRequest:
return(IUnitOfWork.MedicationRequestRepository);
case FHIRAllTypes.MedicationStatement:
return(IUnitOfWork.MedicationStatementRepository);
case FHIRAllTypes.MessageDefinition:
return(IUnitOfWork.MessageDefinitionRepository);
case FHIRAllTypes.MessageHeader:
return(IUnitOfWork.MessageHeaderRepository);
case FHIRAllTypes.NamingSystem:
return(IUnitOfWork.NamingSystemRepository);
case FHIRAllTypes.NutritionOrder:
return(IUnitOfWork.NutritionOrderRepository);
case FHIRAllTypes.Observation:
return(IUnitOfWork.ObservationRepository);
case FHIRAllTypes.OperationDefinition:
return(IUnitOfWork.OperationDefinitionRepository);
case FHIRAllTypes.OperationOutcome:
return(IUnitOfWork.OperationOutcomeRepository);
case FHIRAllTypes.Organization:
return(IUnitOfWork.OrganizationRepository);
case FHIRAllTypes.Parameters:
return(IUnitOfWork.ParametersRepository);
case FHIRAllTypes.Patient:
return(IUnitOfWork.PatientRepository);
case FHIRAllTypes.PaymentNotice:
return(IUnitOfWork.PaymentNoticeRepository);
case FHIRAllTypes.PaymentReconciliation:
return(IUnitOfWork.PaymentReconciliationRepository);
case FHIRAllTypes.Person:
return(IUnitOfWork.PersonRepository);
case FHIRAllTypes.PlanDefinition:
return(IUnitOfWork.PlanDefinitionRepository);
case FHIRAllTypes.Practitioner:
return(IUnitOfWork.PractitionerRepository);
case FHIRAllTypes.PractitionerRole:
return(IUnitOfWork.PractitionerRoleRepository);
case FHIRAllTypes.Procedure:
return(IUnitOfWork.ProcedureRepository);
case FHIRAllTypes.ProcedureRequest:
return(IUnitOfWork.ProcedureRequestRepository);
case FHIRAllTypes.ProcessRequest:
return(IUnitOfWork.ProcessRequestRepository);
case FHIRAllTypes.ProcessResponse:
return(IUnitOfWork.ProcessResponseRepository);
case FHIRAllTypes.Provenance:
return(IUnitOfWork.ProvenanceRepository);
case FHIRAllTypes.Questionnaire:
return(IUnitOfWork.QuestionnaireRepository);
case FHIRAllTypes.QuestionnaireResponse:
return(IUnitOfWork.QuestionnaireResponseRepository);
case FHIRAllTypes.ReferralRequest:
return(IUnitOfWork.ReferralRequestRepository);
case FHIRAllTypes.RelatedPerson:
return(IUnitOfWork.RelatedPersonRepository);
case FHIRAllTypes.RequestGroup:
return(IUnitOfWork.RequestGroupRepository);
case FHIRAllTypes.ResearchStudy:
return(IUnitOfWork.ResearchStudyRepository);
case FHIRAllTypes.ResearchSubject:
return(IUnitOfWork.ResearchSubjectRepository);
case FHIRAllTypes.RiskAssessment:
return(IUnitOfWork.RiskAssessmentRepository);
case FHIRAllTypes.Schedule:
return(IUnitOfWork.ScheduleRepository);
case FHIRAllTypes.SearchParameter:
return(IUnitOfWork.SearchParameterRepository);
case FHIRAllTypes.Sequence:
return(IUnitOfWork.SequenceRepository);
case FHIRAllTypes.ServiceDefinition:
return(IUnitOfWork.ServiceDefinitionRepository);
case FHIRAllTypes.Slot:
return(IUnitOfWork.SlotRepository);
case FHIRAllTypes.Specimen:
return(IUnitOfWork.SpecimenRepository);
case FHIRAllTypes.StructureDefinition:
return(IUnitOfWork.StructureDefinitionRepository);
case FHIRAllTypes.StructureMap:
return(IUnitOfWork.StructureMapRepository);
case FHIRAllTypes.Subscription:
return(IUnitOfWork.SubscriptionRepository);
case FHIRAllTypes.Substance:
return(IUnitOfWork.SubstanceRepository);
case FHIRAllTypes.SupplyDelivery:
return(IUnitOfWork.SupplyDeliveryRepository);
case FHIRAllTypes.SupplyRequest:
return(IUnitOfWork.SupplyRequestRepository);
case FHIRAllTypes.Task:
return(IUnitOfWork.TaskRepository);
case FHIRAllTypes.TestReport:
return(IUnitOfWork.TestReportRepository);
case FHIRAllTypes.TestScript:
return(IUnitOfWork.TestScriptRepository);
case FHIRAllTypes.ValueSet:
return(IUnitOfWork.ValueSetRepository);
case FHIRAllTypes.VisionPrescription:
return(IUnitOfWork.VisionPrescriptionRepository);
default:
{
string Message = $"The Resource name given: '{ResourceType.GetLiteral()}' has no matching server repository. ";
var OpOutCome = FhirOperationOutcomeSupport.Create(OperationOutcome.IssueSeverity.Fatal, OperationOutcome.IssueType.Invalid, Message);
throw new PyroException(HttpStatusCode.BadRequest, OpOutCome, Message);
}
}
}
