diff options
| author | Paul-Christian Volkmer | 2026-03-11 14:13:29 +0100 |
|---|---|---|
| committer | GitHub | 2026-03-11 13:13:29 +0000 |
| commit | a8f8d5f137c9776a20b2bc91cd3bdd99c9b96991 (patch) | |
| tree | b2df9c483c2324a4bc837b9c4fa127da8fd0333f /src/integrationTest/kotlin/dev | |
| parent | 5178673955a69b14ff39bf8a2a73d50ef2fd9cd2 (diff) | |
feat: save error request for invalid input (#264)
Diffstat (limited to 'src/integrationTest/kotlin/dev')
| -rw-r--r-- | src/integrationTest/kotlin/dev/dnpm/etl/processor/input/MtbFileRestControllerTest.kt | 442 |
1 files changed, 226 insertions, 216 deletions
diff --git a/src/integrationTest/kotlin/dev/dnpm/etl/processor/input/MtbFileRestControllerTest.kt b/src/integrationTest/kotlin/dev/dnpm/etl/processor/input/MtbFileRestControllerTest.kt index 4c7de9c..ed9d910 100644 --- a/src/integrationTest/kotlin/dev/dnpm/etl/processor/input/MtbFileRestControllerTest.kt +++ b/src/integrationTest/kotlin/dev/dnpm/etl/processor/input/MtbFileRestControllerTest.kt @@ -29,8 +29,6 @@ import dev.dnpm.etl.processor.security.TokenRepository import dev.dnpm.etl.processor.security.UserRoleRepository import dev.dnpm.etl.processor.services.RequestProcessor import dev.pcvolkmer.mv64e.mtb.* -import java.time.Instant -import java.util.* import org.junit.jupiter.api.BeforeEach import org.junit.jupiter.api.Nested import org.junit.jupiter.api.extension.ExtendWith @@ -51,6 +49,8 @@ import org.springframework.test.context.junit.jupiter.SpringExtension import org.springframework.test.web.servlet.MockMvc import org.springframework.test.web.servlet.delete import org.springframework.test.web.servlet.post +import java.time.Instant +import java.util.* @WebMvcTest(controllers = [MtbFileRestController::class]) @ExtendWith(value = [MockitoExtension::class, SpringExtension::class]) @@ -74,192 +74,81 @@ import org.springframework.test.web.servlet.post ) class MtbFileRestControllerTest { - lateinit var mockMvc: MockMvc - lateinit var requestProcessor: RequestProcessor - lateinit var consentEvaluator: ConsentEvaluator - - @BeforeEach - fun setup( - @Autowired mockMvc: MockMvc, - @Autowired requestProcessor: RequestProcessor, - @Autowired consentEvaluator: ConsentEvaluator, - ) { - this.mockMvc = mockMvc - this.requestProcessor = requestProcessor - this.consentEvaluator = consentEvaluator - - doAnswer { ConsentEvaluation(TtpConsentStatus.BROAD_CONSENT_GIVEN, true) } - .whenever(consentEvaluator) - .check(any()) - } - - @ParameterizedTest - @ValueSource( - strings = - [ - "/mtbfile", - "/mtbfile/etl/patient-record", - "/mtb", - "/mtb/etl/patient-record", - "/api/mtbfile", - "/api/mtbfile/etl/patient-record", - "/api/mtb", - "/api/mtb/etl/patient-record", - ] - ) - fun testShouldGrantPermissionToSendMtbFile(url: String) { - mockMvc - .post(url) { - with(user("onkostarserver").roles("MTBFILE")) - contentType = MediaType.APPLICATION_JSON - content = ObjectMapper().writeValueAsString(mtbFile) - } - .andExpect { status { isAccepted() } } - - verify(requestProcessor, times(1)).processMtbFile(any<Mtb>()) - } - - @ParameterizedTest - @ValueSource( - strings = - [ - "/mtbfile", - "/mtbfile/etl/patient-record", - "/mtb", - "/mtb/etl/patient-record", - "/api/mtbfile", - "/api/mtbfile/etl/patient-record", - "/api/mtb", - "/api/mtb/etl/patient-record", - ] - ) - fun testShouldGrantPermissionToSendMtbFileToAdminUser(url: String) { - mockMvc - .post(url) { - with(user("onkostarserver").roles("ADMIN")) - contentType = MediaType.APPLICATION_JSON - content = ObjectMapper().writeValueAsString(mtbFile) - } - .andExpect { status { isAccepted() } } + lateinit var mockMvc: MockMvc + lateinit var requestProcessor: RequestProcessor + lateinit var consentEvaluator: ConsentEvaluator - verify(requestProcessor, times(1)).processMtbFile(any<Mtb>()) - } + @BeforeEach + fun setup( + @Autowired mockMvc: MockMvc, + @Autowired requestProcessor: RequestProcessor, + @Autowired consentEvaluator: ConsentEvaluator, + ) { + this.mockMvc = mockMvc + this.requestProcessor = requestProcessor + this.consentEvaluator = consentEvaluator - @ParameterizedTest - @ValueSource( - strings = - [ - "/mtbfile", - "/mtbfile/etl/patient-record", - "/mtb", - "/mtb/etl/patient-record", - "/api/mtbfile", - "/api/mtbfile/etl/patient-record", - "/api/mtb", - "/api/mtb/etl/patient-record", - ] - ) - fun testShouldGrantPermissionToSendMtbFileToUser(url: String) { - mockMvc - .post(url) { - with(user("testuser").roles("USER")) - contentType = MediaType.APPLICATION_JSON - content = ObjectMapper().writeValueAsString(mtbFile) - } - .andExpect { status { isAccepted() } } - - verify(requestProcessor, times(1)).processMtbFile(any<Mtb>()) - } + doAnswer { ConsentEvaluation(TtpConsentStatus.BROAD_CONSENT_GIVEN, true) } + .whenever(consentEvaluator) + .check(any()) + } - @ParameterizedTest - @ValueSource( - strings = - [ - "/mtbfile", - "/mtbfile/etl/patient-record", - "/mtb", - "/mtb/etl/patient-record", - "/api/mtbfile", - "/api/mtbfile/etl/patient-record", - "/api/mtb", - "/api/mtb/etl/patient-record", - ] - ) - fun testShouldDenyPermissionToSendMtbFileForAnonymous(url: String) { - mockMvc - .post(url) { - contentType = MediaType.APPLICATION_JSON - content = ObjectMapper().writeValueAsString(mtbFile) - } - .andExpect { status { isUnauthorized() } } + @ParameterizedTest + @ValueSource( + strings = + [ + "/mtbfile", + "/mtbfile/etl/patient-record", + "/mtb", + "/mtb/etl/patient-record", + "/api/mtbfile", + "/api/mtbfile/etl/patient-record", + "/api/mtb", + "/api/mtb/etl/patient-record", + ] + ) + fun testShouldGrantPermissionToSendMtbFile(url: String) { + whenever { requestProcessor.processMtbFile(any<Mtb>()) }.thenReturn(true) - verify(requestProcessor, never()).processMtbFile(any<Mtb>()) - } + mockMvc + .post(url) { + with(user("onkostarserver").roles("MTBFILE")) + contentType = MediaType.APPLICATION_JSON + content = ObjectMapper().writeValueAsString(mtbFile) + } + .andExpect { status { isAccepted() } } - @ParameterizedTest - @ValueSource( - strings = - [ - "/mtbfile/TEST_12345678", - "/mtbfile/etl/patient-record/TEST_12345678", - "/mtbfile/etl/patient/TEST_12345678", - "/mtb/TEST_12345678", - "/mtb/etl/patient-record/TEST_12345678", - "/mtb/etl/patient/TEST_12345678", - "/api/mtbfile/TEST_12345678", - "/api/mtbfile/etl/patient-record/TEST_12345678", - "/api/mtbfile/etl/patient/TEST_12345678", - "/api/mtb/TEST_12345678", - "/api/mtb/etl/patient-record/TEST_12345678", - "/api/mtb/etl/patient/TEST_12345678", - ] - ) - fun testShouldGrantPermissionToDeletePatientData(url: String) { - mockMvc - .delete(url) { with(user("onkostarserver").roles("MTBFILE")) } - .andExpect { status { isAccepted() } } + verify(requestProcessor, times(1)).processMtbFile(any<Mtb>()) + } - verify(requestProcessor, times(1)) - .processDeletion(anyValueClass(), eq(TtpConsentStatus.UNKNOWN_CHECK_FILE)) - } + @ParameterizedTest + @ValueSource( + strings = + [ + "/mtbfile", + "/mtbfile/etl/patient-record", + "/mtb", + "/mtb/etl/patient-record", + "/api/mtbfile", + "/api/mtbfile/etl/patient-record", + "/api/mtb", + "/api/mtb/etl/patient-record", + ] + ) + fun testShouldGrantPermissionToSendMtbFileToAdminUser(url: String) { + whenever { requestProcessor.processMtbFile(any<Mtb>()) }.thenReturn(true) - @ParameterizedTest - @ValueSource( - strings = - [ - "/mtbfile/TEST_12345678", - "/mtbfile/etl/patient-record/TEST_12345678", - "/mtbfile/etl/patient/TEST_12345678", - "/mtb/TEST_12345678", - "/mtb/etl/patient-record/TEST_12345678", - "/mtb/etl/patient/TEST_12345678", - "/api/mtbfile/TEST_12345678", - "/api/mtbfile/etl/patient-record/TEST_12345678", - "/api/mtbfile/etl/patient/TEST_12345678", - "/api/mtb/TEST_12345678", - "/api/mtb/etl/patient-record/TEST_12345678", - "/api/mtb/etl/patient/TEST_12345678", - ] - ) - fun testShouldDenyPermissionToDeletePatientData(url: String) { - mockMvc.delete(url) { with(anonymous()) }.andExpect { status { isUnauthorized() } } + mockMvc + .post(url) { + with(user("onkostarserver").roles("ADMIN")) + contentType = MediaType.APPLICATION_JSON + content = ObjectMapper().writeValueAsString(mtbFile) + } + .andExpect { status { isAccepted() } } - verify(requestProcessor, never()).processDeletion(anyValueClass(), any()) - } + verify(requestProcessor, times(1)).processMtbFile(any<Mtb>()) + } - @Nested - @MockitoBean(types = [UserRoleRepository::class, ClientRegistrationRepository::class]) - @TestPropertySource( - properties = - [ - "app.pseudonymize.generator=BUILDIN", - "app.security.admin-user=admin", - "app.security.admin-password={noop}very-secret", - "app.security.enable-tokens=true", - "app.security.enable-oidc=true", - ] - ) - inner class WithOidcEnabled { @ParameterizedTest @ValueSource( strings = @@ -274,16 +163,18 @@ class MtbFileRestControllerTest { "/api/mtb/etl/patient-record", ] ) - fun testShouldGrantPermissionToSendMtbFileToAdminUser(url: String) { - mockMvc - .post(url) { - with(user("onkostarserver").roles("ADMIN")) - contentType = MediaType.APPLICATION_JSON - content = ObjectMapper().writeValueAsString(mtbFile) - } - .andExpect { status { isAccepted() } } + fun testShouldGrantPermissionToSendMtbFileToUser(url: String) { + whenever { requestProcessor.processMtbFile(any<Mtb>()) }.thenReturn(true) + + mockMvc + .post(url) { + with(user("testuser").roles("USER")) + contentType = MediaType.APPLICATION_JSON + content = ObjectMapper().writeValueAsString(mtbFile) + } + .andExpect { status { isAccepted() } } - verify(requestProcessor, times(1)).processMtbFile(any<Mtb>()) + verify(requestProcessor, times(1)).processMtbFile(any<Mtb>()) } @ParameterizedTest @@ -300,37 +191,156 @@ class MtbFileRestControllerTest { "/api/mtb/etl/patient-record", ] ) - fun testShouldGrantPermissionToSendMtbFileToUser(url: String) { - mockMvc - .post(url) { - with(user("onkostarserver").roles("USER")) - contentType = MediaType.APPLICATION_JSON - content = ObjectMapper().writeValueAsString(mtbFile) - } - .andExpect { status { isAccepted() } } + fun testShouldDenyPermissionToSendMtbFileForAnonymous(url: String) { + mockMvc + .post(url) { + contentType = MediaType.APPLICATION_JSON + content = ObjectMapper().writeValueAsString(mtbFile) + } + .andExpect { status { isUnauthorized() } } + + verify(requestProcessor, never()).processMtbFile(any<Mtb>()) + } + + @ParameterizedTest + @ValueSource( + strings = + [ + "/mtbfile/TEST_12345678", + "/mtbfile/etl/patient-record/TEST_12345678", + "/mtbfile/etl/patient/TEST_12345678", + "/mtb/TEST_12345678", + "/mtb/etl/patient-record/TEST_12345678", + "/mtb/etl/patient/TEST_12345678", + "/api/mtbfile/TEST_12345678", + "/api/mtbfile/etl/patient-record/TEST_12345678", + "/api/mtbfile/etl/patient/TEST_12345678", + "/api/mtb/TEST_12345678", + "/api/mtb/etl/patient-record/TEST_12345678", + "/api/mtb/etl/patient/TEST_12345678", + ] + ) + fun testShouldGrantPermissionToDeletePatientData(url: String) { + mockMvc + .delete(url) { with(user("onkostarserver").roles("MTBFILE")) } + .andExpect { status { isAccepted() } } + + verify(requestProcessor, times(1)) + .processDeletion(anyValueClass(), eq(TtpConsentStatus.UNKNOWN_CHECK_FILE)) + } - verify(requestProcessor, times(1)).processMtbFile(any<Mtb>()) + @ParameterizedTest + @ValueSource( + strings = + [ + "/mtbfile/TEST_12345678", + "/mtbfile/etl/patient-record/TEST_12345678", + "/mtbfile/etl/patient/TEST_12345678", + "/mtb/TEST_12345678", + "/mtb/etl/patient-record/TEST_12345678", + "/mtb/etl/patient/TEST_12345678", + "/api/mtbfile/TEST_12345678", + "/api/mtbfile/etl/patient-record/TEST_12345678", + "/api/mtbfile/etl/patient/TEST_12345678", + "/api/mtb/TEST_12345678", + "/api/mtb/etl/patient-record/TEST_12345678", + "/api/mtb/etl/patient/TEST_12345678", + ] + ) + fun testShouldDenyPermissionToDeletePatientData(url: String) { + mockMvc.delete(url) { with(anonymous()) }.andExpect { status { isUnauthorized() } } + + verify(requestProcessor, never()).processDeletion(anyValueClass(), any()) + } + + @Nested + @MockitoBean(types = [UserRoleRepository::class, ClientRegistrationRepository::class]) + @TestPropertySource( + properties = + [ + "app.pseudonymize.generator=BUILDIN", + "app.security.admin-user=admin", + "app.security.admin-password={noop}very-secret", + "app.security.enable-tokens=true", + "app.security.enable-oidc=true", + ] + ) + inner class WithOidcEnabled { + @ParameterizedTest + @ValueSource( + strings = + [ + "/mtbfile", + "/mtbfile/etl/patient-record", + "/mtb", + "/mtb/etl/patient-record", + "/api/mtbfile", + "/api/mtbfile/etl/patient-record", + "/api/mtb", + "/api/mtb/etl/patient-record", + ] + ) + fun testShouldGrantPermissionToSendMtbFileToAdminUser(url: String) { + whenever { requestProcessor.processMtbFile(any<Mtb>()) }.thenReturn(true) + + mockMvc + .post(url) { + with(user("onkostarserver").roles("ADMIN")) + contentType = MediaType.APPLICATION_JSON + content = ObjectMapper().writeValueAsString(mtbFile) + } + .andExpect { status { isAccepted() } } + + verify(requestProcessor, times(1)).processMtbFile(any<Mtb>()) + } + + @ParameterizedTest + @ValueSource( + strings = + [ + "/mtbfile", + "/mtbfile/etl/patient-record", + "/mtb", + "/mtb/etl/patient-record", + "/api/mtbfile", + "/api/mtbfile/etl/patient-record", + "/api/mtb", + "/api/mtb/etl/patient-record", + ] + ) + fun testShouldGrantPermissionToSendMtbFileToUser(url: String) { + whenever { requestProcessor.processMtbFile(any<Mtb>()) }.thenReturn(true) + + mockMvc + .post(url) { + with(user("onkostarserver").roles("USER")) + contentType = MediaType.APPLICATION_JSON + content = ObjectMapper().writeValueAsString(mtbFile) + } + .andExpect { status { isAccepted() } } + + verify(requestProcessor, times(1)).processMtbFile(any<Mtb>()) + } } - } - companion object { + companion object { - val mtbFile = - Mtb.builder() - .patient(Patient.builder().id("PID").build()) - .episodesOfCare( - listOf( - MtbEpisodeOfCare.builder() - .id("1") - .patient(Reference.builder().id("PID").build()) - .period( - PeriodDate.builder() - .start(Date.from(Instant.parse("2023-08-08T02:00:00.00Z"))) - .build() - ) - .build() + val mtbFile = + Mtb.builder() + .patient(Patient.builder().id("PID").build()) + .episodesOfCare( + listOf( + MtbEpisodeOfCare.builder() + .id("1") + .patient(Reference.builder().id("PID").build()) + .period( + PeriodDate.builder() + .start(Date.from(Instant.parse("2023-08-08T02:00:00.00Z"))) + .build() + ) + .build() + ) ) - ) - .build() - } + .build() + } } |