From 616f627c4677b3ca62f30ab2ac56a63f0bc39d9e Mon Sep 17 00:00:00 2001 From: Hauke Hund Date: Mon, 5 Jun 2023 12:04:54 +0200 Subject: [PATCH 01/43] version back to 1.0.0-SNAPSHOT --- dsf-bpe/dsf-bpe-process-api-v1/pom.xml | 2 +- dsf-bpe/dsf-bpe-server-jetty/pom.xml | 2 +- dsf-bpe/dsf-bpe-server/pom.xml | 2 +- dsf-bpe/pom.xml | 2 +- dsf-common/dsf-common-auth/pom.xml | 2 +- dsf-common/dsf-common-config/pom.xml | 2 +- dsf-common/dsf-common-documentation/pom.xml | 2 +- dsf-common/dsf-common-jetty/pom.xml | 2 +- dsf-common/dsf-common-status/pom.xml | 2 +- dsf-common/pom.xml | 2 +- dsf-fhir/dsf-fhir-auth/pom.xml | 2 +- dsf-fhir/dsf-fhir-rest-adapter/pom.xml | 2 +- dsf-fhir/dsf-fhir-server-jetty/pom.xml | 2 +- dsf-fhir/dsf-fhir-server/pom.xml | 2 +- dsf-fhir/dsf-fhir-validation/pom.xml | 4 ++-- dsf-fhir/dsf-fhir-webservice-client/pom.xml | 2 +- dsf-fhir/dsf-fhir-websocket-client/pom.xml | 2 +- dsf-fhir/pom.xml | 2 +- dsf-tools/dsf-tools-build-info-reader/pom.xml | 2 +- dsf-tools/dsf-tools-bundle-generator/pom.xml | 2 +- dsf-tools/dsf-tools-db-migration/pom.xml | 2 +- dsf-tools/dsf-tools-docker-secrets-reader/pom.xml | 2 +- dsf-tools/dsf-tools-documentation-generator/pom.xml | 2 +- dsf-tools/dsf-tools-proxy-test/pom.xml | 2 +- dsf-tools/dsf-tools-test-data-generator/pom.xml | 2 +- dsf-tools/pom.xml | 2 +- pom.xml | 2 +- 27 files changed, 28 insertions(+), 28 deletions(-) diff --git a/dsf-bpe/dsf-bpe-process-api-v1/pom.xml b/dsf-bpe/dsf-bpe-process-api-v1/pom.xml index d1cb49d48..9fde6df52 100644 --- a/dsf-bpe/dsf-bpe-process-api-v1/pom.xml +++ b/dsf-bpe/dsf-bpe-process-api-v1/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-bpe-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-bpe/dsf-bpe-server-jetty/pom.xml b/dsf-bpe/dsf-bpe-server-jetty/pom.xml index d219ac69e..df45cfe34 100755 --- a/dsf-bpe/dsf-bpe-server-jetty/pom.xml +++ b/dsf-bpe/dsf-bpe-server-jetty/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-bpe-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-bpe/dsf-bpe-server/pom.xml b/dsf-bpe/dsf-bpe-server/pom.xml index a82984075..011b9f4c2 100755 --- a/dsf-bpe/dsf-bpe-server/pom.xml +++ b/dsf-bpe/dsf-bpe-server/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-bpe-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-bpe/pom.xml b/dsf-bpe/pom.xml index fd85d1f1f..84bd5edc1 100755 --- a/dsf-bpe/pom.xml +++ b/dsf-bpe/pom.xml @@ -7,7 +7,7 @@ dev.dsf dsf-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-common/dsf-common-auth/pom.xml b/dsf-common/dsf-common-auth/pom.xml index 6868687e4..153177b60 100644 --- a/dsf-common/dsf-common-auth/pom.xml +++ b/dsf-common/dsf-common-auth/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-common-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-common/dsf-common-config/pom.xml b/dsf-common/dsf-common-config/pom.xml index b2faaaf7e..dc3e383ed 100644 --- a/dsf-common/dsf-common-config/pom.xml +++ b/dsf-common/dsf-common-config/pom.xml @@ -8,7 +8,7 @@ dev.dsf dsf-common-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-common/dsf-common-documentation/pom.xml b/dsf-common/dsf-common-documentation/pom.xml index f130e5977..b2080ab3c 100644 --- a/dsf-common/dsf-common-documentation/pom.xml +++ b/dsf-common/dsf-common-documentation/pom.xml @@ -6,6 +6,6 @@ dev.dsf dsf-common-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT \ No newline at end of file diff --git a/dsf-common/dsf-common-jetty/pom.xml b/dsf-common/dsf-common-jetty/pom.xml index 3ffd26fbe..d3c5820ae 100644 --- a/dsf-common/dsf-common-jetty/pom.xml +++ b/dsf-common/dsf-common-jetty/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-common-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-common/dsf-common-status/pom.xml b/dsf-common/dsf-common-status/pom.xml index ec2ebd041..a2f3e5e65 100644 --- a/dsf-common/dsf-common-status/pom.xml +++ b/dsf-common/dsf-common-status/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-common-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-common/pom.xml b/dsf-common/pom.xml index 6bd2f0064..135d45dc8 100644 --- a/dsf-common/pom.xml +++ b/dsf-common/pom.xml @@ -7,7 +7,7 @@ dev.dsf dsf-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-fhir/dsf-fhir-auth/pom.xml b/dsf-fhir/dsf-fhir-auth/pom.xml index 671a9d5fe..ebb658a6f 100644 --- a/dsf-fhir/dsf-fhir-auth/pom.xml +++ b/dsf-fhir/dsf-fhir-auth/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-fhir-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-fhir/dsf-fhir-rest-adapter/pom.xml b/dsf-fhir/dsf-fhir-rest-adapter/pom.xml index 9b38c55b8..e0afc5b1f 100755 --- a/dsf-fhir/dsf-fhir-rest-adapter/pom.xml +++ b/dsf-fhir/dsf-fhir-rest-adapter/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-fhir-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-fhir/dsf-fhir-server-jetty/pom.xml b/dsf-fhir/dsf-fhir-server-jetty/pom.xml index 92eab5180..9c4507b9c 100755 --- a/dsf-fhir/dsf-fhir-server-jetty/pom.xml +++ b/dsf-fhir/dsf-fhir-server-jetty/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-fhir-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-fhir/dsf-fhir-server/pom.xml b/dsf-fhir/dsf-fhir-server/pom.xml index 5ecbef679..cbcc4e83c 100755 --- a/dsf-fhir/dsf-fhir-server/pom.xml +++ b/dsf-fhir/dsf-fhir-server/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-fhir-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-fhir/dsf-fhir-validation/pom.xml b/dsf-fhir/dsf-fhir-validation/pom.xml index 330b616c8..dc0903367 100644 --- a/dsf-fhir/dsf-fhir-validation/pom.xml +++ b/dsf-fhir/dsf-fhir-validation/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-fhir-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT @@ -95,7 +95,7 @@ - diff --git a/dsf-fhir/dsf-fhir-webservice-client/pom.xml b/dsf-fhir/dsf-fhir-webservice-client/pom.xml index 67d3dc1d5..3ccf9a12b 100755 --- a/dsf-fhir/dsf-fhir-webservice-client/pom.xml +++ b/dsf-fhir/dsf-fhir-webservice-client/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-fhir-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-fhir/dsf-fhir-websocket-client/pom.xml b/dsf-fhir/dsf-fhir-websocket-client/pom.xml index d36b730df..a5bbb8bde 100755 --- a/dsf-fhir/dsf-fhir-websocket-client/pom.xml +++ b/dsf-fhir/dsf-fhir-websocket-client/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-fhir-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-fhir/pom.xml b/dsf-fhir/pom.xml index 28929fc4a..b977f055c 100755 --- a/dsf-fhir/pom.xml +++ b/dsf-fhir/pom.xml @@ -7,7 +7,7 @@ dev.dsf dsf-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-tools/dsf-tools-build-info-reader/pom.xml b/dsf-tools/dsf-tools-build-info-reader/pom.xml index 1c9953acd..a24a466a5 100644 --- a/dsf-tools/dsf-tools-build-info-reader/pom.xml +++ b/dsf-tools/dsf-tools-build-info-reader/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-tools-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-tools/dsf-tools-bundle-generator/pom.xml b/dsf-tools/dsf-tools-bundle-generator/pom.xml index 9cd9d8ac9..ae50a3efe 100755 --- a/dsf-tools/dsf-tools-bundle-generator/pom.xml +++ b/dsf-tools/dsf-tools-bundle-generator/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-tools-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-tools/dsf-tools-db-migration/pom.xml b/dsf-tools/dsf-tools-db-migration/pom.xml index b053788e5..ac17ec26d 100755 --- a/dsf-tools/dsf-tools-db-migration/pom.xml +++ b/dsf-tools/dsf-tools-db-migration/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-tools-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-tools/dsf-tools-docker-secrets-reader/pom.xml b/dsf-tools/dsf-tools-docker-secrets-reader/pom.xml index 2565689da..f39ca66d3 100644 --- a/dsf-tools/dsf-tools-docker-secrets-reader/pom.xml +++ b/dsf-tools/dsf-tools-docker-secrets-reader/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-tools-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-tools/dsf-tools-documentation-generator/pom.xml b/dsf-tools/dsf-tools-documentation-generator/pom.xml index a70e385c3..45faa1714 100644 --- a/dsf-tools/dsf-tools-documentation-generator/pom.xml +++ b/dsf-tools/dsf-tools-documentation-generator/pom.xml @@ -8,7 +8,7 @@ dev.dsf dsf-tools-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-tools/dsf-tools-proxy-test/pom.xml b/dsf-tools/dsf-tools-proxy-test/pom.xml index a05bfd0bd..99af7c621 100755 --- a/dsf-tools/dsf-tools-proxy-test/pom.xml +++ b/dsf-tools/dsf-tools-proxy-test/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-tools-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-tools/dsf-tools-test-data-generator/pom.xml b/dsf-tools/dsf-tools-test-data-generator/pom.xml index 8e34a5216..ea4a3204f 100755 --- a/dsf-tools/dsf-tools-test-data-generator/pom.xml +++ b/dsf-tools/dsf-tools-test-data-generator/pom.xml @@ -6,7 +6,7 @@ dev.dsf dsf-tools-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/dsf-tools/pom.xml b/dsf-tools/pom.xml index 0d6b7e06d..a1e65c0c9 100755 --- a/dsf-tools/pom.xml +++ b/dsf-tools/pom.xml @@ -7,7 +7,7 @@ dev.dsf dsf-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT diff --git a/pom.xml b/pom.xml index 94252ac64..4b4972254 100755 --- a/pom.xml +++ b/pom.xml @@ -3,7 +3,7 @@ dev.dsf dsf-pom - 1.0.0-M1 + 1.0.0-SNAPSHOT pom From f7be424fbb774a869d5bd9c1e6fa70e4364f192a Mon Sep 17 00:00:00 2001 From: Reto Wettstein Date: Tue, 6 Jun 2023 10:53:26 +0200 Subject: [PATCH 02/43] rename role medic to dic, add role dms, rename verything from medic to dic --- .gitignore | 22 +- .../bpe/start/ConstantsExampleStarters.java | 12 +- .../README.md | 38 +- dsf-docker-test-setup-3dic-ttp/db/init-db.sh | 21 + .../dic1}/bpe/log/README.md | 0 .../dic1}/bpe/process/README.md | 0 .../dic1}/fhir/log/README.md | 0 .../dic2}/bpe/log/README.md | 0 .../dic2}/bpe/process/README.md | 0 .../dic2}/fhir/log/README.md | 0 .../dic3}/bpe/log/README.md | 0 .../dic3}/bpe/process/README.md | 0 .../dic3}/fhir/log/README.md | 0 .../docker-build.bat | 0 .../docker-build.sh | 0 .../docker-compose.yml | 450 +++++++++--------- .../keycloak/dic1.json | 42 +- .../keycloak/dic2.json | 42 +- .../keycloak/dic3.json | 42 +- .../keycloak/ttp.json | 0 .../proxy/conf.d/default.conf | 0 .../proxy/conf.d/medic1.conf | 2 +- .../proxy/conf.d/medic2.conf | 2 +- .../proxy/conf.d/medic3.conf | 2 +- .../proxy/conf.d/ttp.conf | 0 .../proxy/nginx.conf | 0 .../app_dic1-client_private-key.pem.password | 0 .../app_dic2-client_private-key.pem.password | 0 .../app_dic3-client_private-key.pem.password | 0 .../app_ttp-client_private-key.pem.password | 0 .../secrets/db_dic1_bpe_user.password | 0 .../secrets/db_dic1_bpe_user_camunda.password | 0 .../secrets/db_dic1_fhir_user.password | 0 ...b_dic1_fhir_user_permanent_delete.password | 0 .../secrets/db_dic2_bpe_user.password | 0 .../secrets/db_dic2_bpe_user_camunda.password | 0 .../secrets/db_dic2_fhir_user.password | 0 ...b_dic2_fhir_user_permanent_delete.password | 0 .../secrets/db_dic3_bpe_user.password | 0 .../secrets/db_dic3_bpe_user_camunda.password | 0 .../secrets/db_dic3_fhir_user.password | 0 ...b_dic3_fhir_user_permanent_delete.password | 0 .../secrets/db_liquibase.password | 0 .../secrets/db_ttp_bpe_user.password | 0 .../secrets/db_ttp_bpe_user_camunda.password | 0 .../secrets/db_ttp_fhir_user.password | 0 ...db_ttp_fhir_user_permanent_delete.password | 0 .../ttp/bpe/log/README.md | 0 .../ttp/bpe/process/README.md | 0 .../ttp/fhir/conf/bundle.xml | 48 +- .../ttp/fhir/log/README.md | 0 .../db/init-db.sh | 21 - dsf-docker-test-setup/fhir/conf/bundle.xml | 2 +- .../ProcessAuthorizationHelperTest.java | 2 +- .../read/ReadAccessHelperTest.java | 2 +- ...req_remote_organization_rec_local_role.xml | 2 +- .../authorization/read-access/tag_role.xml | 2 +- .../java/dev/dsf/fhir/dao/BinaryDaoTest.java | 61 +-- .../dev/dsf/fhir/dao/ReadAccessDaoTest.java | 62 +-- .../hapi/ActivityDefinitionWithExtension.java | 4 +- .../dev/dsf/fhir/hapi/CodeSystemTest.java | 4 +- .../integration/BinaryIntegrationTest.java | 2 +- .../CodeSystemIntegrationTest.java | 6 +- .../DocumentReferenceIntegrationTest.java | 2 +- .../integration/LibraryIntegrationTest.java | 2 +- .../ResearchStudyIntegrationTest.java | 2 +- .../src/test/resources/bundle.xml | 42 +- .../resources/integration/allow-list.json | 48 +- .../resources/integration/task-bundle.json | 2 +- .../highmed-test-activity-definition3-0.5.xml | 2 +- .../resources/integration/test-bundle.xml | 2 +- .../dsf-organization-role-0.6.0.xml.post | 1 - ....0.xml => dsf-organization-role-1.0.0.xml} | 28 +- .../dsf-organization-role-1.0.0.xml.post | 1 + .../dsf-organization-role-0.6.0.xml.post | 1 - ....0.xml => dsf-organization-role-1.0.0.xml} | 3 +- .../dsf-organization-role-1.0.0.xml.post | 1 + .../ActivityDefinitionProfileTest.java | 8 +- .../fhir/profiles/CodeSystemProfileTest.java | 4 +- .../OrganizationAffiliationProfileTest.java | 6 +- .../tools/generator/CertificateGenerator.java | 19 +- .../dev/dsf/tools/generator/EnvGenerator.java | 24 +- .../tools/generator/TestDataGenerator.java | 4 +- .../bundle-templates/test-bundle.xml | 2 +- 84 files changed, 538 insertions(+), 559 deletions(-) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/README.md (62%) create mode 100755 dsf-docker-test-setup-3dic-ttp/db/init-db.sh rename {dsf-docker-test-setup-3medic-ttp/medic1 => dsf-docker-test-setup-3dic-ttp/dic1}/bpe/log/README.md (100%) rename {dsf-docker-test-setup-3medic-ttp/medic1 => dsf-docker-test-setup-3dic-ttp/dic1}/bpe/process/README.md (100%) rename {dsf-docker-test-setup-3medic-ttp/medic1 => dsf-docker-test-setup-3dic-ttp/dic1}/fhir/log/README.md (100%) rename {dsf-docker-test-setup-3medic-ttp/medic2 => dsf-docker-test-setup-3dic-ttp/dic2}/bpe/log/README.md (100%) rename {dsf-docker-test-setup-3medic-ttp/medic2 => dsf-docker-test-setup-3dic-ttp/dic2}/bpe/process/README.md (100%) rename {dsf-docker-test-setup-3medic-ttp/medic2 => dsf-docker-test-setup-3dic-ttp/dic2}/fhir/log/README.md (100%) rename {dsf-docker-test-setup-3medic-ttp/medic3 => dsf-docker-test-setup-3dic-ttp/dic3}/bpe/log/README.md (100%) rename {dsf-docker-test-setup-3medic-ttp/medic3 => dsf-docker-test-setup-3dic-ttp/dic3}/bpe/process/README.md (100%) rename {dsf-docker-test-setup-3medic-ttp/medic3 => dsf-docker-test-setup-3dic-ttp/dic3}/fhir/log/README.md (100%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/docker-build.bat (100%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/docker-build.sh (100%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/docker-compose.yml (66%) rename dsf-docker-test-setup-3medic-ttp/keycloak/medic1.json => dsf-docker-test-setup-3dic-ttp/keycloak/dic1.json (98%) rename dsf-docker-test-setup-3medic-ttp/keycloak/medic2.json => dsf-docker-test-setup-3dic-ttp/keycloak/dic2.json (98%) rename dsf-docker-test-setup-3medic-ttp/keycloak/medic3.json => dsf-docker-test-setup-3dic-ttp/keycloak/dic3.json (98%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/keycloak/ttp.json (100%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/proxy/conf.d/default.conf (100%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/proxy/conf.d/medic1.conf (97%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/proxy/conf.d/medic2.conf (97%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/proxy/conf.d/medic3.conf (97%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/proxy/conf.d/ttp.conf (100%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/proxy/nginx.conf (100%) rename dsf-docker-test-setup-3medic-ttp/secrets/app_medic1-client_private-key.pem.password => dsf-docker-test-setup-3dic-ttp/secrets/app_dic1-client_private-key.pem.password (100%) rename dsf-docker-test-setup-3medic-ttp/secrets/app_medic2-client_private-key.pem.password => dsf-docker-test-setup-3dic-ttp/secrets/app_dic2-client_private-key.pem.password (100%) rename dsf-docker-test-setup-3medic-ttp/secrets/app_medic3-client_private-key.pem.password => dsf-docker-test-setup-3dic-ttp/secrets/app_dic3-client_private-key.pem.password (100%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/secrets/app_ttp-client_private-key.pem.password (100%) rename dsf-docker-test-setup-3medic-ttp/secrets/db_medic1_bpe_user.password => dsf-docker-test-setup-3dic-ttp/secrets/db_dic1_bpe_user.password (100%) rename dsf-docker-test-setup-3medic-ttp/secrets/db_medic1_bpe_user_camunda.password => dsf-docker-test-setup-3dic-ttp/secrets/db_dic1_bpe_user_camunda.password (100%) rename dsf-docker-test-setup-3medic-ttp/secrets/db_medic1_fhir_user.password => dsf-docker-test-setup-3dic-ttp/secrets/db_dic1_fhir_user.password (100%) rename dsf-docker-test-setup-3medic-ttp/secrets/db_medic1_fhir_user_permanent_delete.password => dsf-docker-test-setup-3dic-ttp/secrets/db_dic1_fhir_user_permanent_delete.password (100%) rename dsf-docker-test-setup-3medic-ttp/secrets/db_medic2_bpe_user.password => dsf-docker-test-setup-3dic-ttp/secrets/db_dic2_bpe_user.password (100%) rename dsf-docker-test-setup-3medic-ttp/secrets/db_medic2_bpe_user_camunda.password => dsf-docker-test-setup-3dic-ttp/secrets/db_dic2_bpe_user_camunda.password (100%) rename dsf-docker-test-setup-3medic-ttp/secrets/db_medic2_fhir_user.password => dsf-docker-test-setup-3dic-ttp/secrets/db_dic2_fhir_user.password (100%) rename dsf-docker-test-setup-3medic-ttp/secrets/db_medic2_fhir_user_permanent_delete.password => dsf-docker-test-setup-3dic-ttp/secrets/db_dic2_fhir_user_permanent_delete.password (100%) rename dsf-docker-test-setup-3medic-ttp/secrets/db_medic3_bpe_user.password => dsf-docker-test-setup-3dic-ttp/secrets/db_dic3_bpe_user.password (100%) rename dsf-docker-test-setup-3medic-ttp/secrets/db_medic3_bpe_user_camunda.password => dsf-docker-test-setup-3dic-ttp/secrets/db_dic3_bpe_user_camunda.password (100%) rename dsf-docker-test-setup-3medic-ttp/secrets/db_medic3_fhir_user.password => dsf-docker-test-setup-3dic-ttp/secrets/db_dic3_fhir_user.password (100%) rename dsf-docker-test-setup-3medic-ttp/secrets/db_medic3_fhir_user_permanent_delete.password => dsf-docker-test-setup-3dic-ttp/secrets/db_dic3_fhir_user_permanent_delete.password (100%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/secrets/db_liquibase.password (100%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/secrets/db_ttp_bpe_user.password (100%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/secrets/db_ttp_bpe_user_camunda.password (100%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/secrets/db_ttp_fhir_user.password (100%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/secrets/db_ttp_fhir_user_permanent_delete.password (100%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/ttp/bpe/log/README.md (100%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/ttp/bpe/process/README.md (100%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/ttp/fhir/conf/bundle.xml (95%) rename {dsf-docker-test-setup-3medic-ttp => dsf-docker-test-setup-3dic-ttp}/ttp/fhir/log/README.md (100%) delete mode 100755 dsf-docker-test-setup-3medic-ttp/db/init-db.sh delete mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-0.6.0.xml.post rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/{dsf-organization-role-0.6.0.xml => dsf-organization-role-1.0.0.xml} (85%) create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml.post delete mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-0.6.0.xml.post rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/{dsf-organization-role-0.6.0.xml => dsf-organization-role-1.0.0.xml} (92%) create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml.post diff --git a/.gitignore b/.gitignore index 960f939b4..b165945f4 100755 --- a/.gitignore +++ b/.gitignore @@ -43,20 +43,20 @@ dsf-docker-test-setup/fhir/secrets/*.pem dsf-docker-test-setup/fhir/.env ### -# dsf-docker-test-setup-3medic-ttp ignores +# dsf-docker-test-setup-3dic-ttp ignores ### -dsf-docker-test-setup-3medic-ttp/**/bpe/log/*.log -dsf-docker-test-setup-3medic-ttp/**/bpe/log/*.log.gz -dsf-docker-test-setup-3medic-ttp/**/bpe/lib_external/*.jar -dsf-docker-test-setup-3medic-ttp/**/bpe/process/*.jar +dsf-docker-test-setup-3dic-ttp/**/bpe/log/*.log +dsf-docker-test-setup-3dic-ttp/**/bpe/log/*.log.gz +dsf-docker-test-setup-3dic-ttp/**/bpe/lib_external/*.jar +dsf-docker-test-setup-3dic-ttp/**/bpe/process/*.jar -dsf-docker-test-setup-3medic-ttp/**/fhir/log/*.log -dsf-docker-test-setup-3medic-ttp/**/fhir/log/*.log.gz +dsf-docker-test-setup-3dic-ttp/**/fhir/log/*.log +dsf-docker-test-setup-3dic-ttp/**/fhir/log/*.log.gz -dsf-docker-test-setup-3medic-ttp/secrets/*.pem -dsf-docker-test-setup-3medic-ttp/secrets/*.jks -dsf-docker-test-setup-3medic-ttp/.env -dsf-docker-test-setup-3medic-ttp/docker-compose.override.yml +dsf-docker-test-setup-3dic-ttp/secrets/*.pem +dsf-docker-test-setup-3dic-ttp/secrets/*.jks +dsf-docker-test-setup-3dic-ttp/.env +dsf-docker-test-setup-3dic-ttp/docker-compose.override.yml ### # dsf-tools ignores diff --git a/dsf-bpe/dsf-bpe-process-api-v1/src/test/java/dev/dsf/bpe/start/ConstantsExampleStarters.java b/dsf-bpe/dsf-bpe-process-api-v1/src/test/java/dev/dsf/bpe/start/ConstantsExampleStarters.java index a446e4a89..980a1ab81 100644 --- a/dsf-bpe/dsf-bpe-process-api-v1/src/test/java/dev/dsf/bpe/start/ConstantsExampleStarters.java +++ b/dsf-bpe/dsf-bpe-process-api-v1/src/test/java/dev/dsf/bpe/start/ConstantsExampleStarters.java @@ -12,12 +12,12 @@ public interface ConstantsExampleStarters String TTP_FHIR_BASE_URL = "https://ttp/fhir/"; String NAMINGSYSTEM_DSF_ORGANIZATION_IDENTIFIER_VALUE_TTP = "Test_TTP"; - String MEDIC_1_FHIR_BASE_URL = "https://medic1/fhir/"; - String NAMINGSYSTEM_DSF_ORGANIZATION_IDENTIFIER_VALUE_MEDIC_1 = "Test_MeDIC_1"; + String DIC_1_FHIR_BASE_URL = "https://dic1/fhir/"; + String NAMINGSYSTEM_DSF_ORGANIZATION_IDENTIFIER_VALUE_DIC_1 = "Test_DIC_1"; - String MEDIC_2_FHIR_BASE_URL = "https://medic2/fhir/"; - String NAMINGSYSTEM_DSF_ORGANIZATION_IDENTIFIER_VALUE_MEDIC_2 = "Test_MeDIC_2"; + String DIC_2_FHIR_BASE_URL = "https://dic2/fhir/"; + String NAMINGSYSTEM_DSF_ORGANIZATION_IDENTIFIER_VALUE_DIC_2 = "Test_DIC_2"; - String MEDIC_3_FHIR_BASE_URL = "https://medic3/fhir/"; - String NAMINGSYSTEM_DSF_ORGANIZATION_IDENTIFIER_VALUE_MEDIC_3 = "Test_MeDIC_3"; + String DIC_3_FHIR_BASE_URL = "https://dic3/fhir/"; + String NAMINGSYSTEM_DSF_ORGANIZATION_IDENTIFIER_VALUE_DIC_3 = "Test_DIC_3"; } diff --git a/dsf-docker-test-setup-3medic-ttp/README.md b/dsf-docker-test-setup-3dic-ttp/README.md similarity index 62% rename from dsf-docker-test-setup-3medic-ttp/README.md rename to dsf-docker-test-setup-3dic-ttp/README.md index c525c0f8c..4d3cee0aa 100644 --- a/dsf-docker-test-setup-3medic-ttp/README.md +++ b/dsf-docker-test-setup-3dic-ttp/README.md @@ -1,4 +1,4 @@ -# 3-Medic TTP Docker Test Setup +# 3-DIC TTP Docker Test Setup ### Preparations @@ -11,14 +11,14 @@ * Add one entry for each organization to your hosts file ``` - 127.0.0.1 medic1 - 127.0.0.1 medic2 - 127.0.0.1 medic3 + 127.0.0.1 dic1 + 127.0.0.1 dic2 + 127.0.0.1 dic3 127.0.0.1 ttp 127.0.0.1 keycloak ``` -* Build the docker images in the sub-folder `dsf/dsf-docker-test-setup-3medic-ttp` by executing: +* Build the docker images in the sub-folder `dsf/dsf-docker-test-setup-3dic-ttp` by executing: **Windows:** ```sh @@ -30,55 +30,55 @@ ./docker-build.sh ``` -* Add processes to the corresponding sub-folder `dsf/dsf-docker-test-setup-3medic-ttp//bpe/process` -* Start dsf instances of each organization in the sub-folder `dsf/dsf-docker-test-setup-3medic-ttp` +* Add processes to the corresponding sub-folder `dsf/dsf-docker-test-setup-3dic-ttp//bpe/process` +* Start dsf instances of each organization in the sub-folder `dsf/dsf-docker-test-setup-3dic-ttp` -### MeDIC1 +### DIC1 * Start DSF FHIR server: ```sh - docker-compose up -d medic1-fhir && docker-compose logs -f medic1-fhir + docker-compose up -d dic1-fhir && docker-compose logs -f dic1-fhir ``` -* Access at https://medic1/fhir/ +* Access at https://dic1/fhir/ * Disconnect from log output (Ctrl-C) if Server started * Start DSF BPE server: ```sh - docker-compose up -d medic1-bpe && docker-compose logs -f medic1-fhir medic1-bpe + docker-compose up -d dic1-bpe && docker-compose logs -f dic1-fhir dic1-bpe ``` -### MeDIC2 +### DIC2 * Start DSF FHIR server: ```sh - docker-compose up -d medic2-fhir && docker-compose logs -f medic2-fhir + docker-compose up -d dic2-fhir && docker-compose logs -f dic2-fhir ``` -* Access at https://medic2/fhir/ +* Access at https://dic2/fhir/ * Disconnect from log output (Ctrl-C) if Server started * Start DSF BPE server: ```sh - docker-compose up -d medic2-bpe && docker-compose logs -f medic2-fhir medic2-bpe + docker-compose up -d dic2-bpe && docker-compose logs -f dic2-fhir dic2-bpe ``` -### MeDIC3 +### DIC3 * Start DSF FHIR server: ```sh - docker-compose up -d medic3-fhir && docker-compose logs -f medic3-fhir + docker-compose up -d dic3-fhir && docker-compose logs -f dic3-fhir ``` -* Access at https://medic3/fhir/ +* Access at https://dic3/fhir/ * Disconnect from log output (Ctrl-C) if Server started * Start DSF BPE server: ```sh - docker-compose up -d medic3-bpe && docker-compose logs -f medic3-fhir medic3-bpe + docker-compose up -d dic3-bpe && docker-compose logs -f dic3-fhir dic3-bpe ``` ### TTP diff --git a/dsf-docker-test-setup-3dic-ttp/db/init-db.sh b/dsf-docker-test-setup-3dic-ttp/db/init-db.sh new file mode 100755 index 000000000..0e90bcb01 --- /dev/null +++ b/dsf-docker-test-setup-3dic-ttp/db/init-db.sh @@ -0,0 +1,21 @@ +#!/bin/bash +set -e + +psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL + CREATE DATABASE dic1_fhir; + GRANT ALL PRIVILEGES ON DATABASE dic1_fhir TO liquibase_user; + CREATE DATABASE dic1_bpe; + GRANT ALL PRIVILEGES ON DATABASE dic1_bpe TO liquibase_user; + CREATE DATABASE dic2_fhir; + GRANT ALL PRIVILEGES ON DATABASE dic2_fhir TO liquibase_user; + CREATE DATABASE dic2_bpe; + GRANT ALL PRIVILEGES ON DATABASE dic2_bpe TO liquibase_user; + CREATE DATABASE dic3_fhir; + GRANT ALL PRIVILEGES ON DATABASE dic3_fhir TO liquibase_user; + CREATE DATABASE dic3_bpe; + GRANT ALL PRIVILEGES ON DATABASE dic3_bpe TO liquibase_user; + CREATE DATABASE ttp_fhir; + GRANT ALL PRIVILEGES ON DATABASE ttp_fhir TO liquibase_user; + CREATE DATABASE ttp_bpe; + GRANT ALL PRIVILEGES ON DATABASE ttp_bpe TO liquibase_user; +EOSQL \ No newline at end of file diff --git a/dsf-docker-test-setup-3medic-ttp/medic1/bpe/log/README.md b/dsf-docker-test-setup-3dic-ttp/dic1/bpe/log/README.md similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/medic1/bpe/log/README.md rename to dsf-docker-test-setup-3dic-ttp/dic1/bpe/log/README.md diff --git a/dsf-docker-test-setup-3medic-ttp/medic1/bpe/process/README.md b/dsf-docker-test-setup-3dic-ttp/dic1/bpe/process/README.md similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/medic1/bpe/process/README.md rename to dsf-docker-test-setup-3dic-ttp/dic1/bpe/process/README.md diff --git a/dsf-docker-test-setup-3medic-ttp/medic1/fhir/log/README.md b/dsf-docker-test-setup-3dic-ttp/dic1/fhir/log/README.md similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/medic1/fhir/log/README.md rename to dsf-docker-test-setup-3dic-ttp/dic1/fhir/log/README.md diff --git a/dsf-docker-test-setup-3medic-ttp/medic2/bpe/log/README.md b/dsf-docker-test-setup-3dic-ttp/dic2/bpe/log/README.md similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/medic2/bpe/log/README.md rename to dsf-docker-test-setup-3dic-ttp/dic2/bpe/log/README.md diff --git a/dsf-docker-test-setup-3medic-ttp/medic2/bpe/process/README.md b/dsf-docker-test-setup-3dic-ttp/dic2/bpe/process/README.md similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/medic2/bpe/process/README.md rename to dsf-docker-test-setup-3dic-ttp/dic2/bpe/process/README.md diff --git a/dsf-docker-test-setup-3medic-ttp/medic2/fhir/log/README.md b/dsf-docker-test-setup-3dic-ttp/dic2/fhir/log/README.md similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/medic2/fhir/log/README.md rename to dsf-docker-test-setup-3dic-ttp/dic2/fhir/log/README.md diff --git a/dsf-docker-test-setup-3medic-ttp/medic3/bpe/log/README.md b/dsf-docker-test-setup-3dic-ttp/dic3/bpe/log/README.md similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/medic3/bpe/log/README.md rename to dsf-docker-test-setup-3dic-ttp/dic3/bpe/log/README.md diff --git a/dsf-docker-test-setup-3medic-ttp/medic3/bpe/process/README.md b/dsf-docker-test-setup-3dic-ttp/dic3/bpe/process/README.md similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/medic3/bpe/process/README.md rename to dsf-docker-test-setup-3dic-ttp/dic3/bpe/process/README.md diff --git a/dsf-docker-test-setup-3medic-ttp/medic3/fhir/log/README.md b/dsf-docker-test-setup-3dic-ttp/dic3/fhir/log/README.md similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/medic3/fhir/log/README.md rename to dsf-docker-test-setup-3dic-ttp/dic3/fhir/log/README.md diff --git a/dsf-docker-test-setup-3medic-ttp/docker-build.bat b/dsf-docker-test-setup-3dic-ttp/docker-build.bat similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/docker-build.bat rename to dsf-docker-test-setup-3dic-ttp/docker-build.bat diff --git a/dsf-docker-test-setup-3medic-ttp/docker-build.sh b/dsf-docker-test-setup-3dic-ttp/docker-build.sh similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/docker-build.sh rename to dsf-docker-test-setup-3dic-ttp/docker-build.sh diff --git a/dsf-docker-test-setup-3medic-ttp/docker-compose.yml b/dsf-docker-test-setup-3dic-ttp/docker-compose.yml similarity index 66% rename from dsf-docker-test-setup-3medic-ttp/docker-compose.yml rename to dsf-docker-test-setup-3dic-ttp/docker-compose.yml index c5ada99fd..8df057804 100644 --- a/dsf-docker-test-setup-3medic-ttp/docker-compose.yml +++ b/dsf-docker-test-setup-3dic-ttp/docker-compose.yml @@ -19,27 +19,27 @@ services: target: /etc/nginx/nginx.conf read_only: true networks: - medic1-fhir-frontend: + dic1-fhir-frontend: ipv4_address: 172.20.0.2 - medic2-fhir-frontend: + dic2-fhir-frontend: ipv4_address: 172.20.0.10 - medic3-fhir-frontend: + dic3-fhir-frontend: ipv4_address: 172.20.0.18 ttp-fhir-frontend: ipv4_address: 172.20.0.26 - medic1-bpe-frontend: + dic1-bpe-frontend: ipv4_address: 172.20.0.34 - medic2-bpe-frontend: + dic2-bpe-frontend: ipv4_address: 172.20.0.42 - medic3-bpe-frontend: + dic3-bpe-frontend: ipv4_address: 172.20.0.50 ttp-bpe-frontend: ipv4_address: 172.20.0.58 internet: aliases: - - medic1 - - medic2 - - medic3 + - dic1 + - dic2 + - dic3 - ttp environment: TZ: Europe/Berlin @@ -58,13 +58,13 @@ services: POSTGRES_USER: liquibase_user POSTGRES_DB: postgres networks: - - medic1-fhir-backend - - medic2-fhir-backend - - medic3-fhir-backend + - dic1-fhir-backend + - dic2-fhir-backend + - dic3-fhir-backend - ttp-fhir-backend - - medic1-bpe-backend - - medic2-bpe-backend - - medic3-bpe-backend + - dic1-bpe-backend + - dic2-bpe-backend + - dic3-bpe-backend - ttp-bpe-backend secrets: - db_liquibase.password @@ -106,42 +106,42 @@ services: --spi-truststore-file-password=password --spi-truststore-file-hostname-verification-policy=STRICT - medic1-fhir: + dic1-fhir: image: datasharingframework/fhir restart: "no" ports: - 127.0.0.1:5001:5001 secrets: - db_liquibase.password - - db_medic1_fhir_user.password - - db_medic1_fhir_user_permanent_delete.password + - db_dic1_fhir_user.password + - db_dic1_fhir_user_permanent_delete.password - app_server_trust_certificates.pem - app_client_trust_certificates.pem - - app_medic1_client_certificate.pem - - app_medic1_client_certificate_private_key.pem - - app_medic1_client_certificate_private_key.pem.password + - app_dic1_client_certificate.pem + - app_dic1_client_certificate_private_key.pem + - app_dic1_client_certificate_private_key.pem.password volumes: - type: bind - source: ./medic1/fhir/log + source: ./dic1/fhir/log target: /opt/fhir/log environment: TZ: Europe/Berlin EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5001 DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password - DEV_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_medic1_fhir_user.password - DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_medic1_fhir_user_permanent_delete.password + DEV_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_dic1_fhir_user.password + DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_dic1_fhir_user_permanent_delete.password DEV_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_medic1_client_certificate.pem - DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_medic1_client_certificate_private_key.pem - DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_medic1_client_certificate_private_key.pem.password - DEV_DSF_FHIR_DB_URL: jdbc:postgresql://db/medic1_fhir - DEV_DSF_FHIR_DB_USER_GROUP: medic1_fhir_users - DEV_DSF_FHIR_DB_USER_USERNAME: medic1_fhir_server_user - DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP: medic1_fhir_permanent_delete_users - DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME: medic1_fhir_server_permanent_delete_user - DEV_DSF_FHIR_SERVER_BASE_URL: https://medic1/fhir - DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_MeDIC_1 - DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: ${MEDIC1_BUNDLE_USER_THUMBPRINT} + DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic1_client_certificate.pem + DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic1_client_certificate_private_key.pem + DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_dic1_client_certificate_private_key.pem.password + DEV_DSF_FHIR_DB_URL: jdbc:postgresql://db/dic1_fhir + DEV_DSF_FHIR_DB_USER_GROUP: dic1_fhir_users + DEV_DSF_FHIR_DB_USER_USERNAME: dic1_fhir_server_user + DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP: dic1_fhir_permanent_delete_users + DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME: dic1_fhir_server_permanent_delete_user + DEV_DSF_FHIR_SERVER_BASE_URL: https://dic1/fhir + DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_DIC_1 + DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: ${DIC1_BUNDLE_USER_THUMBPRINT} DEV_DSF_FHIR_SERVER_ROLECONFIG: | - webbrowser_test_user: thumbprint: ${WEBBROSER_TEST_USER_THUMBPRINT} @@ -155,57 +155,57 @@ services: - HISTORY - PERMANENT_DELETE JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem - JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/medic1 + JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/dic1 JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - JETTY_AUTH_OIDC_CLIENT_ID: medic1-fhir + JETTY_AUTH_OIDC_CLIENT_ID: dic1-fhir JETTY_AUTH_OIDC_CLIENT_SECRET: mF0GEtjFoyWIM3in4VCwifGI3azb4DTn JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT: 'true' networks: - medic1-fhir-frontend: + dic1-fhir-frontend: ipv4_address: 172.20.0.3 - medic1-fhir-backend: + dic1-fhir-backend: internet: depends_on: - db - proxy - keycloak - medic2-fhir: + dic2-fhir: image: datasharingframework/fhir restart: "no" ports: - 127.0.0.1:5002:5002 secrets: - db_liquibase.password - - db_medic2_fhir_user.password - - db_medic2_fhir_user_permanent_delete.password + - db_dic2_fhir_user.password + - db_dic2_fhir_user_permanent_delete.password - app_server_trust_certificates.pem - app_client_trust_certificates.pem - - app_medic2_client_certificate.pem - - app_medic2_client_certificate_private_key.pem - - app_medic2_client_certificate_private_key.pem.password + - app_dic2_client_certificate.pem + - app_dic2_client_certificate_private_key.pem + - app_dic2_client_certificate_private_key.pem.password volumes: - type: bind - source: ./medic2/fhir/log + source: ./dic2/fhir/log target: /opt/fhir/log environment: TZ: Europe/Berlin EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5002 DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password - DEV_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_medic2_fhir_user.password - DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_medic2_fhir_user_permanent_delete.password + DEV_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_dic2_fhir_user.password + DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_dic2_fhir_user_permanent_delete.password DEV_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_medic2_client_certificate.pem - DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_medic2_client_certificate_private_key.pem - DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_medic2_client_certificate_private_key.pem.password - DEV_DSF_FHIR_DB_URL: jdbc:postgresql://db/medic2_fhir - DEV_DSF_FHIR_DB_USER_GROUP: medic2_fhir_users - DEV_DSF_FHIR_DB_USER_USERNAME: medic2_fhir_server_user - DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP: medic2_fhir_permanent_delete_users - DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME: medic2_fhir_server_permanent_delete_user - DEV_DSF_FHIR_SERVER_BASE_URL: https://medic2/fhir - DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_MeDIC_2 - DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: ${MEDIC2_BUNDLE_USER_THUMBPRINT} + DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic2_client_certificate.pem + DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic2_client_certificate_private_key.pem + DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_dic2_client_certificate_private_key.pem.password + DEV_DSF_FHIR_DB_URL: jdbc:postgresql://db/dic2_fhir + DEV_DSF_FHIR_DB_USER_GROUP: dic2_fhir_users + DEV_DSF_FHIR_DB_USER_USERNAME: dic2_fhir_server_user + DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP: dic2_fhir_permanent_delete_users + DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME: dic2_fhir_server_permanent_delete_user + DEV_DSF_FHIR_SERVER_BASE_URL: https://dic2/fhir + DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_DIC_2 + DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: ${DIC2_BUNDLE_USER_THUMBPRINT} DEV_DSF_FHIR_SERVER_ROLECONFIG: | - webbrowser_test_user: thumbprint: ${WEBBROSER_TEST_USER_THUMBPRINT} @@ -219,57 +219,57 @@ services: - HISTORY - PERMANENT_DELETE JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem - JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/medic2 + JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/dic2 JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - JETTY_AUTH_OIDC_CLIENT_ID: medic2-fhir + JETTY_AUTH_OIDC_CLIENT_ID: dic2-fhir JETTY_AUTH_OIDC_CLIENT_SECRET: P7XhxzBixIf9vPdprItkbOXZwtSX2JNt JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT: 'true' networks: - medic2-fhir-frontend: + dic2-fhir-frontend: ipv4_address: 172.20.0.11 - medic2-fhir-backend: + dic2-fhir-backend: internet: depends_on: - db - proxy - keycloak - medic3-fhir: + dic3-fhir: image: datasharingframework/fhir restart: "no" ports: - 127.0.0.1:5003:5003 secrets: - db_liquibase.password - - db_medic3_fhir_user.password - - db_medic3_fhir_user_permanent_delete.password + - db_dic3_fhir_user.password + - db_dic3_fhir_user_permanent_delete.password - app_server_trust_certificates.pem - app_client_trust_certificates.pem - - app_medic3_client_certificate.pem - - app_medic3_client_certificate_private_key.pem - - app_medic3_client_certificate_private_key.pem.password + - app_dic3_client_certificate.pem + - app_dic3_client_certificate_private_key.pem + - app_dic3_client_certificate_private_key.pem.password volumes: - type: bind - source: ./medic3/fhir/log + source: ./dic3/fhir/log target: /opt/fhir/log environment: TZ: Europe/Berlin EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5003 DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password - DEV_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_medic3_fhir_user.password - DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_medic3_fhir_user_permanent_delete.password + DEV_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_dic3_fhir_user.password + DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_dic3_fhir_user_permanent_delete.password DEV_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_medic3_client_certificate.pem - DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_medic3_client_certificate_private_key.pem - DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_medic3_client_certificate_private_key.pem.password - DEV_DSF_FHIR_DB_URL: jdbc:postgresql://db/medic3_fhir - DEV_DSF_FHIR_DB_USER_GROUP: medic3_fhir_users - DEV_DSF_FHIR_DB_USER_USERNAME: medic3_fhir_server_user - DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP: medic3_fhir_permanent_delete_users - DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME: medic3_fhir_server_permanent_delete_user - DEV_DSF_FHIR_SERVER_BASE_URL: https://medic3/fhir - DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_MeDIC_3 - DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: ${MEDIC3_BUNDLE_USER_THUMBPRINT} + DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic3_client_certificate.pem + DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic3_client_certificate_private_key.pem + DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_dic3_client_certificate_private_key.pem.password + DEV_DSF_FHIR_DB_URL: jdbc:postgresql://db/dic3_fhir + DEV_DSF_FHIR_DB_USER_GROUP: dic3_fhir_users + DEV_DSF_FHIR_DB_USER_USERNAME: dic3_fhir_server_user + DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_GROUP: dic3_fhir_permanent_delete_users + DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_USERNAME: dic3_fhir_server_permanent_delete_user + DEV_DSF_FHIR_SERVER_BASE_URL: https://dic3/fhir + DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_DIC_3 + DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: ${DIC3_BUNDLE_USER_THUMBPRINT} DEV_DSF_FHIR_SERVER_ROLECONFIG: | - webbrowser_test_user: thumbprint: ${WEBBROSER_TEST_USER_THUMBPRINT} @@ -283,15 +283,15 @@ services: - HISTORY - PERMANENT_DELETE JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem - JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/medic3 + JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/dic3 JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - JETTY_AUTH_OIDC_CLIENT_ID: medic3-fhir + JETTY_AUTH_OIDC_CLIENT_ID: dic3-fhir JETTY_AUTH_OIDC_CLIENT_SECRET: 9i9WRfIedG7N3QoL5WuGM8hCoySblAhK JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT: 'true' networks: - medic3-fhir-frontend: + dic3-fhir-frontend: ipv4_address: 172.20.0.19 - medic3-fhir-backend: + dic3-fhir-backend: internet: depends_on: - db @@ -338,9 +338,9 @@ services: DEV_DSF_FHIR_SERVER_BASE_URL: https://ttp/fhir DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_TTP DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: ${TTP_BUNDLE_USER_THUMBPRINT} - DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT_MEDIC1: ${MEDIC1_BUNDLE_USER_THUMBPRINT} - DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT_MEDIC2: ${MEDIC2_BUNDLE_USER_THUMBPRINT} - DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT_MEDIC3: ${MEDIC3_BUNDLE_USER_THUMBPRINT} + DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT_DIC1: ${DIC1_BUNDLE_USER_THUMBPRINT} + DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT_DIC2: ${DIC2_BUNDLE_USER_THUMBPRINT} + DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT_DIC3: ${DIC3_BUNDLE_USER_THUMBPRINT} DEV_DSF_FHIR_SERVER_ROLECONFIG: | - webbrowser_test_user: thumbprint: ${WEBBROSER_TEST_USER_THUMBPRINT} @@ -369,193 +369,193 @@ services: - proxy - keycloak - medic1-bpe: + dic1-bpe: image: datasharingframework/bpe restart: "no" ports: - 127.0.0.1:5011:5011 secrets: - db_liquibase.password - - db_medic1_bpe_user.password - - db_medic1_bpe_user_camunda.password + - db_dic1_bpe_user.password + - db_dic1_bpe_user_camunda.password - app_server_trust_certificates.pem - app_client_trust_certificates.pem - - app_medic1_client_certificate.pem - - app_medic1_client_certificate_private_key.pem - - app_medic1_client_certificate_private_key.pem.password + - app_dic1_client_certificate.pem + - app_dic1_client_certificate_private_key.pem + - app_dic1_client_certificate_private_key.pem.password volumes: - type: bind - source: ./medic1/bpe/process + source: ./dic1/bpe/process target: /opt/bpe/process read_only: true - type: bind - source: ./medic1/bpe/log + source: ./dic1/bpe/log target: /opt/bpe/log environment: TZ: Europe/Berlin EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5011 DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password - DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_medic1_bpe_user.password - DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_medic1_bpe_user_camunda.password + DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_dic1_bpe_user.password + DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_dic1_bpe_user_camunda.password DEV_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_medic1_client_certificate.pem - DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_medic1_client_certificate_private_key.pem - DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_medic1_client_certificate_private_key.pem.password - DEV_DSF_BPE_DB_URL: jdbc:postgresql://db/medic1_bpe - DEV_DSF_BPE_DB_USER_GROUP: medic1_bpe_users - DEV_DSF_BPE_DB_USER_USERNAME: medic1_bpe_server_user - DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP: medic1_camunda_users - DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME: medic1_camunda_server_user - DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_MeDIC_1 - DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://medic1/fhir + DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic1_client_certificate.pem + DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic1_client_certificate_private_key.pem + DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_dic1_client_certificate_private_key.pem.password + DEV_DSF_BPE_DB_URL: jdbc:postgresql://db/dic1_bpe + DEV_DSF_BPE_DB_USER_GROUP: dic1_bpe_users + DEV_DSF_BPE_DB_USER_USERNAME: dic1_bpe_server_user + DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP: dic1_camunda_users + DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME: dic1_camunda_server_user + DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_dic_1 + DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dic1/fhir DEV_DSF_BPE_MAIL_HOST: mailhog DEV_DSF_BPE_MAIL_PORT: 1025 - DEV_DSF_BPE_MAIL_FROMADDRESS: bpe@medic1 - DEV_DSF_BPE_MAIL_TOADDRESSES: bpe@medic1 + DEV_DSF_BPE_MAIL_FROMADDRESS: bpe@dic1 + DEV_DSF_BPE_MAIL_TOADDRESSES: bpe@dic1 #DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP: 'false' # default no test mail on startup #DEV_DSF_BPE_PROCESS_EXCLUDED: # default no excluded processes # property dev.dsf.bpe.allow.list.organization should only be set for testing, do not configure property in production, potential security risk DEV_DSF_BPE_ALLOW_LIST_ORGANIZATION: Test_TTP JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem - JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/medic1 + JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/dic1 JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - JETTY_AUTH_OIDC_CLIENT_ID: medic1-bpe + JETTY_AUTH_OIDC_CLIENT_ID: dic1-bpe JETTY_AUTH_OIDC_CLIENT_SECRET: ytqFCErw9GfhVUrrM8xc0Grbu4r7qGig JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT: 'true' networks: - medic1-bpe-frontend: + dic1-bpe-frontend: ipv4_address: 172.20.0.35 - medic1-bpe-backend: + dic1-bpe-backend: internet: depends_on: - db - - medic1-fhir + - dic1-fhir - keycloak - medic2-bpe: + dic2-bpe: image: datasharingframework/bpe restart: "no" ports: - 127.0.0.1:5012:5012 secrets: - db_liquibase.password - - db_medic2_bpe_user.password - - db_medic2_bpe_user_camunda.password + - db_dic2_bpe_user.password + - db_dic2_bpe_user_camunda.password - app_server_trust_certificates.pem - app_client_trust_certificates.pem - - app_medic2_client_certificate.pem - - app_medic2_client_certificate_private_key.pem - - app_medic2_client_certificate_private_key.pem.password + - app_dic2_client_certificate.pem + - app_dic2_client_certificate_private_key.pem + - app_dic2_client_certificate_private_key.pem.password volumes: - type: bind - source: ./medic2/bpe/process + source: ./dic2/bpe/process target: /opt/bpe/process read_only: true - type: bind - source: ./medic2/bpe/log + source: ./dic2/bpe/log target: /opt/bpe/log environment: TZ: Europe/Berlin EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5012 DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password - DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_medic2_bpe_user.password - DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_medic2_bpe_user_camunda.password + DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_dic2_bpe_user.password + DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_dic2_bpe_user_camunda.password DEV_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_medic2_client_certificate.pem - DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_medic2_client_certificate_private_key.pem - DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_medic2_client_certificate_private_key.pem.password - DEV_DSF_BPE_DB_URL: jdbc:postgresql://db/medic2_bpe - DEV_DSF_BPE_DB_USER_GROUP: medic2_bpe_users - DEV_DSF_BPE_DB_USER_USERNAME: medic2_bpe_server_user - DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP: medic2_camunda_users - DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME: medic2_camunda_server_user - DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_MeDIC_2 - DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://medic2/fhir + DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic2_client_certificate.pem + DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic2_client_certificate_private_key.pem + DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_dic2_client_certificate_private_key.pem.password + DEV_DSF_BPE_DB_URL: jdbc:postgresql://db/dic2_bpe + DEV_DSF_BPE_DB_USER_GROUP: dic2_bpe_users + DEV_DSF_BPE_DB_USER_USERNAME: dic2_bpe_server_user + DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP: dic2_camunda_users + DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME: dic2_camunda_server_user + DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_DIC_2 + DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dic2/fhir DEV_DSF_BPE_MAIL_HOST: mailhog DEV_DSF_BPE_MAIL_PORT: 1025 - DEV_DSF_BPE_MAIL_FROMADDRESS: bpe@medic2 - DEV_DSF_BPE_MAIL_TOADDRESSES: bpe@medic2 + DEV_DSF_BPE_MAIL_FROMADDRESS: bpe@dic2 + DEV_DSF_BPE_MAIL_TOADDRESSES: bpe@dic2 #DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP: 'false' # default no test mail on startup #DEV_DSF_BPE_PROCESS_EXCLUDED: # default no excluded processes # property dev.dsf.bpe.allow.list.organization should only be set for testing, do not configure property in production, potential security risk DEV_DSF_BPE_ALLOW_LIST_ORGANIZATION: Test_TTP JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem - JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/medic2 + JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/dic2 JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - JETTY_AUTH_OIDC_CLIENT_ID: medic2-bpe + JETTY_AUTH_OIDC_CLIENT_ID: dic2-bpe JETTY_AUTH_OIDC_CLIENT_SECRET: 5GtUIUfoXnQVcsRfd0Hg4EGv14iAknGq JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT: 'true' networks: - medic2-bpe-frontend: + dic2-bpe-frontend: ipv4_address: 172.20.0.43 - medic2-bpe-backend: + dic2-bpe-backend: internet: depends_on: - db - - medic2-fhir + - dic2-fhir - keycloak - medic3-bpe: + dic3-bpe: image: datasharingframework/bpe restart: "no" ports: - 127.0.0.1:5014:5014 secrets: - db_liquibase.password - - db_medic3_bpe_user.password - - db_medic3_bpe_user_camunda.password + - db_dic3_bpe_user.password + - db_dic3_bpe_user_camunda.password - app_server_trust_certificates.pem - app_client_trust_certificates.pem - - app_medic3_client_certificate.pem - - app_medic3_client_certificate_private_key.pem - - app_medic3_client_certificate_private_key.pem.password + - app_dic3_client_certificate.pem + - app_dic3_client_certificate_private_key.pem + - app_dic3_client_certificate_private_key.pem.password volumes: - type: bind - source: ./medic3/bpe/process + source: ./dic3/bpe/process target: /opt/bpe/process read_only: true - type: bind - source: ./medic3/bpe/log + source: ./dic3/bpe/log target: /opt/bpe/log environment: TZ: Europe/Berlin EXTRA_JVM_ARGS: -agentlib:jdwp=transport=dt_socket,server=y,suspend=n,address=*:5014 DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password - DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_medic3_bpe_user.password - DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_medic3_bpe_user_camunda.password + DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_dic3_bpe_user.password + DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_dic3_bpe_user_camunda.password DEV_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_medic3_client_certificate.pem - DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_medic3_client_certificate_private_key.pem - DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_medic3_client_certificate_private_key.pem.password - DEV_DSF_BPE_DB_URL: jdbc:postgresql://db/medic3_bpe - DEV_DSF_BPE_DB_USER_GROUP: medic3_bpe_users - DEV_DSF_BPE_DB_USER_USERNAME: medic3_bpe_server_user - DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP: medic3_camunda_users - DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME: medic3_camunda_server_user - DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_MeDIC_3 - DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://medic3/fhir + DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic3_client_certificate.pem + DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic3_client_certificate_private_key.pem + DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_dic3_client_certificate_private_key.pem.password + DEV_DSF_BPE_DB_URL: jdbc:postgresql://db/dic3_bpe + DEV_DSF_BPE_DB_USER_GROUP: dic3_bpe_users + DEV_DSF_BPE_DB_USER_USERNAME: dic3_bpe_server_user + DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP: dic3_camunda_users + DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME: dic3_camunda_server_user + DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_DIC_3 + DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dic3/fhir DEV_DSF_BPE_MAIL_HOST: mailhog DEV_DSF_BPE_MAIL_PORT: 1025 - DEV_DSF_BPE_MAIL_FROMADDRESS: bpe@medic3 - DEV_DSF_BPE_MAIL_TOADDRESSES: bpe@medic3 + DEV_DSF_BPE_MAIL_FROMADDRESS: bpe@dic3 + DEV_DSF_BPE_MAIL_TOADDRESSES: bpe@dic3 #DEV_DSF_BPE_MAIL_SENDTESTMAILONSTARTUP: 'false' # default no test mail on startup #DEV_DSF_BPE_PROCESS_EXCLUDED: # default no excluded processes # property dev.dsf.bpe.allow.list.organization should only be set for testing, do not configure property in production, potential security risk DEV_DSF_BPE_ALLOW_LIST_ORGANIZATION: Test_TTP JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem - JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/medic3 + JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/dic3 JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - JETTY_AUTH_OIDC_CLIENT_ID: medic3-bpe + JETTY_AUTH_OIDC_CLIENT_ID: dic3-bpe JETTY_AUTH_OIDC_CLIENT_SECRET: VGTQD3WWH4uGUMz408NWNzcHF1MsfV0l JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT: 'true' networks: - medic3-bpe-frontend: + dic3-bpe-frontend: ipv4_address: 172.20.0.51 - medic3-bpe-backend: + dic3-bpe-backend: internet: depends_on: - db - - medic3-fhir + - dic3-fhir - mailhog - keycloak @@ -643,32 +643,32 @@ secrets: db_liquibase.password: file: ./secrets/db_liquibase.password - db_medic1_bpe_user.password: - file: ./secrets/db_medic1_bpe_user.password - db_medic1_bpe_user_camunda.password: - file: ./secrets/db_medic1_bpe_user_camunda.password - db_medic1_fhir_user.password: - file: ./secrets/db_medic1_fhir_user.password - db_medic1_fhir_user_permanent_delete.password: - file: ./secrets/db_medic1_fhir_user_permanent_delete.password + db_dic1_bpe_user.password: + file: ./secrets/db_dic1_bpe_user.password + db_dic1_bpe_user_camunda.password: + file: ./secrets/db_dic1_bpe_user_camunda.password + db_dic1_fhir_user.password: + file: ./secrets/db_dic1_fhir_user.password + db_dic1_fhir_user_permanent_delete.password: + file: ./secrets/db_dic1_fhir_user_permanent_delete.password - db_medic2_bpe_user.password: - file: ./secrets/db_medic2_bpe_user.password - db_medic2_bpe_user_camunda.password: - file: ./secrets/db_medic2_bpe_user_camunda.password - db_medic2_fhir_user.password: - file: ./secrets/db_medic2_fhir_user.password - db_medic2_fhir_user_permanent_delete.password: - file: ./secrets/db_medic2_fhir_user_permanent_delete.password + db_dic2_bpe_user.password: + file: ./secrets/db_dic2_bpe_user.password + db_dic2_bpe_user_camunda.password: + file: ./secrets/db_dic2_bpe_user_camunda.password + db_dic2_fhir_user.password: + file: ./secrets/db_dic2_fhir_user.password + db_dic2_fhir_user_permanent_delete.password: + file: ./secrets/db_dic2_fhir_user_permanent_delete.password - db_medic3_bpe_user.password: - file: ./secrets/db_medic3_bpe_user.password - db_medic3_bpe_user_camunda.password: - file: ./secrets/db_medic3_bpe_user_camunda.password - db_medic3_fhir_user.password: - file: ./secrets/db_medic3_fhir_user.password - db_medic3_fhir_user_permanent_delete.password: - file: ./secrets/db_medic3_fhir_user_permanent_delete.password + db_dic3_bpe_user.password: + file: ./secrets/db_dic3_bpe_user.password + db_dic3_bpe_user_camunda.password: + file: ./secrets/db_dic3_bpe_user_camunda.password + db_dic3_fhir_user.password: + file: ./secrets/db_dic3_fhir_user.password + db_dic3_fhir_user_permanent_delete.password: + file: ./secrets/db_dic3_fhir_user_permanent_delete.password db_ttp_bpe_user.password: file: ./secrets/db_ttp_bpe_user.password @@ -691,26 +691,26 @@ secrets: app_client_trust_certificates.pem: file: ./secrets/app_testca_certificate.pem - app_medic1_client_certificate.pem: - file: ./secrets/app_medic1-client_certificate.pem - app_medic1_client_certificate_private_key.pem: - file: ./secrets/app_medic1-client_private-key.pem - app_medic1_client_certificate_private_key.pem.password: - file: ./secrets/app_medic1-client_private-key.pem.password + app_dic1_client_certificate.pem: + file: ./secrets/app_dic1-client_certificate.pem + app_dic1_client_certificate_private_key.pem: + file: ./secrets/app_dic1-client_private-key.pem + app_dic1_client_certificate_private_key.pem.password: + file: ./secrets/app_dic1-client_private-key.pem.password - app_medic2_client_certificate.pem: - file: ./secrets/app_medic2-client_certificate.pem - app_medic2_client_certificate_private_key.pem: - file: ./secrets/app_medic2-client_private-key.pem - app_medic2_client_certificate_private_key.pem.password: - file: ./secrets/app_medic2-client_private-key.pem.password + app_dic2_client_certificate.pem: + file: ./secrets/app_dic2-client_certificate.pem + app_dic2_client_certificate_private_key.pem: + file: ./secrets/app_dic2-client_private-key.pem + app_dic2_client_certificate_private_key.pem.password: + file: ./secrets/app_dic2-client_private-key.pem.password - app_medic3_client_certificate.pem: - file: ./secrets/app_medic3-client_certificate.pem - app_medic3_client_certificate_private_key.pem: - file: ./secrets/app_medic3-client_private-key.pem - app_medic3_client_certificate_private_key.pem.password: - file: ./secrets/app_medic3-client_private-key.pem.password + app_dic3_client_certificate.pem: + file: ./secrets/app_dic3-client_certificate.pem + app_dic3_client_certificate_private_key.pem: + file: ./secrets/app_dic3-client_private-key.pem + app_dic3_client_certificate_private_key.pem.password: + file: ./secrets/app_dic3-client_private-key.pem.password app_ttp_client_certificate.pem: file: ./secrets/app_ttp-client_certificate.pem @@ -720,27 +720,27 @@ secrets: file: ./secrets/app_ttp-client_private-key.pem.password networks: - medic1-fhir-frontend: + dic1-fhir-frontend: driver: bridge ipam: driver: default config: - subnet: 172.20.0.0/29 - medic1-fhir-backend: - medic2-fhir-frontend: + dic1-fhir-backend: + dic2-fhir-frontend: driver: bridge ipam: driver: default config: - subnet: 172.20.0.8/29 - medic2-fhir-backend: - medic3-fhir-frontend: + dic2-fhir-backend: + dic3-fhir-frontend: driver: bridge ipam: driver: default config: - subnet: 172.20.0.16/29 - medic3-fhir-backend: + dic3-fhir-backend: ttp-fhir-frontend: driver: bridge ipam: @@ -748,27 +748,27 @@ networks: config: - subnet: 172.20.0.24/29 ttp-fhir-backend: - medic1-bpe-frontend: + dic1-bpe-frontend: driver: bridge ipam: driver: default config: - subnet: 172.20.0.32/29 - medic1-bpe-backend: - medic2-bpe-frontend: + dic1-bpe-backend: + dic2-bpe-frontend: driver: bridge ipam: driver: default config: - subnet: 172.20.0.40/29 - medic2-bpe-backend: - medic3-bpe-frontend: + dic2-bpe-backend: + dic3-bpe-frontend: driver: bridge ipam: driver: default config: - subnet: 172.20.0.48/29 - medic3-bpe-backend: + dic3-bpe-backend: ttp-bpe-frontend: driver: bridge ipam: diff --git a/dsf-docker-test-setup-3medic-ttp/keycloak/medic1.json b/dsf-docker-test-setup-3dic-ttp/keycloak/dic1.json similarity index 98% rename from dsf-docker-test-setup-3medic-ttp/keycloak/medic1.json rename to dsf-docker-test-setup-3dic-ttp/keycloak/dic1.json index 666f14c80..a44a13989 100644 --- a/dsf-docker-test-setup-3medic-ttp/keycloak/medic1.json +++ b/dsf-docker-test-setup-3dic-ttp/keycloak/dic1.json @@ -1,6 +1,6 @@ { "id" : "2f7cbd2b-d1f3-46c7-9e0d-d318c45b905e", - "realm" : "medic1", + "realm" : "dic1", "notBefore" : 0, "defaultSignatureAlgorithm" : "RS256", "revokeRefreshToken" : false, @@ -54,7 +54,7 @@ "attributes" : { } }, { "id" : "2d864733-5e56-4747-95fb-1e33e6899369", - "name" : "default-roles-medic1", + "name" : "default-roles-dic1", "description" : "${role_default-roles}", "composite" : true, "composites" : { @@ -252,7 +252,7 @@ "containerId" : "a43ca18a-af47-4e6b-99ca-e96e4bb3843c", "attributes" : { } } ], - "medic1-bpe" : [ ], + "dic1-bpe" : [ ], "security-admin-console" : [ ], "admin-cli" : [ ], "account-console" : [ ], @@ -265,7 +265,7 @@ "containerId" : "e285f70a-4331-4228-a65e-a6d662ed4dfa", "attributes" : { } } ], - "medic1-fhir" : [ ], + "dic1-fhir" : [ ], "account" : [ { "id" : "f848b5c6-150d-4675-b5fc-cc90dd19ec5e", "name" : "manage-account-links", @@ -346,7 +346,7 @@ "groups" : [ ], "defaultRole" : { "id" : "2d864733-5e56-4747-95fb-1e33e6899369", - "name" : "default-roles-medic1", + "name" : "default-roles-dic1", "description" : "${role_default-roles}", "composite" : true, "clientRole" : false, @@ -390,7 +390,7 @@ "emailVerified" : true, "firstName" : "Tyler", "lastName" : "Tester", - "email" : "medic1@test.com", + "email" : "dic1@test.com", "credentials" : [ { "id" : "c4eef652-7889-40f3-8ac8-fbd2a7aaee1f", "type" : "password", @@ -401,7 +401,7 @@ } ], "disableableCredentialTypes" : [ ], "requiredActions" : [ ], - "realmRoles" : [ "default-roles-medic1", "admin" ], + "realmRoles" : [ "default-roles-dic1", "admin" ], "notBefore" : 0, "groups" : [ ] } ], @@ -420,12 +420,12 @@ "clientId" : "account", "name" : "${client_account}", "rootUrl" : "${authBaseUrl}", - "baseUrl" : "/realms/medic1/account/", + "baseUrl" : "/realms/dic1/account/", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/realms/medic1/account/*" ], + "redirectUris" : [ "/realms/dic1/account/*" ], "webOrigins" : [ ], "notBefore" : 0, "bearerOnly" : false, @@ -450,12 +450,12 @@ "clientId" : "account-console", "name" : "${client_account-console}", "rootUrl" : "${authBaseUrl}", - "baseUrl" : "/realms/medic1/account/", + "baseUrl" : "/realms/dic1/account/", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/realms/medic1/account/*" ], + "redirectUris" : [ "/realms/dic1/account/*" ], "webOrigins" : [ ], "notBefore" : 0, "bearerOnly" : false, @@ -538,12 +538,12 @@ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { "id" : "294c3f18-bba2-450c-8ab5-ddfca63ac48e", - "clientId" : "medic1-bpe", + "clientId" : "dic1-bpe", "name" : "", "description" : "", - "rootUrl" : "https://medic1", + "rootUrl" : "https://dic1", "adminUrl" : "", - "baseUrl" : "https://medic1/bpe", + "baseUrl" : "https://dic1/bpe", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, @@ -565,7 +565,7 @@ "oidc.ciba.grant.enabled" : "false", "client.secret.creation.time" : "1678910228", "backchannel.logout.session.required" : "true", - "backchannel.logout.url" : "https://medic1/bpe/sso-logout", + "backchannel.logout.url" : "https://dic1/bpe/sso-logout", "post.logout.redirect.uris" : "+", "oauth2.device.authorization.grant.enabled" : "false", "display.on.consent.screen" : "false", @@ -578,12 +578,12 @@ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { "id" : "54d8f2d1-63ea-4d89-8df4-6687d8de79e0", - "clientId" : "medic1-fhir", + "clientId" : "dic1-fhir", "name" : "", "description" : "", - "rootUrl" : "https://medic1", + "rootUrl" : "https://dic1", "adminUrl" : "", - "baseUrl" : "https://medic1/fhir", + "baseUrl" : "https://dic1/fhir", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, @@ -605,7 +605,7 @@ "oidc.ciba.grant.enabled" : "false", "client.secret.creation.time" : "1678910084", "backchannel.logout.session.required" : "true", - "backchannel.logout.url" : "https://medic1/fhir/sso-logout", + "backchannel.logout.url" : "https://dic1/fhir/sso-logout", "post.logout.redirect.uris" : "+", "oauth2.device.authorization.grant.enabled" : "false", "display.on.consent.screen" : "false", @@ -647,12 +647,12 @@ "clientId" : "security-admin-console", "name" : "${client_security-admin-console}", "rootUrl" : "${authAdminUrl}", - "baseUrl" : "/admin/medic1/console/", + "baseUrl" : "/admin/dic1/console/", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/admin/medic1/console/*" ], + "redirectUris" : [ "/admin/dic1/console/*" ], "webOrigins" : [ "+" ], "notBefore" : 0, "bearerOnly" : false, diff --git a/dsf-docker-test-setup-3medic-ttp/keycloak/medic2.json b/dsf-docker-test-setup-3dic-ttp/keycloak/dic2.json similarity index 98% rename from dsf-docker-test-setup-3medic-ttp/keycloak/medic2.json rename to dsf-docker-test-setup-3dic-ttp/keycloak/dic2.json index 3bfd64ab7..14f60c00c 100644 --- a/dsf-docker-test-setup-3medic-ttp/keycloak/medic2.json +++ b/dsf-docker-test-setup-3dic-ttp/keycloak/dic2.json @@ -1,6 +1,6 @@ { "id" : "f13485a7-6904-42c9-a1ee-c58223eb1421", - "realm" : "medic2", + "realm" : "dic2", "notBefore" : 0, "defaultSignatureAlgorithm" : "RS256", "revokeRefreshToken" : false, @@ -62,7 +62,7 @@ "attributes" : { } }, { "id" : "4ae06c69-209a-4fca-9b35-ff29e315ee52", - "name" : "default-roles-medic2", + "name" : "default-roles-dic2", "description" : "${role_default-roles}", "composite" : true, "composites" : { @@ -254,8 +254,8 @@ } ], "security-admin-console" : [ ], "admin-cli" : [ ], - "medic2-bpe" : [ ], - "medic2-fhir" : [ ], + "dic2-bpe" : [ ], + "dic2-fhir" : [ ], "account-console" : [ ], "broker" : [ { "id" : "275c0bf8-cf87-4e84-bfa1-38ee21a0f0e6", @@ -346,7 +346,7 @@ "groups" : [ ], "defaultRole" : { "id" : "4ae06c69-209a-4fca-9b35-ff29e315ee52", - "name" : "default-roles-medic2", + "name" : "default-roles-dic2", "description" : "${role_default-roles}", "composite" : true, "clientRole" : false, @@ -390,7 +390,7 @@ "emailVerified" : true, "firstName" : "Tyler", "lastName" : "Tester", - "email" : "medic2@test.com", + "email" : "dic2@test.com", "credentials" : [ { "id" : "c1e7b7b9-5881-4f14-95e7-c585e8da56ea", "type" : "password", @@ -401,7 +401,7 @@ } ], "disableableCredentialTypes" : [ ], "requiredActions" : [ ], - "realmRoles" : [ "default-roles-medic2" ], + "realmRoles" : [ "default-roles-dic2" ], "notBefore" : 0, "groups" : [ ] } ], @@ -420,12 +420,12 @@ "clientId" : "account", "name" : "${client_account}", "rootUrl" : "${authBaseUrl}", - "baseUrl" : "/realms/medic2/account/", + "baseUrl" : "/realms/dic2/account/", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/realms/medic2/account/*" ], + "redirectUris" : [ "/realms/dic2/account/*" ], "webOrigins" : [ ], "notBefore" : 0, "bearerOnly" : false, @@ -450,12 +450,12 @@ "clientId" : "account-console", "name" : "${client_account-console}", "rootUrl" : "${authBaseUrl}", - "baseUrl" : "/realms/medic2/account/", + "baseUrl" : "/realms/dic2/account/", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/realms/medic2/account/*" ], + "redirectUris" : [ "/realms/dic2/account/*" ], "webOrigins" : [ ], "notBefore" : 0, "bearerOnly" : false, @@ -538,12 +538,12 @@ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { "id" : "d7072598-7089-489f-b46a-97e87fb01726", - "clientId" : "medic2-bpe", + "clientId" : "dic2-bpe", "name" : "", "description" : "", - "rootUrl" : "https://medic2", + "rootUrl" : "https://dic2", "adminUrl" : "", - "baseUrl" : "https://medic2/bpe", + "baseUrl" : "https://dic2/bpe", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, @@ -565,7 +565,7 @@ "oidc.ciba.grant.enabled" : "false", "client.secret.creation.time" : "1678911496", "backchannel.logout.session.required" : "true", - "backchannel.logout.url" : "https://medic2/bpe/sso-logout", + "backchannel.logout.url" : "https://dic2/bpe/sso-logout", "post.logout.redirect.uris" : "+", "oauth2.device.authorization.grant.enabled" : "false", "display.on.consent.screen" : "false", @@ -578,12 +578,12 @@ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { "id" : "7d76695c-80a7-4b7f-ae52-ef44911ac394", - "clientId" : "medic2-fhir", + "clientId" : "dic2-fhir", "name" : "", "description" : "", - "rootUrl" : "https://medic2", + "rootUrl" : "https://dic2", "adminUrl" : "", - "baseUrl" : "https://medic2/fhir", + "baseUrl" : "https://dic2/fhir", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, @@ -605,7 +605,7 @@ "oidc.ciba.grant.enabled" : "false", "client.secret.creation.time" : "1678911441", "backchannel.logout.session.required" : "true", - "backchannel.logout.url" : "https://medic2/fhir/sso-logout", + "backchannel.logout.url" : "https://dic2/fhir/sso-logout", "post.logout.redirect.uris" : "+", "oauth2.device.authorization.grant.enabled" : "false", "display.on.consent.screen" : "false", @@ -647,12 +647,12 @@ "clientId" : "security-admin-console", "name" : "${client_security-admin-console}", "rootUrl" : "${authAdminUrl}", - "baseUrl" : "/admin/medic2/console/", + "baseUrl" : "/admin/dic2/console/", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/admin/medic2/console/*" ], + "redirectUris" : [ "/admin/dic2/console/*" ], "webOrigins" : [ "+" ], "notBefore" : 0, "bearerOnly" : false, diff --git a/dsf-docker-test-setup-3medic-ttp/keycloak/medic3.json b/dsf-docker-test-setup-3dic-ttp/keycloak/dic3.json similarity index 98% rename from dsf-docker-test-setup-3medic-ttp/keycloak/medic3.json rename to dsf-docker-test-setup-3dic-ttp/keycloak/dic3.json index bc362ab90..27068439c 100644 --- a/dsf-docker-test-setup-3medic-ttp/keycloak/medic3.json +++ b/dsf-docker-test-setup-3dic-ttp/keycloak/dic3.json @@ -1,6 +1,6 @@ { "id" : "4f5a709e-3925-439b-852e-3be59d38a803", - "realm" : "medic3", + "realm" : "dic3", "notBefore" : 0, "defaultSignatureAlgorithm" : "RS256", "revokeRefreshToken" : false, @@ -70,7 +70,7 @@ "attributes" : { } }, { "id" : "a4cb8964-4b3c-4edd-8bcb-14f7b9527828", - "name" : "default-roles-medic3", + "name" : "default-roles-dic3", "description" : "${role_default-roles}", "composite" : true, "composites" : { @@ -84,7 +84,7 @@ "attributes" : { } } ], "client" : { - "medic3-fhir" : [ ], + "dic3-fhir" : [ ], "realm-management" : [ { "id" : "5a434fc1-3841-4d39-8f0e-ddb99daee41b", "name" : "impersonation", @@ -255,7 +255,7 @@ } ], "security-admin-console" : [ ], "admin-cli" : [ ], - "medic3-bpe" : [ ], + "dic3-bpe" : [ ], "account-console" : [ ], "broker" : [ { "id" : "c7bd851a-22f2-4be8-930e-4c53495f5335", @@ -346,7 +346,7 @@ "groups" : [ ], "defaultRole" : { "id" : "a4cb8964-4b3c-4edd-8bcb-14f7b9527828", - "name" : "default-roles-medic3", + "name" : "default-roles-dic3", "description" : "${role_default-roles}", "composite" : true, "clientRole" : false, @@ -390,7 +390,7 @@ "emailVerified" : true, "firstName" : "Tyler", "lastName" : "Tester", - "email" : "medic3@test.com", + "email" : "dic3@test.com", "credentials" : [ { "id" : "7dfdd089-e829-4aed-b58b-26eeaf96526d", "type" : "password", @@ -401,7 +401,7 @@ } ], "disableableCredentialTypes" : [ ], "requiredActions" : [ ], - "realmRoles" : [ "default-roles-medic3" ], + "realmRoles" : [ "default-roles-dic3" ], "notBefore" : 0, "groups" : [ ] } ], @@ -420,12 +420,12 @@ "clientId" : "account", "name" : "${client_account}", "rootUrl" : "${authBaseUrl}", - "baseUrl" : "/realms/medic3/account/", + "baseUrl" : "/realms/dic3/account/", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/realms/medic3/account/*" ], + "redirectUris" : [ "/realms/dic3/account/*" ], "webOrigins" : [ ], "notBefore" : 0, "bearerOnly" : false, @@ -450,12 +450,12 @@ "clientId" : "account-console", "name" : "${client_account-console}", "rootUrl" : "${authBaseUrl}", - "baseUrl" : "/realms/medic3/account/", + "baseUrl" : "/realms/dic3/account/", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/realms/medic3/account/*" ], + "redirectUris" : [ "/realms/dic3/account/*" ], "webOrigins" : [ ], "notBefore" : 0, "bearerOnly" : false, @@ -538,12 +538,12 @@ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { "id" : "4d2b11be-13b2-4be2-880b-eabcdd89544b", - "clientId" : "medic3-bpe", + "clientId" : "dic3-bpe", "name" : "", "description" : "", - "rootUrl" : "https://medic3", + "rootUrl" : "https://dic3", "adminUrl" : "", - "baseUrl" : "https://medic3/bpe", + "baseUrl" : "https://dic3/bpe", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, @@ -565,7 +565,7 @@ "oidc.ciba.grant.enabled" : "false", "client.secret.creation.time" : "1678911603", "backchannel.logout.session.required" : "true", - "backchannel.logout.url" : "https://medic3/bpe/sso-logout", + "backchannel.logout.url" : "https://dic3/bpe/sso-logout", "post.logout.redirect.uris" : "+", "oauth2.device.authorization.grant.enabled" : "false", "display.on.consent.screen" : "false", @@ -578,12 +578,12 @@ "optionalClientScopes" : [ "address", "phone", "offline_access", "microprofile-jwt" ] }, { "id" : "8a65a4da-23d0-47f5-a0da-8e127c9cf4c7", - "clientId" : "medic3-fhir", + "clientId" : "dic3-fhir", "name" : "", "description" : "", - "rootUrl" : "https://medic3", + "rootUrl" : "https://dic3", "adminUrl" : "", - "baseUrl" : "https://medic3/fhir", + "baseUrl" : "https://dic3/fhir", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, @@ -605,7 +605,7 @@ "oidc.ciba.grant.enabled" : "false", "client.secret.creation.time" : "1678911557", "backchannel.logout.session.required" : "true", - "backchannel.logout.url" : "https://medic3/fhir/sso-logout", + "backchannel.logout.url" : "https://dic3/fhir/sso-logout", "post.logout.redirect.uris" : "+", "oauth2.device.authorization.grant.enabled" : "false", "display.on.consent.screen" : "false", @@ -647,12 +647,12 @@ "clientId" : "security-admin-console", "name" : "${client_security-admin-console}", "rootUrl" : "${authAdminUrl}", - "baseUrl" : "/admin/medic3/console/", + "baseUrl" : "/admin/dic3/console/", "surrogateAuthRequired" : false, "enabled" : true, "alwaysDisplayInConsole" : false, "clientAuthenticatorType" : "client-secret", - "redirectUris" : [ "/admin/medic3/console/*" ], + "redirectUris" : [ "/admin/dic3/console/*" ], "webOrigins" : [ "+" ], "notBefore" : 0, "bearerOnly" : false, diff --git a/dsf-docker-test-setup-3medic-ttp/keycloak/ttp.json b/dsf-docker-test-setup-3dic-ttp/keycloak/ttp.json similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/keycloak/ttp.json rename to dsf-docker-test-setup-3dic-ttp/keycloak/ttp.json diff --git a/dsf-docker-test-setup-3medic-ttp/proxy/conf.d/default.conf b/dsf-docker-test-setup-3dic-ttp/proxy/conf.d/default.conf similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/proxy/conf.d/default.conf rename to dsf-docker-test-setup-3dic-ttp/proxy/conf.d/default.conf diff --git a/dsf-docker-test-setup-3medic-ttp/proxy/conf.d/medic1.conf b/dsf-docker-test-setup-3dic-ttp/proxy/conf.d/medic1.conf similarity index 97% rename from dsf-docker-test-setup-3medic-ttp/proxy/conf.d/medic1.conf rename to dsf-docker-test-setup-3dic-ttp/proxy/conf.d/medic1.conf index 7c3b5343c..b1daae14a 100644 --- a/dsf-docker-test-setup-3medic-ttp/proxy/conf.d/medic1.conf +++ b/dsf-docker-test-setup-3dic-ttp/proxy/conf.d/medic1.conf @@ -1,7 +1,7 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; - server_name medic1; + server_name dic1; location / { proxy_set_header X-ClientCert $ssl_client_escaped_cert; diff --git a/dsf-docker-test-setup-3medic-ttp/proxy/conf.d/medic2.conf b/dsf-docker-test-setup-3dic-ttp/proxy/conf.d/medic2.conf similarity index 97% rename from dsf-docker-test-setup-3medic-ttp/proxy/conf.d/medic2.conf rename to dsf-docker-test-setup-3dic-ttp/proxy/conf.d/medic2.conf index 3bcad24c7..46709bc4c 100644 --- a/dsf-docker-test-setup-3medic-ttp/proxy/conf.d/medic2.conf +++ b/dsf-docker-test-setup-3dic-ttp/proxy/conf.d/medic2.conf @@ -1,7 +1,7 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; - server_name medic2; + server_name dic2; location / { proxy_set_header X-ClientCert $ssl_client_escaped_cert; diff --git a/dsf-docker-test-setup-3medic-ttp/proxy/conf.d/medic3.conf b/dsf-docker-test-setup-3dic-ttp/proxy/conf.d/medic3.conf similarity index 97% rename from dsf-docker-test-setup-3medic-ttp/proxy/conf.d/medic3.conf rename to dsf-docker-test-setup-3dic-ttp/proxy/conf.d/medic3.conf index 270b883b5..cdedee0d8 100644 --- a/dsf-docker-test-setup-3medic-ttp/proxy/conf.d/medic3.conf +++ b/dsf-docker-test-setup-3dic-ttp/proxy/conf.d/medic3.conf @@ -1,7 +1,7 @@ server { listen 443 ssl http2; listen [::]:443 ssl http2; - server_name medic3; + server_name dic3; location /fhir { proxy_set_header X-ClientCert $ssl_client_escaped_cert; diff --git a/dsf-docker-test-setup-3medic-ttp/proxy/conf.d/ttp.conf b/dsf-docker-test-setup-3dic-ttp/proxy/conf.d/ttp.conf similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/proxy/conf.d/ttp.conf rename to dsf-docker-test-setup-3dic-ttp/proxy/conf.d/ttp.conf diff --git a/dsf-docker-test-setup-3medic-ttp/proxy/nginx.conf b/dsf-docker-test-setup-3dic-ttp/proxy/nginx.conf similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/proxy/nginx.conf rename to dsf-docker-test-setup-3dic-ttp/proxy/nginx.conf diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/app_medic1-client_private-key.pem.password b/dsf-docker-test-setup-3dic-ttp/secrets/app_dic1-client_private-key.pem.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/app_medic1-client_private-key.pem.password rename to dsf-docker-test-setup-3dic-ttp/secrets/app_dic1-client_private-key.pem.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/app_medic2-client_private-key.pem.password b/dsf-docker-test-setup-3dic-ttp/secrets/app_dic2-client_private-key.pem.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/app_medic2-client_private-key.pem.password rename to dsf-docker-test-setup-3dic-ttp/secrets/app_dic2-client_private-key.pem.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/app_medic3-client_private-key.pem.password b/dsf-docker-test-setup-3dic-ttp/secrets/app_dic3-client_private-key.pem.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/app_medic3-client_private-key.pem.password rename to dsf-docker-test-setup-3dic-ttp/secrets/app_dic3-client_private-key.pem.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/app_ttp-client_private-key.pem.password b/dsf-docker-test-setup-3dic-ttp/secrets/app_ttp-client_private-key.pem.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/app_ttp-client_private-key.pem.password rename to dsf-docker-test-setup-3dic-ttp/secrets/app_ttp-client_private-key.pem.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_medic1_bpe_user.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_dic1_bpe_user.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_medic1_bpe_user.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_dic1_bpe_user.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_medic1_bpe_user_camunda.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_dic1_bpe_user_camunda.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_medic1_bpe_user_camunda.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_dic1_bpe_user_camunda.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_medic1_fhir_user.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_dic1_fhir_user.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_medic1_fhir_user.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_dic1_fhir_user.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_medic1_fhir_user_permanent_delete.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_dic1_fhir_user_permanent_delete.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_medic1_fhir_user_permanent_delete.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_dic1_fhir_user_permanent_delete.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_medic2_bpe_user.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_dic2_bpe_user.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_medic2_bpe_user.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_dic2_bpe_user.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_medic2_bpe_user_camunda.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_dic2_bpe_user_camunda.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_medic2_bpe_user_camunda.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_dic2_bpe_user_camunda.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_medic2_fhir_user.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_dic2_fhir_user.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_medic2_fhir_user.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_dic2_fhir_user.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_medic2_fhir_user_permanent_delete.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_dic2_fhir_user_permanent_delete.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_medic2_fhir_user_permanent_delete.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_dic2_fhir_user_permanent_delete.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_medic3_bpe_user.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_dic3_bpe_user.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_medic3_bpe_user.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_dic3_bpe_user.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_medic3_bpe_user_camunda.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_dic3_bpe_user_camunda.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_medic3_bpe_user_camunda.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_dic3_bpe_user_camunda.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_medic3_fhir_user.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_dic3_fhir_user.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_medic3_fhir_user.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_dic3_fhir_user.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_medic3_fhir_user_permanent_delete.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_dic3_fhir_user_permanent_delete.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_medic3_fhir_user_permanent_delete.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_dic3_fhir_user_permanent_delete.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_liquibase.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_liquibase.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_liquibase.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_liquibase.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_ttp_bpe_user.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_ttp_bpe_user.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_ttp_bpe_user.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_ttp_bpe_user.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_ttp_bpe_user_camunda.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_ttp_bpe_user_camunda.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_ttp_bpe_user_camunda.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_ttp_bpe_user_camunda.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_ttp_fhir_user.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_ttp_fhir_user.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_ttp_fhir_user.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_ttp_fhir_user.password diff --git a/dsf-docker-test-setup-3medic-ttp/secrets/db_ttp_fhir_user_permanent_delete.password b/dsf-docker-test-setup-3dic-ttp/secrets/db_ttp_fhir_user_permanent_delete.password similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/secrets/db_ttp_fhir_user_permanent_delete.password rename to dsf-docker-test-setup-3dic-ttp/secrets/db_ttp_fhir_user_permanent_delete.password diff --git a/dsf-docker-test-setup-3medic-ttp/ttp/bpe/log/README.md b/dsf-docker-test-setup-3dic-ttp/ttp/bpe/log/README.md similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/ttp/bpe/log/README.md rename to dsf-docker-test-setup-3dic-ttp/ttp/bpe/log/README.md diff --git a/dsf-docker-test-setup-3medic-ttp/ttp/bpe/process/README.md b/dsf-docker-test-setup-3dic-ttp/ttp/bpe/process/README.md similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/ttp/bpe/process/README.md rename to dsf-docker-test-setup-3dic-ttp/ttp/bpe/process/README.md diff --git a/dsf-docker-test-setup-3medic-ttp/ttp/fhir/conf/bundle.xml b/dsf-docker-test-setup-3dic-ttp/ttp/fhir/conf/bundle.xml similarity index 95% rename from dsf-docker-test-setup-3medic-ttp/ttp/fhir/conf/bundle.xml rename to dsf-docker-test-setup-3dic-ttp/ttp/fhir/conf/bundle.xml index e718ffe9c..c17d54e46 100644 --- a/dsf-docker-test-setup-3medic-ttp/ttp/fhir/conf/bundle.xml +++ b/dsf-docker-test-setup-3dic-ttp/ttp/fhir/conf/bundle.xml @@ -42,11 +42,11 @@ - + - + @@ -57,7 +57,7 @@ - + @@ -72,11 +72,11 @@ - + - + @@ -87,7 +87,7 @@ - + @@ -102,11 +102,11 @@ - + - + @@ -117,7 +117,7 @@ - + @@ -173,7 +173,7 @@ - + @@ -192,12 +192,12 @@ -
+
- + @@ -213,7 +213,7 @@ - + @@ -232,12 +232,12 @@ -
+
- + @@ -253,7 +253,7 @@ - + @@ -272,12 +272,12 @@ -
+
- + @@ -371,7 +371,7 @@ - + @@ -389,7 +389,7 @@ - + @@ -415,7 +415,7 @@ - + @@ -433,7 +433,7 @@ - + @@ -459,7 +459,7 @@ - + @@ -477,7 +477,7 @@ - + \ No newline at end of file diff --git a/dsf-docker-test-setup-3medic-ttp/ttp/fhir/log/README.md b/dsf-docker-test-setup-3dic-ttp/ttp/fhir/log/README.md similarity index 100% rename from dsf-docker-test-setup-3medic-ttp/ttp/fhir/log/README.md rename to dsf-docker-test-setup-3dic-ttp/ttp/fhir/log/README.md diff --git a/dsf-docker-test-setup-3medic-ttp/db/init-db.sh b/dsf-docker-test-setup-3medic-ttp/db/init-db.sh deleted file mode 100755 index 71367abcd..000000000 --- a/dsf-docker-test-setup-3medic-ttp/db/init-db.sh +++ /dev/null @@ -1,21 +0,0 @@ -#!/bin/bash -set -e - -psql -v ON_ERROR_STOP=1 --username "$POSTGRES_USER" --dbname "$POSTGRES_DB" <<-EOSQL - CREATE DATABASE medic1_fhir; - GRANT ALL PRIVILEGES ON DATABASE medic1_fhir TO liquibase_user; - CREATE DATABASE medic1_bpe; - GRANT ALL PRIVILEGES ON DATABASE medic1_bpe TO liquibase_user; - CREATE DATABASE medic2_fhir; - GRANT ALL PRIVILEGES ON DATABASE medic2_fhir TO liquibase_user; - CREATE DATABASE medic2_bpe; - GRANT ALL PRIVILEGES ON DATABASE medic2_bpe TO liquibase_user; - CREATE DATABASE medic3_fhir; - GRANT ALL PRIVILEGES ON DATABASE medic3_fhir TO liquibase_user; - CREATE DATABASE medic3_bpe; - GRANT ALL PRIVILEGES ON DATABASE medic3_bpe TO liquibase_user; - CREATE DATABASE ttp_fhir; - GRANT ALL PRIVILEGES ON DATABASE ttp_fhir TO liquibase_user; - CREATE DATABASE ttp_bpe; - GRANT ALL PRIVILEGES ON DATABASE ttp_bpe TO liquibase_user; -EOSQL \ No newline at end of file diff --git a/dsf-docker-test-setup/fhir/conf/bundle.xml b/dsf-docker-test-setup/fhir/conf/bundle.xml index de45af5a5..d7b56ab6c 100644 --- a/dsf-docker-test-setup/fhir/conf/bundle.xml +++ b/dsf-docker-test-setup/fhir/conf/bundle.xml @@ -120,7 +120,7 @@ - + diff --git a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java index 8eb9682d3..fdc080515 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java +++ b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java @@ -168,7 +168,7 @@ public void testGetRequesterRemoteOrganizationRecipientLocalConsortiumRoleViaFil affiliation.getParticipatingOrganization().getIdentifier() .setSystem(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM).setValue("member.com"); affiliation.getCodeFirstRep().getCodingFirstRep() - .setSystem("http://dsf.dev/fhir/CodeSystem/organization-role").setCode("MeDIC"); + .setSystem("http://dsf.dev/fhir/CodeSystem/organization-role").setCode("DIC"); assertTrue(recipientsList.get(0).isRecipientAuthorized(localUser, Collections.singleton(affiliation))); } } diff --git a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/read/ReadAccessHelperTest.java b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/read/ReadAccessHelperTest.java index 857055144..d6bdcadfe 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/read/ReadAccessHelperTest.java +++ b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/read/ReadAccessHelperTest.java @@ -169,7 +169,7 @@ public void testHasRoleViaFile() throws Exception { final String consortiumIdentifier = "consortium.com"; final String roleSystem = "http://dsf.dev/fhir/CodeSystem/organization-role"; - final String roleCode = "MeDIC"; + final String roleCode = "DIC"; try (InputStream in = Files .newInputStream(Paths.get("src/test/resources/authorization/read-access/tag_role.xml"))) diff --git a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml index 86d3bb3de..2facbaf61 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml +++ b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml @@ -37,7 +37,7 @@ - + diff --git a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/read-access/tag_role.xml b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/read-access/tag_role.xml index 9b63d4555..5ff1a9003 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/read-access/tag_role.xml +++ b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/read-access/tag_role.xml @@ -15,7 +15,7 @@ - + diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/BinaryDaoTest.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/BinaryDaoTest.java index 106fe1f67..b26c82ca6 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/BinaryDaoTest.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/BinaryDaoTest.java @@ -249,7 +249,7 @@ public void testSearchBinaryWithSecurityContextRole() throws Exception affiliation.setOrganization(new Reference(createdParentOrg.getIdElement().toVersionless())); affiliation.setParticipatingOrganization(new Reference(createdMemberOrg.getIdElement().toVersionless())); affiliation.getCodeFirstRep().getCodingFirstRep().setSystem("http://dsf.dev/fhir/CodeSystem/organization-role") - .setCode("MeDIC"); + .setCode("DIC"); organizationAffiliationDao.create(affiliation); @@ -260,7 +260,7 @@ public void testSearchBinaryWithSecurityContextRole() throws Exception ex.addExtension().setUrl("consortium").setValue( new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("Test_Consortium")); ex.addExtension().setUrl("role") - .setValue(new Coding().setSystem("http://dsf.dev/fhir/CodeSystem/organization-role").setCode("MeDIC")); + .setValue(new Coding().setSystem("http://dsf.dev/fhir/CodeSystem/organization-role").setCode("DIC")); ResearchStudy createdRs = researchStudyDao.create(rs); Binary b = createResource(); @@ -646,7 +646,7 @@ private void testReadAccessTriggerSecurityContextRole(Function - + - + @@ -31,7 +31,7 @@ - + @@ -40,14 +40,14 @@ - + - + @@ -60,12 +60,12 @@ -
+
- + @@ -137,10 +137,10 @@ - + - + @@ -149,7 +149,7 @@ - + @@ -158,14 +158,14 @@ - + - + @@ -178,12 +178,12 @@ -
+
- + @@ -196,10 +196,10 @@ - + - + @@ -208,7 +208,7 @@ - + @@ -217,14 +217,14 @@ - + - + @@ -237,12 +237,12 @@ -
+
- + diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/allow-list.json b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/allow-list.json index 2aebedb88..e02019914 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/allow-list.json +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/allow-list.json @@ -31,19 +31,19 @@ ], "identifier": [{ "system": "http://dsf.dev/sid/organization-identifier", - "value": "Test_MeDIC_2" + "value": "Test_DIC_2" } ], "active": true, "type": [{ "coding": [{ "system": "http://dsf.dev/fhir/CodeSystem/organization-role", - "code": "MeDIC" + "code": "DIC" } ] } ], - "name": "Test MeDIC 2", + "name": "Test DIC 2", "endpoint": [{ "reference": "urn:uuid:d2dd5ba3-22f0-4406-bdd6-7a939d9a347e", "type": "Endpoint" @@ -52,7 +52,7 @@ }, "request": { "method": "PUT", - "url": "Organization?identifier=http://dsf.dev/sid/organization-identifier|Test_MeDIC_2" + "url": "Organization?identifier=http://dsf.dev/sid/organization-identifier|Test_DIC_2" } }, { "fullUrl": "urn:uuid:d2dd5ba3-22f0-4406-bdd6-7a939d9a347e", @@ -68,7 +68,7 @@ }, "identifier": [{ "system": "http://dsf.dev/sid/endpoint-identifier", - "value": "Test_MeDIC_2_Endpoint" + "value": "Test_DIC_2_Endpoint" } ], "status": "active", @@ -76,7 +76,7 @@ "system": "http://terminology.hl7.org/CodeSystem/endpoint-connection-type", "code": "hl7-fhir-rest" }, - "name": "Test MeDIC 2 Endpoint", + "name": "Test DIC 2 Endpoint", "managingOrganization": { "reference": "urn:uuid:18d87756-1ceb-4925-b2c2-9846f353f219", "type": "Organization" @@ -90,11 +90,11 @@ } ], "payloadMimeType": ["application/fhir+json", "application/fhir+xml"], - "address": "https://medic2/fhir" + "address": "https://dic2/fhir" }, "request": { "method": "PUT", - "url": "Endpoint?identifier=http://dsf.dev/sid/endpoint-identifier|Test_MeDIC_2_Endpoint" + "url": "Endpoint?identifier=http://dsf.dev/sid/endpoint-identifier|Test_DIC_2_Endpoint" } }, { "fullUrl": "urn:uuid:e3c9ee5c-199d-4fc8-869c-d1fd1cf7283e", @@ -199,19 +199,19 @@ ], "identifier": [{ "system": "http://dsf.dev/sid/organization-identifier", - "value": "Test_MeDIC_1" + "value": "Test_DIC_1" } ], "active": true, "type": [{ "coding": [{ "system": "http://dsf.dev/fhir/CodeSystem/organization-role", - "code": "MeDIC" + "code": "DIC" } ] } ], - "name": "Test MeDIC 1", + "name": "Test DIC 1", "endpoint": [{ "reference": "urn:uuid:89dc2b55-fec3-44d5-86c1-8fc35dfeb3b8", "type": "Endpoint" @@ -220,7 +220,7 @@ }, "request": { "method": "PUT", - "url": "Organization?identifier=http://dsf.dev/sid/organization-identifier|Test_MeDIC_1" + "url": "Organization?identifier=http://dsf.dev/sid/organization-identifier|Test_DIC_1" } }, { "fullUrl": "urn:uuid:89dc2b55-fec3-44d5-86c1-8fc35dfeb3b8", @@ -236,7 +236,7 @@ }, "identifier": [{ "system": "http://dsf.dev/sid/endpoint-identifier", - "value": "Test_MeDIC_1_Endpoint" + "value": "Test_DIC_1_Endpoint" } ], "status": "active", @@ -244,7 +244,7 @@ "system": "http://terminology.hl7.org/CodeSystem/endpoint-connection-type", "code": "hl7-fhir-rest" }, - "name": "Test MeDIC 1 Endpoint", + "name": "Test DIC 1 Endpoint", "managingOrganization": { "reference": "urn:uuid:8d9eb2e7-5940-46d5-9035-90151b6d5f7a", "type": "Organization" @@ -258,11 +258,11 @@ } ], "payloadMimeType": ["application/fhir+json", "application/fhir+xml"], - "address": "https://medic1/fhir" + "address": "https://dic1/fhir" }, "request": { "method": "PUT", - "url": "Endpoint?identifier=http://dsf.dev/sid/endpoint-identifier|Test_MeDIC_1_Endpoint" + "url": "Endpoint?identifier=http://dsf.dev/sid/endpoint-identifier|Test_DIC_1_Endpoint" } }, { "fullUrl": "urn:uuid:ede98d88-679f-4e46-8559-f99eb6cb84b8", @@ -283,19 +283,19 @@ ], "identifier": [{ "system": "http://dsf.dev/sid/organization-identifier", - "value": "Test_MeDIC_3" + "value": "Test_DIC_3" } ], "active": true, "type": [{ "coding": [{ "system": "http://dsf.dev/fhir/CodeSystem/organization-role", - "code": "MeDIC" + "code": "DIC" } ] } ], - "name": "Test MeDIC 3", + "name": "Test DIC 3", "endpoint": [{ "reference": "urn:uuid:7a6dbc0c-d38d-4107-99ae-7a9bdadcc6b3", "type": "Endpoint" @@ -304,7 +304,7 @@ }, "request": { "method": "PUT", - "url": "Organization?identifier=http://dsf.dev/sid/organization-identifier|Test_MeDIC_3" + "url": "Organization?identifier=http://dsf.dev/sid/organization-identifier|Test_DIC_3" } }, { "fullUrl": "urn:uuid:7a6dbc0c-d38d-4107-99ae-7a9bdadcc6b3", @@ -320,7 +320,7 @@ }, "identifier": [{ "system": "http://dsf.dev/sid/endpoint-identifier", - "value": "Test_MeDIC_3_Endpoint" + "value": "Test_DIC_3_Endpoint" } ], "status": "active", @@ -328,7 +328,7 @@ "system": "http://terminology.hl7.org/CodeSystem/endpoint-connection-type", "code": "hl7-fhir-rest" }, - "name": "Test MeDIC 3 Endpoint", + "name": "Test DIC 3 Endpoint", "managingOrganization": { "reference": "urn:uuid:ede98d88-679f-4e46-8559-f99eb6cb84b8", "type": "Organization" @@ -342,11 +342,11 @@ } ], "payloadMimeType": ["application/fhir+json", "application/fhir+xml"], - "address": "https://medic3/fhir" + "address": "https://dic3/fhir" }, "request": { "method": "PUT", - "url": "Endpoint?identifier=http://dsf.dev/sid/endpoint-identifier|Test_MeDIC_3_Endpoint" + "url": "Endpoint?identifier=http://dsf.dev/sid/endpoint-identifier|Test_DIC_3_Endpoint" } } ] diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task-bundle.json b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task-bundle.json index a55fb4e47..ca073cb55 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task-bundle.json +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task-bundle.json @@ -70,7 +70,7 @@ "profile": [ "http://dsf.dev/fhir/StructureDefinition/research-study" ] }, "extension": [ { - "url": "http://dsf.dev/fhir/StructureDefinition/extension-participating-medic", + "url": "http://dsf.dev/fhir/StructureDefinition/extension-participating-dic", "valueReference": { "type": "Organization", "identifier": { diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition3-0.5.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition3-0.5.xml index 60e5d25ac..1c474ac57 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition3-0.5.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition3-0.5.xml @@ -37,7 +37,7 @@ - + diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/test-bundle.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/test-bundle.xml index da6f36aa9..05d46446f 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/test-bundle.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/test-bundle.xml @@ -191,7 +191,7 @@ - + diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-0.6.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-0.6.0.xml.post deleted file mode 100644 index 32ce9b22f..000000000 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-0.6.0.xml.post +++ /dev/null @@ -1 +0,0 @@ -url=http://dsf.dev/fhir/CodeSystem/organization-role&version=0.6.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-0.6.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml similarity index 85% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-0.6.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml index 1fbf1839d..7c8110583 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-0.6.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml @@ -6,7 +6,7 @@ - + <status value="active"/> @@ -18,29 +18,33 @@ <hierarchyMeaning value="grouped-by"/> <versionNeeded value="false"/> <content value="complete"/> - <count value="6"/> + <count value="7"/> <concept> - <code value="TTP"/> - <display value="Trusted Third Party"/> + <code value="COS"/> + <display value="Coordinating Site"/> </concept> <concept> - <code value="MeDIC"/> - <display value="Medical Data Integration Center"/> + <code value="CRR"/> + <display value="Central Research Repository"/> </concept> <concept> - <code value="DTS"/> - <display value="Data Transfer Site"/> + <code value="DIC"/> + <display value="Data Integration Center"/> </concept> <concept> - <code value="COS"/> - <display value="Coordinating Site"/> + <code value="DMS"/> + <display value="Data Management Site"/> </concept> <concept> - <code value="CRR"/> - <display value="Central Research Repository"/> + <code value="DTS"/> + <display value="Data Transfer Site"/> </concept> <concept> <code value="HRP"/> <display value="Health Research Platform"/> </concept> + <concept> + <code value="TTP"/> + <display value="Trusted Third Party"/> + </concept> </CodeSystem> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml.post new file mode 100644 index 000000000..5b9a23843 --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml.post @@ -0,0 +1 @@ +url=http://dsf.dev/fhir/CodeSystem/organization-role&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-0.6.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-0.6.0.xml.post deleted file mode 100644 index 4e80c7f95..000000000 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-0.6.0.xml.post +++ /dev/null @@ -1 +0,0 @@ -url=http://dsf.dev/fhir/ValueSet/organization-role&version=0.6.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-0.6.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml similarity index 92% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-0.6.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml index 59d7e63bb..002053a77 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-0.6.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml @@ -6,7 +6,7 @@ </tag> </meta> <url value="http://dsf.dev/fhir/ValueSet/organization-role"/> - <version value="0.6.0"/> + <version value="1.0.0"/> <name value="DSF_Organization_Role"/> <title value="DSF Organization Role"/> <status value="active"/> @@ -19,6 +19,7 @@ <compose> <include> <system value="http://dsf.dev/fhir/CodeSystem/organization-role"/> + <version value="1.0.0"/> </include> </compose> </ValueSet> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml.post new file mode 100644 index 000000000..eeb4ee5ee --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml.post @@ -0,0 +1 @@ +url=http://dsf.dev/fhir/ValueSet/organization-role&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java index 0be3dcd3b..c02c3c35b 100644 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java @@ -40,9 +40,9 @@ public class ActivityDefinitionProfileTest "dsf-coding-process-authorization-remote-all-0.5.0.xml", "dsf-coding-process-authorization-remote-consortium-role-0.5.0.xml", "dsf-coding-process-authorization-remote-organization-0.5.0.xml"), - Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-0.6.0.xml", + Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-1.0.0.xml", "dsf-process-authorization-0.5.0.xml"), - Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-0.6.0.xml", + Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-1.0.0.xml", "dsf-process-authorization-recipient-0.5.0.xml", "dsf-process-authorization-requester-0.5.0.xml")); private ResourceValidator resourceValidator = new ResourceValidatorImpl(validationRule.getFhirContext(), @@ -122,7 +122,7 @@ public void testActivityDefinitionWithProcessAuthorizationRequesterRemoteOrganiz consortiumRole.addExtension("consortium", new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("consortium.org")); consortiumRole.addExtension("role", - new Coding("http://dsf.dev/fhir/CodeSystem/organization-role", "MeDIC", null)); + new Coding("http://dsf.dev/fhir/CodeSystem/organization-role", "DIC", null)); processAuthorization.addExtension("recipient", recipientCoding); logResource(ad); @@ -160,7 +160,7 @@ public void testActivityDefinitionWithProcessAuthorizationRequesterRemoteOrganiz consortiumRole.addExtension("consortium", new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("consortium.org")); consortiumRole.addExtension("role", - new Coding("http://dsf.dev/fhir/CodeSystem/organization-role", "MeDIC", null)); + new Coding("http://dsf.dev/fhir/CodeSystem/organization-role", "DIC", null)); processAuthorization.addExtension("recipient", recipientCoding); logResource(ad); diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java index 615a9dcbb..c4e21cf60 100644 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java @@ -31,8 +31,8 @@ public class CodeSystemProfileTest public static final ValidationSupportRule validationRule = new ValidationSupportRule( Arrays.asList("dsf-code-system-0.5.0.xml", "dsf-extension-read-access-organization-0.5.0.xml", "dsf-extension-read-access-consortium-role-0.5.0.xml"), - Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-0.6.0.xml"), - Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-0.6.0.xml")); + Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-1.0.0.xml"), + Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-1.0.0.xml")); private ResourceValidator resourceValidator = new ResourceValidatorImpl(validationRule.getFhirContext(), validationRule.getValidationSupport()); diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationAffiliationProfileTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationAffiliationProfileTest.java index b8a0e46d7..f58ebcad4 100644 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationAffiliationProfileTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationAffiliationProfileTest.java @@ -25,8 +25,8 @@ public class OrganizationAffiliationProfileTest public static final ValidationSupportRule validationRule = new ValidationSupportRule( Arrays.asList("dsf-organization-affiliation-0.5.0.xml", "dsf-organization-0.5.0.xml", "dsf-organization-parent-0.5.0.xml"), - Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-0.6.0.xml"), - Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-0.6.0.xml")); + Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-1.0.0.xml"), + Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-1.0.0.xml")); private ResourceValidator resourceValidator = new ResourceValidatorImpl(validationRule.getFhirContext(), validationRule.getValidationSupport()); @@ -40,7 +40,7 @@ public void testOrganizationAffiliationProfileValid() throws Exception a.getOrganization().setReference("Organization/" + UUID.randomUUID().toString()); a.getParticipatingOrganization().setReference("Organization/" + UUID.randomUUID().toString()); a.getCodeFirstRep().getCodingFirstRep().setSystem("http://dsf.dev/fhir/CodeSystem/organization-role") - .setCode("MeDIC"); + .setCode("DIC"); a.getEndpointFirstRep().setReference("Endpoint/" + UUID.randomUUID().toString()); ValidationResult result = resourceValidator.validate(a); diff --git a/dsf-tools/dsf-tools-test-data-generator/src/main/java/dev/dsf/tools/generator/CertificateGenerator.java b/dsf-tools/dsf-tools-test-data-generator/src/main/java/dev/dsf/tools/generator/CertificateGenerator.java index c79ae4e3d..15f71c2d8 100755 --- a/dsf-tools/dsf-tools-test-data-generator/src/main/java/dev/dsf/tools/generator/CertificateGenerator.java +++ b/dsf-tools/dsf-tools-test-data-generator/src/main/java/dev/dsf/tools/generator/CertificateGenerator.java @@ -59,11 +59,11 @@ public class CertificateGenerator private static final char[] CERT_PASSWORD = "password".toCharArray(); private static final String[] SERVER_COMMON_NAMES = { "localhost", "keycloak" }; - private static final String[] CLIENT_COMMON_NAMES = { "ttp-client", "medic1-client", "medic2-client", - "medic3-client", "test-client", "Webbrowser Test User" }; + private static final String[] CLIENT_COMMON_NAMES = { "ttp-client", "dic1-client", "dic2-client", "dic3-client", + "test-client", "Webbrowser Test User" }; private static final Map<String, List<String>> DNS_NAMES = Map.of("localhost", - Arrays.asList("localhost", "host.docker.internal", "fhir", "ttp", "medic1", "medic2", "medic3")); + Arrays.asList("localhost", "host.docker.internal", "fhir", "ttp", "dic1", "dic2", "dic3")); private static final BouncyCastleProvider PROVIDER = new BouncyCastleProvider(); @@ -607,9 +607,9 @@ private void copyClientCertFiles(String bpeConfFolder, String fhirConfFolder, St writePrivateKeyEncrypted(fhirClientPrivateKeyFile, clientCertFiles.keyPair.getPrivate()); } - public void copyDockerTest3MedicTtpCertificates() + public void copyDockerTest3DicTtpCertificates() { - Path baseFolder = Paths.get("../../dsf-docker-test-setup-3medic-ttp/secrets/"); + Path baseFolder = Paths.get("../../dsf-docker-test-setup-3dic-ttp/secrets/"); final X509Certificate testCaCertificate = ca.getCertificate(); @@ -627,10 +627,9 @@ public void copyDockerTest3MedicTtpCertificates() logger.info("Copying localhost private-key file to {}", localhostCertificatePrivateKey); writePrivateKeyNotEncrypted(localhostCertificatePrivateKey, localhost.keyPair.getPrivate()); - List<String> commonNames = Arrays.asList("medic1", "medic2", "medic3", "ttp"); - commonNames - .forEach(cn -> copyDockerTest3MedicTtpClientCertFiles("../../dsf-docker-test-setup-3medic-ttp/secrets/", - cn + "-client")); + List<String> commonNames = Arrays.asList("dic1", "dic2", "dic3", "ttp"); + commonNames.forEach(cn -> copyDockerTest3DicTtpClientCertFiles("../../dsf-docker-test-setup-3dic-ttp/secrets/", + cn + "-client")); Path fhirCacertFile = baseFolder.resolve("app_testca_certificate.pem"); logger.info("Copying Test CA certificate file to {}", fhirCacertFile.toString()); @@ -666,7 +665,7 @@ private String getCommonName(X509Certificate certificate) } } - private void copyDockerTest3MedicTtpClientCertFiles(String folder, String commonName) + private void copyDockerTest3DicTtpClientCertFiles(String folder, String commonName) { final CertificateFiles clientCertFiles = clientCertificateFilesByCommonName.get(commonName); diff --git a/dsf-tools/dsf-tools-test-data-generator/src/main/java/dev/dsf/tools/generator/EnvGenerator.java b/dsf-tools/dsf-tools-test-data-generator/src/main/java/dev/dsf/tools/generator/EnvGenerator.java index 1c81de23e..1ee45129d 100644 --- a/dsf-tools/dsf-tools-test-data-generator/src/main/java/dev/dsf/tools/generator/EnvGenerator.java +++ b/dsf-tools/dsf-tools-test-data-generator/src/main/java/dev/dsf/tools/generator/EnvGenerator.java @@ -53,32 +53,32 @@ public void generateAndWriteDockerTestFhirEnvFile(Map<String, CertificateFiles> WEBBROSER_TEST_USER_THUMBPRINT, webbroserTestUserThumbprint))); } - public void generateAndWriteDockerTest3MedicTtpDockerFhirEnvFiles( + public void generateAndWriteDockerTest3DicTtpDockerFhirEnvFiles( Map<String, CertificateFiles> clientCertificateFilesByCommonName) { String webbroserTestUserThumbprint = filterAndMapToThumbprint(clientCertificateFilesByCommonName, "Webbrowser Test User").findFirst().get(); - String bundleMedic1UserThumbprint = filterAndMapToThumbprint(clientCertificateFilesByCommonName, - "medic1-client").findFirst().get(); + String bundleDic1UserThumbprint = filterAndMapToThumbprint(clientCertificateFilesByCommonName, "dic1-client") + .findFirst().get(); - String bundleMedic2UserThumbprint = filterAndMapToThumbprint(clientCertificateFilesByCommonName, - "medic2-client").findFirst().get(); + String bundleDic2UserThumbprint = filterAndMapToThumbprint(clientCertificateFilesByCommonName, "dic2-client") + .findFirst().get(); - String bundleMedic3UserThumbprint = filterAndMapToThumbprint(clientCertificateFilesByCommonName, - "medic3-client").findFirst().get(); + String bundleDic3UserThumbprint = filterAndMapToThumbprint(clientCertificateFilesByCommonName, "dic3-client") + .findFirst().get(); String bundleTtpUserThumbprint = filterAndMapToThumbprint(clientCertificateFilesByCommonName, "ttp-client") .findFirst().get(); List<EnvEntry> entries = List.of( - new EnvEntry("MEDIC1_" + BUNDLE_USER_THUMBPRINT, bundleMedic1UserThumbprint, - WEBBROSER_TEST_USER_THUMBPRINT, webbroserTestUserThumbprint), - new EnvEntry("MEDIC2_" + BUNDLE_USER_THUMBPRINT, bundleMedic2UserThumbprint, null, null), - new EnvEntry("MEDIC3_" + BUNDLE_USER_THUMBPRINT, bundleMedic3UserThumbprint, null, null), + new EnvEntry("DIC1_" + BUNDLE_USER_THUMBPRINT, bundleDic1UserThumbprint, WEBBROSER_TEST_USER_THUMBPRINT, + webbroserTestUserThumbprint), + new EnvEntry("DIC2_" + BUNDLE_USER_THUMBPRINT, bundleDic2UserThumbprint, null, null), + new EnvEntry("DIC3_" + BUNDLE_USER_THUMBPRINT, bundleDic3UserThumbprint, null, null), new EnvEntry("TTP_" + BUNDLE_USER_THUMBPRINT, bundleTtpUserThumbprint, null, null)); - writeEnvFile(Paths.get("../../dsf-docker-test-setup-3medic-ttp/.env"), entries); + writeEnvFile(Paths.get("../../dsf-docker-test-setup-3dic-ttp/.env"), entries); } private Stream<String> filterAndMapToThumbprint(Map<String, CertificateFiles> clientCertificateFilesByCommonName, diff --git a/dsf-tools/dsf-tools-test-data-generator/src/main/java/dev/dsf/tools/generator/TestDataGenerator.java b/dsf-tools/dsf-tools-test-data-generator/src/main/java/dev/dsf/tools/generator/TestDataGenerator.java index 01247b9b2..7171eaf42 100755 --- a/dsf-tools/dsf-tools-test-data-generator/src/main/java/dev/dsf/tools/generator/TestDataGenerator.java +++ b/dsf-tools/dsf-tools-test-data-generator/src/main/java/dev/dsf/tools/generator/TestDataGenerator.java @@ -29,7 +29,7 @@ public static void main(String[] args) certificateGenerator.copyJavaTestCertificates(); certificateGenerator.copyDockerTestCertificates(); - certificateGenerator.copyDockerTest3MedicTtpCertificates(); + certificateGenerator.copyDockerTest3DicTtpCertificates(); Map<String, CertificateFiles> clientCertificateFilesByCommonName = certificateGenerator .getClientCertificateFilesByCommonName(); @@ -50,6 +50,6 @@ public static void main(String[] args) // fhir .env envGenerator.generateAndWriteDockerTestFhirEnvFile(clientCertificateFilesByCommonName); - envGenerator.generateAndWriteDockerTest3MedicTtpDockerFhirEnvFiles(clientCertificateFilesByCommonName); + envGenerator.generateAndWriteDockerTest3DicTtpDockerFhirEnvFiles(clientCertificateFilesByCommonName); } } diff --git a/dsf-tools/dsf-tools-test-data-generator/src/main/resources/bundle-templates/test-bundle.xml b/dsf-tools/dsf-tools-test-data-generator/src/main/resources/bundle-templates/test-bundle.xml index 834b2db09..ecb0489bd 100644 --- a/dsf-tools/dsf-tools-test-data-generator/src/main/resources/bundle-templates/test-bundle.xml +++ b/dsf-tools/dsf-tools-test-data-generator/src/main/resources/bundle-templates/test-bundle.xml @@ -121,7 +121,7 @@ <code> <coding> <system value="http://dsf.dev/fhir/CodeSystem/organization-role"/> - <code value="MeDIC"/> + <code value="DIC"/> </coding> <coding> <system value="http://dsf.dev/fhir/CodeSystem/organization-role"/> From d2572c331fc790e291bd493a3aa80d6e83710da4 Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Tue, 6 Jun 2023 15:19:23 +0200 Subject: [PATCH 03/43] increase fhir resource versions to 1.0.0, add version to canonical urls --- .../ProcessAuthorizationHelperTest.java | 10 +++---- .../req_remote_all_rec_local_all.xml | 2 +- ...req_remote_organization_rec_local_role.xml | 2 +- .../java/dev/dsf/fhir/dao/LibraryDaoTest.java | 2 +- .../java/dev/dsf/fhir/dao/MeasureDaoTest.java | 2 +- .../profiles/highmed-endpoint-0.5.0.xml | 2 +- ...extension-certificate-thumbprint-0.5.0.xml | 2 +- .../profiles/highmed-organization-0.5.0.xml | 2 +- .../resources/profiles/highmed-task-0.5.0.xml | 2 +- ...ml => dsf-process-authorization-1.0.0.xml} | 4 +-- ... dsf-process-authorization-1.0.0.xml.post} | 2 +- .../dsf-read-access-tag-0.5.0.xml.post | 1 - ....5.0.xml => dsf-read-access-tag-1.0.0.xml} | 4 +-- .../dsf-read-access-tag-1.0.0.xml.post | 1 + ....xml => dsf-activity-definition-1.0.0.xml} | 6 ++-- ...=> dsf-activity-definition-1.0.0.xml.post} | 2 +- ...em-0.5.0.xml => dsf-code-system-1.0.0.xml} | 4 +-- ...ml.post => dsf-code-system-1.0.0.xml.post} | 2 +- ...process-authorization-local-all-1.0.0.xml} | 4 +-- ...ss-authorization-local-all-1.0.0.xml.post} | 2 +- ...orization-local-consortium-role-1.0.0.xml} | 6 ++-- ...tion-local-consortium-role-1.0.0.xml.post} | 2 +- ...uthorization-local-organization-1.0.0.xml} | 6 ++-- ...ization-local-organization-1.0.0.xml.post} | 2 +- ...rocess-authorization-remote-all-1.0.0.xml} | 4 +-- ...s-authorization-remote-all-1.0.0.xml.post} | 2 +- ...tion-remote-consortium-role-0.5.0.xml.post | 1 - ...rization-remote-consortium-role-1.0.0.xml} | 6 ++-- ...tion-remote-consortium-role-1.0.0.xml.post | 1 + ...thorization-remote-organization-1.0.0.xml} | 6 ++-- ...zation-remote-organization-1.0.0.xml.post} | 2 +- .../dsf-endpoint-0.5.0.xml.post | 1 - ...point-0.5.0.xml => dsf-endpoint-1.0.0.xml} | 6 ++-- .../dsf-endpoint-1.0.0.xml.post | 1 + ...xtension-certificate-thumbprint-1.0.0.xml} | 4 +-- ...ion-certificate-thumbprint-1.0.0.xml.post} | 2 +- ...tension-check-logical-reference-1.0.0.xml} | 4 +-- ...on-check-logical-reference-1.0.0.xml.post} | 2 +- ...extension-process-authorization-1.0.0.xml} | 26 ++++++++--------- ...sion-process-authorization-1.0.0.xml.post} | 2 +- ...s-authorization-consortium-role-1.0.0.xml} | 4 +-- ...horization-consortium-role-1.0.0.xml.post} | 2 +- ...cess-authorization-organization-1.0.0.xml} | 4 +-- ...authorization-organization-1.0.0.xml.post} | 2 +- ...ion-read-access-consortium-role-1.0.0.xml} | 4 +-- ...ead-access-consortium-role-1.0.0.xml.post} | 2 +- ...ension-read-access-organization-1.0.0.xml} | 4 +-- ...n-read-access-organization-1.0.0.xml.post} | 2 +- ...n-0.5.0.xml => dsf-organization-1.0.0.xml} | 8 +++--- ...l.post => dsf-organization-1.0.0.xml.post} | 2 +- ...=> dsf-organization-affiliation-1.0.0.xml} | 10 +++---- ...f-organization-affiliation-1.0.0.xml.post} | 2 +- ....xml => dsf-organization-parent-1.0.0.xml} | 4 +-- ...=> dsf-organization-parent-1.0.0.xml.post} | 2 +- ...l => dsf-organization-reference-1.0.0.xml} | 4 +-- ...dsf-organization-reference-1.0.0.xml.post} | 2 +- ...-0.9.0.xml => dsf-questionnaire-1.0.0.xml} | 16 +++++++++-- ....post => dsf-questionnaire-1.0.0.xml.post} | 2 +- ...l => dsf-questionnaire-response-1.0.0.xml} | 7 +++-- ...dsf-questionnaire-response-1.0.0.xml.post} | 2 +- .../dsf-task-base-1.0.0.xml | 12 ++++---- .../dsf-value-set-0.5.0.xml.post | 1 - ...-set-0.5.0.xml => dsf-value-set-1.0.0.xml} | 4 +-- .../dsf-value-set-1.0.0.xml.post | 1 + .../fhir/ValueSet/dsf-bpmn-message-1.0.0.xml | 1 + .../ValueSet/dsf-organization-role-1.0.0.xml | 2 +- ...process-authorization-recipient-1.0.0.xml} | 7 +++-- ...ss-authorization-recipient-1.0.0.xml.post} | 2 +- ...process-authorization-requester-1.0.0.xml} | 7 +++-- ...ss-authorization-requester-1.0.0.xml.post} | 2 +- .../dsf-read-access-tag-0.5.0.xml.post | 1 - ....5.0.xml => dsf-read-access-tag-1.0.0.xml} | 5 ++-- .../dsf-read-access-tag-1.0.0.xml.post | 1 + .../ActivityDefinitionProfileTest.java | 28 +++++++++---------- .../fhir/profiles/CodeSystemProfileTest.java | 8 +++--- .../fhir/profiles/EndpointProfileTest.java | 6 ++-- .../OrganizationAffiliationProfileTest.java | 8 +++--- .../profiles/OrganizationProfileTest.java | 10 +++---- .../profiles/QuestionnaireProfileTest.java | 2 +- .../QuestionnaireResponseProfileTest.java | 2 +- .../fhir/validation/ValueSetExpanderTest.java | 4 +-- .../dsf/tools/generator/BundleGenerator.java | 15 ++++++---- 82 files changed, 189 insertions(+), 169 deletions(-) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/{dsf-process-authorization-0.5.0.xml => dsf-process-authorization-1.0.0.xml} (97%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/{dsf-process-authorization-0.5.0.xml.post => dsf-process-authorization-1.0.0.xml.post} (91%) delete mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-0.5.0.xml.post rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/{dsf-read-access-tag-0.5.0.xml => dsf-read-access-tag-1.0.0.xml} (96%) create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-1.0.0.xml.post rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-activity-definition-0.5.0.xml => dsf-activity-definition-1.0.0.xml} (94%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-activity-definition-0.5.0.xml.post => dsf-activity-definition-1.0.0.xml.post} (92%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-code-system-0.5.0.xml => dsf-code-system-1.0.0.xml} (93%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-code-system-0.5.0.xml.post => dsf-code-system-1.0.0.xml.post} (92%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-coding-process-authorization-local-all-0.5.0.xml => dsf-coding-process-authorization-local-all-1.0.0.xml} (94%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-coding-process-authorization-local-all-0.5.0.xml.post => dsf-coding-process-authorization-local-all-1.0.0.xml.post} (66%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-coding-process-authorization-local-consortium-role-0.5.0.xml => dsf-coding-process-authorization-local-consortium-role-1.0.0.xml} (93%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-coding-process-authorization-local-consortium-role-0.5.0.xml.post => dsf-coding-process-authorization-local-consortium-role-1.0.0.xml.post} (59%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-coding-process-authorization-local-organization-0.5.0.xml => dsf-coding-process-authorization-local-organization-1.0.0.xml} (93%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-coding-process-authorization-local-organization-0.5.0.xml.post => dsf-coding-process-authorization-local-organization-1.0.0.xml.post} (60%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-coding-process-authorization-remote-all-0.5.0.xml => dsf-coding-process-authorization-remote-all-1.0.0.xml} (94%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-coding-process-authorization-remote-all-0.5.0.xml.post => dsf-coding-process-authorization-remote-all-1.0.0.xml.post} (65%) delete mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-0.5.0.xml.post rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-coding-process-authorization-remote-consortium-role-0.5.0.xml => dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml} (93%) create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml.post rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-coding-process-authorization-remote-organization-0.5.0.xml => dsf-coding-process-authorization-remote-organization-1.0.0.xml} (93%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-coding-process-authorization-remote-organization-0.5.0.xml.post => dsf-coding-process-authorization-remote-organization-1.0.0.xml.post} (60%) delete mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-0.5.0.xml.post rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-endpoint-0.5.0.xml => dsf-endpoint-1.0.0.xml} (98%) create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-1.0.0.xml.post rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-certificate-thumbprint-0.5.0.xml => dsf-extension-certificate-thumbprint-1.0.0.xml} (95%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-certificate-thumbprint-0.5.0.xml.post => dsf-extension-certificate-thumbprint-1.0.0.xml.post} (71%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-check-logical-reference-0.5.0.xml => dsf-extension-check-logical-reference-1.0.0.xml} (96%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-check-logical-reference-0.5.0.xml.post => dsf-extension-check-logical-reference-1.0.0.xml.post} (70%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-process-authorization-0.5.0.xml => dsf-extension-process-authorization-1.0.0.xml} (87%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-process-authorization-0.5.0.xml.post => dsf-extension-process-authorization-1.0.0.xml.post} (71%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-process-authorization-consortium-role-0.5.0.xml => dsf-extension-process-authorization-consortium-role-1.0.0.xml} (98%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-process-authorization-consortium-role-0.5.0.xml.post => dsf-extension-process-authorization-consortium-role-1.0.0.xml.post} (60%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-process-authorization-organization-0.5.0.xml => dsf-extension-process-authorization-organization-1.0.0.xml} (96%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-process-authorization-organization-0.5.0.xml.post => dsf-extension-process-authorization-organization-1.0.0.xml.post} (62%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-read-access-consortium-role-0.5.0.xml => dsf-extension-read-access-consortium-role-1.0.0.xml} (98%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-read-access-consortium-role-0.5.0.xml.post => dsf-extension-read-access-consortium-role-1.0.0.xml.post} (67%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-read-access-organization-0.5.0.xml => dsf-extension-read-access-organization-1.0.0.xml} (96%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-read-access-organization-0.5.0.xml.post => dsf-extension-read-access-organization-1.0.0.xml.post} (69%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-organization-0.5.0.xml => dsf-organization-1.0.0.xml} (95%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-organization-0.5.0.xml.post => dsf-organization-1.0.0.xml.post} (91%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-organization-affiliation-0.5.0.xml => dsf-organization-affiliation-1.0.0.xml} (95%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-organization-affiliation-0.5.0.xml.post => dsf-organization-affiliation-1.0.0.xml.post} (78%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-organization-parent-0.5.0.xml => dsf-organization-parent-1.0.0.xml} (96%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-organization-parent-0.5.0.xml.post => dsf-organization-parent-1.0.0.xml.post} (83%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-organization-reference-0.5.0.xml => dsf-organization-reference-1.0.0.xml} (95%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-organization-reference-0.5.0.xml.post => dsf-organization-reference-1.0.0.xml.post} (80%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-questionnaire-0.9.0.xml => dsf-questionnaire-1.0.0.xml} (94%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-questionnaire-0.9.0.xml.post => dsf-questionnaire-1.0.0.xml.post} (90%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-questionnaire-response-0.9.0.xml => dsf-questionnaire-response-1.0.0.xml} (97%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-questionnaire-response-0.9.0.xml.post => dsf-questionnaire-response-1.0.0.xml.post} (80%) delete mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-0.5.0.xml.post rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-value-set-0.5.0.xml => dsf-value-set-1.0.0.xml} (93%) create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-1.0.0.xml.post rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/{dsf-process-authorization-recipient-0.5.0.xml => dsf-process-authorization-recipient-1.0.0.xml} (91%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/{dsf-process-authorization-recipient-0.5.0.xml.post => dsf-process-authorization-recipient-1.0.0.xml.post} (82%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/{dsf-process-authorization-requester-0.5.0.xml => dsf-process-authorization-requester-1.0.0.xml} (93%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/{dsf-process-authorization-requester-0.5.0.xml.post => dsf-process-authorization-requester-1.0.0.xml.post} (82%) delete mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-0.5.0.xml.post rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/{dsf-read-access-tag-0.5.0.xml => dsf-read-access-tag-1.0.0.xml} (87%) create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-1.0.0.xml.post diff --git a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java index fdc080515..6ef0c4857 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java +++ b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java @@ -38,7 +38,7 @@ private ActivityDefinition createActivityDefinition() ad.getMeta().addProfile("http://dsf.dev/fhir/StructureDefinition/activity-definition"); ad.getMeta().addTag().setSystem("http://dsf.dev/fhir/CodeSystem/read-access-tag").setCode("ALL"); ad.setUrl("http://dsf.dev/bpe/Process/test"); - ad.setVersion("0.5.0"); + ad.setVersion("1.0.0"); ad.setStatus(PublicationStatus.ACTIVE); ad.setKind(ActivityDefinitionKind.TASK); @@ -103,7 +103,7 @@ public void testGetRequesterRemoteAllRecipientLocalAllViaFile() throws Exception { var ad = FhirContext.forR4().newXmlParser().parseResource(ActivityDefinition.class, in); - Stream<Requester> requesters = helper.getRequesters(ad, "http://dsf.dev/bpe/Process/test", "0.5.0", "foo", + Stream<Requester> requesters = helper.getRequesters(ad, "http://dsf.dev/bpe/Process/test", "1.0.0", "foo", "http://bar.org/fhir/StructureDefinition/baz"); assertNotNull(requesters); List<Requester> requestersList = requesters.collect(Collectors.toList()); @@ -115,7 +115,7 @@ public void testGetRequesterRemoteAllRecipientLocalAllViaFile() throws Exception TestIdentity.remote(new org.hl7.fhir.r4.model.Organization().setActive(true)), Collections.emptyList())); - Stream<Recipient> recipients = helper.getRecipients(ad, "http://dsf.dev/bpe/Process/test", "0.5.0", "foo", + Stream<Recipient> recipients = helper.getRecipients(ad, "http://dsf.dev/bpe/Process/test", "1.0.0", "foo", "http://bar.org/fhir/StructureDefinition/baz"); assertNotNull(recipients); List<Recipient> recipientsList = recipients.collect(Collectors.toList()); @@ -137,7 +137,7 @@ public void testGetRequesterRemoteOrganizationRecipientLocalConsortiumRoleViaFil { var ad = FhirContext.forR4().newXmlParser().parseResource(ActivityDefinition.class, in); - Stream<Requester> requesters = helper.getRequesters(ad, "http://dsf.dev/bpe/Process/test", "0.5.0", "foo", + Stream<Requester> requesters = helper.getRequesters(ad, "http://dsf.dev/bpe/Process/test", "1.0.0", "foo", "http://bar.org/fhir/StructureDefinition/baz"); assertNotNull(requesters); List<Requester> requestersList = requesters.collect(Collectors.toList()); @@ -150,7 +150,7 @@ public void testGetRequesterRemoteOrganizationRecipientLocalConsortiumRoleViaFil .setValue("organization.com"))); assertTrue(requestersList.get(0).isRequesterAuthorized(remoteUser, Collections.emptyList())); - Stream<Recipient> recipients = helper.getRecipients(ad, "http://dsf.dev/bpe/Process/test", "0.5.0", "foo", + Stream<Recipient> recipients = helper.getRecipients(ad, "http://dsf.dev/bpe/Process/test", "1.0.0", "foo", "http://bar.org/fhir/StructureDefinition/baz"); assertNotNull(recipients); List<Recipient> recipientsList = recipients.collect(Collectors.toList()); diff --git a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_all_rec_local_all.xml b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_all_rec_local_all.xml index df16e0250..dfba090d6 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_all_rec_local_all.xml +++ b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_all_rec_local_all.xml @@ -20,7 +20,7 @@ </extension> </extension> <url value="http://dsf.dev/bpe/Process/test" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <status value="active" /> <kind value="Task" /> </ActivityDefinition> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml index 2facbaf61..e6dece0f1 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml +++ b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml @@ -47,7 +47,7 @@ </extension> </extension> <url value="http://dsf.dev/bpe/Process/test" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <status value="active" /> <kind value="Task" /> </ActivityDefinition> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/LibraryDaoTest.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/LibraryDaoTest.java index da706c025..2065333fd 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/LibraryDaoTest.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/LibraryDaoTest.java @@ -63,7 +63,7 @@ public String getUrl() @Override public String getVersion() { - return "0.5.0"; + return "1.0.0"; } @Override diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/MeasureDaoTest.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/MeasureDaoTest.java index 10cb6d38a..32da5dfce 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/MeasureDaoTest.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/MeasureDaoTest.java @@ -63,7 +63,7 @@ public String getUrl() @Override public String getVersion() { - return "0.5.0"; + return "1.0.0"; } @Override diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-endpoint-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-endpoint-0.5.0.xml index 96eea5075..c73f496cb 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-endpoint-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-endpoint-0.5.0.xml @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="utf-8"?> <StructureDefinition xmlns="http://hl7.org/fhir"> <url value="http://dsf.dev/fhir/StructureDefinition/endpoint"/> - <version value="0.5.0"/> + <version value="1.0.0"/> <name value="Endpoint"/> <status value="draft"/> <date value="2019-05-21"/> diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-extension-certificate-thumbprint-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-extension-certificate-thumbprint-0.5.0.xml index ff8491043..c2e7f00cc 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-extension-certificate-thumbprint-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-extension-certificate-thumbprint-0.5.0.xml @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="utf-8"?> <StructureDefinition xmlns="http://hl7.org/fhir"> <url value="http://dsf.dev/fhir/StructureDefinition/extension-certificate-thumbprint"/> - <version value="0.5.0"/> + <version value="1.0.0"/> <name value="CertificateThumbprint"/> <status value="draft"/> <date value="2019-05-21"/> diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-organization-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-organization-0.5.0.xml index 5d6122255..ff74a98a2 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-organization-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-organization-0.5.0.xml @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="utf-8"?> <StructureDefinition xmlns="http://hl7.org/fhir"> <url value="http://dsf.dev/fhir/StructureDefinition/organization"/> - <version value="0.5.0"/> + <version value="1.0.0"/> <name value="Organization"/> <status value="active"/> <date value="2019-05-21"/> diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-task-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-task-0.5.0.xml index 76a10d55b..ee719ae9b 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-task-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-task-0.5.0.xml @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="utf-8"?> <StructureDefinition xmlns="http://hl7.org/fhir"> <url value="http://dsf.dev/fhir/StructureDefinition/highmed-task"/> - <version value="0.5.0"/> + <version value="1.0.0"/> <name value="Task"/> <status value="draft"/> <date value="2019-05-21"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml similarity index 97% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml index c6edc0158..e4599658f 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml @@ -6,12 +6,12 @@ </tag> </meta> <url value="http://dsf.dev/fhir/CodeSystem/process-authorization"/> - <version value="0.5.0"/> + <version value="1.0.0"/> <name value="DSF_Process_Authorization"/> <title value="DSF Process Authorization"/> <status value="active"/> <experimental value="false"/> - <date value="2021-08-24"/> + <date value="2023-05-19"/> <publisher value="DSF"/> <description value="CodeSystem with proces authorization codes"/> <caseSensitive value="true"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml.post similarity index 91% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml.post index df28e5fd7..40793ce51 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/CodeSystem/process-authorization&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/CodeSystem/process-authorization&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-0.5.0.xml.post deleted file mode 100644 index 30664908d..000000000 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-0.5.0.xml.post +++ /dev/null @@ -1 +0,0 @@ -url=http://dsf.dev/fhir/CodeSystem/read-access-tag&version=0.5.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-1.0.0.xml similarity index 96% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-1.0.0.xml index 2d3203b15..a8d54589f 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-1.0.0.xml @@ -6,12 +6,12 @@ </tag> </meta> <url value="http://dsf.dev/fhir/CodeSystem/read-access-tag"/> - <version value="0.5.0"/> + <version value="1.0.0"/> <name value="DSF_Read_Access_Tag"/> <title value="DSF Read Access Tag"/> <status value="active"/> <experimental value="false"/> - <date value="2021-08-24"/> + <date value="2023-05-19"/> <publisher value="DSF"/> <description value="CodeSystem with read access tags"/> <caseSensitive value="true"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-1.0.0.xml.post new file mode 100644 index 000000000..166e6c22c --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-1.0.0.xml.post @@ -0,0 +1 @@ +url=http://dsf.dev/fhir/CodeSystem/read-access-tag&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-1.0.0.xml similarity index 94% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-1.0.0.xml index 32c649410..0fe57cf42 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/activity-definition" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="ActivityDefinition" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="resource" /> <abstract value="false" /> @@ -35,7 +35,7 @@ <max value="*" /> <type> <code value="Extension" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization|1.0.0" /> </type> </element> <element id="ActivityDefinition.url"> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-1.0.0.xml.post similarity index 92% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-1.0.0.xml.post index 80ca445db..aa1d48fa1 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/code-system&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/code-system&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-1.0.0.xml similarity index 93% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-1.0.0.xml index bb4902da6..c5aa59153 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/code-system" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="CodeSystem" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="resource" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-1.0.0.xml.post similarity index 92% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-1.0.0.xml.post index 80ca445db..aa1d48fa1 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/code-system&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/code-system&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-1.0.0.xml similarity index 94% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-1.0.0.xml index fd114e820..2ad826f0c 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-all" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="ProcessAuthorizationLocalAll" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-1.0.0.xml.post similarity index 66% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-1.0.0.xml.post index 11af275f7..ecd7d51c8 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-all&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-all&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-1.0.0.xml similarity index 93% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-1.0.0.xml index e23254f63..ad6f525c3 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-consortium-role" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="ProcessAuthorizationLocalConsortiumRole" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> @@ -35,7 +35,7 @@ <max value="1" /> <type> <code value="Extension" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-consortium-role" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-consortium-role|1.0.0" /> </type> </element> <element id="Coding.system"> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-1.0.0.xml.post similarity index 59% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-1.0.0.xml.post index dc5f51541..9ab6aa4ee 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-consortium-role&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-consortium-role&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-1.0.0.xml similarity index 93% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-1.0.0.xml index 61dcfd9ea..ca664f30b 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-organization" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="ProcessAuthorizationLocalOrganization" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> @@ -35,7 +35,7 @@ <max value="1" /> <type> <code value="Extension" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization|1.0.0" /> </type> </element> <element id="Coding.system"> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-1.0.0.xml.post similarity index 60% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-1.0.0.xml.post index 15e72994d..557a5e960 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-organization&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-organization&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-1.0.0.xml similarity index 94% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-1.0.0.xml index 0e560b5c5..a61d915ea 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-all" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="ProcessAuthorizationRemoteAll" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-1.0.0.xml.post similarity index 65% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-1.0.0.xml.post index a1f9e54f7..a67c3cd71 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-all&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-all&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-0.5.0.xml.post deleted file mode 100644 index 55b9a4cf4..000000000 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-0.5.0.xml.post +++ /dev/null @@ -1 +0,0 @@ -url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-consortium-role&version=0.5.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml similarity index 93% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml index 8776b92cc..0152c368f 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-consortium-role" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="ProcessAuthorizationRemoteConsortiumRole" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> @@ -35,7 +35,7 @@ <max value="1" /> <type> <code value="Extension" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-consortium-role" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-consortium-role|1.0.0" /> </type> </element> <element id="Coding.system"> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml.post new file mode 100644 index 000000000..6a412a131 --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml.post @@ -0,0 +1 @@ +url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-consortium-role&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-1.0.0.xml similarity index 93% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-1.0.0.xml index 8c7b5cd02..5304b8fc6 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-organization" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="ProcessAuthorizationRemoteOrganization" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> @@ -35,7 +35,7 @@ <max value="1" /> <type> <code value="Extension" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization|1.0.0" /> </type> </element> <element id="Coding.system"> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-1.0.0.xml.post similarity index 60% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-1.0.0.xml.post index 9a562fb12..0d57434f6 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-organization&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-organization&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-0.5.0.xml.post deleted file mode 100644 index 628675122..000000000 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-0.5.0.xml.post +++ /dev/null @@ -1 +0,0 @@ -url=http://dsf.dev/fhir/StructureDefinition/endpoint&version=0.5.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-1.0.0.xml similarity index 98% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-1.0.0.xml index 3e6390b57..701840c90 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/endpoint" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="Endpoint" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="resource" /> <abstract value="false" /> @@ -63,7 +63,7 @@ <min value="1" /> <type> <code value="Reference" /> - <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization" /> + <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization|1.0.0" /> </type> </element> <element id="Endpoint.managingOrganization.reference"> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-1.0.0.xml.post new file mode 100644 index 000000000..035da1104 --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-1.0.0.xml.post @@ -0,0 +1 @@ +url=http://dsf.dev/fhir/StructureDefinition/endpoint&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-1.0.0.xml similarity index 95% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-1.0.0.xml index df458dde9..ab8c72669 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/extension-certificate-thumbprint" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="CertificateThumbprint" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-1.0.0.xml.post similarity index 71% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-1.0.0.xml.post index bbef43894..2d8920818 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/extension-certificate-thumbprint&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/extension-certificate-thumbprint&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-1.0.0.xml similarity index 96% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-1.0.0.xml index 38ecb1d8f..2548abb13 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/extension-check-logical-reference" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="CheckLogicalReference" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-1.0.0.xml.post similarity index 70% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-1.0.0.xml.post index fcbd7c68d..4de07b167 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/extension-check-logical-reference&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/extension-check-logical-reference&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml similarity index 87% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml index 41e397b92..b6a49be39 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="ProcessAuthorization" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> @@ -84,16 +84,16 @@ <min value="1" /> <type> <code value="Coding" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-all" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-consortium-role" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-organization" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-all" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-consortium-role" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-organization" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-all|1.0.0" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-consortium-role|1.0.0" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-organization|1.0.0" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-all|1.0.0" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-consortium-role|1.0.0" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-organization|1.0.0" /> </type> <binding> <strength value="required" /> - <valueSet value="http://dsf.dev/fhir/ValueSet/process-authorization-requester" /> + <valueSet value="http://dsf.dev/fhir/ValueSet/process-authorization-requester|1.0.0" /> </binding> </element> <element id="Extension.extension:recipient"> @@ -110,13 +110,13 @@ <min value="1" /> <type> <code value="Coding" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-all" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-consortium-role" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-organization" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-all|1.0.0" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-consortium-role|1.0.0" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-organization|1.0.0" /> </type> <binding> <strength value="required" /> - <valueSet value="http://dsf.dev/fhir/ValueSet/process-authorization-recipient" /> + <valueSet value="http://dsf.dev/fhir/ValueSet/process-authorization-recipient|1.0.0" /> </binding> </element> <element id="Extension.url"> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml.post similarity index 71% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml.post index 23e8ecfe8..a7f64aa63 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/extension-process-authorization&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/extension-process-authorization&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-1.0.0.xml similarity index 98% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-1.0.0.xml index 3f03f29bf..b20aff3e1 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-consortium-role" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="ProcessAuthorizationConsortiumRole" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-1.0.0.xml.post similarity index 60% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-1.0.0.xml.post index 909fcf878..7945550e3 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-consortium-role&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-consortium-role&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-1.0.0.xml similarity index 96% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-1.0.0.xml index e3d0b5fda..29a9a2010 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="ProcessAuthorizationOrganization" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-1.0.0.xml.post similarity index 62% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-1.0.0.xml.post index 4d64aa915..4d82ef5b9 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-1.0.0.xml similarity index 98% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-1.0.0.xml index 40428da4a..6b871842d 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/extension-read-access-consortium-role" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="ReadAccessConsortiumRole" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-1.0.0.xml.post similarity index 67% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-1.0.0.xml.post index 507355570..f06995c32 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/extension-read-access-consortium-role&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/extension-read-access-consortium-role&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-1.0.0.xml similarity index 96% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-1.0.0.xml index cb5542d17..8f28e6fd6 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/extension-read-access-organization" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="ReadAccessOrganization" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-1.0.0.xml.post similarity index 69% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-1.0.0.xml.post index 42b602973..b5e29d6fa 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/extension-read-access-organization&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/extension-read-access-organization&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-1.0.0.xml similarity index 95% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-1.0.0.xml index 589750a4a..5aadb8e70 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/organization" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="Organization" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="resource" /> <abstract value="false" /> @@ -34,7 +34,7 @@ <min value="1" /> <type> <code value="Extension" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/extension-certificate-thumbprint" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/extension-certificate-thumbprint|1.0.0" /> </type> </element> <element id="Organization.identifier"> @@ -76,7 +76,7 @@ <min value="1" /> <type> <code value="Reference" /> - <targetProfile value="http://dsf.dev/fhir/StructureDefinition/endpoint" /> + <targetProfile value="http://dsf.dev/fhir/StructureDefinition/endpoint|1.0.0" /> </type> </element> <element id="Organization.endpoint.reference"> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-1.0.0.xml.post similarity index 91% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-1.0.0.xml.post index 08465ac0d..c1b92c671 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/organization&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/organization&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-1.0.0.xml similarity index 95% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-1.0.0.xml index b145fc634..ea5ac2e45 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/organization-affiliation" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="OrganizationAffiliation" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="resource" /> <abstract value="false" /> @@ -27,7 +27,7 @@ <min value="1" /> <type> <code value="Reference" /> - <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization-parent" /> + <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization-parent|1.0.0" /> </type> </element> <element id="OrganizationAffiliation.organization.reference"> @@ -39,7 +39,7 @@ <min value="1" /> <type> <code value="Reference" /> - <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization" /> + <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization|1.0.0" /> </type> </element> <element id="OrganizationAffiliation.participatingOrganization.reference"> @@ -67,7 +67,7 @@ <min value="1" /> <type> <code value="Reference" /> - <targetProfile value="http://dsf.dev/fhir/StructureDefinition/endpoint" /> + <targetProfile value="http://dsf.dev/fhir/StructureDefinition/endpoint|1.0.0" /> </type> </element> <element id="OrganizationAffiliation.endpoint.reference"> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-1.0.0.xml.post similarity index 78% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-1.0.0.xml.post index 6f06f3007..053893e69 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/organization-affiliation&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/organization-affiliation&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-1.0.0.xml similarity index 96% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-1.0.0.xml index b8bbb231b..82418f1ce 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/organization-parent" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="OrganizationParent" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="resource" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-1.0.0.xml.post similarity index 83% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-1.0.0.xml.post index 91d9dc824..5e568e402 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/organization-parent&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/organization-parent&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-1.0.0.xml similarity index 95% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-1.0.0.xml index 3ab004d54..46beaf872 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/organization-reference" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="OrganizationReference" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-1.0.0.xml.post similarity index 80% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-1.0.0.xml.post index 6ce98f88b..7dd4dbe66 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/organization-reference&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/organization-reference&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-0.9.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-1.0.0.xml similarity index 94% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-0.9.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-1.0.0.xml index bc7f873b7..fd9c8e964 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-0.9.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/questionnaire"/> - <version value="0.9.0"/> + <version value="1.0.0"/> <name value="Questionnaire"/> <status value="active"/> <experimental value="false"/> - <date value="2022-10-17"/> + <date value="2023-05-19"/> <fhirVersion value="4.0.1"/> <kind value="resource"/> <abstract value="true"/> @@ -49,7 +49,17 @@ <severity value="error"/> <human value="Constrains available types from ValueSet 'http://hl7.org/fhir/item-type'"/> <expression - value="(type = 'display') or (type = 'string') or (type = 'text') or (type = 'integer') or (type = 'decimal') or (type = 'boolean') or (type = 'date') or (type = 'time') or (type = 'dateTime') or (type = 'reference') or (type = 'url')"/> + value="(type = 'display') or + (type = 'string') or + (type = 'text') or + (type = 'integer') or + (type = 'decimal') or + (type = 'boolean') or + (type = 'date') or + (type = 'time') or + (type = 'dateTime') or + (type = 'reference') or + (type = 'url')"/> </constraint> </element> <element id="Questionnaire.item:user-task-id"> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-0.9.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-1.0.0.xml.post similarity index 90% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-0.9.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-1.0.0.xml.post index c3bfa7b5d..23e29c744 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-0.9.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/questionnaire&version=0.9.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/questionnaire&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-0.9.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-1.0.0.xml similarity index 97% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-0.9.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-1.0.0.xml index 4310ce035..c7e057639 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-0.9.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/questionnaire-response"/> - <version value="0.9.0"/> + <version value="1.0.0"/> <name value="QuestionnaireResponse"/> <status value="active"/> <experimental value="false"/> - <date value="2022-10-17"/> + <date value="2023-05-19"/> <fhirVersion value="4.0.1"/> <kind value="resource"/> <abstract value="true"/> @@ -30,7 +30,8 @@ <key value="author-if-completed"/> <severity value="error"/> <human value="Author must be set if QuestionnaireResponse.status equals completed"/> - <expression value="((%resource.status = 'completed') implies author.exists()) and ((%resource.status = 'completed') implies author.identifier.exists())"/> + <expression value="((%resource.status = 'completed') implies author.exists()) and + ((%resource.status = 'completed') implies author.identifier.exists())"/> </constraint> </element> <element id="QuestionnaireResponse.questionnaire"> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-0.9.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-1.0.0.xml.post similarity index 80% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-0.9.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-1.0.0.xml.post index c3cb7cb3d..8655a857c 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-0.9.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/questionnaire-response&version=0.9.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/questionnaire-response&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-task-base-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-task-base-1.0.0.xml index 0b4f59387..703789d43 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-task-base-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-task-base-1.0.0.xml @@ -51,7 +51,7 @@ <min value="1" /> <type> <code value="Reference" /> - <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization" /> + <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization|1.0.0" /> </type> </element> <element id="Task.requester.reference"> @@ -81,7 +81,7 @@ <max value="1" /> <type> <code value="Reference" /> - <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization" /> + <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization|1.0.0" /> </type> </element> <element id="Task.restriction.recipient.reference"> @@ -135,7 +135,7 @@ <valueString value="TaskInputParameterType" /> </extension> <strength value="required" /> - <valueSet value="http://dsf.dev/fhir/ValueSet/bpmn-message" /> + <valueSet value="http://dsf.dev/fhir/ValueSet/bpmn-message|1.0.0" /> </binding> </element> <element id="Task.input:message-name.type.coding"> @@ -174,7 +174,7 @@ <valueString value="TaskInputParameterType" /> </extension> <strength value="required" /> - <valueSet value="http://dsf.dev/fhir/ValueSet/bpmn-message" /> + <valueSet value="http://dsf.dev/fhir/ValueSet/bpmn-message|1.0.0" /> </binding> </element> <element id="Task.input:business-key.type.coding"> @@ -213,7 +213,7 @@ <valueString value="TaskInputParameterType" /> </extension> <strength value="required" /> - <valueSet value="http://dsf.dev/fhir/ValueSet/bpmn-message" /> + <valueSet value="http://dsf.dev/fhir/ValueSet/bpmn-message|1.0.0" /> </binding> </element> <element id="Task.input:correlation-key.type.coding"> @@ -262,7 +262,7 @@ <valueString value="TaskOutputParameterType" /> </extension> <strength value="required" /> - <valueSet value="http://dsf.dev/fhir/ValueSet/bpmn-message" /> + <valueSet value="http://dsf.dev/fhir/ValueSet/bpmn-message|1.0.0" /> </binding> </element> <element id="Task.output:error.type.coding"> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-0.5.0.xml.post deleted file mode 100644 index 247d799e5..000000000 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-0.5.0.xml.post +++ /dev/null @@ -1 +0,0 @@ -url=http://dsf.dev/fhir/StructureDefinition/value-set&version=0.5.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-1.0.0.xml similarity index 93% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-1.0.0.xml index 69c216831..ae933d37d 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-1.0.0.xml @@ -6,11 +6,11 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/value-set" /> - <version value="0.5.0" /> + <version value="1.0.0" /> <name value="ValueSet" /> <status value="active" /> <experimental value="false" /> - <date value="2021-08-24" /> + <date value="2023-05-19" /> <fhirVersion value="4.0.1" /> <kind value="resource" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-1.0.0.xml.post new file mode 100644 index 000000000..d81205799 --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-1.0.0.xml.post @@ -0,0 +1 @@ +url=http://dsf.dev/fhir/StructureDefinition/value-set&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-bpmn-message-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-bpmn-message-1.0.0.xml index a853b8826..2c7281801 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-bpmn-message-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-bpmn-message-1.0.0.xml @@ -19,6 +19,7 @@ <compose> <include> <system value="http://dsf.dev/fhir/CodeSystem/bpmn-message"/> + <version value="1.0.0"/> </include> </compose> </ValueSet> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml index 002053a77..cd3b41891 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml @@ -11,7 +11,7 @@ <title value="DSF Organization Role"/> <status value="active"/> <experimental value="false"/> - <date value="2022-05-10"/> + <date value="2023-05-19"/> <publisher value="DSF"/> <description value="ValueSet with DSF organization roles used in OrganizationAffiliation resources"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-1.0.0.xml similarity index 91% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-1.0.0.xml index 45078b121..e533dc468 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-1.0.0.xml @@ -6,19 +6,20 @@ </tag> </meta> <url value="http://dsf.dev/fhir/ValueSet/process-authorization-recipient"/> - <version value="0.5.0"/> + <version value="1.0.0"/> <name value="DSF_Process_Authorization_Recipient"/> <title value="DSF Process Authorization Recipient"/> <status value="active"/> <experimental value="false"/> - <date value="2021-08-24"/> + <date value="2023-05-19"/> <publisher value="DSF"/> <description value="ValueSet with proces authorization codes for recipients"/> <immutable value="true"/> <compose> <include> - <system value="http://dsf.dev/fhir/CodeSystem/process-authorization"/> + <system value="http://dsf.dev/fhir/CodeSystem/process-authorization"/> + <version value="1.0.0" /> <concept> <code value="LOCAL_ORGANIZATION"/> <display value="LOCAL_ORGANIZATION"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-1.0.0.xml.post similarity index 82% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-1.0.0.xml.post index 9cc20dc6f..6017d402b 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/ValueSet/process-authorization-recipient&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/ValueSet/process-authorization-recipient&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-1.0.0.xml similarity index 93% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-1.0.0.xml index 806b908cf..fc8633aa4 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-1.0.0.xml @@ -6,19 +6,20 @@ </tag> </meta> <url value="http://dsf.dev/fhir/ValueSet/process-authorization-requester"/> - <version value="0.5.0"/> + <version value="1.0.0"/> <name value="DSF_Process_Authorization_Requester"/> <title value="DSF Process Authorization Requester"/> <status value="active"/> <experimental value="false"/> - <date value="2021-08-24"/> + <date value="2023-05-19"/> <publisher value="DSF"/> <description value="ValueSet with proces authorization codes for requesters"/> <immutable value="true"/> <compose> <include> - <system value="http://dsf.dev/fhir/CodeSystem/process-authorization"/> + <system value="http://dsf.dev/fhir/CodeSystem/process-authorization"/> + <version value="1.0.0" /> <concept> <code value="LOCAL_ORGANIZATION"/> <display value="LOCAL_ORGANIZATION"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-1.0.0.xml.post similarity index 82% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-0.5.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-1.0.0.xml.post index 6aec785b2..d354b089f 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-0.5.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/ValueSet/process-authorization-requester&version=0.5.0 \ No newline at end of file +url=http://dsf.dev/fhir/ValueSet/process-authorization-requester&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-0.5.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-0.5.0.xml.post deleted file mode 100644 index 92c9dde49..000000000 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-0.5.0.xml.post +++ /dev/null @@ -1 +0,0 @@ -url=http://dsf.dev/fhir/ValueSet/read-access-tag&version=0.5.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-0.5.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-1.0.0.xml similarity index 87% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-0.5.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-1.0.0.xml index bf820b130..9304d4d9d 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-1.0.0.xml @@ -6,18 +6,19 @@ </tag> </meta> <url value="http://dsf.dev/fhir/ValueSet/read-access-tag"/> - <version value="0.5.0"/> + <version value="1.0.0"/> <name value="DSF_Read_Access_Tag"/> <title value="DSF Read Access Tag"/> <status value="active"/> <experimental value="false"/> - <date value="2021-08-24"/> + <date value="2023-05-19"/> <publisher value="DSF"/> <description value="ValueSet with read access tags"/> <immutable value="true"/> <compose> <include> <system value="http://dsf.dev/fhir/CodeSystem/read-access-tag"/> + <version value="1.0.0"/> </include> </compose> </ValueSet> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-1.0.0.xml.post new file mode 100644 index 000000000..5b04d6fe9 --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-1.0.0.xml.post @@ -0,0 +1 @@ +url=http://dsf.dev/fhir/ValueSet/read-access-tag&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java index c02c3c35b..81870a49d 100644 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java @@ -31,19 +31,19 @@ public class ActivityDefinitionProfileTest @ClassRule public static final ValidationSupportRule validationRule = new ValidationSupportRule( - Arrays.asList("dsf-activity-definition-0.5.0.xml", "dsf-extension-process-authorization-0.5.0.xml", - "dsf-extension-process-authorization-consortium-role-0.5.0.xml", - "dsf-extension-process-authorization-organization-0.5.0.xml", - "dsf-coding-process-authorization-local-all-0.5.0.xml", - "dsf-coding-process-authorization-local-consortium-role-0.5.0.xml", - "dsf-coding-process-authorization-local-organization-0.5.0.xml", - "dsf-coding-process-authorization-remote-all-0.5.0.xml", - "dsf-coding-process-authorization-remote-consortium-role-0.5.0.xml", - "dsf-coding-process-authorization-remote-organization-0.5.0.xml"), - Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-1.0.0.xml", - "dsf-process-authorization-0.5.0.xml"), - Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-1.0.0.xml", - "dsf-process-authorization-recipient-0.5.0.xml", "dsf-process-authorization-requester-0.5.0.xml")); + Arrays.asList("dsf-activity-definition-1.0.0.xml", "dsf-extension-process-authorization-1.0.0.xml", + "dsf-extension-process-authorization-consortium-role-1.0.0.xml", + "dsf-extension-process-authorization-organization-1.0.0.xml", + "dsf-coding-process-authorization-local-all-1.0.0.xml", + "dsf-coding-process-authorization-local-consortium-role-1.0.0.xml", + "dsf-coding-process-authorization-local-organization-1.0.0.xml", + "dsf-coding-process-authorization-remote-all-1.0.0.xml", + "dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml", + "dsf-coding-process-authorization-remote-organization-1.0.0.xml"), + Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-organization-role-1.0.0.xml", + "dsf-process-authorization-1.0.0.xml"), + Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-organization-role-1.0.0.xml", + "dsf-process-authorization-recipient-1.0.0.xml", "dsf-process-authorization-requester-1.0.0.xml")); private ResourceValidator resourceValidator = new ResourceValidatorImpl(validationRule.getFhirContext(), validationRule.getValidationSupport()); @@ -54,7 +54,7 @@ private ActivityDefinition createActivityDefinition() ad.getMeta().addProfile("http://dsf.dev/fhir/StructureDefinition/activity-definition"); ad.getMeta().addTag().setSystem("http://dsf.dev/fhir/CodeSystem/read-access-tag").setCode("ALL"); ad.setUrl("http://dsf.dev/bpe/Process/test"); - ad.setVersion("0.5.0"); + ad.setVersion("1.0.0"); ad.setStatus(PublicationStatus.ACTIVE); ad.setKind(ActivityDefinitionKind.TASK); diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java index c4e21cf60..b877ee095 100644 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java @@ -29,10 +29,10 @@ public class CodeSystemProfileTest @ClassRule public static final ValidationSupportRule validationRule = new ValidationSupportRule( - Arrays.asList("dsf-code-system-0.5.0.xml", "dsf-extension-read-access-organization-0.5.0.xml", - "dsf-extension-read-access-consortium-role-0.5.0.xml"), - Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-1.0.0.xml"), - Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-1.0.0.xml")); + Arrays.asList("dsf-code-system-1.0.0.xml", "dsf-extension-read-access-organization-1.0.0.xml", + "dsf-extension-read-access-consortium-role-1.0.0.xml"), + Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-organization-role-1.0.0.xml"), + Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-organization-role-1.0.0.xml")); private ResourceValidator resourceValidator = new ResourceValidatorImpl(validationRule.getFhirContext(), validationRule.getValidationSupport()); diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/EndpointProfileTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/EndpointProfileTest.java index 80ff65a7f..f36b1c7db 100644 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/EndpointProfileTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/EndpointProfileTest.java @@ -25,9 +25,9 @@ public class EndpointProfileTest @ClassRule public static final ValidationSupportRule validationRule = new ValidationSupportRule( - Arrays.asList("dsf-endpoint-0.5.0.xml"), - Arrays.asList("dsf-read-access-tag-0.5.0.xml", "urn_ietf_bcp_13.xml"), - Arrays.asList("dsf-read-access-tag-0.5.0.xml", "valueset-mimetypes.xml")); + Arrays.asList("dsf-endpoint-1.0.0.xml"), + Arrays.asList("dsf-read-access-tag-1.0.0.xml", "urn_ietf_bcp_13.xml"), + Arrays.asList("dsf-read-access-tag-1.0.0.xml", "valueset-mimetypes.xml")); private ResourceValidator resourceValidator = new ResourceValidatorImpl(validationRule.getFhirContext(), validationRule.getValidationSupport()); diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationAffiliationProfileTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationAffiliationProfileTest.java index f58ebcad4..83868cf06 100644 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationAffiliationProfileTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationAffiliationProfileTest.java @@ -23,10 +23,10 @@ public class OrganizationAffiliationProfileTest @ClassRule public static final ValidationSupportRule validationRule = new ValidationSupportRule( - Arrays.asList("dsf-organization-affiliation-0.5.0.xml", "dsf-organization-0.5.0.xml", - "dsf-organization-parent-0.5.0.xml"), - Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-1.0.0.xml"), - Arrays.asList("dsf-read-access-tag-0.5.0.xml", "dsf-organization-role-1.0.0.xml")); + Arrays.asList("dsf-organization-affiliation-1.0.0.xml", "dsf-organization-1.0.0.xml", + "dsf-organization-parent-1.0.0.xml"), + Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-organization-role-1.0.0.xml"), + Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-organization-role-1.0.0.xml")); private ResourceValidator resourceValidator = new ResourceValidatorImpl(validationRule.getFhirContext(), validationRule.getValidationSupport()); diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationProfileTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationProfileTest.java index 14985ff5a..6d4cd2370 100755 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationProfileTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationProfileTest.java @@ -26,11 +26,11 @@ public class OrganizationProfileTest @ClassRule public static final ValidationSupportRule validationRule = new ValidationSupportRule( - Arrays.asList("dsf-organization-0.5.0.xml", "dsf-organization-parent-0.5.0.xml", - "dsf-extension-certificate-thumbprint-0.5.0.xml", "dsf-endpoint-0.5.0.xml", - "dsf-extension-read-access-consortium-role-0.5.0.xml", - "dsf-extension-read-access-organization-0.5.0.xml"), - Arrays.asList("dsf-read-access-tag-0.5.0.xml"), Arrays.asList("dsf-read-access-tag-0.5.0.xml")); + Arrays.asList("dsf-organization-1.0.0.xml", "dsf-organization-parent-1.0.0.xml", + "dsf-extension-certificate-thumbprint-1.0.0.xml", "dsf-endpoint-1.0.0.xml", + "dsf-extension-read-access-consortium-role-1.0.0.xml", + "dsf-extension-read-access-organization-1.0.0.xml"), + Arrays.asList("dsf-read-access-tag-1.0.0.xml"), Arrays.asList("dsf-read-access-tag-1.0.0.xml")); private ResourceValidator resourceValidator = new ResourceValidatorImpl(validationRule.getFhirContext(), validationRule.getValidationSupport()); diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/QuestionnaireProfileTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/QuestionnaireProfileTest.java index c29acc075..9af3677e7 100644 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/QuestionnaireProfileTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/QuestionnaireProfileTest.java @@ -25,7 +25,7 @@ public class QuestionnaireProfileTest @ClassRule public static final ValidationSupportRule validationRule = new ValidationSupportRule( - Arrays.asList("dsf-questionnaire-0.9.0.xml"), Collections.emptyList(), Collections.emptyList()); + Arrays.asList("dsf-questionnaire-1.0.0.xml"), Collections.emptyList(), Collections.emptyList()); private ResourceValidator resourceValidator = new ResourceValidatorImpl(validationRule.getFhirContext(), validationRule.getValidationSupport()); diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/QuestionnaireResponseProfileTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/QuestionnaireResponseProfileTest.java index 05e072588..723986d9c 100644 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/QuestionnaireResponseProfileTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/QuestionnaireResponseProfileTest.java @@ -36,7 +36,7 @@ public class QuestionnaireResponseProfileTest @ClassRule public static final ValidationSupportRule validationRule = new ValidationSupportRule( - Arrays.asList("dsf-questionnaire-response-0.9.0.xml"), Collections.emptyList(), Collections.emptyList()); + Arrays.asList("dsf-questionnaire-response-1.0.0.xml"), Collections.emptyList(), Collections.emptyList()); private ResourceValidator resourceValidator = new ResourceValidatorImpl(validationRule.getFhirContext(), validationRule.getValidationSupport()); diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/validation/ValueSetExpanderTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/validation/ValueSetExpanderTest.java index b21087885..b839f2743 100755 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/validation/ValueSetExpanderTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/validation/ValueSetExpanderTest.java @@ -52,7 +52,7 @@ public Locale getLocale() private List<CodeSystem> readCodeSystems() { - return Stream.of("dsf-read-access-tag-0.5.0.xml", "dsf-bpmn-message-1.0.0.xml") + return Stream.of("dsf-read-access-tag-1.0.0.xml", "dsf-bpmn-message-1.0.0.xml") .map(file -> "/fhir/CodeSystem/" + file).map(this::readCodeSystem).collect(Collectors.toList()); } @@ -72,7 +72,7 @@ private CodeSystem readCodeSystem(String file) public void testExpandFeasibility() throws Exception { ValueSetExpansionOutcome out = valueSetExpander - .expand(readValueSet("/fhir/ValueSet/dsf-read-access-tag-0.5.0.xml")); + .expand(readValueSet("/fhir/ValueSet/dsf-read-access-tag-1.0.0.xml")); assertNotNull(out); assertNull(out.getError()); diff --git a/dsf-tools/dsf-tools-bundle-generator/src/main/java/dev/dsf/tools/generator/BundleGenerator.java b/dsf-tools/dsf-tools-bundle-generator/src/main/java/dev/dsf/tools/generator/BundleGenerator.java index 7816b011d..1475cdc7f 100755 --- a/dsf-tools/dsf-tools-bundle-generator/src/main/java/dev/dsf/tools/generator/BundleGenerator.java +++ b/dsf-tools/dsf-tools-bundle-generator/src/main/java/dev/dsf/tools/generator/BundleGenerator.java @@ -157,7 +157,7 @@ private void sortBundleEntries(Bundle bundle) private List<String> getUrlsSortedByDependencies(List<StructureDefinition> definitions) { Map<String, List<String>> dependencies = definitions.stream() - .collect(Collectors.toMap(StructureDefinition::getUrl, + .collect(Collectors.toMap(this::toUrlWithVersion, d -> d.getDifferential().getElement().stream().filter(ElementDefinition::hasType) .map(ElementDefinition::getType).flatMap(List::stream) .filter(TypeRefComponent::hasProfile).map(TypeRefComponent::getProfile) @@ -165,18 +165,23 @@ private List<String> getUrlsSortedByDependencies(List<StructureDefinition> defin List<String> handled = new ArrayList<>(); - return dependencies.keySet().stream().sorted().flatMap(url -> + return dependencies.keySet().stream().sorted().flatMap(urlWithVersion -> { - if (handled.contains(url)) + if (handled.contains(urlWithVersion)) return Stream.empty(); else { - handled.add(url); - return getSorted(dependencies, url, handled); + handled.add(urlWithVersion); + return getSorted(dependencies, urlWithVersion, handled); } }).collect(Collectors.toList()); } + private String toUrlWithVersion(StructureDefinition structureDefinition) + { + return structureDefinition.getUrl() + "|" + structureDefinition.getVersion(); + } + private Stream<String> getSorted(Map<String, List<String>> allDependencies, String current, List<String> handled) { List<String> dependencies = allDependencies.get(current); From 290b4ba48d0e2ed2c62895ea34865fb41f157d9d Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Wed, 7 Jun 2023 15:18:26 +0200 Subject: [PATCH 04/43] simplify bpe db migrations --- .../camunda/postgres_engine_7.12_to_7.13.sql | 63 ------------ .../camunda/postgres_engine_7.13_to_7.14.sql | 31 ------ .../camunda/postgres_engine_7.14_to_7.15.sql | 37 ------- .../camunda/postgres_engine_7.15_to_7.16.sql | 30 ------ .../camunda/postgres_engine_7.16_to_7.17.sql | 29 ------ .../camunda/postgres_engine_7.17_to_7.18.sql | 34 ------- .../camunda/postgres_engine_7.18_to_7.19.sql | 19 ---- ..._7.12.0.sql => postgres_engine_7.19.0.sql} | 74 +++++++++++++- ....12.0.sql => postgres_identity_7.19.0.sql} | 0 .../db/db.camunda_engine.changelog-0.1.0.xml | 97 ------------------- .../db/db.camunda_engine.changelog-0.2.0.xml | 12 --- .../db/db.camunda_engine.changelog-0.3.0.xml | 12 --- .../db/db.camunda_engine.changelog-0.5.0.xml | 12 --- .../db/db.camunda_engine.changelog-0.5.3.xml | 12 --- .../db/db.camunda_engine.changelog-0.6.0.xml | 12 --- .../db/db.camunda_engine.changelog-0.8.0.xml | 12 --- .../db/db.camunda_engine.changelog-1.0.0.xml | 87 ++++++++++++++++- ...> db.camunda_identity.changelog-1.0.0.xml} | 4 +- .../src/main/resources/db/db.changelog.xml | 28 ++---- ...=> db.create-db-users.changelog-1.0.0.xml} | 2 +- ....xml => db.last_event.changelog-1.0.0.xml} | 2 +- ...ess_plugin_resources.changelog-0.4.0.1.xml | 14 --- ...ocess_plugin_resources.changelog-0.4.0.xml | 34 ------- ...ocess_plugin_resources.changelog-1.0.0.xml | 28 ++++-- ... => db.process_states.changelog-1.0.0.xml} | 2 +- 25 files changed, 189 insertions(+), 498 deletions(-) delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.12_to_7.13.sql delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.13_to_7.14.sql delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.14_to_7.15.sql delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.15_to_7.16.sql delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.16_to_7.17.sql delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.17_to_7.18.sql delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.18_to_7.19.sql rename dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/{postgres_engine_7.12.0.sql => postgres_engine_7.19.0.sql} (95%) rename dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/{postgres_identity_7.12.0.sql => postgres_identity_7.19.0.sql} (100%) delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.1.0.xml delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.2.0.xml delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.3.0.xml delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.5.0.xml delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.5.3.xml delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.6.0.xml delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.8.0.xml rename dsf-bpe/dsf-bpe-server/src/main/resources/db/{db.camunda_identity.changelog-0.1.0.xml => db.camunda_identity.changelog-1.0.0.xml} (97%) rename dsf-bpe/dsf-bpe-server/src/main/resources/db/{db.create-db-users.changelog-0.1.0.xml => db.create-db-users.changelog-1.0.0.xml} (95%) rename dsf-bpe/dsf-bpe-server/src/main/resources/db/{db.last_event.changelog-0.8.0.xml => db.last_event.changelog-1.0.0.xml} (93%) delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_plugin_resources.changelog-0.4.0.1.xml delete mode 100644 dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_plugin_resources.changelog-0.4.0.xml rename dsf-bpe/dsf-bpe-server/src/main/resources/db/{db.process_states.changelog-0.4.0.xml => db.process_states.changelog-1.0.0.xml} (93%) diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.12_to_7.13.sql b/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.12_to_7.13.sql deleted file mode 100644 index 2625534b3..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.12_to_7.13.sql +++ /dev/null @@ -1,63 +0,0 @@ --- --- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH --- under one or more contributor license agreements. See the NOTICE file --- distributed with this work for additional information regarding copyright --- ownership. Camunda licenses this file to you under the Apache License, --- Version 2.0; you may not use this file except in compliance with the License. --- You may obtain a copy of the License at --- --- http://www.apache.org/licenses/LICENSE-2.0 --- --- Unless required by applicable law or agreed to in writing, software --- distributed under the License is distributed on an "AS IS" BASIS, --- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. --- See the License for the specific language governing permissions and --- limitations under the License. --- - -insert into ACT_GE_SCHEMA_LOG -values ('200', CURRENT_TIMESTAMP, '7.13.0'); - --- https://jira.camunda.com/browse/CAM-10953 -create index ACT_IDX_HI_VAR_PI_NAME_TYPE on ACT_HI_VARINST(PROC_INST_ID_, NAME_, VAR_TYPE_); - - --- https://app.camunda.com/jira/browse/CAM-10784 -ALTER TABLE ACT_HI_JOB_LOG - ADD HOSTNAME_ varchar(255) default null; - --- https://jira.camunda.com/browse/CAM-10378 -ALTER TABLE ACT_RU_JOB - ADD FAILED_ACT_ID_ varchar(255); - -ALTER TABLE ACT_HI_JOB_LOG - ADD FAILED_ACT_ID_ varchar(255); - -ALTER TABLE ACT_RU_INCIDENT - ADD FAILED_ACTIVITY_ID_ varchar(255); - -ALTER TABLE ACT_HI_INCIDENT - ADD FAILED_ACTIVITY_ID_ varchar(255); - --- https://jira.camunda.com/browse/CAM-11616 -ALTER TABLE ACT_RU_AUTHORIZATION - ADD REMOVAL_TIME_ timestamp; -create index ACT_IDX_AUTH_RM_TIME on ACT_RU_AUTHORIZATION(REMOVAL_TIME_); - --- https://jira.camunda.com/browse/CAM-11616 -ALTER TABLE ACT_RU_AUTHORIZATION - ADD ROOT_PROC_INST_ID_ varchar(64); -create index ACT_IDX_AUTH_ROOT_PI on ACT_RU_AUTHORIZATION(ROOT_PROC_INST_ID_); - --- https://jira.camunda.com/browse/CAM-11188 -ALTER TABLE ACT_RU_JOBDEF - ADD DEPLOYMENT_ID_ varchar(64); - - --- https://jira.camunda.com/browse/CAM-10978 - -ALTER TABLE ACT_RU_VARIABLE - ADD PROC_DEF_ID_ varchar(64); - -ALTER TABLE ACT_HI_DETAIL - ADD INITIAL_ boolean; diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.13_to_7.14.sql b/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.13_to_7.14.sql deleted file mode 100644 index fe27f2c9b..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.13_to_7.14.sql +++ /dev/null @@ -1,31 +0,0 @@ --- --- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH --- under one or more contributor license agreements. See the NOTICE file --- distributed with this work for additional information regarding copyright --- ownership. Camunda licenses this file to you under the Apache License, --- Version 2.0; you may not use this file except in compliance with the License. --- You may obtain a copy of the License at --- --- http://www.apache.org/licenses/LICENSE-2.0 --- --- Unless required by applicable law or agreed to in writing, software --- distributed under the License is distributed on an "AS IS" BASIS, --- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. --- See the License for the specific language governing permissions and --- limitations under the License. --- - -insert into ACT_GE_SCHEMA_LOG -values ('300', CURRENT_TIMESTAMP, '7.14.0'); - --- https://jira.camunda.com/browse/CAM-12304 -ALTER TABLE ACT_RU_VARIABLE - ADD BATCH_ID_ varchar(64); -CREATE INDEX ACT_IDX_BATCH_ID ON ACT_RU_VARIABLE(BATCH_ID_); -ALTER TABLE ACT_RU_VARIABLE - ADD CONSTRAINT ACT_FK_VAR_BATCH - FOREIGN KEY (BATCH_ID_) - REFERENCES ACT_RU_BATCH (ID_); - --- https://jira.camunda.com/browse/CAM-12411 -create index ACT_IDX_VARIABLE_TASK_NAME_TYPE on ACT_RU_VARIABLE(TASK_ID_, NAME_, TYPE_); \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.14_to_7.15.sql b/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.14_to_7.15.sql deleted file mode 100644 index 259227b68..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.14_to_7.15.sql +++ /dev/null @@ -1,37 +0,0 @@ --- --- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH --- under one or more contributor license agreements. See the NOTICE file --- distributed with this work for additional information regarding copyright --- ownership. Camunda licenses this file to you under the Apache License, --- Version 2.0; you may not use this file except in compliance with the License. --- You may obtain a copy of the License at --- --- http://www.apache.org/licenses/LICENSE-2.0 --- --- Unless required by applicable law or agreed to in writing, software --- distributed under the License is distributed on an "AS IS" BASIS, --- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. --- See the License for the specific language governing permissions and --- limitations under the License. --- - -insert into ACT_GE_SCHEMA_LOG -values ('400', CURRENT_TIMESTAMP, '7.15.0'); - --- https://jira.camunda.com/browse/CAM-13013 - -create table ACT_RU_TASK_METER_LOG ( - ID_ varchar(64) not null, - ASSIGNEE_HASH_ bigint, - TIMESTAMP_ timestamp, - primary key (ID_) -); - -create index ACT_IDX_TASK_METER_LOG_TIME on ACT_RU_TASK_METER_LOG(TIMESTAMP_); - --- https://jira.camunda.com/browse/CAM-13060 -ALTER TABLE ACT_RU_INCIDENT - ADD ANNOTATION_ varchar(4000); - -ALTER TABLE ACT_HI_INCIDENT - ADD ANNOTATION_ varchar(4000); diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.15_to_7.16.sql b/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.15_to_7.16.sql deleted file mode 100644 index ec0c9e801..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.15_to_7.16.sql +++ /dev/null @@ -1,30 +0,0 @@ --- --- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH --- under one or more contributor license agreements. See the NOTICE file --- distributed with this work for additional information regarding copyright --- ownership. Camunda licenses this file to you under the Apache License, --- Version 2.0; you may not use this file except in compliance with the License. --- You may obtain a copy of the License at --- --- http://www.apache.org/licenses/LICENSE-2.0 --- --- Unless required by applicable law or agreed to in writing, software --- distributed under the License is distributed on an "AS IS" BASIS, --- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. --- See the License for the specific language governing permissions and --- limitations under the License. --- - -insert into ACT_GE_SCHEMA_LOG -values ('500', CURRENT_TIMESTAMP, '7.16.0'); - -create table ACT_RE_CAMFORMDEF ( - ID_ varchar(64) NOT NULL, - REV_ integer, - KEY_ varchar(255) NOT NULL, - VERSION_ integer NOT NULL, - DEPLOYMENT_ID_ varchar(64), - RESOURCE_NAME_ varchar(4000), - TENANT_ID_ varchar(64), - primary key (ID_) -); \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.16_to_7.17.sql b/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.16_to_7.17.sql deleted file mode 100644 index dfdc0c9a7..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.16_to_7.17.sql +++ /dev/null @@ -1,29 +0,0 @@ --- --- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH --- under one or more contributor license agreements. See the NOTICE file --- distributed with this work for additional information regarding copyright --- ownership. Camunda licenses this file to you under the Apache License, --- Version 2.0; you may not use this file except in compliance with the License. --- You may obtain a copy of the License at --- --- http://www.apache.org/licenses/LICENSE-2.0 --- --- Unless required by applicable law or agreed to in writing, software --- distributed under the License is distributed on an "AS IS" BASIS, --- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. --- See the License for the specific language governing permissions and --- limitations under the License. --- - -insert into ACT_GE_SCHEMA_LOG -values ('600', CURRENT_TIMESTAMP, '7.17.0'); - --- https://jira.camunda.com/browse/CAM-14006 -- -ALTER TABLE ACT_RU_JOB - ADD COLUMN LAST_FAILURE_LOG_ID_ varchar(64); - -ALTER TABLE ACT_RU_EXT_TASK - ADD COLUMN LAST_FAILURE_LOG_ID_ varchar(64); - -create index ACT_IDX_HI_VARINST_NAME on ACT_HI_VARINST(NAME_); -create index ACT_IDX_HI_VARINST_ACT_INST_ID on ACT_HI_VARINST(ACT_INST_ID_); diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.17_to_7.18.sql b/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.17_to_7.18.sql deleted file mode 100644 index 4fa868407..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.17_to_7.18.sql +++ /dev/null @@ -1,34 +0,0 @@ --- --- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH --- under one or more contributor license agreements. See the NOTICE file --- distributed with this work for additional information regarding copyright --- ownership. Camunda licenses this file to you under the Apache License, --- Version 2.0; you may not use this file except in compliance with the License. --- You may obtain a copy of the License at --- --- http://www.apache.org/licenses/LICENSE-2.0 --- --- Unless required by applicable law or agreed to in writing, software --- distributed under the License is distributed on an "AS IS" BASIS, --- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. --- See the License for the specific language governing permissions and --- limitations under the License. --- - -insert into ACT_GE_SCHEMA_LOG -values ('700', CURRENT_TIMESTAMP, '7.18.0'); - --- https://jira.camunda.com/browse/CAM-14303 -- -ALTER TABLE ACT_RU_TASK - ADD COLUMN LAST_UPDATED_ timestamp; -create index ACT_IDX_TASK_LAST_UPDATED on ACT_RU_TASK(LAST_UPDATED_); - --- https://jira.camunda.com/browse/CAM-14721 -ALTER TABLE ACT_RU_BATCH - ADD COLUMN START_TIME_ timestamp; - --- https://jira.camunda.com/browse/CAM-14722 -ALTER TABLE ACT_RU_BATCH - ADD COLUMN EXEC_START_TIME_ timestamp; -ALTER TABLE ACT_HI_BATCH - ADD COLUMN EXEC_START_TIME_ timestamp; \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.18_to_7.19.sql b/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.18_to_7.19.sql deleted file mode 100644 index f55ca4537..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.18_to_7.19.sql +++ /dev/null @@ -1,19 +0,0 @@ --- --- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH --- under one or more contributor license agreements. See the NOTICE file --- distributed with this work for additional information regarding copyright --- ownership. Camunda licenses this file to you under the Apache License, --- Version 2.0; you may not use this file except in compliance with the License. --- You may obtain a copy of the License at --- --- http://www.apache.org/licenses/LICENSE-2.0 --- --- Unless required by applicable law or agreed to in writing, software --- distributed under the License is distributed on an "AS IS" BASIS, --- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. --- See the License for the specific language governing permissions and --- limitations under the License. --- - -insert into ACT_GE_SCHEMA_LOG -values ('800', CURRENT_TIMESTAMP, '7.19.0'); diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.12.0.sql b/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.19.0.sql similarity index 95% rename from dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.12.0.sql rename to dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.19.0.sql index f9c8e2f41..c6496bfaa 100644 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.12.0.sql +++ b/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_engine_7.19.0.sql @@ -40,6 +40,12 @@ values ('history.cleanup.job.lock', '0', 1); insert into ACT_GE_PROPERTY values ('startup.lock', '0', 1); +insert into ACT_GE_PROPERTY +values ('telemetry.lock', '0', 1); + +insert into ACT_GE_PROPERTY +values ('installationId.lock', '0', 1); + create table ACT_GE_BYTEARRAY ( ID_ varchar(64), REV_ integer, @@ -63,7 +69,7 @@ create table ACT_GE_SCHEMA_LOG ( ); insert into ACT_GE_SCHEMA_LOG -values ('0', CURRENT_TIMESTAMP, '7.12.0'); +values ('0', CURRENT_TIMESTAMP, '7.19.0'); create table ACT_RE_DEPLOYMENT ( ID_ varchar(64), @@ -100,7 +106,7 @@ create table ACT_RU_EXECUTION ( create table ACT_RU_JOB ( ID_ varchar(64) NOT NULL, - REV_ integer, + REV_ integer, TYPE_ varchar(255) NOT NULL, LOCK_EXP_TIME_ timestamp, LOCK_OWNER_ varchar(255), @@ -112,6 +118,7 @@ create table ACT_RU_JOB ( RETRIES_ integer, EXCEPTION_STACK_ID_ varchar(64), EXCEPTION_MSG_ varchar(4000), + FAILED_ACT_ID_ varchar(255), DUEDATE_ timestamp, REPEAT_ varchar(255), REPEAT_OFFSET_ bigint DEFAULT 0, @@ -124,6 +131,7 @@ create table ACT_RU_JOB ( SEQUENCE_COUNTER_ bigint, TENANT_ID_ varchar(64), CREATE_TIME_ timestamp, + LAST_FAILURE_LOG_ID_ varchar(64), primary key (ID_) ); @@ -138,6 +146,7 @@ create table ACT_RU_JOBDEF ( SUSPENSION_STATE_ integer, JOB_PRIORITY_ bigint, TENANT_ID_ varchar(64), + DEPLOYMENT_ID_ varchar(64), primary key (ID_) ); @@ -160,6 +169,17 @@ create table ACT_RE_PROCDEF ( primary key (ID_) ); +create table ACT_RE_CAMFORMDEF ( + ID_ varchar(64) NOT NULL, + REV_ integer, + KEY_ varchar(255) NOT NULL, + VERSION_ integer NOT NULL, + DEPLOYMENT_ID_ varchar(64), + RESOURCE_NAME_ varchar(4000), + TENANT_ID_ varchar(64), + primary key (ID_) +); + create table ACT_RU_TASK ( ID_ varchar(64), REV_ integer, @@ -178,6 +198,7 @@ create table ACT_RU_TASK ( DELEGATION_ varchar(64), PRIORITY_ integer, CREATE_TIME_ timestamp, + LAST_UPDATED_ timestamp, DUE_DATE_ timestamp, FOLLOW_UP_DATE_ timestamp, SUSPENSION_STATE_ integer, @@ -204,9 +225,11 @@ create table ACT_RU_VARIABLE ( NAME_ varchar(255) not null, EXECUTION_ID_ varchar(64), PROC_INST_ID_ varchar(64), + PROC_DEF_ID_ varchar(64), CASE_EXECUTION_ID_ varchar(64), CASE_INST_ID_ varchar(64), TASK_ID_ varchar(64), + BATCH_ID_ varchar(64), BYTEARRAY_ID_ varchar(64), DOUBLE_ double precision, LONG_ bigint, @@ -241,6 +264,7 @@ create table ACT_RU_INCIDENT ( INCIDENT_TYPE_ varchar(255) not null, EXECUTION_ID_ varchar(64), ACTIVITY_ID_ varchar(255), + FAILED_ACTIVITY_ID_ varchar(255), PROC_INST_ID_ varchar(64), PROC_DEF_ID_ varchar(64), CAUSE_INCIDENT_ID_ varchar(64), @@ -248,6 +272,7 @@ create table ACT_RU_INCIDENT ( CONFIGURATION_ varchar(255), TENANT_ID_ varchar(64), JOB_DEF_ID_ varchar(64), + ANNOTATION_ varchar(4000), primary key (ID_) ); @@ -260,6 +285,8 @@ create table ACT_RU_AUTHORIZATION ( RESOURCE_TYPE_ integer not null, RESOURCE_ID_ varchar(255), PERMS_ integer, + REMOVAL_TIME_ timestamp, + ROOT_PROC_INST_ID_ varchar(64), primary key (ID_) ); @@ -284,6 +311,13 @@ create table ACT_RU_METER_LOG ( primary key (ID_) ); +create table ACT_RU_TASK_METER_LOG ( + ID_ varchar(64) not null, + ASSIGNEE_HASH_ bigint, + TIMESTAMP_ timestamp, + primary key (ID_) +); + create table ACT_RU_EXT_TASK ( ID_ varchar(64) not null, REV_ integer not null, @@ -302,6 +336,7 @@ create table ACT_RU_EXT_TASK ( ACT_INST_ID_ varchar(64), TENANT_ID_ varchar(64), PRIORITY_ bigint NOT NULL DEFAULT 0, + LAST_FAILURE_LOG_ID_ varchar(64), primary key (ID_) ); @@ -320,6 +355,8 @@ create table ACT_RU_BATCH ( CONFIGURATION_ varchar(255), TENANT_ID_ varchar(64), CREATE_USER_ID_ varchar(255), + START_TIME_ timestamp, + EXEC_START_TIME_ timestamp, primary key (ID_) ); @@ -327,14 +364,19 @@ create index ACT_IDX_EXE_ROOT_PI on ACT_RU_EXECUTION(ROOT_PROC_INST_ID_); create index ACT_IDX_EXEC_BUSKEY on ACT_RU_EXECUTION(BUSINESS_KEY_); create index ACT_IDX_EXEC_TENANT_ID on ACT_RU_EXECUTION(TENANT_ID_); create index ACT_IDX_TASK_CREATE on ACT_RU_TASK(CREATE_TIME_); +create index ACT_IDX_TASK_LAST_UPDATED on ACT_RU_TASK(LAST_UPDATED_); create index ACT_IDX_TASK_ASSIGNEE on ACT_RU_TASK(ASSIGNEE_); +create index ACT_IDX_TASK_OWNER on ACT_RU_TASK(OWNER_); create index ACT_IDX_TASK_TENANT_ID on ACT_RU_TASK(TENANT_ID_); create index ACT_IDX_IDENT_LNK_USER on ACT_RU_IDENTITYLINK(USER_ID_); create index ACT_IDX_IDENT_LNK_GROUP on ACT_RU_IDENTITYLINK(GROUP_ID_); create index ACT_IDX_EVENT_SUBSCR_CONFIG_ on ACT_RU_EVENT_SUBSCR(CONFIGURATION_); create index ACT_IDX_EVENT_SUBSCR_TENANT_ID on ACT_RU_EVENT_SUBSCR(TENANT_ID_); + create index ACT_IDX_VARIABLE_TASK_ID on ACT_RU_VARIABLE(TASK_ID_); create index ACT_IDX_VARIABLE_TENANT_ID on ACT_RU_VARIABLE(TENANT_ID_); +create index ACT_IDX_VARIABLE_TASK_NAME_TYPE on ACT_RU_VARIABLE(TASK_ID_, NAME_, TYPE_); + create index ACT_IDX_INC_CONFIGURATION on ACT_RU_INCIDENT(CONFIGURATION_); create index ACT_IDX_INC_TENANT_ID on ACT_RU_INCIDENT(TENANT_ID_); -- CAM-5914 @@ -353,6 +395,9 @@ CREATE INDEX ACT_IDX_METER_LOG_REPORT ON ACT_RU_METER_LOG(NAME_, REPORTER_, MILL CREATE INDEX ACT_IDX_METER_LOG_TIME ON ACT_RU_METER_LOG(TIMESTAMP_); CREATE INDEX ACT_IDX_METER_LOG ON ACT_RU_METER_LOG(NAME_, TIMESTAMP_); +-- task metric timestamp column +CREATE INDEX ACT_IDX_TASK_METER_LOG_TIME ON ACT_RU_TASK_METER_LOG(TIMESTAMP_); + create index ACT_IDX_EXT_TASK_TOPIC on ACT_RU_EXT_TASK(TOPIC_NAME_); create index ACT_IDX_EXT_TASK_TENANT_ID on ACT_RU_EXT_TASK(TENANT_ID_); create index ACT_IDX_EXT_TASK_PRIORITY ON ACT_RU_EXT_TASK(PRIORITY_); @@ -522,6 +567,12 @@ alter table ACT_RU_EXT_TASK foreign key (ERROR_DETAILS_ID_) references ACT_GE_BYTEARRAY (ID_); +create index ACT_IDX_BATCH_ID ON ACT_RU_VARIABLE(BATCH_ID_); +alter table ACT_RU_VARIABLE + add constraint ACT_FK_VAR_BATCH + foreign key (BATCH_ID_) + references ACT_RU_BATCH (ID_); + -- indexes for deadlock problems - https://app.camunda.com/jira/browse/CAM-2567 -- create index ACT_IDX_INC_CAUSEINCID on ACT_RU_INCIDENT(CAUSE_INCIDENT_ID_); create index ACT_IDX_INC_EXID on ACT_RU_INCIDENT(EXECUTION_ID_); @@ -545,6 +596,10 @@ create index ACT_IDX_EVENT_SUBSCR_EVT_NAME ON ACT_RU_EVENT_SUBSCR(EVENT_NAME_); create index ACT_IDX_PROCDEF_DEPLOYMENT_ID ON ACT_RE_PROCDEF(DEPLOYMENT_ID_); create index ACT_IDX_PROCDEF_TENANT_ID ON ACT_RE_PROCDEF(TENANT_ID_); create index ACT_IDX_PROCDEF_VER_TAG ON ACT_RE_PROCDEF(VERSION_TAG_); + +-- indices for history cleanup: https://jira.camunda.com/browse/CAM-11616 +create index ACT_IDX_AUTH_ROOT_PI on ACT_RU_AUTHORIZATION(ROOT_PROC_INST_ID_); +create index ACT_IDX_AUTH_RM_TIME on ACT_RU_AUTHORIZATION(REMOVAL_TIME_); -- -- Copyright Camunda Services GmbH and/or licensed to Camunda Services GmbH -- under one or more contributor license agreements. See the NOTICE file @@ -794,7 +849,7 @@ create table ACT_HI_ACTINST ( CALL_CASE_INST_ID_ varchar(64), ACT_NAME_ varchar(255), ACT_TYPE_ varchar(255) not null, - ASSIGNEE_ varchar(64), + ASSIGNEE_ varchar(255), START_TIME_ timestamp not null, END_TIME_ timestamp, DURATION_ bigint, @@ -891,6 +946,7 @@ create table ACT_HI_DETAIL ( TENANT_ID_ varchar(64), OPERATION_ID_ varchar(64), REMOVAL_TIME_ timestamp, + INITIAL_ boolean, primary key (ID_) ); @@ -988,6 +1044,7 @@ create table ACT_HI_INCIDENT ( INCIDENT_MSG_ varchar(4000), INCIDENT_TYPE_ varchar(255) not null, ACTIVITY_ID_ varchar(255), + FAILED_ACTIVITY_ID_ varchar(255), CAUSE_INCIDENT_ID_ varchar(64), ROOT_CAUSE_INCIDENT_ID_ varchar(64), CONFIGURATION_ varchar(255), @@ -995,6 +1052,7 @@ create table ACT_HI_INCIDENT ( INCIDENT_STATE_ integer, TENANT_ID_ varchar(64), JOB_DEF_ID_ varchar(64), + ANNOTATION_ varchar(4000), REMOVAL_TIME_ timestamp, primary key (ID_) ); @@ -1013,6 +1071,7 @@ create table ACT_HI_JOB_LOG ( JOB_DEF_TYPE_ varchar(255), JOB_DEF_CONFIGURATION_ varchar(255), ACT_ID_ varchar(255), + FAILED_ACT_ID_ varchar(255), EXECUTION_ID_ varchar(64), ROOT_PROC_INST_ID_ varchar(64), PROCESS_INSTANCE_ID_ varchar(64), @@ -1021,6 +1080,7 @@ create table ACT_HI_JOB_LOG ( DEPLOYMENT_ID_ varchar(64), SEQUENCE_COUNTER_ bigint, TENANT_ID_ varchar(64), + HOSTNAME_ varchar(255), REMOVAL_TIME_ timestamp, primary key (ID_) ); @@ -1039,6 +1099,7 @@ create table ACT_HI_BATCH ( START_TIME_ timestamp not null, END_TIME_ timestamp, REMOVAL_TIME_ timestamp, + EXEC_START_TIME_ timestamp, primary key (ID_) ); @@ -1075,7 +1136,7 @@ create index ACT_IDX_HI_PRO_INST_ROOT_PI on ACT_HI_PROCINST(ROOT_PROC_INST_ID_); create index ACT_IDX_HI_PRO_INST_RM_TIME on ACT_HI_PROCINST(REMOVAL_TIME_); create index ACT_IDX_HI_ACTINST_ROOT_PI on ACT_HI_ACTINST(ROOT_PROC_INST_ID_); -create index ACT_IDX_HI_ACT_INST_START on ACT_HI_ACTINST(START_TIME_); +create index ACT_IDX_HI_ACT_INST_START_END on ACT_HI_ACTINST(START_TIME_, END_TIME_); create index ACT_IDX_HI_ACT_INST_END on ACT_HI_ACTINST(END_TIME_); create index ACT_IDX_HI_ACT_INST_PROCINST on ACT_HI_ACTINST(PROC_INST_ID_, ACT_ID_); create index ACT_IDX_HI_ACT_INST_COMP on ACT_HI_ACTINST(EXECUTION_ID_, ACT_ID_, END_TIME_, ID_); @@ -1126,12 +1187,17 @@ create index ACT_IDX_HI_VAR_INST_TENANT_ID on ACT_HI_VARINST(TENANT_ID_); create index ACT_IDX_HI_VAR_INST_PROC_DEF_KEY on ACT_HI_VARINST(PROC_DEF_KEY_); create index ACT_IDX_HI_VARINST_BYTEAR on ACT_HI_VARINST(BYTEARRAY_ID_); create index ACT_IDX_HI_VARINST_RM_TIME on ACT_HI_VARINST(REMOVAL_TIME_); +create index ACT_IDX_HI_VAR_PI_NAME_TYPE on ACT_HI_VARINST(PROC_INST_ID_, NAME_, VAR_TYPE_); +create index ACT_IDX_HI_VARINST_NAME on ACT_HI_VARINST(NAME_); +create index ACT_IDX_HI_VARINST_ACT_INST_ID on ACT_HI_VARINST(ACT_INST_ID_); create index ACT_IDX_HI_INCIDENT_TENANT_ID on ACT_HI_INCIDENT(TENANT_ID_); create index ACT_IDX_HI_INCIDENT_PROC_DEF_KEY on ACT_HI_INCIDENT(PROC_DEF_KEY_); create index ACT_IDX_HI_INCIDENT_ROOT_PI on ACT_HI_INCIDENT(ROOT_PROC_INST_ID_); create index ACT_IDX_HI_INCIDENT_PROCINST on ACT_HI_INCIDENT(PROC_INST_ID_); create index ACT_IDX_HI_INCIDENT_RM_TIME on ACT_HI_INCIDENT(REMOVAL_TIME_); +create index ACT_IDX_HI_INCIDENT_CREATE_TIME on ACT_HI_INCIDENT(CREATE_TIME_); +create index ACT_IDX_HI_INCIDENT_END_TIME on ACT_HI_INCIDENT(END_TIME_); create index ACT_IDX_HI_JOB_LOG_ROOT_PI on ACT_HI_JOB_LOG(ROOT_PROC_INST_ID_); create index ACT_IDX_HI_JOB_LOG_PROCINST on ACT_HI_JOB_LOG(PROCESS_INSTANCE_ID_); diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_identity_7.12.0.sql b/dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_identity_7.19.0.sql similarity index 100% rename from dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_identity_7.12.0.sql rename to dsf-bpe/dsf-bpe-server/src/main/resources/db/camunda/postgres_identity_7.19.0.sql diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.1.0.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.1.0.xml deleted file mode 100644 index a8a78757b..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.1.0.xml +++ /dev/null @@ -1,97 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog - xmlns="http://www.liquibase.org/xml/ns/dbchangelog" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <changeSet author="camunda.org" id="db.camunda_engine.changelog-0.1.0"> - <sqlFile dbms="postgresql" encoding="utf8" path="db/camunda/postgres_engine_7.12.0.sql" /> - - <sql dbms="postgresql"> - GRANT ALL ON TABLE ACT_GE_SCHEMA_LOG TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_GE_SCHEMA_LOG TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_GE_PROPERTY TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_GE_PROPERTY TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_GE_BYTEARRAY TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_GE_BYTEARRAY TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RE_DEPLOYMENT TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RE_DEPLOYMENT TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RU_EXECUTION TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_EXECUTION TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RU_JOB TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_JOB TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RU_JOBDEF TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_JOBDEF TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RE_PROCDEF TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RE_PROCDEF TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RU_TASK TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_TASK TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RU_IDENTITYLINK TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_IDENTITYLINK TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RU_VARIABLE TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_VARIABLE TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RU_EVENT_SUBSCR TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_EVENT_SUBSCR TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RU_INCIDENT TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_INCIDENT TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RU_AUTHORIZATION TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_AUTHORIZATION TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RU_FILTER TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_FILTER TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RU_METER_LOG TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_METER_LOG TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RU_EXT_TASK TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_EXT_TASK TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RU_BATCH TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_BATCH TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RE_CASE_DEF TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RE_CASE_DEF TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RU_CASE_EXECUTION TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_CASE_EXECUTION TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RU_CASE_SENTRY_PART TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_CASE_SENTRY_PART TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RE_DECISION_DEF TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RE_DECISION_DEF TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_RE_DECISION_REQ_DEF TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RE_DECISION_REQ_DEF TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_PROCINST TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_PROCINST TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_ACTINST TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_ACTINST TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_TASKINST TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_TASKINST TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_VARINST TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_VARINST TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_DETAIL TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_DETAIL TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_IDENTITYLINK TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_IDENTITYLINK TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_COMMENT TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_COMMENT TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_ATTACHMENT TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_ATTACHMENT TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_OP_LOG TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_OP_LOG TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_INCIDENT TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_INCIDENT TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_JOB_LOG TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_JOB_LOG TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_BATCH TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_BATCH TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_EXT_TASK_LOG TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_EXT_TASK_LOG TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_CASEINST TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_CASEINST TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_CASEACTINST TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_CASEACTINST TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_DECINST TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_DECINST TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_DEC_IN TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_DEC_IN TO ${db.camunda_users_group}; - GRANT ALL ON TABLE ACT_HI_DEC_OUT TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_DEC_OUT TO ${db.camunda_users_group}; - </sql> - </changeSet> - -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.2.0.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.2.0.xml deleted file mode 100644 index ebbdd131f..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.2.0.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog - xmlns="http://www.liquibase.org/xml/ns/dbchangelog" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <changeSet author="camunda.org" id="db.camunda_engine.changelog-0.2.0"> - <sqlFile dbms="postgresql" encoding="utf8" path="db/camunda/postgres_engine_7.12_to_7.13.sql" /> - </changeSet> - -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.3.0.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.3.0.xml deleted file mode 100644 index b98eddf1c..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.3.0.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog - xmlns="http://www.liquibase.org/xml/ns/dbchangelog" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <changeSet author="camunda.org" id="db.camunda_engine.changelog-0.3.0"> - <sqlFile dbms="postgresql" encoding="utf8" path="db/camunda/postgres_engine_7.13_to_7.14.sql" /> - </changeSet> - -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.5.0.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.5.0.xml deleted file mode 100644 index 744de8c03..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.5.0.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog - xmlns="http://www.liquibase.org/xml/ns/dbchangelog" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <changeSet author="camunda.org" id="db.camunda_engine.changelog-0.5.0"> - <sqlFile dbms="postgresql" encoding="utf8" path="db/camunda/postgres_engine_7.14_to_7.15.sql" /> - </changeSet> - -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.5.3.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.5.3.xml deleted file mode 100644 index f2e222579..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.5.3.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog - xmlns="http://www.liquibase.org/xml/ns/dbchangelog" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <changeSet author="camunda.org" id="db.camunda_engine.changelog-0.5.3"> - <sqlFile dbms="postgresql" encoding="utf8" path="db/camunda/postgres_engine_7.15_to_7.16.sql" /> - </changeSet> - -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.6.0.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.6.0.xml deleted file mode 100644 index 08f0072cd..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.6.0.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog - xmlns="http://www.liquibase.org/xml/ns/dbchangelog" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <changeSet author="camunda.org" id="db.camunda_engine.changelog-0.6.0"> - <sqlFile dbms="postgresql" encoding="utf8" path="db/camunda/postgres_engine_7.16_to_7.17.sql" /> - </changeSet> - -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.8.0.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.8.0.xml deleted file mode 100644 index 0c728645e..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-0.8.0.xml +++ /dev/null @@ -1,12 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog - xmlns="http://www.liquibase.org/xml/ns/dbchangelog" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <changeSet author="camunda.org" id="db.camunda_engine.changelog-0.8.0"> - <sqlFile dbms="postgresql" encoding="utf8" path="db/camunda/postgres_engine_7.17_to_7.18.sql" /> - </changeSet> - -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-1.0.0.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-1.0.0.xml index 0fcaf6949..6e38c7c62 100644 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-1.0.0.xml +++ b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_engine.changelog-1.0.0.xml @@ -6,7 +6,92 @@ http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> <changeSet author="camunda.org" id="db.camunda_engine.changelog-1.0.0"> - <sqlFile dbms="postgresql" encoding="utf8" path="db/camunda/postgres_engine_7.18_to_7.19.sql" /> + <sqlFile dbms="postgresql" encoding="utf8" path="db/camunda/postgres_engine_7.19.0.sql" /> + + <sql dbms="postgresql"> + GRANT ALL ON TABLE ACT_GE_SCHEMA_LOG TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_GE_SCHEMA_LOG TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_GE_PROPERTY TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_GE_PROPERTY TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_GE_BYTEARRAY TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_GE_BYTEARRAY TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RE_DEPLOYMENT TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RE_DEPLOYMENT TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RU_EXECUTION TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_EXECUTION TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RU_JOB TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_JOB TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RU_JOBDEF TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_JOBDEF TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RE_PROCDEF TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RE_PROCDEF TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RU_TASK TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_TASK TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RU_IDENTITYLINK TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_IDENTITYLINK TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RU_VARIABLE TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_VARIABLE TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RU_EVENT_SUBSCR TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_EVENT_SUBSCR TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RU_INCIDENT TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_INCIDENT TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RU_AUTHORIZATION TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_AUTHORIZATION TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RU_FILTER TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_FILTER TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RU_METER_LOG TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_METER_LOG TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RU_EXT_TASK TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_EXT_TASK TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RU_BATCH TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_BATCH TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RE_CASE_DEF TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RE_CASE_DEF TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RU_CASE_EXECUTION TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_CASE_EXECUTION TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RU_CASE_SENTRY_PART TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RU_CASE_SENTRY_PART TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RE_DECISION_DEF TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RE_DECISION_DEF TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_RE_DECISION_REQ_DEF TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_RE_DECISION_REQ_DEF TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_PROCINST TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_PROCINST TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_ACTINST TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_ACTINST TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_TASKINST TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_TASKINST TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_VARINST TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_VARINST TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_DETAIL TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_DETAIL TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_IDENTITYLINK TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_IDENTITYLINK TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_COMMENT TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_COMMENT TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_ATTACHMENT TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_ATTACHMENT TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_OP_LOG TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_OP_LOG TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_INCIDENT TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_INCIDENT TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_JOB_LOG TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_JOB_LOG TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_BATCH TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_BATCH TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_EXT_TASK_LOG TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_EXT_TASK_LOG TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_CASEINST TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_CASEINST TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_CASEACTINST TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_CASEACTINST TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_DECINST TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_DECINST TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_DEC_IN TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_DEC_IN TO ${db.camunda_users_group}; + GRANT ALL ON TABLE ACT_HI_DEC_OUT TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE ACT_HI_DEC_OUT TO ${db.camunda_users_group}; + </sql> </changeSet> </databaseChangeLog> \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_identity.changelog-0.1.0.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_identity.changelog-1.0.0.xml similarity index 97% rename from dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_identity.changelog-0.1.0.xml rename to dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_identity.changelog-1.0.0.xml index 047744615..0757f226a 100644 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_identity.changelog-0.1.0.xml +++ b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.camunda_identity.changelog-1.0.0.xml @@ -5,8 +5,8 @@ xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - <changeSet author="camunda.org" id="db.camunda_identity.changelog-0.1.0"> - <sqlFile dbms="postgresql" encoding="utf8" path="db/camunda/postgres_identity_7.12.0.sql" /> + <changeSet author="camunda.org" id="db.camunda_identity.changelog-1.0.0"> + <sqlFile dbms="postgresql" encoding="utf8" path="db/camunda/postgres_identity_7.19.0.sql" /> <sql dbms="postgresql"> GRANT ALL ON TABLE ACT_ID_GROUP TO ${db.liquibase_user}; diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.changelog.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.changelog.xml index 2f3dbbbd8..20875b04b 100644 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.changelog.xml +++ b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.changelog.xml @@ -4,29 +4,13 @@ xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - <include file="db/db.create-db-users.changelog-0.1.0.xml" /> + <include file="db/db.create-db-users.changelog-1.0.0.xml" /> - <include file="db/db.camunda_engine.changelog-0.1.0.xml" /> - <include file="db/db.camunda_identity.changelog-0.1.0.xml" /> - - <include file="db/db.camunda_engine.changelog-0.2.0.xml" /> - - <include file="db/db.camunda_engine.changelog-0.3.0.xml" /> - - <include file="db/db.process_plugin_resources.changelog-0.4.0.xml" /> - <include file="db/db.process_plugin_resources.changelog-0.4.0.1.xml" /> - <include file="db/db.process_states.changelog-0.4.0.xml" /> - - <include file="db/db.camunda_engine.changelog-0.5.0.xml" /> - <include file="db/db.camunda_engine.changelog-0.5.3.xml" /> - - <include file="db/db.camunda_engine.changelog-0.6.0.xml" /> - - <include file="db/db.last_event.changelog-0.8.0.xml" /> - - <include file="db/db.camunda_engine.changelog-0.8.0.xml" /> - <include file="db/db.camunda_engine.changelog-1.0.0.xml" /> + <include file="db/db.camunda_identity.changelog-1.0.0.xml" /> + <include file="db/db.process_plugin_resources.changelog-1.0.0.xml" /> - + <include file="db/db.process_states.changelog-1.0.0.xml" /> + + <include file="db/db.last_event.changelog-1.0.0.xml" /> </databaseChangeLog> \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.create-db-users.changelog-0.1.0.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.create-db-users.changelog-1.0.0.xml similarity index 95% rename from dsf-bpe/dsf-bpe-server/src/main/resources/db/db.create-db-users.changelog-0.1.0.xml rename to dsf-bpe/dsf-bpe-server/src/main/resources/db/db.create-db-users.changelog-1.0.0.xml index d6dd3ef3b..f77af3433 100644 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.create-db-users.changelog-0.1.0.xml +++ b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.create-db-users.changelog-1.0.0.xml @@ -4,7 +4,7 @@ xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - <changeSet author="hhund" id="db.create-db-users.changelog-0.1.0" dbms="postgresql"> + <changeSet author="hhund" id="db.create-db-users.changelog-1.0.0" dbms="postgresql"> <preConditions onFail="MARK_RAN"> <and> <sqlCheck expectedResult="0">SELECT COUNT(*) FROM pg_roles WHERE rolname='${db.server_user}'</sqlCheck> diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.last_event.changelog-0.8.0.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.last_event.changelog-1.0.0.xml similarity index 93% rename from dsf-bpe/dsf-bpe-server/src/main/resources/db/db.last_event.changelog-0.8.0.xml rename to dsf-bpe/dsf-bpe-server/src/main/resources/db/db.last_event.changelog-1.0.0.xml index 4147992f0..23d272109 100644 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.last_event.changelog-0.8.0.xml +++ b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.last_event.changelog-1.0.0.xml @@ -5,7 +5,7 @@ xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - <changeSet author="hhund" id="db.last_event.changelog-0.8.0"> + <changeSet author="hhund" id="db.last_event.changelog-1.0.0"> <createTable tableName="last_events"> <column name="type" type="TEXT"> <constraints nullable="false"/> diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_plugin_resources.changelog-0.4.0.1.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_plugin_resources.changelog-0.4.0.1.xml deleted file mode 100644 index 13a8d75f4..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_plugin_resources.changelog-0.4.0.1.xml +++ /dev/null @@ -1,14 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog - xmlns="http://www.liquibase.org/xml/ns/dbchangelog" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <changeSet author="hhund" id="db.process_plugin_resources.changelog-0.4.0.1"> - <sql dbms="postgresql"> - GRANT DELETE ON TABLE process_plugin_resources TO ${db.server_users_group}; - </sql> - </changeSet> - -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_plugin_resources.changelog-0.4.0.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_plugin_resources.changelog-0.4.0.xml deleted file mode 100644 index fbf6771d1..000000000 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_plugin_resources.changelog-0.4.0.xml +++ /dev/null @@ -1,34 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog - xmlns="http://www.liquibase.org/xml/ns/dbchangelog" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <changeSet author="hhund" id="db.process_plugin_resources.changelog-0.4.0"> - <createTable tableName="process_plugin_resources"> - <column name="process_key_and_version" type="TEXT"> - <constraints nullable="false"/> - </column> - <column name="resource_type" type="TEXT"> - <constraints nullable="false"/> - </column> - <column name="resource_id" type="UUID"/> - <column name="url" type="TEXT"/> - <column name="version" type="TEXT"/> - <column name="name" type="TEXT"/> - </createTable> - - <sql dbms="postgresql"> - ALTER TABLE process_plugin_resources ADD CONSTRAINT url_check CHECK ((resource_type = 'NamingSystem' and url IS NULL) OR (resource_type <> 'NamingSystem' AND url IS NOT NULL)); - ALTER TABLE process_plugin_resources ADD CONSTRAINT version_check CHECK ((resource_type = 'NamingSystem' and version IS NULL) OR (resource_type <> 'NamingSystem' AND version IS NOT NULL)); - ALTER TABLE process_plugin_resources ADD CONSTRAINT name_check CHECK ((resource_type = 'NamingSystem' and name IS NOT NULL) OR (resource_type <> 'NamingSystem' AND name IS NULL)); - CREATE UNIQUE INDEX process_plugin_resources_unique_not_naming_system ON process_plugin_resources (process_key_and_version, resource_type, url, version) WHERE resource_type <> 'NamingSystem'; - CREATE UNIQUE INDEX process_plugin_resources_unique_naming_system ON process_plugin_resources (process_key_and_version, resource_type, name) WHERE resource_type = 'NamingSystem'; - ALTER TABLE process_plugin_resources OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE process_plugin_resources TO ${db.liquibase_user}; - GRANT SELECT, INSERT, UPDATE ON TABLE process_plugin_resources TO ${db.server_users_group}; - </sql> - </changeSet> - -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_plugin_resources.changelog-1.0.0.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_plugin_resources.changelog-1.0.0.xml index 414323bcd..9bbf67178 100644 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_plugin_resources.changelog-1.0.0.xml +++ b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_plugin_resources.changelog-1.0.0.xml @@ -6,18 +6,34 @@ http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> <changeSet author="hhund" id="db.process_plugin_resources.changelog-1.0.0"> - <addColumn tableName="process_plugin_resources"> + <createTable tableName="process_plugin_resources"> + <column name="process_key_and_version" type="TEXT"> + <constraints nullable="false"/> + </column> + <column name="resource_type" type="TEXT"> + <constraints nullable="false"/> + </column> + <column name="resource_id" type="UUID"/> <column name="identifier" type="TEXT" /> - </addColumn> + <column name="url" type="TEXT"/> + <column name="version" type="TEXT"/> + <column name="name" type="TEXT"/> + </createTable> <sql dbms="postgresql"> - ALTER TABLE process_plugin_resources DROP CONSTRAINT url_check; + ALTER TABLE process_plugin_resources ADD CONSTRAINT identifier_check CHECK ((resource_type = 'Task' and identifier IS NOT NULL) OR (resource_type <> 'Task' AND identifier IS NULL)); ALTER TABLE process_plugin_resources ADD CONSTRAINT url_check CHECK ((resource_type IN ('NamingSystem', 'Task') AND url IS NULL) OR (resource_type NOT IN ('NamingSystem', 'Task') AND url IS NOT NULL)); - ALTER TABLE process_plugin_resources DROP CONSTRAINT version_check; ALTER TABLE process_plugin_resources ADD CONSTRAINT version_check CHECK ((resource_type IN ('NamingSystem', 'Task') and version IS NULL) OR (resource_type NOT IN ('NamingSystem', 'Task') AND version IS NOT NULL)); - ALTER TABLE process_plugin_resources ADD CONSTRAINT identifier_check CHECK ((resource_type = 'Task' and identifier IS NOT NULL) OR (resource_type <> 'Task' AND identifier IS NULL)); - ALTER INDEX process_plugin_resources_unique_not_naming_system RENAME TO process_plugin_resources_unique_metadata_resource; + ALTER TABLE process_plugin_resources ADD CONSTRAINT name_check CHECK ((resource_type = 'NamingSystem' and name IS NOT NULL) OR (resource_type <> 'NamingSystem' AND name IS NULL)); + + CREATE UNIQUE INDEX process_plugin_resources_unique_metadata_resource ON process_plugin_resources (process_key_and_version, resource_type, url, version) WHERE resource_type <> 'NamingSystem'; + CREATE UNIQUE INDEX process_plugin_resources_unique_naming_system ON process_plugin_resources (process_key_and_version, resource_type, name) WHERE resource_type = 'NamingSystem'; CREATE UNIQUE INDEX process_plugin_resources_unique_task ON process_plugin_resources (process_key_and_version, resource_type, identifier) WHERE resource_type = 'Task'; + + ALTER TABLE process_plugin_resources OWNER TO ${db.liquibase_user}; + GRANT ALL ON TABLE process_plugin_resources TO ${db.liquibase_user}; + GRANT SELECT, INSERT, UPDATE, DELETE ON TABLE process_plugin_resources TO ${db.server_users_group}; </sql> </changeSet> + </databaseChangeLog> \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_states.changelog-0.4.0.xml b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_states.changelog-1.0.0.xml similarity index 93% rename from dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_states.changelog-0.4.0.xml rename to dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_states.changelog-1.0.0.xml index e2ec861be..52eb4d243 100644 --- a/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_states.changelog-0.4.0.xml +++ b/dsf-bpe/dsf-bpe-server/src/main/resources/db/db.process_states.changelog-1.0.0.xml @@ -5,7 +5,7 @@ xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - <changeSet author="hhund" id="db.process_states.changelog-0.4.0"> + <changeSet author="hhund" id="db.process_states.changelog-1.0.0"> <createTable tableName="process_states"> <column name="process_key_and_version" type="TEXT"> <constraints nullable="false"/> From 08e61784ff1d63779af27944497ba5162a1c4d0f Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Wed, 7 Jun 2023 17:13:57 +0200 Subject: [PATCH 05/43] simplify fhir db migrations --- ...b.activity_definitions.changelog-0.2.0.xml | 48 --- ....activity_definitions.changelog-1.0.0.xml} | 15 +- .../db/db.binaries.changelog-0.2.0.xml | 48 --- ....0.xml => db.binaries.changelog-1.0.0.xml} | 15 +- .../db/db.bundles.changelog-0.2.0.xml | 48 --- ...1.0.xml => db.bundles.changelog-1.0.0.xml} | 15 +- .../src/main/resources/db/db.changelog.xml | 96 ++--- .../db/db.code_systems.changelog-0.2.0.xml | 48 --- ...ml => db.code_systems.changelog-1.0.0.xml} | 15 +- .../db/db.create-db-users.changelog-0.5.0.xml | 20 - ...=> db.create-db-users.changelog-1.0.0.xml} | 9 +- ...b.document_references.changelog-1.0.0.xml} | 2 +- .../db/db.endpoints.changelog-0.2.0.xml | 48 --- ...0.xml => db.endpoints.changelog-1.0.0.xml} | 15 +- .../db/db.groups.changelog-0.2.0.xml | 48 --- ....1.0.xml => db.groups.changelog-1.0.0.xml} | 15 +- ...db.healthcare_services.changelog-0.2.0.xml | 48 --- ...b.healthcare_services.changelog-1.0.0.xml} | 15 +- .../db/db.history.changelog-0.2.0.xml | 288 --------------- .../db/db.history.changelog-0.5.0.xml | 344 ------------------ ...9.0.xml => db.history.changelog-1.0.0.xml} | 202 +++++----- ...0.xml => db.libraries.changelog-1.0.0.xml} | 3 +- .../db/db.locations.changelog-0.2.0.xml | 48 --- ...0.xml => db.locations.changelog-1.0.0.xml} | 15 +- ...=> db.measure_reports.changelog-1.0.0.xml} | 3 +- ....0.xml => db.measures.changelog-1.0.0.xml} | 3 +- .../db/db.naming_systems.changelog-0.2.0.xml | 48 --- ... => db.naming_systems.changelog-1.0.0.xml} | 15 +- ...nization_affiliations.changelog-1.0.0.xml} | 3 +- .../db/db.organizations.changelog-0.2.0.xml | 48 --- ...l => db.organizations.changelog-1.0.0.xml} | 15 +- .../db/db.patients.changelog-0.2.0.xml | 48 --- ....0.xml => db.patients.changelog-1.0.0.xml} | 15 +- .../db.permanent-delete.changelog-0.5.0.xml | 35 -- .../db.practitioner_roles.changelog-0.2.0.xml | 48 --- ...db.practitioner_roles.changelog-1.0.0.xml} | 15 +- .../db/db.practitioners.changelog-0.2.0.xml | 48 --- ...l => db.practitioners.changelog-1.0.0.xml} | 15 +- .../db/db.provenances.changelog-0.2.0.xml | 48 --- ...xml => db.provenances.changelog-1.0.0.xml} | 15 +- ...uestionnaire_responses.changelog-0.9.0.xml | 17 - ...estionnaire_responses.changelog-1.0.0.xml} | 2 +- ... => db.questionnaires.changelog-1.0.0.xml} | 2 +- .../db/db.read_access.changelog-0.6.0.xml | 86 ----- .../db/db.read_access.changelog-0.8.0.xml | 99 ----- ...xml => db.read_access.changelog-1.0.0.xml} | 214 ++++++----- .../db.research_studies.changelog-0.2.0.xml | 48 --- ...> db.research_studies.changelog-1.0.0.xml} | 15 +- ...e_definition_snapshots.changelog-0.2.0.xml | 56 --- ..._definition_snapshots.changelog-1.0.0.xml} | 15 +- ....structure_definitions.changelog-0.2.0.xml | 48 --- ...structure_definitions.changelog-1.0.0.xml} | 15 +- .../db/db.subscriptions.changelog-0.2.0.xml | 48 --- ...l => db.subscriptions.changelog-1.0.0.xml} | 15 +- .../resources/db/db.tasks.changelog-0.2.0.xml | 48 --- ...0.1.0.xml => db.tasks.changelog-1.0.0.xml} | 15 +- .../db/db.value_sets.changelog-0.2.0.xml | 48 --- ....xml => db.value_sets.changelog-1.0.0.xml} | 15 +- .../on_questionnaire_responses_insert.sql | 6 - .../on_questionnaire_responses_update.sql | 6 - 60 files changed, 449 insertions(+), 2259 deletions(-) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.activity_definitions.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.activity_definitions.changelog-0.1.0.xml => db.activity_definitions.changelog-1.0.0.xml} (81%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.binaries.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.binaries.changelog-0.1.0.xml => db.binaries.changelog-1.0.0.xml} (81%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.bundles.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.bundles.changelog-0.1.0.xml => db.bundles.changelog-1.0.0.xml} (80%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.code_systems.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.code_systems.changelog-0.1.0.xml => db.code_systems.changelog-1.0.0.xml} (79%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.create-db-users.changelog-0.5.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.create-db-users.changelog-0.1.0.xml => db.create-db-users.changelog-1.0.0.xml} (58%) rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.document_references.changelog-0.6.0.xml => db.document_references.changelog-1.0.0.xml} (99%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.endpoints.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.endpoints.changelog-0.1.0.xml => db.endpoints.changelog-1.0.0.xml} (80%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.groups.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.groups.changelog-0.1.0.xml => db.groups.changelog-1.0.0.xml} (80%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.healthcare_services.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.healthcare_services.changelog-0.1.0.xml => db.healthcare_services.changelog-1.0.0.xml} (81%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.history.changelog-0.2.0.xml delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.history.changelog-0.5.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.history.changelog-0.9.0.xml => db.history.changelog-1.0.0.xml} (96%) rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.libraries.changelog-0.5.0.xml => db.libraries.changelog-1.0.0.xml} (92%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.locations.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.locations.changelog-0.1.0.xml => db.locations.changelog-1.0.0.xml} (79%) rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.measure_reports.changelog-0.5.0.xml => db.measure_reports.changelog-1.0.0.xml} (93%) rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.measures.changelog-0.5.0.xml => db.measures.changelog-1.0.0.xml} (92%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.naming_systems.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.naming_systems.changelog-0.1.0.xml => db.naming_systems.changelog-1.0.0.xml} (79%) rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.organization_affiliations.changelog-0.5.0.xml => db.organization_affiliations.changelog-1.0.0.xml} (95%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organizations.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.organizations.changelog-0.1.0.xml => db.organizations.changelog-1.0.0.xml} (79%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.patients.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.patients.changelog-0.1.0.xml => db.patients.changelog-1.0.0.xml} (80%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.permanent-delete.changelog-0.5.0.xml delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioner_roles.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.practitioner_roles.changelog-0.1.0.xml => db.practitioner_roles.changelog-1.0.0.xml} (78%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioners.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.practitioners.changelog-0.1.0.xml => db.practitioners.changelog-1.0.0.xml} (79%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.provenances.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.provenances.changelog-0.1.0.xml => db.provenances.changelog-1.0.0.xml} (79%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaire_responses.changelog-0.9.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.questionnaire_responses.changelog-0.8.0.xml => db.questionnaire_responses.changelog-1.0.0.xml} (99%) rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.questionnaires.changelog-0.8.0.xml => db.questionnaires.changelog-1.0.0.xml} (97%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.read_access.changelog-0.6.0.xml delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.read_access.changelog-0.8.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.read_access.changelog-0.5.0.xml => db.read_access.changelog-1.0.0.xml} (67%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.research_studies.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.research_studies.changelog-0.1.0.xml => db.research_studies.changelog-1.0.0.xml} (79%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.structure_definition_snapshots.changelog-0.1.0.xml => db.structure_definition_snapshots.changelog-1.0.0.xml} (81%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definitions.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.structure_definitions.changelog-0.1.0.xml => db.structure_definitions.changelog-1.0.0.xml} (81%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.subscriptions.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.subscriptions.changelog-0.1.0.xml => db.subscriptions.changelog-1.0.0.xml} (79%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.tasks.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.tasks.changelog-0.1.0.xml => db.tasks.changelog-1.0.0.xml} (80%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/db.value_sets.changelog-0.2.0.xml rename dsf-fhir/dsf-fhir-server/src/main/resources/db/{db.value_sets.changelog-0.1.0.xml => db.value_sets.changelog-1.0.0.xml} (79%) delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_questionnaire_responses_insert.sql delete mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_questionnaire_responses_update.sql diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.activity_definitions.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.activity_definitions.changelog-0.2.0.xml deleted file mode 100644 index da7d888eb..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.activity_definitions.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.activity_definitions.changelog-0.2.0"> - <dropView viewName="current_activity_definitions"/> - - <renameColumn tableName="activity_definitions" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="activity_definitions"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE activity_definitions SET deleted = current_ad.deleted_new - FROM ( - SELECT activity_definition_id, deleted_old, ((activity_definition->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (activity_definition_id) activity_definition_id, version, deleted_old, activity_definition - FROM activity_definitions ORDER BY activity_definition_id, version DESC - ) AS current_ad - WHERE deleted_old - ) AS current_ad - WHERE activity_definitions.activity_definition_id = current_ad.activity_definition_id - </sql> - - <dropColumn tableName="activity_definitions" columnName="deleted_old"/> - - <createView viewName="current_activity_definitions" replaceIfExists="true"> - SELECT activity_definition_id, version, activity_definition - FROM ( - SELECT DISTINCT ON (activity_definition_id) activity_definition_id, version, deleted, activity_definition - FROM activity_definitions ORDER BY activity_definition_id, version DESC - ) AS current_ad - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_activity_definitions OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_activity_definitions TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_activity_definitions TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.activity_definitions.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.activity_definitions.changelog-1.0.0.xml similarity index 81% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.activity_definitions.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.activity_definitions.changelog-1.0.0.xml index 46c6a92f1..01c413c5c 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.activity_definitions.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.activity_definitions.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.activity_definitions.changelog-0.1.0"> + <changeSet author="hhund" id="db.activity_definitions.changelog-1.0.0"> <createTable tableName="activity_definitions"> <column name="activity_definition_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="activity_definition" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE activity_definitions OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE activity_definitions TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE activity_definitions TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE activity_definitions TO ${db.server_permanent_delete_users_group}; CREATE INDEX activity_definition_id_index ON activity_definitions USING btree (activity_definition_id); CREATE INDEX activity_definition_index ON activity_definitions USING gin (activity_definition); CREATE INDEX activity_definition_id_version_index ON activity_definitions USING btree (activity_definition_id, version); </sql> <createView viewName="current_activity_definitions" replaceIfExists="true"> - SELECT DISTINCT ON (activity_definition_id) activity_definition_id, version, activity_definition - FROM activity_definitions WHERE NOT deleted ORDER BY activity_definition_id, version DESC + SELECT activity_definition_id, version, activity_definition + FROM ( + SELECT DISTINCT ON (activity_definition_id) activity_definition_id, version, deleted, activity_definition + FROM activity_definitions ORDER BY activity_definition_id, version DESC + ) AS current_ad + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.binaries.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.binaries.changelog-0.2.0.xml deleted file mode 100644 index 74ed2ec58..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.binaries.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.binaries.changelog-0.2.0"> - <dropView viewName="current_binaries"/> - - <renameColumn tableName="binaries" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="binaries"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE binaries SET deleted = current_b.deleted_new - FROM ( - SELECT binary_id, deleted_old, ((binary_json->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (binary_id) binary_id, version, deleted_old, binary_json - FROM binaries ORDER BY binary_id, version DESC - ) AS current_b - WHERE deleted_old - ) AS current_b - WHERE binaries.binary_id = current_b.binary_id - </sql> - - <dropColumn tableName="binaries" columnName="deleted_old"/> - - <createView viewName="current_binaries" replaceIfExists="true"> - SELECT binary_id, version, binary_json, binary_data - FROM ( - SELECT DISTINCT ON (binary_id) binary_id, version, deleted, binary_json, binary_data - FROM binaries ORDER BY binary_id, version DESC - ) AS current_b - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_binaries OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_binaries TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_binaries TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.binaries.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.binaries.changelog-1.0.0.xml similarity index 81% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.binaries.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.binaries.changelog-1.0.0.xml index bd546609e..91d71feba 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.binaries.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.binaries.changelog-1.0.0.xml @@ -8,7 +8,7 @@ <property name="binary_type" value="BYTEA" dbms="postgresql" /> <property name="binary_type" value="binary" dbms="h2" /> - <changeSet author="retwet" id="db.binaries.changelog-0.1.0"> + <changeSet author="retwet" id="db.binaries.changelog-1.0.0"> <createTable tableName="binaries"> <column name="binary_id" type="UUID"> <constraints nullable="false" /> @@ -16,9 +16,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <!-- caveat: json column cannot be named binary, because binary is a reserved word in sql --> <column name="binary_json" type="${json}"> <constraints nullable="false" /> @@ -32,14 +30,19 @@ ALTER TABLE binaries OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE binaries TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE binaries TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE binaries TO ${db.server_permanent_delete_users_group}; CREATE INDEX binary_id_index ON binaries USING btree (binary_id); CREATE INDEX binary_json_index ON binaries USING gin (binary_json); CREATE INDEX binary_id_version_index ON binaries USING btree (binary_id, version); </sql> <createView viewName="current_binaries" replaceIfExists="true"> - SELECT DISTINCT ON (binary_id) binary_id, version, binary_json, binary_data - FROM binaries WHERE NOT deleted ORDER BY binary_id, version DESC + SELECT binary_id, version, binary_json, binary_data + FROM ( + SELECT DISTINCT ON (binary_id) binary_id, version, deleted, binary_json, binary_data + FROM binaries ORDER BY binary_id, version DESC + ) AS current_b + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.bundles.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.bundles.changelog-0.2.0.xml deleted file mode 100644 index 4eea83dd0..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.bundles.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.bundles.changelog-0.2.0"> - <dropView viewName="current_bundles"/> - - <renameColumn tableName="bundles" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="bundles"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE bundles SET deleted = current_b.deleted_new - FROM ( - SELECT bundle_id, deleted_old, ((bundle->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (bundle_id) bundle_id, version, deleted_old, bundle - FROM bundles ORDER BY bundle_id, version DESC - ) AS current_b - WHERE deleted_old - ) AS current_b - WHERE bundles.bundle_id = current_b.bundle_id - </sql> - - <dropColumn tableName="bundles" columnName="deleted_old"/> - - <createView viewName="current_bundles" replaceIfExists="true"> - SELECT bundle_id, version, bundle - FROM ( - SELECT DISTINCT ON (bundle_id) bundle_id, version, deleted, bundle - FROM bundles ORDER BY bundle_id, version DESC - ) AS current_b - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_bundles OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_bundles TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_bundles TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.bundles.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.bundles.changelog-1.0.0.xml similarity index 80% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.bundles.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.bundles.changelog-1.0.0.xml index e1ceadf5e..dfa4dd94f 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.bundles.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.bundles.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.bundles.changelog-0.1.0"> + <changeSet author="hhund" id="db.bundles.changelog-1.0.0"> <createTable tableName="bundles"> <column name="bundle_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="bundle" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE bundles OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE bundles TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE bundles TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE bundles TO ${db.server_permanent_delete_users_group}; CREATE INDEX bundle_id_index ON bundles USING btree (bundle_id); CREATE INDEX bundle_index ON bundles USING gin (bundle); CREATE INDEX bundle_id_version_index ON bundles USING btree (bundle_id, version); </sql> <createView viewName="current_bundles" replaceIfExists="true"> - SELECT DISTINCT ON (bundle_id) bundle_id, version, bundle - FROM bundles WHERE NOT deleted ORDER BY bundle_id, version DESC + SELECT bundle_id, version, bundle + FROM ( + SELECT DISTINCT ON (bundle_id) bundle_id, version, deleted, bundle + FROM bundles ORDER BY bundle_id, version DESC + ) AS current_b + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.changelog.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.changelog.xml index 344e6e0bf..710f1fbaa 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.changelog.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.changelog.xml @@ -3,69 +3,37 @@ xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - <include file="db/db.create-db-users.changelog-0.1.0.xml" /> + <include file="db/db.create-db-users.changelog-1.0.0.xml" /> + + <include file="db/db.activity_definitions.changelog-1.0.0.xml" /> + <include file="db/db.binaries.changelog-1.0.0.xml" /> + <include file="db/db.bundles.changelog-1.0.0.xml" /> + <include file="db/db.code_systems.changelog-1.0.0.xml" /> + <include file="db/db.document_references.changelog-1.0.0.xml" /> + <include file="db/db.endpoints.changelog-1.0.0.xml"/> + <include file="db/db.groups.changelog-1.0.0.xml" /> + <include file="db/db.healthcare_services.changelog-1.0.0.xml" /> + <include file="db/db.libraries.changelog-1.0.0.xml" /> + <include file="db/db.locations.changelog-1.0.0.xml" /> + <include file="db/db.measure_reports.changelog-1.0.0.xml" /> + <include file="db/db.measures.changelog-1.0.0.xml" /> + <include file="db/db.naming_systems.changelog-1.0.0.xml" /> + <include file="db/db.organization_affiliations.changelog-1.0.0.xml" /> + <include file="db/db.organizations.changelog-1.0.0.xml" /> + <include file="db/db.patients.changelog-1.0.0.xml" /> + <include file="db/db.practitioner_roles.changelog-1.0.0.xml" /> + <include file="db/db.practitioners.changelog-1.0.0.xml" /> + <include file="db/db.provenances.changelog-1.0.0.xml" /> + <include file="db/db.questionnaire_responses.changelog-1.0.0.xml" /> + <include file="db/db.questionnaires.changelog-1.0.0.xml" /> + <include file="db/db.research_studies.changelog-1.0.0.xml" /> + <include file="db/db.structure_definition_snapshots.changelog-1.0.0.xml" /> + <include file="db/db.structure_definitions.changelog-1.0.0.xml" /> + <include file="db/db.subscriptions.changelog-1.0.0.xml" /> + <include file="db/db.tasks.changelog-1.0.0.xml" /> + <include file="db/db.value_sets.changelog-1.0.0.xml" /> + + <include file="db/db.history.changelog-1.0.0.xml" /> + <include file="db/db.read_access.changelog-1.0.0.xml" /> - <include file="db/db.activity_definitions.changelog-0.1.0.xml" /> - <include file="db/db.binaries.changelog-0.1.0.xml" /> - <include file="db/db.bundles.changelog-0.1.0.xml" /> - <include file="db/db.code_systems.changelog-0.1.0.xml" /> - <include file="db/db.endpoints.changelog-0.1.0.xml" /> - <include file="db/db.groups.changelog-0.1.0.xml" /> - <include file="db/db.healthcare_services.changelog-0.1.0.xml" /> - <include file="db/db.locations.changelog-0.1.0.xml" /> - <include file="db/db.naming_systems.changelog-0.1.0.xml" /> - <include file="db/db.organizations.changelog-0.1.0.xml" /> - <include file="db/db.patients.changelog-0.1.0.xml" /> - <include file="db/db.practitioner_roles.changelog-0.1.0.xml" /> - <include file="db/db.practitioners.changelog-0.1.0.xml" /> - <include file="db/db.provenances.changelog-0.1.0.xml" /> - <include file="db/db.research_studies.changelog-0.1.0.xml" /> - <include file="db/db.structure_definitions.changelog-0.1.0.xml" /> - <include file="db/db.structure_definition_snapshots.changelog-0.1.0.xml" /> - <include file="db/db.subscriptions.changelog-0.1.0.xml" /> - <include file="db/db.tasks.changelog-0.1.0.xml" /> - <include file="db/db.value_sets.changelog-0.1.0.xml" /> - - <include file="db/db.activity_definitions.changelog-0.2.0.xml" /> - <include file="db/db.binaries.changelog-0.2.0.xml" /> - <include file="db/db.bundles.changelog-0.2.0.xml" /> - <include file="db/db.code_systems.changelog-0.2.0.xml" /> - <include file="db/db.endpoints.changelog-0.2.0.xml" /> - <include file="db/db.groups.changelog-0.2.0.xml" /> - <include file="db/db.healthcare_services.changelog-0.2.0.xml" /> - <include file="db/db.locations.changelog-0.2.0.xml" /> - <include file="db/db.naming_systems.changelog-0.2.0.xml" /> - <include file="db/db.organizations.changelog-0.2.0.xml" /> - <include file="db/db.patients.changelog-0.2.0.xml" /> - <include file="db/db.practitioner_roles.changelog-0.2.0.xml" /> - <include file="db/db.practitioners.changelog-0.2.0.xml" /> - <include file="db/db.provenances.changelog-0.2.0.xml" /> - <include file="db/db.research_studies.changelog-0.2.0.xml" /> - <include file="db/db.structure_definitions.changelog-0.2.0.xml" /> - <include file="db/db.structure_definition_snapshots.changelog-0.2.0.xml" /> - <include file="db/db.subscriptions.changelog-0.2.0.xml" /> - <include file="db/db.tasks.changelog-0.2.0.xml" /> - <include file="db/db.value_sets.changelog-0.2.0.xml" /> - - <include file="db/db.history.changelog-0.2.0.xml" /> - - <include file="db/db.libraries.changelog-0.5.0.xml" /> - <include file="db/db.measure_reports.changelog-0.5.0.xml" /> - <include file="db/db.measures.changelog-0.5.0.xml" /> - <include file="db/db.organization_affiliations.changelog-0.5.0.xml" /> - - <include file="db/db.create-db-users.changelog-0.5.0.xml" /> - <include file="db/db.permanent-delete.changelog-0.5.0.xml" /> - <include file="db/db.history.changelog-0.5.0.xml" /> - <include file="db/db.read_access.changelog-0.5.0.xml" /> - - <include file="db/db.document_references.changelog-0.6.0.xml" /> - <include file="db/db.read_access.changelog-0.6.0.xml" /> - - <include file="db/db.questionnaires.changelog-0.8.0.xml" /> - <include file="db/db.questionnaire_responses.changelog-0.8.0.xml" /> - <include file="db/db.read_access.changelog-0.8.0.xml" /> - - <include file="db/db.history.changelog-0.9.0.xml" /> - <include file="db/db.questionnaire_responses.changelog-0.9.0.xml" /> </databaseChangeLog> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.code_systems.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.code_systems.changelog-0.2.0.xml deleted file mode 100644 index 21a2a0a5c..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.code_systems.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.code_systems.changelog-0.2.0"> - <dropView viewName="current_code_systems"/> - - <renameColumn tableName="code_systems" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="code_systems"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE code_systems SET deleted = current_cs.deleted_new - FROM ( - SELECT code_system_id, deleted_old, ((code_system->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (code_system_id) code_system_id, version, deleted_old, code_system - FROM code_systems ORDER BY code_system_id, version DESC - ) AS current_cs - WHERE deleted_old - ) AS current_cs - WHERE code_systems.code_system_id = current_cs.code_system_id - </sql> - - <dropColumn tableName="code_systems" columnName="deleted_old"/> - - <createView viewName="current_code_systems" replaceIfExists="true"> - SELECT code_system_id, version, code_system - FROM ( - SELECT DISTINCT ON (code_system_id) code_system_id, version, deleted, code_system - FROM code_systems ORDER BY code_system_id, version DESC - ) AS current_cs - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_code_systems OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_code_systems TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_code_systems TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.code_systems.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.code_systems.changelog-1.0.0.xml similarity index 79% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.code_systems.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.code_systems.changelog-1.0.0.xml index bce45b1ef..f93e1156a 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.code_systems.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.code_systems.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.code_systems.changelog-0.1.0"> + <changeSet author="hhund" id="db.code_systems.changelog-1.0.0"> <createTable tableName="code_systems"> <column name="code_system_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="code_system" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE code_systems OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE code_systems TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE code_systems TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE code_systems TO ${db.server_permanent_delete_users_group}; CREATE INDEX code_system_id_index ON code_systems USING btree (code_system_id); CREATE INDEX code_system_index ON code_systems USING gin (code_system); CREATE INDEX code_system_id_version_index ON code_systems USING btree (code_system_id, version); </sql> <createView viewName="current_code_systems" replaceIfExists="true"> - SELECT DISTINCT ON (code_system_id) code_system_id, version, code_system - FROM code_systems WHERE NOT deleted ORDER BY code_system_id, version DESC + SELECT code_system_id, version, code_system + FROM ( + SELECT DISTINCT ON (code_system_id) code_system_id, version, deleted, code_system + FROM code_systems ORDER BY code_system_id, version DESC + ) AS current_cs + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.create-db-users.changelog-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.create-db-users.changelog-0.5.0.xml deleted file mode 100644 index 83ca5b6c1..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.create-db-users.changelog-0.5.0.xml +++ /dev/null @@ -1,20 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog - xmlns="http://www.liquibase.org/xml/ns/dbchangelog" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-4.3.xsd"> - - <changeSet author="nlangh" id="db.create-db-users.changelog-0.5.0" dbms="postgresql"> - <preConditions onFail="MARK_RAN"> - <and> - <sqlCheck expectedResult="0">SELECT COUNT(*) FROM pg_roles WHERE rolname='${db.server_permanent_delete_user}'</sqlCheck> - <sqlCheck expectedResult="0">SELECT COUNT(*) FROM pg_roles WHERE rolname='${db.server_permanent_delete_users_group}'</sqlCheck> - </and> - </preConditions> - <sql> - CREATE ROLE ${db.server_permanent_delete_users_group} NOSUPERUSER INHERIT NOCREATEDB NOCREATEROLE NOREPLICATION; - CREATE ROLE ${db.server_permanent_delete_user} LOGIN PASSWORD '${db.server_permanent_delete_user_password}' NOSUPERUSER INHERIT NOCREATEDB NOCREATEROLE NOREPLICATION; - GRANT ${db.server_permanent_delete_users_group} TO ${db.server_permanent_delete_user}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.create-db-users.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.create-db-users.changelog-1.0.0.xml similarity index 58% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.create-db-users.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.create-db-users.changelog-1.0.0.xml index bc299694a..05b641104 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.create-db-users.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.create-db-users.changelog-1.0.0.xml @@ -4,17 +4,24 @@ xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - <changeSet author="hhund" id="db.create-db-users.changelog-0.1.0" dbms="postgresql"> + <changeSet author="hhund" id="db.create-db-users.changelog-1.0.0" dbms="postgresql"> <preConditions onFail="MARK_RAN"> <and> <sqlCheck expectedResult="0">SELECT COUNT(*) FROM pg_roles WHERE rolname='${db.server_user}'</sqlCheck> <sqlCheck expectedResult="0">SELECT COUNT(*) FROM pg_roles WHERE rolname='${db.server_users_group}'</sqlCheck> + + <sqlCheck expectedResult="0">SELECT COUNT(*) FROM pg_roles WHERE rolname='${db.server_permanent_delete_user}'</sqlCheck> + <sqlCheck expectedResult="0">SELECT COUNT(*) FROM pg_roles WHERE rolname='${db.server_permanent_delete_users_group}'</sqlCheck> </and> </preConditions> <sql> CREATE ROLE ${db.server_users_group} NOSUPERUSER INHERIT NOCREATEDB NOCREATEROLE NOREPLICATION; CREATE ROLE ${db.server_user} LOGIN PASSWORD '${db.server_user_password}' NOSUPERUSER INHERIT NOCREATEDB NOCREATEROLE NOREPLICATION; GRANT ${db.server_users_group} TO ${db.server_user}; + + CREATE ROLE ${db.server_permanent_delete_users_group} NOSUPERUSER INHERIT NOCREATEDB NOCREATEROLE NOREPLICATION; + CREATE ROLE ${db.server_permanent_delete_user} LOGIN PASSWORD '${db.server_permanent_delete_user_password}' NOSUPERUSER INHERIT NOCREATEDB NOCREATEROLE NOREPLICATION; + GRANT ${db.server_permanent_delete_users_group} TO ${db.server_permanent_delete_user}; </sql> </changeSet> </databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.document_references.changelog-0.6.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.document_references.changelog-1.0.0.xml similarity index 99% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.document_references.changelog-0.6.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.document_references.changelog-1.0.0.xml index 2e4735aa5..fe07b0c67 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.document_references.changelog-0.6.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.document_references.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.document_references.changelog-0.6.0"> + <changeSet author="hhund" id="db.document_references.changelog-1.0.0"> <createTable tableName="document_references"> <column name="document_reference_id" type="UUID"> <constraints nullable="false" /> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.endpoints.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.endpoints.changelog-0.2.0.xml deleted file mode 100644 index 88050d919..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.endpoints.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.endpoints.changelog-0.2.0"> - <dropView viewName="current_endpoints"/> - - <renameColumn tableName="endpoints" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="endpoints"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE endpoints SET deleted = current_e.deleted_new - FROM ( - SELECT endpoint_id, deleted_old, ((endpoint->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (endpoint_id) endpoint_id, version, deleted_old, endpoint - FROM endpoints ORDER BY endpoint_id, version DESC - ) AS current_e - WHERE deleted_old - ) AS current_e - WHERE endpoints.endpoint_id = current_e.endpoint_id - </sql> - - <dropColumn tableName="endpoints" columnName="deleted_old"/> - - <createView viewName="current_endpoints" replaceIfExists="true"> - SELECT endpoint_id, version, endpoint - FROM ( - SELECT DISTINCT ON (endpoint_id) endpoint_id, version, deleted, endpoint - FROM endpoints ORDER BY endpoint_id, version DESC - ) AS current_e - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_endpoints OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_endpoints TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_endpoints TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.endpoints.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.endpoints.changelog-1.0.0.xml similarity index 80% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.endpoints.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.endpoints.changelog-1.0.0.xml index 9bcc168f6..ce02521b0 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.endpoints.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.endpoints.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.endpoint.changelog-0.1.0"> + <changeSet author="hhund" id="db.endpoint.changelog-1.0.0"> <createTable tableName="endpoints"> <column name="endpoint_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="endpoint" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE endpoints OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE endpoints TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE endpoints TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE endpoints TO ${db.server_permanent_delete_users_group}; CREATE INDEX endpoint_id_index ON endpoints USING btree (endpoint_id); CREATE INDEX endpoint_index ON endpoints USING gin (endpoint); CREATE INDEX endpoint_id_version_index ON endpoints USING btree (endpoint_id, version); </sql> <createView viewName="current_endpoints" replaceIfExists="true"> - SELECT DISTINCT ON (endpoint_id) endpoint_id, version, endpoint - FROM endpoints WHERE NOT deleted ORDER BY endpoint_id, version DESC + SELECT endpoint_id, version, endpoint + FROM ( + SELECT DISTINCT ON (endpoint_id) endpoint_id, version, deleted, endpoint + FROM endpoints ORDER BY endpoint_id, version DESC + ) AS current_e + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.groups.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.groups.changelog-0.2.0.xml deleted file mode 100644 index 9660d39ae..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.groups.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.groups.changelog-0.2.0"> - <dropView viewName="current_groups"/> - - <renameColumn tableName="groups" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="groups"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE groups SET deleted = current_g.deleted_new - FROM ( - SELECT group_id, deleted_old, ((group_json->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (group_id) group_id, version, deleted_old, group_json - FROM groups ORDER BY group_id, version DESC - ) AS current_g - WHERE deleted_old - ) AS current_g - WHERE groups.group_id = current_g.group_id - </sql> - - <dropColumn tableName="groups" columnName="deleted_old"/> - - <createView viewName="current_groups" replaceIfExists="true"> - SELECT group_id, version, group_json - FROM ( - SELECT DISTINCT ON (group_id) group_id, version, deleted, group_json - FROM groups ORDER BY group_id, version DESC - ) AS current_g - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_groups OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_groups TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_groups TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.groups.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.groups.changelog-1.0.0.xml similarity index 80% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.groups.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.groups.changelog-1.0.0.xml index f0d30a0d0..0e3cf0882 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.groups.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.groups.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="retwet" id="db.groups.changelog-0.1.0"> + <changeSet author="retwet" id="db.groups.changelog-1.0.0"> <createTable tableName="groups"> <column name="group_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <!-- caveat: json column cannot be named group, because group is a reserved word in sql --> <column name="group_json" type="${json}"> <constraints nullable="false" /> @@ -29,14 +27,19 @@ ALTER TABLE groups OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE groups TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE groups TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE groups TO ${db.server_permanent_delete_users_group}; CREATE INDEX group_id_index ON groups USING btree (group_id); CREATE INDEX group_index ON groups USING gin (group_json); CREATE INDEX group_id_version_index ON groups USING btree (group_id, version); </sql> <createView viewName="current_groups" replaceIfExists="true"> - SELECT DISTINCT ON (group_id) group_id, version, group_json - FROM groups WHERE NOT deleted ORDER BY group_id, version DESC + SELECT group_id, version, group_json + FROM ( + SELECT DISTINCT ON (group_id) group_id, version, deleted, group_json + FROM groups ORDER BY group_id, version DESC + ) AS current_g + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.healthcare_services.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.healthcare_services.changelog-0.2.0.xml deleted file mode 100644 index 66a231da0..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.healthcare_services.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.healthcare_services.changelog-0.2.0"> - <dropView viewName="current_healthcare_services"/> - - <renameColumn tableName="healthcare_services" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="healthcare_services"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE healthcare_services SET deleted = current_hs.deleted_new - FROM ( - SELECT healthcare_service_id, deleted_old, ((healthcare_service->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (healthcare_service_id) healthcare_service_id, version, deleted_old, healthcare_service - FROM healthcare_services ORDER BY healthcare_service_id, version DESC - ) AS current_hs - WHERE deleted_old - ) AS current_hs - WHERE healthcare_services.healthcare_service_id = current_hs.healthcare_service_id - </sql> - - <dropColumn tableName="healthcare_services" columnName="deleted_old"/> - - <createView viewName="current_healthcare_services" replaceIfExists="true"> - SELECT healthcare_service_id, version, healthcare_service - FROM ( - SELECT DISTINCT ON (healthcare_service_id) healthcare_service_id, version, deleted, healthcare_service - FROM healthcare_services ORDER BY healthcare_service_id, version DESC - ) AS current_hs - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_healthcare_services OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_healthcare_services TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_healthcare_services TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.healthcare_services.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.healthcare_services.changelog-1.0.0.xml similarity index 81% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.healthcare_services.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.healthcare_services.changelog-1.0.0.xml index 0a620e874..5db8a4a60 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.healthcare_services.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.healthcare_services.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.healthcare_services.changelog-0.1.0"> + <changeSet author="hhund" id="db.healthcare_services.changelog-1.0.0"> <createTable tableName="healthcare_services"> <column name="healthcare_service_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="healthcare_service" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE healthcare_services OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE healthcare_services TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE healthcare_services TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE healthcare_services TO ${db.server_permanent_delete_users_group}; CREATE INDEX healthcare_service_id_index ON healthcare_services USING btree (healthcare_service_id); CREATE INDEX healthcare_service_index ON healthcare_services USING gin (healthcare_service); CREATE INDEX healthcare_service_id_version_index ON healthcare_services USING btree (healthcare_service_id, version); </sql> <createView viewName="current_healthcare_services" replaceIfExists="true"> - SELECT DISTINCT ON (healthcare_service_id) healthcare_service_id, version, healthcare_service - FROM healthcare_services WHERE NOT deleted ORDER BY healthcare_service_id, version DESC + SELECT healthcare_service_id, version, healthcare_service + FROM ( + SELECT DISTINCT ON (healthcare_service_id) healthcare_service_id, version, deleted, healthcare_service + FROM healthcare_services ORDER BY healthcare_service_id, version DESC + ) AS current_hs + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.history.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.history.changelog-0.2.0.xml deleted file mode 100644 index f827a7bac..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.history.changelog-0.2.0.xml +++ /dev/null @@ -1,288 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.history.changelog-0.2.0"> - <createView viewName="history" replaceIfExists="true"> - SELECT id, version, type, method, last_updated, resource - FROM ( - - SELECT activity_definition_id AS id, version, 'ActivityDefinition' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (activity_definition->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - activity_definition AS resource - FROM activity_definitions - - UNION - - SELECT activity_definition_id AS id, version + 1, 'ActivityDefinition' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM activity_definitions - WHERE deleted IS NOT NULL - - UNION - - SELECT binary_id AS id, version, 'Binary' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (binary_json->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - binary_json AS resource - FROM binaries - - UNION - - SELECT binary_id AS id, version + 1, 'Binary' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM binaries - WHERE deleted IS NOT NULL - - UNION - - SELECT bundle_id AS id, version, 'Bundle' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (bundle->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - bundle AS resource - FROM bundles - - UNION - - SELECT bundle_id AS id, version + 1, 'Bundle' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM bundles - WHERE deleted IS NOT NULL - - UNION - - SELECT code_system_id AS id, version, 'CodeSystem' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (code_system->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - code_system AS resource - FROM code_systems - - UNION - - SELECT code_system_id AS id, version + 1, 'CodeSystem' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM code_systems - WHERE deleted IS NOT NULL - - UNION - - SELECT endpoint_id AS id, version, 'Endpoint' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (endpoint->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - endpoint AS resource - FROM endpoints - - UNION - - SELECT endpoint_id AS id, version + 1, 'Endpoint' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM endpoints - WHERE deleted IS NOT NULL - - UNION - - SELECT group_id AS id, version, 'Group' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (group_json->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - group_json AS resource - FROM groups - - UNION - - SELECT group_id AS id, version + 1, 'Group' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM groups - WHERE deleted IS NOT NULL - - UNION - - SELECT healthcare_service_id AS id, version, 'HealthcareService' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (healthcare_service->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - healthcare_service AS resource - FROM healthcare_services - - UNION - - SELECT healthcare_service_id AS id, version + 1, 'HealthcareService' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM healthcare_services - WHERE deleted IS NOT NULL - - UNION - - SELECT location_id AS id, version, 'Location' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (location->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - location AS resource - FROM locations - - UNION - - SELECT location_id AS id, version + 1, 'Location' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM locations - WHERE deleted IS NOT NULL - - UNION - - SELECT naming_system_id AS id, version, 'NamingSystem' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (naming_system->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - naming_system AS resource - FROM naming_systems - - UNION - - SELECT naming_system_id AS id, version + 1, 'NamingSystem' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM naming_systems - WHERE deleted IS NOT NULL - - UNION - - SELECT organization_id AS id, version, 'Organization' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (organization->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - organization AS resource - FROM organizations - - UNION - - SELECT organization_id AS id, version + 1, 'Organization' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM organizations - WHERE deleted IS NOT NULL - - UNION - - SELECT patient_id AS id, version, 'Patient' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (patient->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - patient AS resource - FROM patients - - UNION - - SELECT patient_id AS id, version + 1, 'Patient' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM patients - WHERE deleted IS NOT NULL - - UNION - - SELECT practitioner_role_id AS id, version, 'PractitionerRole' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (practitioner_role->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - practitioner_role AS resource - FROM practitioner_roles - - UNION - - SELECT practitioner_role_id AS id, version + 1, 'PractitionerRole' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM practitioner_roles - WHERE deleted IS NOT NULL - - UNION - - SELECT practitioner_id AS id, version, 'Practitioner' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (practitioner->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - practitioner AS resource - FROM practitioners - - UNION - - SELECT practitioner_id AS id, version + 1, 'Practitioner' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM practitioners - WHERE deleted IS NOT NULL - - UNION - - SELECT provenance_id AS id, version, 'Provenance' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (provenance->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - provenance AS resource - FROM provenances - - UNION - - SELECT provenance_id AS id, version + 1, 'Provenance' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM provenances - WHERE deleted IS NOT NULL - - UNION - - SELECT research_study_id AS id, version, 'ResearchStudy' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (research_study->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - research_study AS resource - FROM research_studies - - UNION - - SELECT research_study_id AS id, version + 1, 'ResearchStudy' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM research_studies - WHERE deleted IS NOT NULL - - UNION - - SELECT structure_definition_id AS id, version, 'StructureDefinition' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (structure_definition->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - structure_definition AS resource - FROM structure_definitions - - UNION - - SELECT structure_definition_id AS id, version + 1, 'StructureDefinition' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM structure_definitions - WHERE deleted IS NOT NULL - - UNION - - SELECT subscription_id AS id, version, 'Subscription' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (subscription->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - subscription AS resource - FROM subscriptions - - UNION - - SELECT subscription_id AS id, version + 1, 'Subscription' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM subscriptions - WHERE deleted IS NOT NULL - - UNION - - SELECT task_id AS id, version, 'Task' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (task->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - task AS resource - FROM tasks - - UNION - - SELECT task_id AS id, version + 1, 'Task' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM tasks - WHERE deleted IS NOT NULL - - UNION - - SELECT value_set_id AS id, version, 'ValueSet' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (value_set->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - value_set AS resource - FROM value_sets - - UNION - - SELECT value_set_id AS id, version + 1, 'ValueSet' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM value_sets - WHERE deleted IS NOT NULL - - ) AS history - ORDER BY last_updated, id, version - </createView> - - <sql dbms="postgresql"> - ALTER TABLE history OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE history TO ${db.liquibase_user}; - GRANT SELECT ON TABLE history TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.history.changelog-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.history.changelog-0.5.0.xml deleted file mode 100644 index a5219de00..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.history.changelog-0.5.0.xml +++ /dev/null @@ -1,344 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-4.3.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.history.changelog-0.5.0"> - <createView viewName="history" replaceIfExists="true"> - SELECT id, version, type, method, last_updated, resource - FROM ( - - SELECT activity_definition_id AS id, version, 'ActivityDefinition' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (activity_definition->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - activity_definition AS resource - FROM activity_definitions - - UNION - - SELECT activity_definition_id AS id, version + 1, 'ActivityDefinition' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM activity_definitions - WHERE deleted IS NOT NULL - - UNION - - SELECT binary_id AS id, version, 'Binary' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (binary_json->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - binary_json AS resource - FROM binaries - - UNION - - SELECT binary_id AS id, version + 1, 'Binary' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM binaries - WHERE deleted IS NOT NULL - - UNION - - SELECT bundle_id AS id, version, 'Bundle' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (bundle->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - bundle AS resource - FROM bundles - - UNION - - SELECT bundle_id AS id, version + 1, 'Bundle' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM bundles - WHERE deleted IS NOT NULL - - UNION - - SELECT code_system_id AS id, version, 'CodeSystem' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (code_system->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - code_system AS resource - FROM code_systems - - UNION - - SELECT code_system_id AS id, version + 1, 'CodeSystem' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM code_systems - WHERE deleted IS NOT NULL - - UNION - - SELECT endpoint_id AS id, version, 'Endpoint' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (endpoint->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - endpoint AS resource - FROM endpoints - - UNION - - SELECT endpoint_id AS id, version + 1, 'Endpoint' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM endpoints - WHERE deleted IS NOT NULL - - UNION - - SELECT group_id AS id, version, 'Group' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (group_json->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - group_json AS resource - FROM groups - - UNION - - SELECT group_id AS id, version + 1, 'Group' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM groups - WHERE deleted IS NOT NULL - - UNION - - SELECT healthcare_service_id AS id, version, 'HealthcareService' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (healthcare_service->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - healthcare_service AS resource - FROM healthcare_services - - UNION - - SELECT healthcare_service_id AS id, version + 1, 'HealthcareService' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM healthcare_services - WHERE deleted IS NOT NULL - - UNION - - SELECT library_id AS id, version, 'Library' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (library->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - library AS resource - FROM libraries - - UNION - - SELECT library_id AS id, version + 1, 'Library' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM libraries - WHERE deleted IS NOT NULL - - UNION - - SELECT location_id AS id, version, 'Location' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (location->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - location AS resource - FROM locations - - UNION - - SELECT location_id AS id, version + 1, 'Location' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM locations - WHERE deleted IS NOT NULL - - UNION - - SELECT measure_id AS id, version, 'Measure' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (measure->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - measure AS resource - FROM measures - - UNION - - SELECT measure_id AS id, version + 1, 'Measure' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM measures - WHERE deleted IS NOT NULL - - UNION - - SELECT measure_report_id AS id, version, 'MeasureReport' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (measure_report->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - measure_report AS resource - FROM measure_reports - - UNION - - SELECT measure_report_id AS id, version + 1, 'MeasureReport' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM measure_reports - WHERE deleted IS NOT NULL - - UNION - - SELECT naming_system_id AS id, version, 'NamingSystem' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (naming_system->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - naming_system AS resource - FROM naming_systems - - UNION - - SELECT naming_system_id AS id, version + 1, 'NamingSystem' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM naming_systems - WHERE deleted IS NOT NULL - - UNION - - SELECT organization_id AS id, version, 'Organization' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (organization->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - organization AS resource - FROM organizations - - UNION - - SELECT organization_id AS id, version + 1, 'Organization' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM organizations - WHERE deleted IS NOT NULL - - UNION - - SELECT organization_affiliation_id AS id, version, 'OrganizationAffiliation' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (organization_affiliation->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - organization_affiliation AS resource - FROM organization_affiliations - - UNION - - SELECT organization_affiliation_id AS id, version + 1, 'OrganizationAffiliation' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM organization_affiliations - WHERE deleted IS NOT NULL - - UNION - - SELECT patient_id AS id, version, 'Patient' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (patient->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - patient AS resource - FROM patients - - UNION - - SELECT patient_id AS id, version + 1, 'Patient' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM patients - WHERE deleted IS NOT NULL - - UNION - - SELECT practitioner_role_id AS id, version, 'PractitionerRole' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (practitioner_role->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - practitioner_role AS resource - FROM practitioner_roles - - UNION - - SELECT practitioner_role_id AS id, version + 1, 'PractitionerRole' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM practitioner_roles - WHERE deleted IS NOT NULL - - UNION - - SELECT practitioner_id AS id, version, 'Practitioner' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (practitioner->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - practitioner AS resource - FROM practitioners - - UNION - - SELECT practitioner_id AS id, version + 1, 'Practitioner' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM practitioners - WHERE deleted IS NOT NULL - - UNION - - SELECT provenance_id AS id, version, 'Provenance' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (provenance->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - provenance AS resource - FROM provenances - - UNION - - SELECT provenance_id AS id, version + 1, 'Provenance' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM provenances - WHERE deleted IS NOT NULL - - UNION - - SELECT research_study_id AS id, version, 'ResearchStudy' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (research_study->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - research_study AS resource - FROM research_studies - - UNION - - SELECT research_study_id AS id, version + 1, 'ResearchStudy' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM research_studies - WHERE deleted IS NOT NULL - - UNION - - SELECT structure_definition_id AS id, version, 'StructureDefinition' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (structure_definition->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - structure_definition AS resource - FROM structure_definitions - - UNION - - SELECT structure_definition_id AS id, version + 1, 'StructureDefinition' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM structure_definitions - WHERE deleted IS NOT NULL - - UNION - - SELECT subscription_id AS id, version, 'Subscription' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (subscription->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - subscription AS resource - FROM subscriptions - - UNION - - SELECT subscription_id AS id, version + 1, 'Subscription' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM subscriptions - WHERE deleted IS NOT NULL - - UNION - - SELECT task_id AS id, version, 'Task' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (task->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - task AS resource - FROM tasks - - UNION - - SELECT task_id AS id, version + 1, 'Task' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM tasks - WHERE deleted IS NOT NULL - - UNION - - SELECT value_set_id AS id, version, 'ValueSet' AS type, - CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, - (value_set->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, - value_set AS resource - FROM value_sets - - UNION - - SELECT value_set_id AS id, version + 1, 'ValueSet' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource - FROM value_sets - WHERE deleted IS NOT NULL - - ) AS history - ORDER BY last_updated, id, version - </createView> - - <sql dbms="postgresql"> - ALTER TABLE history OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE history TO ${db.liquibase_user}; - GRANT SELECT ON TABLE history TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.history.changelog-0.9.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.history.changelog-1.0.0.xml similarity index 96% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.history.changelog-0.9.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.history.changelog-1.0.0.xml index 77038a510..515dcc7e8 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.history.changelog-0.9.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.history.changelog-1.0.0.xml @@ -1,364 +1,362 @@ <?xml version="1.0" encoding="UTF-8"?> <databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-4.3.xsd"> + http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.history.changelog-0.9.0"> + <changeSet author="hhund" id="db.history.changelog-1.0.0"> <createView viewName="history" replaceIfExists="true"> SELECT id, version, type, method, last_updated, resource FROM ( - SELECT activity_definition_id AS id, version, 'ActivityDefinition' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (activity_definition->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, activity_definition AS resource FROM activity_definitions - + UNION - + SELECT activity_definition_id AS id, version + 1, 'ActivityDefinition' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM activity_definitions WHERE deleted IS NOT NULL - + UNION - + SELECT binary_id AS id, version, 'Binary' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (binary_json->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, binary_json AS resource FROM binaries - + UNION - + SELECT binary_id AS id, version + 1, 'Binary' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM binaries WHERE deleted IS NOT NULL - + UNION - + SELECT bundle_id AS id, version, 'Bundle' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (bundle->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, bundle AS resource FROM bundles - + UNION - + SELECT bundle_id AS id, version + 1, 'Bundle' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM bundles WHERE deleted IS NOT NULL - + UNION - + SELECT code_system_id AS id, version, 'CodeSystem' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (code_system->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, code_system AS resource FROM code_systems - + UNION - + SELECT code_system_id AS id, version + 1, 'CodeSystem' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM code_systems WHERE deleted IS NOT NULL - + UNION - + SELECT endpoint_id AS id, version, 'Endpoint' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (endpoint->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, endpoint AS resource FROM endpoints - + UNION - + SELECT endpoint_id AS id, version + 1, 'Endpoint' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM endpoints WHERE deleted IS NOT NULL - + UNION - + SELECT group_id AS id, version, 'Group' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (group_json->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, group_json AS resource FROM groups - + UNION - + SELECT group_id AS id, version + 1, 'Group' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM groups WHERE deleted IS NOT NULL - + UNION - + SELECT healthcare_service_id AS id, version, 'HealthcareService' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (healthcare_service->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, healthcare_service AS resource FROM healthcare_services - + UNION - + SELECT healthcare_service_id AS id, version + 1, 'HealthcareService' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM healthcare_services WHERE deleted IS NOT NULL - + UNION - + SELECT library_id AS id, version, 'Library' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (library->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, library AS resource FROM libraries - + UNION - + SELECT library_id AS id, version + 1, 'Library' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM libraries WHERE deleted IS NOT NULL - + UNION - + SELECT location_id AS id, version, 'Location' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (location->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, location AS resource FROM locations - + UNION - + SELECT location_id AS id, version + 1, 'Location' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM locations WHERE deleted IS NOT NULL - + UNION - + SELECT measure_id AS id, version, 'Measure' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (measure->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, measure AS resource FROM measures - + UNION - + SELECT measure_id AS id, version + 1, 'Measure' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM measures WHERE deleted IS NOT NULL - + UNION - + SELECT measure_report_id AS id, version, 'MeasureReport' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (measure_report->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, measure_report AS resource FROM measure_reports - + UNION - + SELECT measure_report_id AS id, version + 1, 'MeasureReport' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM measure_reports WHERE deleted IS NOT NULL - + UNION - + SELECT naming_system_id AS id, version, 'NamingSystem' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (naming_system->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, naming_system AS resource FROM naming_systems - + UNION - + SELECT naming_system_id AS id, version + 1, 'NamingSystem' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM naming_systems WHERE deleted IS NOT NULL - + UNION - + SELECT organization_id AS id, version, 'Organization' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (organization->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, organization AS resource FROM organizations - + UNION - + SELECT organization_id AS id, version + 1, 'Organization' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM organizations WHERE deleted IS NOT NULL - + UNION - + SELECT organization_affiliation_id AS id, version, 'OrganizationAffiliation' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (organization_affiliation->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, organization_affiliation AS resource FROM organization_affiliations - + UNION - + SELECT organization_affiliation_id AS id, version + 1, 'OrganizationAffiliation' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM organization_affiliations WHERE deleted IS NOT NULL - + UNION - + SELECT questionnaire_id AS id, version, 'Questionnaire' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (questionnaire->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, questionnaire AS resource FROM questionnaires - + UNION - + SELECT questionnaire_id AS id, version + 1, 'Questionnaire' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM questionnaires WHERE deleted IS NOT NULL - + UNION - + SELECT questionnaire_response_id AS id, version, 'QuestionnaireResponse' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (questionnaire_response->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, questionnaire_response AS resource FROM questionnaire_responses - + UNION - + SELECT questionnaire_response_id AS id, version + 1, 'QuestionnaireResponse' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM questionnaire_responses WHERE deleted IS NOT NULL - + UNION - + SELECT patient_id AS id, version, 'Patient' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (patient->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, patient AS resource FROM patients - + UNION - + SELECT patient_id AS id, version + 1, 'Patient' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM patients WHERE deleted IS NOT NULL - + UNION - + SELECT practitioner_role_id AS id, version, 'PractitionerRole' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (practitioner_role->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, practitioner_role AS resource FROM practitioner_roles - + UNION - + SELECT practitioner_role_id AS id, version + 1, 'PractitionerRole' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM practitioner_roles WHERE deleted IS NOT NULL - + UNION - + SELECT practitioner_id AS id, version, 'Practitioner' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (practitioner->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, practitioner AS resource FROM practitioners - + UNION - + SELECT practitioner_id AS id, version + 1, 'Practitioner' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM practitioners WHERE deleted IS NOT NULL - + UNION - + SELECT provenance_id AS id, version, 'Provenance' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (provenance->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, provenance AS resource FROM provenances - + UNION - + SELECT provenance_id AS id, version + 1, 'Provenance' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM provenances WHERE deleted IS NOT NULL - + UNION - + SELECT research_study_id AS id, version, 'ResearchStudy' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (research_study->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, research_study AS resource FROM research_studies - + UNION - + SELECT research_study_id AS id, version + 1, 'ResearchStudy' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM research_studies WHERE deleted IS NOT NULL - + UNION - + SELECT structure_definition_id AS id, version, 'StructureDefinition' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (structure_definition->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, structure_definition AS resource FROM structure_definitions - + UNION - + SELECT structure_definition_id AS id, version + 1, 'StructureDefinition' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM structure_definitions WHERE deleted IS NOT NULL - + UNION - + SELECT subscription_id AS id, version, 'Subscription' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (subscription->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, subscription AS resource FROM subscriptions - + UNION - + SELECT subscription_id AS id, version + 1, 'Subscription' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM subscriptions WHERE deleted IS NOT NULL - + UNION - + SELECT task_id AS id, version, 'Task' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (task->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, task AS resource FROM tasks - + UNION - + SELECT task_id AS id, version + 1, 'Task' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM tasks WHERE deleted IS NOT NULL - + UNION - + SELECT value_set_id AS id, version, 'ValueSet' AS type, CASE WHEN version = 1 THEN 'POST' ELSE 'PUT' END AS method, (value_set->'meta'->>'lastUpdated')::TIMESTAMP AS last_updated, value_set AS resource FROM value_sets - + UNION - + SELECT value_set_id AS id, version + 1, 'ValueSet' AS type, 'DELETE' AS method, deleted AS last_updated, NULL AS resource FROM value_sets WHERE deleted IS NOT NULL - ) AS history ORDER BY last_updated, id, version </createView> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.libraries.changelog-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.libraries.changelog-1.0.0.xml similarity index 92% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.libraries.changelog-0.5.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.libraries.changelog-1.0.0.xml index b7bf2173c..7bc209743 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.libraries.changelog-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.libraries.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="akiel" id="db.libraries.changelog-0.5.0"> + <changeSet author="akiel" id="db.libraries.changelog-1.0.0"> <createTable tableName="libraries"> <column name="library_id" type="UUID"> <constraints nullable="false" /> @@ -26,6 +26,7 @@ ALTER TABLE libraries OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE libraries TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE libraries TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE libraries TO ${db.server_permanent_delete_users_group}; CREATE INDEX library_id_index ON libraries USING btree (library_id); CREATE INDEX library_index ON libraries USING gin (library); CREATE INDEX library_id_version_index ON libraries USING btree (library_id, version); diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.locations.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.locations.changelog-0.2.0.xml deleted file mode 100644 index 5bbc582ea..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.locations.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.locations.changelog-0.2.0"> - <dropView viewName="current_locations"/> - - <renameColumn tableName="locations" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="locations"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE locations SET deleted = current_l.deleted_new - FROM ( - SELECT location_id, deleted_old, ((location->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (location_id) location_id, version, deleted_old, location - FROM locations ORDER BY location_id, version DESC - ) AS current_l - WHERE deleted_old - ) AS current_l - WHERE locations.location_id = current_l.location_id - </sql> - - <dropColumn tableName="locations" columnName="deleted_old"/> - - <createView viewName="current_locations" replaceIfExists="true"> - SELECT location_id, version, location - FROM ( - SELECT DISTINCT ON (location_id) location_id, version, deleted, location - FROM locations ORDER BY location_id, version DESC - ) AS current_l - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_locations OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_locations TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_locations TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.locations.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.locations.changelog-1.0.0.xml similarity index 79% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.locations.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.locations.changelog-1.0.0.xml index c7e05075d..3173575c9 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.locations.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.locations.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.locations.changelog-0.1.0"> + <changeSet author="hhund" id="db.locations.changelog-1.0.0"> <createTable tableName="locations"> <column name="location_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="location" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE locations OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE locations TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE locations TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE locations TO ${db.server_permanent_delete_users_group}; CREATE INDEX location_id_index ON locations USING btree (location_id); CREATE INDEX location_index ON locations USING gin (location); CREATE INDEX location_id_version_index ON locations USING btree (location_id, version); </sql> <createView viewName="current_locations" replaceIfExists="true"> - SELECT DISTINCT ON (location_id) location_id, version, location - FROM locations WHERE NOT deleted ORDER BY location_id, version DESC + SELECT location_id, version, location + FROM ( + SELECT DISTINCT ON (location_id) location_id, version, deleted, location + FROM locations ORDER BY location_id, version DESC + ) AS current_l + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.measure_reports.changelog-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.measure_reports.changelog-1.0.0.xml similarity index 93% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.measure_reports.changelog-0.5.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.measure_reports.changelog-1.0.0.xml index 32f455a21..53f410828 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.measure_reports.changelog-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.measure_reports.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="akiel" id="db.measure_reports.changelog-0.5.0"> + <changeSet author="akiel" id="db.measure_reports.changelog-1.0.0"> <createTable tableName="measure_reports"> <column name="measure_report_id" type="UUID"> <constraints nullable="false" /> @@ -26,6 +26,7 @@ ALTER TABLE measure_reports OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE measure_reports TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE measure_reports TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE measure_reports TO ${db.server_permanent_delete_users_group}; CREATE INDEX measure_report_id_index ON measure_reports USING btree (measure_report_id); CREATE INDEX measure_report_index ON measure_reports USING gin (measure_report); CREATE INDEX measure_report_id_version_index ON measure_reports USING btree (measure_report_id, version); diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.measures.changelog-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.measures.changelog-1.0.0.xml similarity index 92% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.measures.changelog-0.5.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.measures.changelog-1.0.0.xml index 962613284..fbda183e5 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.measures.changelog-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.measures.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="akiel" id="db.measures.changelog-0.5.0"> + <changeSet author="akiel" id="db.measures.changelog-1.0.0"> <createTable tableName="measures"> <column name="measure_id" type="UUID"> <constraints nullable="false" /> @@ -26,6 +26,7 @@ ALTER TABLE measures OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE measures TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE measures TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE measures TO ${db.server_permanent_delete_users_group}; CREATE INDEX measure_id_index ON measures USING btree (measure_id); CREATE INDEX measure_index ON measures USING gin (measure); CREATE INDEX measure_id_version_index ON measures USING btree (measure_id, version); diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.naming_systems.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.naming_systems.changelog-0.2.0.xml deleted file mode 100644 index 101d7ac8d..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.naming_systems.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.naming_systems.changelog-0.2.0"> - <dropView viewName="current_naming_systems"/> - - <renameColumn tableName="naming_systems" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="naming_systems"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE naming_systems SET deleted = current_ns.deleted_new - FROM ( - SELECT naming_system_id, deleted_old, ((naming_system->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (naming_system_id) naming_system_id, version, deleted_old, naming_system - FROM naming_systems ORDER BY naming_system_id, version DESC - ) AS current_ns - WHERE deleted_old - ) AS current_ns - WHERE naming_systems.naming_system_id = current_ns.naming_system_id - </sql> - - <dropColumn tableName="naming_systems" columnName="deleted_old"/> - - <createView viewName="current_naming_systems" replaceIfExists="true"> - SELECT naming_system_id, version, naming_system - FROM ( - SELECT DISTINCT ON (naming_system_id) naming_system_id, version, deleted, naming_system - FROM naming_systems ORDER BY naming_system_id, version DESC - ) AS current_ns - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_naming_systems OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_naming_systems TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_naming_systems TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.naming_systems.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.naming_systems.changelog-1.0.0.xml similarity index 79% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.naming_systems.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.naming_systems.changelog-1.0.0.xml index 19f0abef5..1aa971d8c 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.naming_systems.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.naming_systems.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.naming_systems.changelog-0.1.0"> + <changeSet author="hhund" id="db.naming_systems.changelog-1.0.0"> <createTable tableName="naming_systems"> <column name="naming_system_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="naming_system" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE naming_systems OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE naming_systems TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE naming_systems TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE naming_systems TO ${db.server_permanent_delete_users_group}; CREATE INDEX naming_system_id_index ON naming_systems USING btree (naming_system_id); CREATE INDEX naming_system_index ON naming_systems USING gin (naming_system); CREATE INDEX naming_system_id_version_index ON naming_systems USING btree (naming_system_id, version); </sql> <createView viewName="current_naming_systems" replaceIfExists="true"> - SELECT DISTINCT ON (naming_system_id) naming_system_id, version, naming_system - FROM naming_systems WHERE NOT deleted ORDER BY naming_system_id, version DESC + SELECT naming_system_id, version, naming_system + FROM ( + SELECT DISTINCT ON (naming_system_id) naming_system_id, version, deleted, naming_system + FROM naming_systems ORDER BY naming_system_id, version DESC + ) AS current_ns + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organization_affiliations.changelog-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organization_affiliations.changelog-1.0.0.xml similarity index 95% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organization_affiliations.changelog-0.5.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organization_affiliations.changelog-1.0.0.xml index cb32631ea..f396bb34e 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organization_affiliations.changelog-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organization_affiliations.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.organization_affiliations.changelog-0.5.0"> + <changeSet author="hhund" id="db.organization_affiliations.changelog-1.0.0"> <createTable tableName="organization_affiliations"> <column name="organization_affiliation_id" type="UUID"> <constraints nullable="false" /> @@ -26,6 +26,7 @@ ALTER TABLE organization_affiliations OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE organization_affiliations TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE organization_affiliations TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE organization_affiliations TO ${db.server_permanent_delete_users_group}; CREATE INDEX organization_affiliation_id_index ON organization_affiliations USING btree (organization_affiliation_id); CREATE INDEX organization_affiliation_index ON organization_affiliations USING gin (organization_affiliation); CREATE INDEX organization_affiliation_id_version_index ON organization_affiliations USING btree (organization_affiliation_id, version); diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organizations.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organizations.changelog-0.2.0.xml deleted file mode 100644 index b3c8b5dc8..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organizations.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.organizations.changelog-0.2.0"> - <dropView viewName="current_organizations"/> - - <renameColumn tableName="organizations" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="organizations"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE organizations SET deleted = current_o.deleted_new - FROM ( - SELECT organization_id, deleted_old, ((organization->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (organization_id) organization_id, version, deleted_old, organization - FROM organizations ORDER BY organization_id, version DESC - ) AS current_o - WHERE deleted_old - ) AS current_o - WHERE organizations.organization_id = current_o.organization_id - </sql> - - <dropColumn tableName="organizations" columnName="deleted_old"/> - - <createView viewName="current_organizations" replaceIfExists="true"> - SELECT organization_id, version, organization - FROM ( - SELECT DISTINCT ON (organization_id) organization_id, version, deleted, organization - FROM organizations ORDER BY organization_id, version DESC - ) AS current_o - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_organizations OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_organizations TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_organizations TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organizations.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organizations.changelog-1.0.0.xml similarity index 79% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organizations.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organizations.changelog-1.0.0.xml index 13220b45e..c54a37282 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organizations.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.organizations.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.organizations.changelog-0.1.0"> + <changeSet author="hhund" id="db.organizations.changelog-1.0.0"> <createTable tableName="organizations"> <column name="organization_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="organization" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE organizations OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE organizations TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE organizations TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE organizations TO ${db.server_permanent_delete_users_group}; CREATE INDEX organization_id_index ON organizations USING btree (organization_id); CREATE INDEX organization_index ON organizations USING gin (organization); CREATE INDEX organization_id_version_index ON organizations USING btree (organization_id, version) </sql> <createView viewName="current_organizations" replaceIfExists="true"> - SELECT DISTINCT ON (organization_id) organization_id, version, organization - FROM organizations WHERE NOT deleted ORDER BY organization_id, version DESC + SELECT organization_id, version, organization + FROM ( + SELECT DISTINCT ON (organization_id) organization_id, version, deleted, organization + FROM organizations ORDER BY organization_id, version DESC + ) AS current_o + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.patients.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.patients.changelog-0.2.0.xml deleted file mode 100644 index e934c7826..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.patients.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.patients.changelog-0.2.0"> - <dropView viewName="current_patients"/> - - <renameColumn tableName="patients" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="patients"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE patients SET deleted = current_p.deleted_new - FROM ( - SELECT patient_id, deleted_old, ((patient->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (patient_id) patient_id, version, deleted_old, patient - FROM patients ORDER BY patient_id, version DESC - ) AS current_p - WHERE deleted_old - ) AS current_p - WHERE patients.patient_id = current_p.patient_id - </sql> - - <dropColumn tableName="patients" columnName="deleted_old"/> - - <createView viewName="current_patients" replaceIfExists="true"> - SELECT patient_id, version, patient - FROM ( - SELECT DISTINCT ON (patient_id) patient_id, version, deleted, patient - FROM patients ORDER BY patient_id, version DESC - ) AS current_p - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_patients OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_patients TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_patients TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.patients.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.patients.changelog-1.0.0.xml similarity index 80% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.patients.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.patients.changelog-1.0.0.xml index 4fbeac9b8..4c28e8555 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.patients.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.patients.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.patients.changelog-0.1.0"> + <changeSet author="hhund" id="db.patients.changelog-1.0.0"> <createTable tableName="patients"> <column name="patient_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="patient" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE patients OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE patients TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE patients TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE patients TO ${db.server_permanent_delete_users_group}; CREATE INDEX patient_id_index ON patients USING btree (patient_id); CREATE INDEX patient_index ON patients USING gin (patient); CREATE INDEX patient_id_version_index ON patients USING btree (patient_id, version); </sql> <createView viewName="current_patients" replaceIfExists="true"> - SELECT DISTINCT ON (patient_id) patient_id, version, patient - FROM patients WHERE NOT deleted ORDER BY patient_id, version DESC + SELECT patient_id, version, patient + FROM ( + SELECT DISTINCT ON (patient_id) patient_id, version, deleted, patient + FROM patients ORDER BY patient_id, version DESC + ) AS current_p + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.permanent-delete.changelog-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.permanent-delete.changelog-0.5.0.xml deleted file mode 100644 index 5bd1f4a41..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.permanent-delete.changelog-0.5.0.xml +++ /dev/null @@ -1,35 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog - xmlns="http://www.liquibase.org/xml/ns/dbchangelog" - xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-4.3.xsd"> - - <changeSet author="nlangh" id="db.permanent-delete.changelog-0.5.0"> - <sql dbms="postgresql"> - GRANT SELECT, DELETE ON TABLE activity_definitions TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE binaries TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE bundles TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE code_systems TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE endpoints TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE groups TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE healthcare_services TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE locations TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE naming_systems TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE organizations TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE organization_affiliations TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE patients TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE practitioner_roles TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE practitioners TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE provenances TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE research_studies TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE structure_definition_snapshots TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE structure_definitions TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE subscriptions TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE tasks TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE value_sets TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE measures TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE measure_reports TO ${db.server_permanent_delete_users_group}; - GRANT SELECT, DELETE ON TABLE libraries TO ${db.server_permanent_delete_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioner_roles.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioner_roles.changelog-0.2.0.xml deleted file mode 100644 index 1349b17fc..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioner_roles.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.practitioner_roles.changelog-0.2.0"> - <dropView viewName="current_practitioner_roles"/> - - <renameColumn tableName="practitioner_roles" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="practitioner_roles"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE practitioner_roles SET deleted = current_pr.deleted_new - FROM ( - SELECT practitioner_role_id, deleted_old, ((practitioner_role->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (practitioner_role_id) practitioner_role_id, version, deleted_old, practitioner_role - FROM practitioner_roles ORDER BY practitioner_role_id, version DESC - ) AS current_pr - WHERE deleted_old - ) AS current_pr - WHERE practitioner_roles.practitioner_role_id = current_pr.practitioner_role_id - </sql> - - <dropColumn tableName="practitioner_roles" columnName="deleted_old"/> - - <createView viewName="current_practitioner_roles" replaceIfExists="true"> - SELECT practitioner_role_id, version, practitioner_role - FROM ( - SELECT DISTINCT ON (practitioner_role_id) practitioner_role_id, version, deleted, practitioner_role - FROM practitioner_roles ORDER BY practitioner_role_id, version DESC - ) AS current_pr - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_practitioner_roles OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_practitioner_roles TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_practitioner_roles TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioner_roles.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioner_roles.changelog-1.0.0.xml similarity index 78% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioner_roles.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioner_roles.changelog-1.0.0.xml index 96fcf0e18..5442bf95b 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioner_roles.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioner_roles.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.practitioner_roles.changelog-0.1.0"> + <changeSet author="hhund" id="db.practitioner_roles.changelog-1.0.0"> <createTable tableName="practitioner_roles"> <column name="practitioner_role_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="practitioner_role" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE practitioner_roles OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE practitioner_roles TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE practitioner_roles TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE practitioner_roles TO ${db.server_permanent_delete_users_group}; CREATE INDEX practitioner_role_id_index ON practitioner_roles USING btree (practitioner_role_id); CREATE INDEX practitioner_role_index ON practitioner_roles USING gin (practitioner_role); CREATE INDEX practitioner_role_id_version_index ON practitioner_roles USING btree (practitioner_role_id, version); </sql> <createView viewName="current_practitioner_roles" replaceIfExists="true"> - SELECT DISTINCT ON (practitioner_role_id) practitioner_role_id, version, practitioner_role - FROM practitioner_roles WHERE NOT deleted ORDER BY practitioner_role_id, version DESC + SELECT practitioner_role_id, version, practitioner_role + FROM ( + SELECT DISTINCT ON (practitioner_role_id) practitioner_role_id, version, deleted, practitioner_role + FROM practitioner_roles ORDER BY practitioner_role_id, version DESC + ) AS current_pr + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioners.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioners.changelog-0.2.0.xml deleted file mode 100644 index ede0f75b0..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioners.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.practitioners.changelog-0.2.0"> - <dropView viewName="current_practitioners"/> - - <renameColumn tableName="practitioners" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="practitioners"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE practitioners SET deleted = current_p.deleted_new - FROM ( - SELECT practitioner_id, deleted_old, ((practitioner->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (practitioner_id) practitioner_id, version, deleted_old, practitioner - FROM practitioners ORDER BY practitioner_id, version DESC - ) AS current_p - WHERE deleted_old - ) AS current_p - WHERE practitioners.practitioner_id = current_p.practitioner_id - </sql> - - <dropColumn tableName="practitioners" columnName="deleted_old"/> - - <createView viewName="current_practitioners" replaceIfExists="true"> - SELECT practitioner_id, version, practitioner - FROM ( - SELECT DISTINCT ON (practitioner_id) practitioner_id, version, deleted, practitioner - FROM practitioners ORDER BY practitioner_id, version DESC - ) AS current_p - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_practitioners OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_practitioners TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_practitioners TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioners.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioners.changelog-1.0.0.xml similarity index 79% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioners.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioners.changelog-1.0.0.xml index 2cb6635eb..4a4ee0f4b 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioners.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.practitioners.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.practitioners.changelog-0.1.0"> + <changeSet author="hhund" id="db.practitioners.changelog-1.0.0"> <createTable tableName="practitioners"> <column name="practitioner_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="practitioner" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE practitioners OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE practitioners TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE practitioners TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE practitioners TO ${db.server_permanent_delete_users_group}; CREATE INDEX practitioner_id_index ON practitioners USING btree (practitioner_id); CREATE INDEX practitioner_index ON practitioners USING gin (practitioner); CREATE INDEX practitioner_id_version_index ON practitioners USING btree (practitioner_id, version); </sql> <createView viewName="current_practitioners" replaceIfExists="true"> - SELECT DISTINCT ON (practitioner_id) practitioner_id, version, practitioner - FROM practitioners WHERE NOT deleted ORDER BY practitioner_id, version DESC + SELECT practitioner_id, version, practitioner + FROM ( + SELECT DISTINCT ON (practitioner_id) practitioner_id, version, deleted, practitioner + FROM practitioners ORDER BY practitioner_id, version DESC + ) AS current_p + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.provenances.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.provenances.changelog-0.2.0.xml deleted file mode 100644 index 984834229..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.provenances.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.provenances.changelog-0.2.0"> - <dropView viewName="current_provenances"/> - - <renameColumn tableName="provenances" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="provenances"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE provenances SET deleted = current_p.deleted_new - FROM ( - SELECT provenance_id, deleted_old, ((provenance->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (provenance_id) provenance_id, version, deleted_old, provenance - FROM provenances ORDER BY provenance_id, version DESC - ) AS current_p - WHERE deleted_old - ) AS current_p - WHERE provenances.provenance_id = current_p.provenance_id - </sql> - - <dropColumn tableName="provenances" columnName="deleted_old"/> - - <createView viewName="current_provenances" replaceIfExists="true"> - SELECT provenance_id, version, provenance - FROM ( - SELECT DISTINCT ON (provenance_id) provenance_id, version, deleted, provenance - FROM provenances ORDER BY provenance_id, version DESC - ) AS current_p - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_provenances OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_provenances TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_provenances TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.provenances.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.provenances.changelog-1.0.0.xml similarity index 79% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.provenances.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.provenances.changelog-1.0.0.xml index 843c13600..3e27d65d1 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.provenances.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.provenances.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.provenances.changelog-0.1.0"> + <changeSet author="hhund" id="db.provenances.changelog-1.0.0"> <createTable tableName="provenances"> <column name="provenance_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="provenance" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE provenances OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE provenances TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE provenances TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE provenances TO ${db.server_permanent_delete_users_group}; CREATE INDEX provenance_id_index ON provenances USING btree (provenance_id); CREATE INDEX provenance_index ON provenances USING gin (provenance); CREATE INDEX provenance_id_version_index ON provenances USING btree (provenance_id, version); </sql> <createView viewName="current_provenances" replaceIfExists="true"> - SELECT DISTINCT ON (provenance_id) provenance_id, version, provenance - FROM provenances WHERE NOT deleted ORDER BY provenance_id, version DESC + SELECT provenance_id, version, provenance + FROM ( + SELECT DISTINCT ON (provenance_id) provenance_id, version, deleted, provenance + FROM provenances ORDER BY provenance_id, version DESC + ) AS current_p + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaire_responses.changelog-0.9.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaire_responses.changelog-0.9.0.xml deleted file mode 100644 index ef112f272..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaire_responses.changelog-0.9.0.xml +++ /dev/null @@ -1,17 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.questionnaire_responses.changelog-0.9.0"> - <sql dbms="postgresql"> - DROP TRIGGER questionnaire_responses_insert ON questionnaire_responses; - DROP TRIGGER questionnaire_responses_update ON questionnaire_responses; - DROP FUNCTION on_questionnaire_responses_update; - DROP FUNCTION on_questionnaire_responses_insert; - </sql> - </changeSet> -</databaseChangeLog> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaire_responses.changelog-0.8.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaire_responses.changelog-1.0.0.xml similarity index 99% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaire_responses.changelog-0.8.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaire_responses.changelog-1.0.0.xml index 561158604..477b6c430 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaire_responses.changelog-0.8.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaire_responses.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="retwet" id="db.questionnaire_responses.changelog-0.8.0"> + <changeSet author="retwet" id="db.questionnaire_responses.changelog-1.0.0"> <createTable tableName="questionnaire_responses"> <column name="questionnaire_response_id" type="UUID"> <constraints nullable="false" /> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaires.changelog-0.8.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaires.changelog-1.0.0.xml similarity index 97% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaires.changelog-0.8.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaires.changelog-1.0.0.xml index a99542866..14e025fc5 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaires.changelog-0.8.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.questionnaires.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="retwet" id="db.questionnaires.changelog-0.8.0"> + <changeSet author="retwet" id="db.questionnaires.changelog-1.0.0"> <createTable tableName="questionnaires"> <column name="questionnaire_id" type="UUID"> <constraints nullable="false" /> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.read_access.changelog-0.6.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.read_access.changelog-0.6.0.xml deleted file mode 100644 index 541046785..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.read_access.changelog-0.6.0.xml +++ /dev/null @@ -1,86 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-4.3.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.read_access.changelog-0.6.0.all_resources"> - <createView viewName="all_resources" replaceIfExists="true"> - SELECT - id - , version - , type - , resource - FROM ( - SELECT activity_definition_id AS id, version, 'ActivityDefinition'::text AS type, activity_definition AS resource FROM current_activity_definitions - UNION - SELECT binary_id AS id, version, 'Binary'::text AS type, binary_json AS resource FROM current_binaries - UNION - SELECT bundle_id AS id, version, 'Bundle'::text AS type, bundle AS resource FROM current_bundles - UNION - SELECT code_system_id AS id, version, 'CodeSystem'::text AS type, code_system AS resource FROM current_code_systems - UNION - SELECT document_reference_id AS id, version, 'DocumentReference'::text AS type, document_reference AS resource FROM current_document_references - UNION - SELECT endpoint_id AS id, version, 'Endpoint'::text AS type, endpoint AS resource FROM current_endpoints - UNION - SELECT group_id AS id, version, 'Group'::text AS type, group_json AS resource FROM current_groups - UNION - SELECT healthcare_service_id AS id, version, 'HealthcareService'::text AS type, healthcare_service AS resource FROM current_healthcare_services - UNION - SELECT library_id AS id, version, 'Library'::text AS type, library AS resource FROM current_libraries - UNION - SELECT location_id AS id, version, 'Location'::text AS type, location AS resource FROM current_locations - UNION - SELECT measure_report_id AS id, version, 'MeasureReport'::text AS type, measure_report AS resource FROM current_measure_reports - UNION - SELECT measure_id AS id, version, 'Measure'::text AS type, measure AS resource FROM current_measures - UNION - SELECT naming_system_id AS id, version, 'NamingSystem'::text AS type, naming_system AS resource FROM current_naming_systems - UNION - SELECT organization_id AS id, version, 'Organization'::text AS type, organization AS resource FROM current_organizations - UNION - SELECT organization_affiliation_id AS id, version, 'OrganizationAffiliation'::text AS type, organization_affiliation AS resource FROM current_organization_affiliations - UNION - SELECT patient_id AS id, version, 'Patient'::text AS type, patient AS resource FROM current_patients - UNION - SELECT practitioner_role_id AS id, version, 'PractitionerRole'::text AS type, practitioner_role AS resource FROM current_practitioner_roles - UNION - SELECT practitioner_id AS id, version, 'Practitioner'::text AS type, practitioner AS resource FROM current_practitioners - UNION - SELECT provenance_id AS id, version, 'Provenance'::text AS type, provenance AS resource FROM current_provenances - UNION - SELECT research_study_id AS id, version, 'ResearchStudy'::text AS type, research_study AS resource FROM current_research_studies - UNION - SELECT structure_definition_id AS id, version, 'StructureDefinition'::text AS type, structure_definition AS resource FROM current_structure_definitions - UNION - SELECT subscription_id AS id, version, 'Subscription'::text AS type, subscription AS resource FROM current_subscriptions - UNION - SELECT task_id AS id, version, 'Task'::text AS type, task AS resource FROM current_tasks - UNION - SELECT value_set_id AS id, version, 'ValueSet'::text AS type, value_set AS resource FROM current_value_sets - ) AS current_all - </createView> - <sql dbms="postgresql"> - ALTER TABLE all_resources OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE all_resources TO ${db.liquibase_user}; - GRANT SELECT ON TABLE all_resources TO ${db.server_users_group}; - </sql> - </changeSet> - - <changeSet author="hhund" id="db.read_access.changelog-0.6.0.on_document_references_insert_function" runOnChange="true"> - <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_document_references_insert.sql" splitStatements="false" /> - </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.6.0.on_document_references_update_function" runOnChange="true"> - <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_document_references_update.sql" splitStatements="false" /> - </changeSet> - - <changeSet author="hhund" id="db.read_access.changelog-0.6.0.on_insert_triggers"> - <sql dbms="postgresql"> - CREATE TRIGGER document_references_insert AFTER INSERT ON document_references FOR EACH ROW EXECUTE PROCEDURE on_document_references_insert(); - CREATE TRIGGER document_references_update AFTER UPDATE ON document_references FOR EACH ROW EXECUTE PROCEDURE on_document_references_update(); - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.read_access.changelog-0.8.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.read_access.changelog-0.8.0.xml deleted file mode 100644 index ec03e21a6..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.read_access.changelog-0.8.0.xml +++ /dev/null @@ -1,99 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-4.3.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="retwet" id="db.read_access.changelog-0.8.0.all_resources"> - <createView viewName="all_resources" replaceIfExists="true"> - SELECT - id - , version - , type - , resource - FROM ( - SELECT activity_definition_id AS id, version, 'ActivityDefinition'::text AS type, activity_definition AS resource FROM current_activity_definitions - UNION - SELECT binary_id AS id, version, 'Binary'::text AS type, binary_json AS resource FROM current_binaries - UNION - SELECT bundle_id AS id, version, 'Bundle'::text AS type, bundle AS resource FROM current_bundles - UNION - SELECT code_system_id AS id, version, 'CodeSystem'::text AS type, code_system AS resource FROM current_code_systems - UNION - SELECT document_reference_id AS id, version, 'DocumentReference'::text AS type, document_reference AS resource FROM current_document_references - UNION - SELECT endpoint_id AS id, version, 'Endpoint'::text AS type, endpoint AS resource FROM current_endpoints - UNION - SELECT group_id AS id, version, 'Group'::text AS type, group_json AS resource FROM current_groups - UNION - SELECT healthcare_service_id AS id, version, 'HealthcareService'::text AS type, healthcare_service AS resource FROM current_healthcare_services - UNION - SELECT library_id AS id, version, 'Library'::text AS type, library AS resource FROM current_libraries - UNION - SELECT location_id AS id, version, 'Location'::text AS type, location AS resource FROM current_locations - UNION - SELECT measure_report_id AS id, version, 'MeasureReport'::text AS type, measure_report AS resource FROM current_measure_reports - UNION - SELECT measure_id AS id, version, 'Measure'::text AS type, measure AS resource FROM current_measures - UNION - SELECT naming_system_id AS id, version, 'NamingSystem'::text AS type, naming_system AS resource FROM current_naming_systems - UNION - SELECT organization_id AS id, version, 'Organization'::text AS type, organization AS resource FROM current_organizations - UNION - SELECT organization_affiliation_id AS id, version, 'OrganizationAffiliation'::text AS type, organization_affiliation AS resource FROM current_organization_affiliations - UNION - SELECT patient_id AS id, version, 'Patient'::text AS type, patient AS resource FROM current_patients - UNION - SELECT practitioner_role_id AS id, version, 'PractitionerRole'::text AS type, practitioner_role AS resource FROM current_practitioner_roles - UNION - SELECT practitioner_id AS id, version, 'Practitioner'::text AS type, practitioner AS resource FROM current_practitioners - UNION - SELECT provenance_id AS id, version, 'Provenance'::text AS type, provenance AS resource FROM current_provenances - UNION - SELECT questionnaire_id AS id, version, 'Questionnaire'::text AS type, questionnaire AS resource FROM current_questionnaires - UNION - SELECT questionnaire_response_id AS id, version, 'QuestionnaireResponse'::text AS type, questionnaire_response AS resource FROM current_questionnaire_responses - UNION - SELECT research_study_id AS id, version, 'ResearchStudy'::text AS type, research_study AS resource FROM current_research_studies - UNION - SELECT structure_definition_id AS id, version, 'StructureDefinition'::text AS type, structure_definition AS resource FROM current_structure_definitions - UNION - SELECT subscription_id AS id, version, 'Subscription'::text AS type, subscription AS resource FROM current_subscriptions - UNION - SELECT task_id AS id, version, 'Task'::text AS type, task AS resource FROM current_tasks - UNION - SELECT value_set_id AS id, version, 'ValueSet'::text AS type, value_set AS resource FROM current_value_sets - ) AS current_all - </createView> - <sql dbms="postgresql"> - ALTER TABLE all_resources OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE all_resources TO ${db.liquibase_user}; - GRANT SELECT ON TABLE all_resources TO ${db.server_users_group}; - </sql> - </changeSet> - - <changeSet author="retwet" id="db.read_access.changelog-0.8.0.on_questionnaires_insert_function" runOnChange="true"> - <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_questionnaires_insert.sql" splitStatements="false" /> - </changeSet> - <changeSet author="retwet" id="db.read_access.changelog-0.8.0.on_questionnaires_update_function" runOnChange="true"> - <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_questionnaires_update.sql" splitStatements="false" /> - </changeSet> - - <changeSet author="retwet" id="db.read_access.changelog-0.8.0.on_questionnaire_responses_insert_function" runOnChange="true"> - <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_questionnaire_responses_insert.sql" splitStatements="false" /> - </changeSet> - <changeSet author="retwet" id="db.read_access.changelog-0.8.0.on_questionnaire_responses_update_function" runOnChange="true"> - <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_questionnaire_responses_update.sql" splitStatements="false" /> - </changeSet> - - <changeSet author="retwet" id="db.read_access.changelog-0.8.0.on_insert_triggers"> - <sql dbms="postgresql"> - CREATE TRIGGER questionnaires_insert AFTER INSERT ON questionnaires FOR EACH ROW EXECUTE PROCEDURE on_questionnaires_insert(); - CREATE TRIGGER questionnaires_update AFTER UPDATE ON questionnaires FOR EACH ROW EXECUTE PROCEDURE on_questionnaires_update(); - CREATE TRIGGER questionnaire_responses_insert AFTER INSERT ON questionnaire_responses FOR EACH ROW EXECUTE PROCEDURE on_questionnaire_responses_insert(); - CREATE TRIGGER questionnaire_responses_update AFTER UPDATE ON questionnaire_responses FOR EACH ROW EXECUTE PROCEDURE on_questionnaire_responses_update(); - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.read_access.changelog-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.read_access.changelog-1.0.0.xml similarity index 67% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.read_access.changelog-0.5.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.read_access.changelog-1.0.0.xml index 5b50124b6..dc8e3919c 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.read_access.changelog-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.read_access.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0"> <createTable tableName="read_access"> <column name="resource_id" type="UUID"> <constraints nullable="false" /> @@ -35,60 +35,66 @@ CREATE INDEX read_access_id_version_type_organization_index ON read_access USING btree (resource_id, resource_version, access_type, organization_id); </sql> </changeSet> - - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.all_resources"> + + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.all_resources"> <createView viewName="all_resources" replaceIfExists="true"> - SELECT + SELECT id , version , type , resource FROM ( - SELECT activity_definition_id AS id, version, 'ActivityDefinition'::text AS type, activity_definition AS resource FROM current_activity_definitions - UNION - SELECT binary_id AS id, version, 'Binary'::text AS type, binary_json AS resource FROM current_binaries - UNION - SELECT bundle_id AS id, version, 'Bundle'::text AS type, bundle AS resource FROM current_bundles - UNION - SELECT code_system_id AS id, version, 'CodeSystem'::text AS type, code_system AS resource FROM current_code_systems - UNION - SELECT endpoint_id AS id, version, 'Endpoint'::text AS type, endpoint AS resource FROM current_endpoints - UNION - SELECT group_id AS id, version, 'Group'::text AS type, group_json AS resource FROM current_groups - UNION - SELECT healthcare_service_id AS id, version, 'HealthcareService'::text AS type, healthcare_service AS resource FROM current_healthcare_services - UNION - SELECT library_id AS id, version, 'Library'::text AS type, library AS resource FROM current_libraries - UNION - SELECT location_id AS id, version, 'Location'::text AS type, location AS resource FROM current_locations - UNION - SELECT measure_report_id AS id, version, 'MeasureReport'::text AS type, measure_report AS resource FROM current_measure_reports - UNION - SELECT measure_id AS id, version, 'Measure'::text AS type, measure AS resource FROM current_measures - UNION - SELECT naming_system_id AS id, version, 'NamingSystem'::text AS type, naming_system AS resource FROM current_naming_systems - UNION - SELECT organization_id AS id, version, 'Organization'::text AS type, organization AS resource FROM current_organizations - UNION - SELECT organization_affiliation_id AS id, version, 'OrganizationAffiliation'::text AS type, organization_affiliation AS resource FROM current_organization_affiliations - UNION - SELECT patient_id AS id, version, 'Patient'::text AS type, patient AS resource FROM current_patients - UNION - SELECT practitioner_role_id AS id, version, 'PractitionerRole'::text AS type, practitioner_role AS resource FROM current_practitioner_roles - UNION - SELECT practitioner_id AS id, version, 'Practitioner'::text AS type, practitioner AS resource FROM current_practitioners - UNION - SELECT provenance_id AS id, version, 'Provenance'::text AS type, provenance AS resource FROM current_provenances - UNION - SELECT research_study_id AS id, version, 'ResearchStudy'::text AS type, research_study AS resource FROM current_research_studies - UNION - SELECT structure_definition_id AS id, version, 'StructureDefinition'::text AS type, structure_definition AS resource FROM current_structure_definitions - UNION - SELECT subscription_id AS id, version, 'Subscription'::text AS type, subscription AS resource FROM current_subscriptions - UNION - SELECT task_id AS id, version, 'Task'::text AS type, task AS resource FROM current_tasks - UNION - SELECT value_set_id AS id, version, 'ValueSet'::text AS type, value_set AS resource FROM current_value_sets + SELECT activity_definition_id AS id, version, 'ActivityDefinition'::text AS type, activity_definition AS resource FROM current_activity_definitions + UNION + SELECT binary_id AS id, version, 'Binary'::text AS type, binary_json AS resource FROM current_binaries + UNION + SELECT bundle_id AS id, version, 'Bundle'::text AS type, bundle AS resource FROM current_bundles + UNION + SELECT code_system_id AS id, version, 'CodeSystem'::text AS type, code_system AS resource FROM current_code_systems + UNION + SELECT document_reference_id AS id, version, 'DocumentReference'::text AS type, document_reference AS resource FROM current_document_references + UNION + SELECT endpoint_id AS id, version, 'Endpoint'::text AS type, endpoint AS resource FROM current_endpoints + UNION + SELECT group_id AS id, version, 'Group'::text AS type, group_json AS resource FROM current_groups + UNION + SELECT healthcare_service_id AS id, version, 'HealthcareService'::text AS type, healthcare_service AS resource FROM current_healthcare_services + UNION + SELECT library_id AS id, version, 'Library'::text AS type, library AS resource FROM current_libraries + UNION + SELECT location_id AS id, version, 'Location'::text AS type, location AS resource FROM current_locations + UNION + SELECT measure_report_id AS id, version, 'MeasureReport'::text AS type, measure_report AS resource FROM current_measure_reports + UNION + SELECT measure_id AS id, version, 'Measure'::text AS type, measure AS resource FROM current_measures + UNION + SELECT naming_system_id AS id, version, 'NamingSystem'::text AS type, naming_system AS resource FROM current_naming_systems + UNION + SELECT organization_id AS id, version, 'Organization'::text AS type, organization AS resource FROM current_organizations + UNION + SELECT organization_affiliation_id AS id, version, 'OrganizationAffiliation'::text AS type, organization_affiliation AS resource FROM current_organization_affiliations + UNION + SELECT patient_id AS id, version, 'Patient'::text AS type, patient AS resource FROM current_patients + UNION + SELECT practitioner_role_id AS id, version, 'PractitionerRole'::text AS type, practitioner_role AS resource FROM current_practitioner_roles + UNION + SELECT practitioner_id AS id, version, 'Practitioner'::text AS type, practitioner AS resource FROM current_practitioners + UNION + SELECT provenance_id AS id, version, 'Provenance'::text AS type, provenance AS resource FROM current_provenances + UNION + SELECT questionnaire_id AS id, version, 'Questionnaire'::text AS type, questionnaire AS resource FROM current_questionnaires + UNION + SELECT questionnaire_response_id AS id, version, 'QuestionnaireResponse'::text AS type, questionnaire_response AS resource FROM current_questionnaire_responses + UNION + SELECT research_study_id AS id, version, 'ResearchStudy'::text AS type, research_study AS resource FROM current_research_studies + UNION + SELECT structure_definition_id AS id, version, 'StructureDefinition'::text AS type, structure_definition AS resource FROM current_structure_definitions + UNION + SELECT subscription_id AS id, version, 'Subscription'::text AS type, subscription AS resource FROM current_subscriptions + UNION + SELECT task_id AS id, version, 'Task'::text AS type, task AS resource FROM current_tasks + UNION + SELECT value_set_id AS id, version, 'ValueSet'::text AS type, value_set AS resource FROM current_value_sets ) AS current_all </createView> <sql dbms="postgresql"> @@ -98,147 +104,159 @@ </sql> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_resources_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_resources_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_resources_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_resources_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_resources_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_resources_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_activity_definitions_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_activity_definitions_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_activity_definitions_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_activity_definitions_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_activity_definitions_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_activity_definitions_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_binaries_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_binaries_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_binaries_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_binaries_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_binaries_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_binaries_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_bundles_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_bundles_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_bundles_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_bundles_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_bundles_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_bundles_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_code_systems_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_code_systems_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_code_systems_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_code_systems_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_code_systems_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_code_systems_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_endpoints_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_document_references_insert_function" runOnChange="true"> + <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_document_references_insert.sql" splitStatements="false" /> + </changeSet> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_document_references_update_function" runOnChange="true"> + <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_document_references_update.sql" splitStatements="false" /> + </changeSet> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_endpoints_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_endpoints_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_endpoints_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_endpoints_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_endpoints_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_groups_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_groups_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_groups_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_groups_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_groups_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_groups_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_healthcare_services_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_healthcare_services_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_healthcare_services_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_healthcare_services_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_healthcare_services_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_healthcare_services_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_libraries_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_libraries_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_libraries_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_libraries_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_libraries_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_libraries_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_locations_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_locations_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_locations_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_locations_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_locations_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_locations_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_measure_reports_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_measure_reports_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_measure_reports_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_measure_reports_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_measure_reports_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_measure_reports_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_measures_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_measures_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_measures_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_measures_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_measures_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_measures_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_naming_systems_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_naming_systems_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_naming_systems_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_naming_systems_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_naming_systems_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_naming_systems_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_organization_affiliations_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_organization_affiliations_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_organization_affiliations_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_organization_affiliations_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_organization_affiliations_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_organization_affiliations_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_organizations_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_organizations_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_organizations_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_organizations_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_organizations_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_organizations_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_patients_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_patients_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_patients_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_patients_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_patients_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_patients_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_practitioners_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_practitioners_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_practitioners_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_practitioners_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_practitioners_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_practitioners_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_practitioner_roles_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_practitioner_roles_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_practitioner_roles_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_practitioner_roles_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_practitioner_roles_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_practitioner_roles_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_provenances_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_provenances_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_provenances_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_provenances_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_provenances_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_provenances_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_research_studies_insert_function" runOnChange="true"> + <changeSet author="retwet" id="db.read_access.changelog-1.0.0.on_questionnaires_insert_function" runOnChange="true"> + <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_questionnaires_insert.sql" splitStatements="false" /> + </changeSet> + <changeSet author="retwet" id="db.read_access.changelog-1.0.0.on_questionnaires_update_function" runOnChange="true"> + <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_questionnaires_update.sql" splitStatements="false" /> + </changeSet> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_research_studies_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_research_studies_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_research_studies_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_research_studies_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_research_studies_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_structure_definitions_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_structure_definitions_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_structure_definitions_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_structure_definitions_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_structure_definitions_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_structure_definitions_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_subscriptions_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_subscriptions_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_subscriptions_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_subscriptions_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_subscriptions_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_subscriptions_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_value_sets_insert_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_value_sets_insert_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_value_sets_insert.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_value_sets_update_function" runOnChange="true"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_value_sets_update_function" runOnChange="true"> <sqlFile dbms="postgresql" relativeToChangelogFile="true" path="trigger_functions/on_value_sets_update.sql" splitStatements="false" /> </changeSet> - <changeSet author="hhund" id="db.read_access.changelog-0.5.0.on_insert_triggers"> + <changeSet author="hhund" id="db.read_access.changelog-1.0.0.on_insert_triggers"> <sql dbms="postgresql"> CREATE TRIGGER activity_definitions_insert AFTER INSERT ON activity_definitions FOR EACH ROW EXECUTE PROCEDURE on_activity_definitions_insert(); CREATE TRIGGER activity_definitions_update AFTER UPDATE ON activity_definitions FOR EACH ROW EXECUTE PROCEDURE on_activity_definitions_update(); @@ -248,6 +266,8 @@ CREATE TRIGGER bundles_update AFTER UPDATE ON bundles FOR EACH ROW EXECUTE PROCEDURE on_bundles_update(); CREATE TRIGGER code_systems_insert AFTER INSERT ON code_systems FOR EACH ROW EXECUTE PROCEDURE on_code_systems_insert(); CREATE TRIGGER code_systems_update AFTER UPDATE ON code_systems FOR EACH ROW EXECUTE PROCEDURE on_code_systems_update(); + CREATE TRIGGER document_references_insert AFTER INSERT ON document_references FOR EACH ROW EXECUTE PROCEDURE on_document_references_insert(); + CREATE TRIGGER document_references_update AFTER UPDATE ON document_references FOR EACH ROW EXECUTE PROCEDURE on_document_references_update(); CREATE TRIGGER endpoints_insert AFTER INSERT ON endpoints FOR EACH ROW EXECUTE PROCEDURE on_endpoints_insert(); CREATE TRIGGER endpoints_update AFTER UPDATE ON endpoints FOR EACH ROW EXECUTE PROCEDURE on_endpoints_update(); CREATE TRIGGER groups_insert AFTER INSERT ON groups FOR EACH ROW EXECUTE PROCEDURE on_groups_insert(); @@ -276,6 +296,8 @@ CREATE TRIGGER practitioner_roles_update AFTER UPDATE ON practitioner_roles FOR EACH ROW EXECUTE PROCEDURE on_practitioner_roles_update(); CREATE TRIGGER provenances_insert AFTER INSERT ON provenances FOR EACH ROW EXECUTE PROCEDURE on_provenances_insert(); CREATE TRIGGER provenances_update AFTER UPDATE ON provenances FOR EACH ROW EXECUTE PROCEDURE on_provenances_update(); + CREATE TRIGGER questionnaires_insert AFTER INSERT ON questionnaires FOR EACH ROW EXECUTE PROCEDURE on_questionnaires_insert(); + CREATE TRIGGER questionnaires_update AFTER UPDATE ON questionnaires FOR EACH ROW EXECUTE PROCEDURE on_questionnaires_update(); CREATE TRIGGER research_studies_insert AFTER INSERT ON research_studies FOR EACH ROW EXECUTE PROCEDURE on_research_studies_insert(); CREATE TRIGGER research_studies_update AFTER UPDATE ON research_studies FOR EACH ROW EXECUTE PROCEDURE on_research_studies_update(); CREATE TRIGGER structure_definitions_insert AFTER INSERT ON structure_definitions FOR EACH ROW EXECUTE PROCEDURE on_structure_definitions_insert(); diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.research_studies.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.research_studies.changelog-0.2.0.xml deleted file mode 100644 index c19b3d88b..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.research_studies.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.research_studies.changelog-0.2.0"> - <dropView viewName="current_research_studies"/> - - <renameColumn tableName="research_studies" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="research_studies"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE research_studies SET deleted = current_rs.deleted_new - FROM ( - SELECT research_study_id, deleted_old, ((research_study->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (research_study_id) research_study_id, version, deleted_old, research_study - FROM research_studies ORDER BY research_study_id, version DESC - ) AS current_rs - WHERE deleted_old - ) AS current_rs - WHERE research_studies.research_study_id = current_rs.research_study_id - </sql> - - <dropColumn tableName="research_studies" columnName="deleted_old"/> - - <createView viewName="current_research_studies" replaceIfExists="true"> - SELECT research_study_id, version, research_study - FROM ( - SELECT DISTINCT ON (research_study_id) research_study_id, version, deleted, research_study - FROM research_studies ORDER BY research_study_id, version DESC - ) AS current_rs - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_research_studies OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_research_studies TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_research_studies TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.research_studies.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.research_studies.changelog-1.0.0.xml similarity index 79% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.research_studies.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.research_studies.changelog-1.0.0.xml index 8439c285f..af3f47eda 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.research_studies.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.research_studies.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.research_studies.changelog-0.1.0"> + <changeSet author="hhund" id="db.research_studies.changelog-1.0.0"> <createTable tableName="research_studies"> <column name="research_study_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="research_study" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE research_studies OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE research_studies TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE research_studies TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE research_studies TO ${db.server_permanent_delete_users_group}; CREATE INDEX research_study_id_index ON research_studies USING btree (research_study_id); CREATE INDEX research_study_index ON research_studies USING gin (research_study); CREATE INDEX research_study_id_version_index ON research_studies USING btree (research_study_id, version); </sql> <createView viewName="current_research_studies" replaceIfExists="true"> - SELECT DISTINCT ON (research_study_id) research_study_id, version, research_study - FROM research_studies WHERE NOT deleted ORDER BY research_study_id, version DESC + SELECT research_study_id, version, research_study + FROM ( + SELECT DISTINCT ON (research_study_id) research_study_id, version, deleted, research_study + FROM research_studies ORDER BY research_study_id, version DESC + ) AS current_rs + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-0.2.0.xml deleted file mode 100644 index 291231337..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-0.2.0.xml +++ /dev/null @@ -1,56 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.structure_definition_snapshots.changelog-0.2.0"> - <dropColumn tableName="structure_definition_snapshots" columnName="structure_definition_snapshot_info" /> - - <sql dbms="postgresql"> - DROP INDEX IF EXISTS structure_definition_snapshot_info_index; - </sql> - </changeSet> - - <changeSet author="hhund" id="db.structure_definition_snapshots.changelog-0.2.0_2"> - <dropView viewName="current_structure_definition_snapshots"/> - - <renameColumn tableName="structure_definition_snapshots" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="structure_definition_snapshots"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE structure_definition_snapshots SET deleted = current_sds.deleted_new - FROM ( - SELECT structure_definition_snapshot_id, deleted_old, ((structure_definition_snapshot->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (structure_definition_snapshot_id) structure_definition_snapshot_id, version, deleted_old, structure_definition_snapshot - FROM structure_definition_snapshots ORDER BY structure_definition_snapshot_id, version DESC - ) AS current_sds - WHERE deleted_old - ) AS current_sds - WHERE structure_definition_snapshots.structure_definition_snapshot_id = current_sds.structure_definition_snapshot_id - </sql> - - <dropColumn tableName="structure_definition_snapshots" columnName="deleted_old"/> - - <createView viewName="current_structure_definition_snapshots" replaceIfExists="true"> - SELECT structure_definition_snapshot_id, version, structure_definition_snapshot - FROM ( - SELECT DISTINCT ON (structure_definition_snapshot_id) structure_definition_snapshot_id, version, deleted, structure_definition_snapshot - FROM structure_definition_snapshots ORDER BY structure_definition_snapshot_id, version DESC - ) AS current_sds - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_structure_definition_snapshots OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_structure_definition_snapshots TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_structure_definition_snapshots TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-1.0.0.xml similarity index 81% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-1.0.0.xml index 9a31956b3..108083bbb 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.structure_definition_snapshots.changelog-0.1.0"> + <changeSet author="hhund" id="db.structure_definition_snapshots.changelog-1.0.0"> <createTable tableName="structure_definition_snapshots"> <column name="structure_definition_snapshot_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="structure_definition_snapshot" type="${json}"> <constraints nullable="false" /> </column> @@ -31,6 +29,7 @@ ALTER TABLE structure_definition_snapshots OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE structure_definition_snapshots TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE structure_definition_snapshots TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE structure_definition_snapshots TO ${db.server_permanent_delete_users_group}; CREATE INDEX structure_definition_snapshot_id_index ON structure_definition_snapshots USING btree (structure_definition_snapshot_id); CREATE INDEX structure_definition_snapshot_index ON structure_definition_snapshots USING gin (structure_definition_snapshot); CREATE INDEX structure_definition_snapshot_id_version_index ON structure_definition_snapshots USING btree (structure_definition_snapshot_id, version); @@ -38,8 +37,12 @@ </sql> <createView viewName="current_structure_definition_snapshots" replaceIfExists="true"> - SELECT DISTINCT ON (structure_definition_snapshot_id) structure_definition_snapshot_id, version, structure_definition_snapshot - FROM structure_definition_snapshots WHERE NOT deleted ORDER BY structure_definition_snapshot_id, version DESC + SELECT structure_definition_snapshot_id, version, structure_definition_snapshot + FROM ( + SELECT DISTINCT ON (structure_definition_snapshot_id) structure_definition_snapshot_id, version, deleted, structure_definition_snapshot + FROM structure_definition_snapshots ORDER BY structure_definition_snapshot_id, version DESC + ) AS current_sds + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definitions.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definitions.changelog-0.2.0.xml deleted file mode 100644 index 493198b4b..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definitions.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.structure_definitions.changelog-0.2.0"> - <dropView viewName="current_structure_definitions"/> - - <renameColumn tableName="structure_definitions" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="structure_definitions"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE structure_definitions SET deleted = current_sd.deleted_new - FROM ( - SELECT structure_definition_id, deleted_old, ((structure_definition->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (structure_definition_id) structure_definition_id, version, deleted_old, structure_definition - FROM structure_definitions ORDER BY structure_definition_id, version DESC - ) AS current_sd - WHERE deleted_old - ) AS current_sd - WHERE structure_definitions.structure_definition_id = current_sd.structure_definition_id - </sql> - - <dropColumn tableName="structure_definitions" columnName="deleted_old"/> - - <createView viewName="current_structure_definitions" replaceIfExists="true"> - SELECT structure_definition_id, version, structure_definition - FROM ( - SELECT DISTINCT ON (structure_definition_id) structure_definition_id, version, deleted, structure_definition - FROM structure_definitions ORDER BY structure_definition_id, version DESC - ) AS current_sd - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_structure_definitions OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_structure_definitions TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_structure_definitions TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definitions.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definitions.changelog-1.0.0.xml similarity index 81% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definitions.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definitions.changelog-1.0.0.xml index c9a5e7bcb..d65e10313 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definitions.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definitions.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.structure_definitions.changelog-0.1.0"> + <changeSet author="hhund" id="db.structure_definitions.changelog-1.0.0"> <createTable tableName="structure_definitions"> <column name="structure_definition_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="structure_definition" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE structure_definitions OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE structure_definitions TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE structure_definitions TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE structure_definitions TO ${db.server_permanent_delete_users_group}; CREATE INDEX structure_definition_id_index ON structure_definitions USING btree (structure_definition_id); CREATE INDEX structure_definition_index ON structure_definitions USING gin (structure_definition); CREATE INDEX structure_definition_id_version_index ON structure_definitions USING btree (structure_definition_id, version); </sql> <createView viewName="current_structure_definitions" replaceIfExists="true"> - SELECT DISTINCT ON (structure_definition_id) structure_definition_id, version, structure_definition - FROM structure_definitions WHERE NOT deleted ORDER BY structure_definition_id, version DESC + SELECT structure_definition_id, version, structure_definition + FROM ( + SELECT DISTINCT ON (structure_definition_id) structure_definition_id, version, deleted, structure_definition + FROM structure_definitions ORDER BY structure_definition_id, version DESC + ) AS current_sd + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.subscriptions.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.subscriptions.changelog-0.2.0.xml deleted file mode 100644 index e5b27f538..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.subscriptions.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.subscriptions.changelog-0.2.0"> - <dropView viewName="current_subscriptions"/> - - <renameColumn tableName="subscriptions" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="subscriptions"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE subscriptions SET deleted = current_s.deleted_new - FROM ( - SELECT subscription_id, deleted_old, ((subscription->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (subscription_id) subscription_id, version, deleted_old, subscription - FROM subscriptions ORDER BY subscription_id, version DESC - ) AS current_s - WHERE deleted_old - ) AS current_s - WHERE subscriptions.subscription_id = current_s.subscription_id - </sql> - - <dropColumn tableName="subscriptions" columnName="deleted_old"/> - - <createView viewName="current_subscriptions" replaceIfExists="true"> - SELECT subscription_id, version, subscription - FROM ( - SELECT DISTINCT ON (subscription_id) subscription_id, version, deleted, subscription - FROM subscriptions ORDER BY subscription_id, version DESC - ) AS current_s - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_subscriptions OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_subscriptions TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_subscriptions TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.subscriptions.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.subscriptions.changelog-1.0.0.xml similarity index 79% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.subscriptions.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.subscriptions.changelog-1.0.0.xml index 4b123e40c..29778a422 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.subscriptions.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.subscriptions.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.subscriptions.changelog-0.1.0"> + <changeSet author="hhund" id="db.subscriptions.changelog-1.0.0"> <createTable tableName="subscriptions"> <column name="subscription_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="subscription" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE subscriptions OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE subscriptions TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE subscriptions TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE subscriptions TO ${db.server_permanent_delete_users_group}; CREATE INDEX subscription_id_index ON subscriptions USING btree (subscription_id); CREATE INDEX subscription_index ON patients USING gin (patient); CREATE INDEX subscription_id_version_index ON subscriptions USING btree (subscription_id, version); </sql> <createView viewName="current_subscriptions" replaceIfExists="true"> - SELECT DISTINCT ON (subscription_id) subscription_id, version, subscription - FROM subscriptions WHERE NOT deleted ORDER BY subscription_id, version DESC + SELECT subscription_id, version, subscription + FROM ( + SELECT DISTINCT ON (subscription_id) subscription_id, version, deleted, subscription + FROM subscriptions ORDER BY subscription_id, version DESC + ) AS current_s + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.tasks.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.tasks.changelog-0.2.0.xml deleted file mode 100644 index 9e2e499d4..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.tasks.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.tasks.changelog-0.2.0"> - <dropView viewName="current_tasks"/> - - <renameColumn tableName="tasks" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="tasks"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE tasks SET deleted = current_t.deleted_new - FROM ( - SELECT task_id, deleted_old, ((task->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (task_id) task_id, version, deleted_old, task - FROM tasks ORDER BY task_id, version DESC - ) AS current_t - WHERE deleted_old - ) AS current_t - WHERE tasks.task_id = current_t.task_id - </sql> - - <dropColumn tableName="tasks" columnName="deleted_old"/> - - <createView viewName="current_tasks" replaceIfExists="true"> - SELECT task_id, version, task - FROM ( - SELECT DISTINCT ON (task_id) task_id, version, deleted, task - FROM tasks ORDER BY task_id, version DESC - ) AS current_t - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_tasks OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_tasks TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_tasks TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.tasks.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.tasks.changelog-1.0.0.xml similarity index 80% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.tasks.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.tasks.changelog-1.0.0.xml index b05a1c10a..b735cfde8 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.tasks.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.tasks.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.tasks.changelog-0.1.0"> + <changeSet author="hhund" id="db.tasks.changelog-1.0.0"> <createTable tableName="tasks"> <column name="task_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="task" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE tasks OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE tasks TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE tasks TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE tasks TO ${db.server_permanent_delete_users_group}; CREATE INDEX task_id_index ON tasks USING btree (task_id); CREATE INDEX task_index ON tasks USING gin (task); CREATE INDEX task_id_version_index ON tasks USING btree (task_id, version); </sql> <createView viewName="current_tasks" replaceIfExists="true"> - SELECT DISTINCT ON (task_id) task_id, version, task - FROM tasks WHERE NOT deleted ORDER BY task_id, version DESC + SELECT task_id, version, task + FROM ( + SELECT DISTINCT ON (task_id) task_id, version, deleted, task + FROM tasks ORDER BY task_id, version DESC + ) AS current_t + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.value_sets.changelog-0.2.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.value_sets.changelog-0.2.0.xml deleted file mode 100644 index bdf2f6ba6..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.value_sets.changelog-0.2.0.xml +++ /dev/null @@ -1,48 +0,0 @@ -<?xml version="1.0" encoding="UTF-8"?> -<databaseChangeLog xmlns="http://www.liquibase.org/xml/ns/dbchangelog" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" - xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog - http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.6.xsd"> - - <property name="json" value="JSONB" dbms="postgresql" /> - <property name="json" value="varchar(5000)" dbms="h2" /> - - <changeSet author="hhund" id="db.value_sets.changelog-0.2.0"> - <dropView viewName="current_value_sets"/> - - <renameColumn tableName="value_sets" oldColumnName="deleted" newColumnName="deleted_old"/> - - <addColumn tableName="value_sets"> - <column name="deleted" type="TIMESTAMP"/> - </addColumn> - - <sql dbms="postgresql"> - UPDATE value_sets SET deleted = current_vs.deleted_new - FROM ( - SELECT value_set_id, deleted_old, ((value_set->'meta'->>'lastUpdated')::timestamp + interval '1' second) AS deleted_new - FROM ( - SELECT DISTINCT ON (value_set_id) value_set_id, version, deleted_old, value_set - FROM value_sets ORDER BY value_set_id, version DESC - ) AS current_vs - WHERE deleted_old - ) AS current_vs - WHERE value_sets.value_set_id = current_vs.value_set_id - </sql> - - <dropColumn tableName="value_sets" columnName="deleted_old"/> - - <createView viewName="current_value_sets" replaceIfExists="true"> - SELECT value_set_id, version, value_set - FROM ( - SELECT DISTINCT ON (value_set_id) value_set_id, version, deleted, value_set - FROM value_sets ORDER BY value_set_id, version DESC - ) AS current_vs - WHERE deleted IS NULL - </createView> - - <sql dbms="postgresql"> - ALTER TABLE current_value_sets OWNER TO ${db.liquibase_user}; - GRANT ALL ON TABLE current_value_sets TO ${db.liquibase_user}; - GRANT SELECT ON TABLE current_value_sets TO ${db.server_users_group}; - </sql> - </changeSet> -</databaseChangeLog> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.value_sets.changelog-0.1.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.value_sets.changelog-1.0.0.xml similarity index 79% rename from dsf-fhir/dsf-fhir-server/src/main/resources/db/db.value_sets.changelog-0.1.0.xml rename to dsf-fhir/dsf-fhir-server/src/main/resources/db/db.value_sets.changelog-1.0.0.xml index 90c111895..2f7023b01 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.value_sets.changelog-0.1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.value_sets.changelog-1.0.0.xml @@ -6,7 +6,7 @@ <property name="json" value="JSONB" dbms="postgresql" /> <property name="json" value="varchar(5000)" dbms="h2" /> - <changeSet author="hhund" id="db.value_sets.changelog-0.1.0"> + <changeSet author="hhund" id="db.value_sets.changelog-1.0.0"> <createTable tableName="value_sets"> <column name="value_set_id" type="UUID"> <constraints nullable="false" /> @@ -14,9 +14,7 @@ <column name="version" type="BIGINT" defaultValueNumeric="1"> <constraints nullable="false" /> </column> - <column name="deleted" type="BOOLEAN" defaultValue="false"> - <constraints nullable="false" /> - </column> + <column name="deleted" type="TIMESTAMP" /> <column name="value_set" type="${json}"> <constraints nullable="false" /> </column> @@ -28,14 +26,19 @@ ALTER TABLE value_sets OWNER TO ${db.liquibase_user}; GRANT ALL ON TABLE value_sets TO ${db.liquibase_user}; GRANT SELECT, INSERT, UPDATE ON TABLE value_sets TO ${db.server_users_group}; + GRANT SELECT, DELETE ON TABLE value_sets TO ${db.server_permanent_delete_users_group}; CREATE INDEX value_set_id_index ON value_sets USING btree (value_set_id); CREATE INDEX value_set_index ON value_sets USING gin (value_set); CREATE INDEX value_set_id_version_index ON value_sets USING btree (value_set_id, version); </sql> <createView viewName="current_value_sets" replaceIfExists="true"> - SELECT DISTINCT ON (value_set_id) value_set_id, version, value_set - FROM value_sets WHERE NOT deleted ORDER BY value_set_id, version DESC + SELECT value_set_id, version, value_set + FROM ( + SELECT DISTINCT ON (value_set_id) value_set_id, version, deleted, value_set + FROM value_sets ORDER BY value_set_id, version DESC + ) AS current_vs + WHERE deleted IS NULL </createView> <sql dbms="postgresql"> diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_questionnaire_responses_insert.sql b/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_questionnaire_responses_insert.sql deleted file mode 100644 index ad795ce67..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_questionnaire_responses_insert.sql +++ /dev/null @@ -1,6 +0,0 @@ -CREATE OR REPLACE FUNCTION on_questionnaire_responses_insert() RETURNS TRIGGER AS $$ -BEGIN - PERFORM on_resources_insert(NEW.questionnaire_response_id, NEW.version, NEW.questionnaire_response); - RETURN NEW; -END; -$$ LANGUAGE PLPGSQL \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_questionnaire_responses_update.sql b/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_questionnaire_responses_update.sql deleted file mode 100644 index a5161a7db..000000000 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_questionnaire_responses_update.sql +++ /dev/null @@ -1,6 +0,0 @@ -CREATE OR REPLACE FUNCTION on_questionnaire_responses_update() RETURNS TRIGGER AS $$ -BEGIN - PERFORM on_resources_update(NEW.deleted, NEW.questionnaire_response_id, NEW.version, NEW.questionnaire_response); - RETURN NEW; -END; -$$ LANGUAGE PLPGSQL \ No newline at end of file From d6b467a6b9de7a04f7227a4095caf5bb12a57949 Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Wed, 7 Jun 2023 17:31:33 +0200 Subject: [PATCH 06/43] remove not needed entries in resources.delete --- .../src/main/resources/fhir/resources.delete | 6 ------ 1 file changed, 6 deletions(-) diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/resources.delete b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/resources.delete index 8ba36251d..e69de29bb 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/resources.delete +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/resources.delete @@ -1,6 +0,0 @@ -ValueSet?url=http://hl7.org/fhir/ValueSet/mimetypes&version=4.0.1&date=eq2019-11-01T09:29:23 -ValueSet?url=http://hl7.org/fhir/ValueSet/mimetypes&version=4.0.1&date=eq2021-02-12 -CodeSystem?url=urn:ietf:bcp:13&version=4.0.1&date=eq2020-05-29 -CodeSystem?url=urn:ietf:bcp:13&version=4.0.1&date=eq2021-02-12 -StructureDefinition?url=http://dsf.dev/fhir/StructureDefinition/questionnaire&version=0.8.0&date=eq2022-10-11 -StructureDefinition?url=http://dsf.dev/fhir/StructureDefinition/questionnaire-response&version=0.8.0&date=eq2022-10-11 \ No newline at end of file From 15764db104841730e3011cf544636b86617aec7a Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Mon, 12 Jun 2023 10:20:56 +0200 Subject: [PATCH 07/43] add exclude config for dsfdev_XallowList processes --- dsf-docker-test-setup-3dic-ttp/docker-compose.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/dsf-docker-test-setup-3dic-ttp/docker-compose.yml b/dsf-docker-test-setup-3dic-ttp/docker-compose.yml index 8df057804..ad433b1b5 100644 --- a/dsf-docker-test-setup-3dic-ttp/docker-compose.yml +++ b/dsf-docker-test-setup-3dic-ttp/docker-compose.yml @@ -408,6 +408,8 @@ services: DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME: dic1_camunda_server_user DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_dic_1 DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dic1/fhir + DEV_DSF_BPE_PROCESS_EXCLUDED: >- + dsfdev_updateAllowList|1.0 DEV_DSF_BPE_MAIL_HOST: mailhog DEV_DSF_BPE_MAIL_PORT: 1025 DEV_DSF_BPE_MAIL_FROMADDRESS: bpe@dic1 @@ -471,6 +473,8 @@ services: DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME: dic2_camunda_server_user DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_DIC_2 DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dic2/fhir + DEV_DSF_BPE_PROCESS_EXCLUDED: >- + dsfdev_updateAllowList|1.0 DEV_DSF_BPE_MAIL_HOST: mailhog DEV_DSF_BPE_MAIL_PORT: 1025 DEV_DSF_BPE_MAIL_FROMADDRESS: bpe@dic2 @@ -534,6 +538,8 @@ services: DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME: dic3_camunda_server_user DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_DIC_3 DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dic3/fhir + DEV_DSF_BPE_PROCESS_EXCLUDED: >- + dsfdev_updateAllowList|1.0 DEV_DSF_BPE_MAIL_HOST: mailhog DEV_DSF_BPE_MAIL_PORT: 1025 DEV_DSF_BPE_MAIL_FROMADDRESS: bpe@dic3 @@ -598,6 +604,8 @@ services: DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME: ttp_camunda_server_user DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_TTP DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://ttp/fhir + DEV_DSF_BPE_PROCESS_EXCLUDED: >- + dsfdev_downloadAllowList|1.0 DEV_DSF_BPE_MAIL_HOST: mailhog DEV_DSF_BPE_MAIL_PORT: 1025 DEV_DSF_BPE_MAIL_FROMADDRESS: bpe@ttp From 5f64740b9f0ba3dfd8bdbc5e40ad6a752be0d68d Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Mon, 12 Jun 2023 12:02:40 +0200 Subject: [PATCH 08/43] adds bearer token authentication, some refactoring, renames env vars * reworked existing frontend OIDC authentication (via authorization code flow) to only be used for text/html requests and requests that contain the JSESSIONID cookie. * added OIDC bearer token authentication * renamed default OIDC back-channel logout path --- .../dsf/common/auth/DsfOpenIdCredentials.java | 3 + .../auth/BackChannelLogoutAuthenticator.java | 15 +-- .../common/auth/BearerTokenAuthenticator.java | 113 ++++++++++++++++++ .../common/auth/DelegatingAuthenticator.java | 58 +++++++-- .../dev/dsf/common/auth/DsfLoginService.java | 6 +- .../common/auth/DsfOpenIdConfiguration.java | 6 +- .../common/auth/DsfOpenIdCredentialsImpl.java | 28 ++--- .../dsf/common/jetty/AbstractJettyConfig.java | 15 ++- .../dev/dsf/common/jetty/EnvJettyConfig.java | 42 ++++--- .../dev/dsf/common/jetty/JettyConfig.java | 58 ++++++--- .../dev/dsf/common/jetty/JettyServer.java | 63 ++++++++-- .../java/dev/dsf/common/jetty/OidcConfig.java | 6 +- .../dsf/common/jetty/PropertyJettyConfig.java | 22 +++- .../docker-compose.yml | 32 +++-- .../keycloak/medic1.json | 4 +- .../keycloak/medic2.json | 4 +- .../keycloak/medic3.json | 4 +- .../keycloak/ttp.json | 4 +- 18 files changed, 370 insertions(+), 113 deletions(-) create mode 100644 dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/BearerTokenAuthenticator.java diff --git a/dsf-common/dsf-common-auth/src/main/java/dev/dsf/common/auth/DsfOpenIdCredentials.java b/dsf-common/dsf-common-auth/src/main/java/dev/dsf/common/auth/DsfOpenIdCredentials.java index 8542ec4e5..4f2ef75aa 100644 --- a/dsf-common/dsf-common-auth/src/main/java/dev/dsf/common/auth/DsfOpenIdCredentials.java +++ b/dsf-common/dsf-common-auth/src/main/java/dev/dsf/common/auth/DsfOpenIdCredentials.java @@ -8,6 +8,9 @@ public interface DsfOpenIdCredentials Map<String, Object> getAccessToken(); + /** + * @return empty when authentication via bearer token + */ Map<String, Object> getIdToken(); /** diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/BackChannelLogoutAuthenticator.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/BackChannelLogoutAuthenticator.java index 255f64244..affcfa14c 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/BackChannelLogoutAuthenticator.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/BackChannelLogoutAuthenticator.java @@ -62,20 +62,15 @@ public void setConfiguration(AuthConfiguration configuration) @Override public String getAuthMethod() { - return "BACK_CHANNEL_LOGOUT_AUTHENTICATOR"; + return "BACK_CHANNEL_LOGOUT"; } - public boolean isSsoLogout(ServletRequest req) + public boolean isBackChannelLogoutRequest(ServletRequest request) { - if (!openIdConfiguration.isBackChannelLogoutEnabled()) - { - logger.debug("Back-Channel logout disabled"); - return false; - } + final HttpServletRequest servletRequest = (HttpServletRequest) request; - HttpServletRequest request = (HttpServletRequest) req; - return HttpMethod.POST.is(request.getMethod()) && ssoLogoutPath.equals(request.getPathInfo()) - && MimeTypes.Type.FORM_ENCODED.is(request.getContentType()); + return HttpMethod.POST.is(servletRequest.getMethod()) && ssoLogoutPath.equals(servletRequest.getPathInfo()) + && MimeTypes.Type.FORM_ENCODED.is(servletRequest.getContentType()); } @Override diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/BearerTokenAuthenticator.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/BearerTokenAuthenticator.java new file mode 100644 index 000000000..767849953 --- /dev/null +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/BearerTokenAuthenticator.java @@ -0,0 +1,113 @@ +package dev.dsf.common.auth; + +import java.io.IOException; +import java.util.Objects; + +import org.eclipse.jetty.http.HttpHeader; +import org.eclipse.jetty.security.ServerAuthException; +import org.eclipse.jetty.security.UserAuthentication; +import org.eclipse.jetty.security.authentication.LoginAuthenticator; +import org.eclipse.jetty.server.Authentication; +import org.eclipse.jetty.server.Authentication.User; +import org.eclipse.jetty.server.UserIdentity; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; + +import com.auth0.jwt.JWT; +import com.auth0.jwt.algorithms.Algorithm; +import com.auth0.jwt.exceptions.JWTVerificationException; +import com.auth0.jwt.exceptions.TokenExpiredException; +import com.auth0.jwt.interfaces.DecodedJWT; +import com.auth0.jwt.interfaces.JWTVerifier; + +import jakarta.servlet.ServletRequest; +import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.HttpServletRequest; +import jakarta.servlet.http.HttpServletResponse; + +public class BearerTokenAuthenticator extends LoginAuthenticator +{ + private static final Logger logger = LoggerFactory.getLogger(BearerTokenAuthenticator.class); + + private final DsfOpenIdConfiguration openIdConfiguration; + + public BearerTokenAuthenticator(DsfOpenIdConfiguration openIdConfiguration) + { + Objects.requireNonNull(openIdConfiguration, "openIdConfiguration"); + this.openIdConfiguration = openIdConfiguration; + } + + @Override + public String getAuthMethod() + { + return "BEARER_TOKEN"; + } + + @Override + public Authentication validateRequest(ServletRequest request, ServletResponse response, boolean mandatory) + throws ServerAuthException + { + final HttpServletRequest servletRequest = (HttpServletRequest) request; + final HttpServletResponse servletResponse = (HttpServletResponse) response; + + try + { + String authorizationHeader = servletRequest.getHeader(HttpHeader.AUTHORIZATION.asString()); + if (authorizationHeader == null || !authorizationHeader.startsWith("Bearer ")) + { + servletResponse.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "Bearer"); + servletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); + return Authentication.SEND_FAILURE; + } + + Algorithm algorithm = Algorithm.RSA256(openIdConfiguration.getRsaKeyProvider()); + JWTVerifier verifier = JWT.require(algorithm).withIssuer(openIdConfiguration.getIssuer()).acceptLeeway(1) + .build(); + + String accessToken = authorizationHeader.substring(7, authorizationHeader.length()); + + try + { + DecodedJWT jwt = verifier.verify(accessToken); + if (!jwt.getClaims().containsKey("sub") && !jwt.getClaims().containsKey("sid")) + { + logger.warn("Access token has no sub and no sid claim"); + servletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST); + return Authentication.SEND_FAILURE; + } + + logger.debug("Access token claims: {}", jwt.getClaims()); + UserIdentity user = login(null, accessToken, request); + if (user == null) + { + servletResponse.sendError(HttpServletResponse.SC_FORBIDDEN); + return Authentication.SEND_FAILURE; + } + + return new UserAuthentication(getAuthMethod(), user); + } + catch(TokenExpiredException e) + { + servletResponse.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "Bearer error=\"invalid_token\", error_description=\"The access token expired\""); + servletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); + return Authentication.SEND_FAILURE; + } + catch (JWTVerificationException e) + { + servletResponse.sendError(HttpServletResponse.SC_BAD_REQUEST); + return Authentication.SEND_FAILURE; + } + } + catch (IOException e) + { + throw new ServerAuthException(e); + } + } + + @Override + public boolean secureResponse(ServletRequest request, ServletResponse response, boolean mandatory, + User validatedUser) throws ServerAuthException + { + return true; // nothing to do + } +} diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DelegatingAuthenticator.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DelegatingAuthenticator.java index 74c382363..88eef90d8 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DelegatingAuthenticator.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DelegatingAuthenticator.java @@ -1,8 +1,11 @@ package dev.dsf.common.auth; import java.security.cert.X509Certificate; +import java.util.Arrays; import java.util.Objects; +import org.eclipse.jetty.http.HttpHeader; +import org.eclipse.jetty.http.MimeTypes; import org.eclipse.jetty.security.Authenticator; import org.eclipse.jetty.security.LoginService; import org.eclipse.jetty.security.ServerAuthException; @@ -13,23 +16,30 @@ import org.eclipse.jetty.server.Authentication; import org.eclipse.jetty.server.Authentication.User; import org.eclipse.jetty.server.Request; +import org.eclipse.jetty.server.session.SessionHandler; import jakarta.servlet.ServletRequest; import jakarta.servlet.ServletResponse; +import jakarta.servlet.http.HttpServletRequest; public class DelegatingAuthenticator extends LoginAuthenticator implements Authenticator { + private final SessionHandler sessionHandler; private final StatusPortAuthenticator statusPortAuthenticator; private final ClientCertificateAuthenticator clientCertificateAuthenticator; + private final BearerTokenAuthenticator bearerTokenAuthenticator; private final OpenIdAuthenticator openIdAuthenticator; private final OpenIdLoginService openIdLoginService; private final BackChannelLogoutAuthenticator backChannelLogoutAuthenticator; - public DelegatingAuthenticator(StatusPortAuthenticator statusPortAuthenticator, - ClientCertificateAuthenticator clientCertificateAuthenticator, OpenIdAuthenticator openIdAuthenticator, + public DelegatingAuthenticator(SessionHandler sessionHandler, StatusPortAuthenticator statusPortAuthenticator, + ClientCertificateAuthenticator clientCertificateAuthenticator, + BearerTokenAuthenticator bearerTokenAuthenticator, OpenIdAuthenticator openIdAuthenticator, OpenIdLoginService openIdLoginService, BackChannelLogoutAuthenticator backChannelLogoutAuthenticator) { + Objects.requireNonNull(sessionHandler, "sessionHandler"); + this.sessionHandler = sessionHandler; Objects.requireNonNull(statusPortAuthenticator, "statusPortAuthenticator"); this.statusPortAuthenticator = statusPortAuthenticator; @@ -37,6 +47,7 @@ public DelegatingAuthenticator(StatusPortAuthenticator statusPortAuthenticator, this.clientCertificateAuthenticator = clientCertificateAuthenticator; // optional + this.bearerTokenAuthenticator = bearerTokenAuthenticator; this.openIdAuthenticator = openIdAuthenticator; this.openIdLoginService = openIdLoginService; this.backChannelLogoutAuthenticator = backChannelLogoutAuthenticator; @@ -47,6 +58,9 @@ public void setConfiguration(AuthConfiguration configuration) { clientCertificateAuthenticator.setConfiguration(configuration); + if (bearerTokenAuthenticator != null) + bearerTokenAuthenticator.setConfiguration(configuration); + if (openIdAuthenticator != null) { AuthConfiguration openIdConfig = new WrappedAuthConfiguration(configuration) @@ -74,17 +88,34 @@ private boolean requestHasCertificate(ServletRequest request) return certificates != null && certificates.length > 0; } + private boolean isFrontendRequest(ServletRequest request) + { + final HttpServletRequest servletRequest = (HttpServletRequest) request; + + boolean sessionCookieSet = servletRequest.getCookies() != null && Arrays.stream(servletRequest.getCookies()) + .anyMatch(c -> sessionHandler.getSessionCookie().equals(c.getName()) && c.getValue() != null); + + if (sessionCookieSet) + return true; + + return servletRequest.getHeader(HttpHeader.ACCEPT.asString()) != null + && servletRequest.getHeader(HttpHeader.ACCEPT.asString()).contains(MimeTypes.Type.TEXT_HTML.asString()); + } + @Override public void prepareRequest(ServletRequest request) { if (statusPortAuthenticator.isStatusPortRequest(request)) statusPortAuthenticator.prepareRequest(request); - else if (backChannelLogoutAuthenticator != null && backChannelLogoutAuthenticator.isSsoLogout(request)) + else if (backChannelLogoutAuthenticator != null + && backChannelLogoutAuthenticator.isBackChannelLogoutRequest(request)) backChannelLogoutAuthenticator.prepareRequest(request); else if (requestHasCertificate(request)) clientCertificateAuthenticator.prepareRequest(request); - else if (openIdAuthenticator != null) + else if (openIdAuthenticator != null && isFrontendRequest(request)) openIdAuthenticator.prepareRequest(request); + else if (bearerTokenAuthenticator != null) + bearerTokenAuthenticator.prepareRequest(request); } @Override @@ -93,12 +124,15 @@ public Authentication validateRequest(ServletRequest request, ServletResponse re { if (statusPortAuthenticator.isStatusPortRequest(request)) return statusPortAuthenticator.validateRequest(request, response, mandatory); - else if (backChannelLogoutAuthenticator != null && backChannelLogoutAuthenticator.isSsoLogout(request)) + else if (backChannelLogoutAuthenticator != null + && backChannelLogoutAuthenticator.isBackChannelLogoutRequest(request)) return backChannelLogoutAuthenticator.validateRequest(request, response, mandatory); else if (requestHasCertificate(request)) return clientCertificateAuthenticator.validateRequest(request, response, mandatory); - else if (openIdAuthenticator != null) + else if (openIdAuthenticator != null && isFrontendRequest(request)) return openIdAuthenticator.validateRequest(request, response, mandatory); + else if (bearerTokenAuthenticator != null) + return bearerTokenAuthenticator.validateRequest(request, response, mandatory); else return Authentication.UNAUTHENTICATED; } @@ -109,12 +143,15 @@ public boolean secureResponse(ServletRequest request, ServletResponse response, { if (statusPortAuthenticator.isStatusPortRequest(request)) return statusPortAuthenticator.secureResponse(request, response, mandatory, validatedUser); - else if (backChannelLogoutAuthenticator != null && backChannelLogoutAuthenticator.isSsoLogout(request)) + else if (backChannelLogoutAuthenticator != null + && backChannelLogoutAuthenticator.isBackChannelLogoutRequest(request)) return backChannelLogoutAuthenticator.secureResponse(request, response, mandatory, validatedUser); else if (requestHasCertificate(request)) return clientCertificateAuthenticator.secureResponse(request, response, mandatory, validatedUser); - else if (openIdAuthenticator != null) + else if (openIdAuthenticator != null && isFrontendRequest(request)) return openIdAuthenticator.secureResponse(request, response, mandatory, validatedUser); + else if (bearerTokenAuthenticator != null) + return bearerTokenAuthenticator.secureResponse(request, response, mandatory, validatedUser); else return false; } @@ -123,10 +160,9 @@ else if (openIdAuthenticator != null) public void logout(ServletRequest request) { Request baseRequest = Request.getBaseRequest(request); - if (openIdAuthenticator.getAuthMethod().equals(baseRequest.getAuthType())) + + if (openIdAuthenticator != null && openIdAuthenticator.getAuthMethod().equals(baseRequest.getAuthType())) openIdAuthenticator.logout(request); - else if (clientCertificateAuthenticator.getAuthMethod().equals(baseRequest.getAuthType())) - clientCertificateAuthenticator.logout(request); else super.logout(request); } diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DsfLoginService.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DsfLoginService.java index 2ab3ab50e..0f6abb93a 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DsfLoginService.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DsfLoginService.java @@ -72,10 +72,12 @@ public UserIdentity login(String username, Object credentials, ServletRequest re return null; Principal principal = null; - if (username == null && credentials instanceof X509Certificate[]) + if (credentials instanceof X509Certificate[]) principal = identityProvider.getIdentity((X509Certificate[]) credentials); - else if (username != null && credentials instanceof OpenIdCredentials) + else if (credentials instanceof OpenIdCredentials) principal = identityProvider.getIdentity(new DsfOpenIdCredentialsImpl((OpenIdCredentials) credentials)); + else if (credentials instanceof String) + principal = identityProvider.getIdentity(new DsfOpenIdCredentialsImpl((String) credentials)); if (principal == null) return null; diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DsfOpenIdConfiguration.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DsfOpenIdConfiguration.java index b699eb869..e10da116d 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DsfOpenIdConfiguration.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DsfOpenIdConfiguration.java @@ -22,15 +22,17 @@ public class DsfOpenIdConfiguration extends OpenIdConfiguration private static final Logger logger = LoggerFactory.getLogger(DsfOpenIdConfiguration.class); private final boolean backChannelLogoutEnabled; + private final boolean bearerTokenEnabled; private RSAKeyProvider rsaKeyProvider; public DsfOpenIdConfiguration(String issuer, String clientId, String clientSecret, HttpClient httpClient, - boolean backChannelLogoutEnabled) + boolean backChannelLogoutEnabled, boolean bearerTokenEnabled) { super(issuer, null, null, clientId, clientSecret, httpClient); this.backChannelLogoutEnabled = backChannelLogoutEnabled; + this.bearerTokenEnabled = bearerTokenEnabled; } @Override @@ -38,7 +40,7 @@ protected void processMetadata(Map<String, Object> discoveryDocument) { super.processMetadata(discoveryDocument); - if (backChannelLogoutEnabled) + if (backChannelLogoutEnabled || bearerTokenEnabled) { String jwksUri = (String) discoveryDocument.get("jwks_uri"); if (jwksUri == null) diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DsfOpenIdCredentialsImpl.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DsfOpenIdCredentialsImpl.java index 5e16f6933..c8a1da1b1 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DsfOpenIdCredentialsImpl.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/DsfOpenIdCredentialsImpl.java @@ -1,5 +1,6 @@ package dev.dsf.common.auth; +import java.util.Collections; import java.util.Map; import org.eclipse.jetty.security.openid.JwtDecoder; @@ -10,53 +11,50 @@ public class DsfOpenIdCredentialsImpl implements DsfOpenIdCredentials private static final String ACCESS_TOKEN = "access_token"; private static final String ID_TOKEN = "id_token"; - private final OpenIdCredentials credentials; + private final Map<String, Object> idToken; + private final Map<String, Object> accessToken; public DsfOpenIdCredentialsImpl(OpenIdCredentials credentials) { - this.credentials = credentials; + this.idToken = JwtDecoder.decode((String) credentials.getResponse().get(ID_TOKEN)); + this.accessToken = JwtDecoder.decode((String) credentials.getResponse().get(ACCESS_TOKEN)); } - public OpenIdCredentials getCredentials() + public DsfOpenIdCredentialsImpl(String accessToken) { - return credentials; + this.idToken = Collections.emptyMap(); + this.accessToken = JwtDecoder.decode(accessToken); } @Override public String getUserId() { - return credentials.getUserId(); + return (String) accessToken.get("sub"); } @Override public Map<String, Object> getIdToken() { - return getToken(ID_TOKEN); + return Collections.unmodifiableMap(idToken); } @Override public Map<String, Object> getAccessToken() { - return getToken(ACCESS_TOKEN); - } - - private Map<String, Object> getToken(String tokenName) - { - String token = (String) credentials.getResponse().get(tokenName); - return JwtDecoder.decode(token); + return Collections.unmodifiableMap(accessToken); } @Override public Long getLongClaim(String key) { - Object o = credentials.getClaims().get(key); + Object o = getAccessToken().get(key); return o instanceof Long ? (Long) o : null; } @Override public String getStringClaimOrDefault(String key, String defaultValue) { - Object o = credentials.getClaims().getOrDefault(key, defaultValue); + Object o = getAccessToken().getOrDefault(key, defaultValue); return o instanceof String ? (String) o : defaultValue; } } diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/AbstractJettyConfig.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/AbstractJettyConfig.java index c67c64b26..2a8372662 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/AbstractJettyConfig.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/AbstractJettyConfig.java @@ -72,11 +72,11 @@ public final Connector createStatusConnector(Server server) public Map<String, String> getAllProperties() { Map<String, String> properties = new HashMap<>(); - properties.put(PROPERTY_JETTY_STATUS_HOST, getStatusHost().orElse(null)); - properties.put(PROPERTY_JETTY_STATUS_PORT, getStatusPort().map(String::valueOf).orElse(null)); properties.put(PROPERTY_JETTY_HOST, getHost().orElse(null)); properties.put(PROPERTY_JETTY_PORT, getPort().map(String::valueOf).orElse(null)); properties.put(PROPERTY_JETTY_CONTEXT_PATH, getContextPath().orElse(null)); + properties.put(PROPERTY_JETTY_STATUS_HOST, getStatusHost().orElse(null)); + properties.put(PROPERTY_JETTY_STATUS_PORT, getStatusPort().map(String::valueOf).orElse(null)); properties.put(PROPERTY_JETTY_SERVER_CERTIFICATE, getServerCertificatePath().map(Path::toString).orElse(null)); properties.put(PROPERTY_JETTY_SERVER_CERTIFICATE_CHAIN, @@ -91,6 +91,10 @@ public Map<String, String> getAllProperties() properties.put(PROPERTY_JETTY_AUTH_CLIENT_CERTIFICATE_HEADER_NAME, getClientCertificateHeaderName().orElse(null)); + properties.put(PROPERTY_JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW, + String.valueOf(getOidcAuthorizationCodeFlowEndabled())); + properties.put(PROPERTY_JETTY_AUTH_OIDC_BEARER_TOKEN, String.valueOf(getOidcBearerTokenEnabled())); + properties.put(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_BASE_URL, getOidcProviderBaseUrl().orElse(null)); properties.put(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CONNECT_TIMEOUT, getOidcProviderClientConnectTimeout().map(String::valueOf).orElse(null)); @@ -106,11 +110,12 @@ public Map<String, String> getAllProperties() getOidcProviderClientCertificatePrivateKeyPassword().map(String::valueOf).orElse(null)); properties.put(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_PROXY_URL, getOidcProviderClientProxyUrl().map(URL::toString).orElse(null)); + properties.put(PROPERTY_JETTY_AUTH_OIDC_CLIENT_ID, getOidcClientId().orElse(null)); properties.put(PROPERTY_JETTY_AUTH_OIDC_CLIENT_SECRET, getOidcClientSecret().orElse(null)); - properties.put(PROPERTY_JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT, - String.valueOf(getOidcSsoBackChannelLogoutEnabled())); - properties.put(PROPERTY_JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT_PATH, getOidcSsoBackChannelPath().orElse(null)); + + properties.put(PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT, String.valueOf(getOidcBackChannelLogoutEnabled())); + properties.put(PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH, getOidcBackChannelPath().orElse(null)); properties.put(PROPERTY_JETTY_LOG4J_CONFIG, getLog4JConfigPath().map(Path::toString).orElse(null)); return properties; diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/EnvJettyConfig.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/EnvJettyConfig.java index 231cf58f3..d98150ce6 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/EnvJettyConfig.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/EnvJettyConfig.java @@ -6,7 +6,6 @@ import java.nio.file.Path; import java.nio.file.Paths; import java.util.HashMap; -import java.util.Locale; import java.util.Map; import java.util.Optional; import java.util.function.Supplier; @@ -24,19 +23,19 @@ public EnvJettyConfig(JettyConfig defaultConfig) private Optional<String> getString(String propertyName, Supplier<Optional<String>> defaultValue) { - final String envVariableName = propertyToEnvironmentVariableName(propertyName); + final String envVariableName = JettyConfig.propertyToEnvironmentVariableName(propertyName); return Optional.ofNullable(System.getenv(envVariableName)).or(defaultValue); } private Optional<char[]> getCharArray(String propertyName, Supplier<Optional<char[]>> defaultValue) { - final String envVariableName = propertyToEnvironmentVariableName(propertyName); + final String envVariableName = JettyConfig.propertyToEnvironmentVariableName(propertyName); return Optional.ofNullable(System.getenv(envVariableName)).map(String::toCharArray).or(defaultValue); } private Optional<Integer> getPort(String propertyName, Supplier<Optional<Integer>> defaultValue) { - final String envVariableName = propertyToEnvironmentVariableName(propertyName); + final String envVariableName = JettyConfig.propertyToEnvironmentVariableName(propertyName); return getString(envVariableName, Optional::empty).map(value -> { try @@ -59,7 +58,7 @@ private Optional<Integer> getPort(String propertyName, Supplier<Optional<Integer private Optional<Long> getTimeout(String propertyName, Supplier<Optional<Long>> defaultValue) { - final String envVariableName = propertyToEnvironmentVariableName(propertyName); + final String envVariableName = JettyConfig.propertyToEnvironmentVariableName(propertyName); return getString(envVariableName, Optional::empty).map(value -> { try @@ -76,7 +75,7 @@ private Optional<Long> getTimeout(String propertyName, Supplier<Optional<Long>> private Optional<Path> getPath(String propertyName, Supplier<Optional<Path>> defaultValue) { - final String envVariableName = propertyToEnvironmentVariableName(propertyName); + final String envVariableName = JettyConfig.propertyToEnvironmentVariableName(propertyName); return getString(envVariableName, Optional::empty).map(value -> { Path pathValue = Paths.get(value); @@ -91,7 +90,7 @@ private Optional<Path> getPath(String propertyName, Supplier<Optional<Path>> def private Optional<URL> getUrl(String propertyName, Supplier<Optional<URL>> defaultValue) { - final String envVariableName = propertyToEnvironmentVariableName(propertyName); + final String envVariableName = JettyConfig.propertyToEnvironmentVariableName(propertyName); return getString(envVariableName, Optional::empty).map(value -> { try @@ -108,15 +107,10 @@ private Optional<URL> getUrl(String propertyName, Supplier<Optional<URL>> defaul private boolean getBoolean(String propertyName, Supplier<Boolean> defaultValue) { - final String envVariableName = propertyToEnvironmentVariableName(propertyName); + final String envVariableName = JettyConfig.propertyToEnvironmentVariableName(propertyName); return getString(envVariableName, Optional::empty).map(Boolean::parseBoolean).orElseGet(defaultValue); } - private String propertyToEnvironmentVariableName(String propertyName) - { - return propertyName.toUpperCase(Locale.ENGLISH).replace('.', '_'); - } - @Override public Optional<String> getStatusHost() { @@ -184,6 +178,19 @@ public Optional<String> getClientCertificateHeaderName() return getString(PROPERTY_JETTY_AUTH_CLIENT_CERTIFICATE_HEADER_NAME, delegate::getClientCertificateHeaderName); } + @Override + public boolean getOidcAuthorizationCodeFlowEndabled() + { + return getBoolean(PROPERTY_JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW, + delegate::getOidcAuthorizationCodeFlowEndabled); + } + + @Override + public boolean getOidcBearerTokenEnabled() + { + return getBoolean(PROPERTY_JETTY_AUTH_OIDC_BEARER_TOKEN, delegate::getOidcBearerTokenEnabled); + } + @Override public Optional<String> getOidcProviderBaseUrl() { @@ -251,16 +258,15 @@ public Optional<String> getOidcClientSecret() } @Override - public boolean getOidcSsoBackChannelLogoutEnabled() + public boolean getOidcBackChannelLogoutEnabled() { - return getBoolean(PROPERTY_JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT, - delegate::getOidcSsoBackChannelLogoutEnabled); + return getBoolean(PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT, delegate::getOidcBackChannelLogoutEnabled); } @Override - public Optional<String> getOidcSsoBackChannelPath() + public Optional<String> getOidcBackChannelPath() { - return getString(PROPERTY_JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT_PATH, delegate::getOidcSsoBackChannelPath); + return getString(PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH, delegate::getOidcBackChannelPath); } @Override diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyConfig.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyConfig.java index a7afaacf3..2b801380c 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyConfig.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyConfig.java @@ -6,6 +6,7 @@ import java.security.KeyStore; import java.time.Duration; import java.time.temporal.ChronoUnit; +import java.util.Locale; import java.util.Map; import java.util.Optional; import java.util.UUID; @@ -25,7 +26,6 @@ public interface JettyConfig String PROPERTY_JETTY_HOST = "jetty.host"; String PROPERTY_JETTY_HOST_DEFAULT = "127.0.0.1"; String PROPERTY_JETTY_PORT = "jetty.port"; - String PROPERTY_JETTY_BASE_URL = "jetty.base.url"; String PROPERTY_JETTY_CONTEXT_PATH = "jetty.context.path"; String PROPERTY_JETTY_STATUS_HOST = "jetty.status.host"; String PROPERTY_JETTY_STATUS_HOST_DEFAULT = "127.0.0.1"; @@ -40,6 +40,9 @@ public interface JettyConfig String PROPERTY_JETTY_AUTH_CLIENT_CERTIFICATE_HEADER_NAME = "jetty.auth.client.certificate.header.name"; String PROPERTY_JETTY_AUTH_CLIENT_CERTIFICATE_HEADER_NAME_DEFAULT = "X-ClientCert"; + String PROPERTY_JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW = "jetty.auth.oidc.authorization.code.flow"; + String PROPERTY_JETTY_AUTH_OIDC_BEARER_TOKEN = "jetty.auth.oidc.bearer.token"; + String PROPERTY_JETTY_AUTH_OIDC_PROVIDER_BASE_URL = "jetty.auth.oidc.provider.base.url"; String PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CONNECT_TIMEOUT = "jetty.auth.oidc.provider.client.connectTimeout"; String PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_IDLE_TIMEOUT = "jetty.auth.oidc.provider.client.idleTimeout"; @@ -52,21 +55,35 @@ public interface JettyConfig String PROPERTY_JETTY_AUTH_OIDC_CLIENT_ID = "jetty.auth.oidc.client.id"; String PROPERTY_JETTY_AUTH_OIDC_CLIENT_SECRET = "jetty.auth.oidc.client.secret"; - String PROPERTY_JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT = "jetty.auth.oidc.sso.back.channel.logout"; - String PROPERTY_JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT_PATH = "jetty.auth.oidc.sso.back.channel.path"; - String PROPERTY_JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT_PATH_DEFAULT = "/sso-logout"; + String PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT = "jetty.auth.oidc.back.channel.logout"; + String PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH = "jetty.auth.oidc.back.channel.logout.path"; + String PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH_DEFAULT = "/back-channel-logout"; String PROPERTY_JETTY_LOG4J_CONFIG = "jetty.log4j.config"; String PROPERTY_JETTY_LOG4J_CONFIG_DEFAULT = "conf/log4j2.xml"; + static String propertyToEnvironmentVariableName(String propertyName) + { + return propertyName.toUpperCase(Locale.ENGLISH).replace('.', '_'); + } + static Supplier<RuntimeException> propertyNotDefined(String propertyName) { - return () -> new RuntimeException("Property " + propertyName + " not defined"); + return () -> new RuntimeException("Property " + propertyName + " not defined (environment variable " + + propertyToEnvironmentVariableName(propertyName) + ")"); + } + + static Supplier<RuntimeException> propertyNotDefinedTrue(String propertyName) + { + return () -> new RuntimeException("Property " + propertyName + " not defined as 'true' (environment variable " + + propertyToEnvironmentVariableName(propertyName) + ")"); } static Supplier<RuntimeException> propertiesNotDefined(String propertyName1, String propertyName2) { - return () -> new RuntimeException("Property " + propertyName1 + " or " + propertyName2 + " not defined"); + return () -> new RuntimeException("Property " + propertyName1 + " or " + propertyName2 + + " not defined (environment variables " + propertyToEnvironmentVariableName(propertyName1) + " or " + + propertyToEnvironmentVariableName(propertyName2) + ")"); } default Optional<String> getStatusHost() @@ -109,6 +126,15 @@ default Optional<String> getClientCertificateHeaderName() return Optional.of(PROPERTY_JETTY_AUTH_CLIENT_CERTIFICATE_HEADER_NAME_DEFAULT); } + default boolean getOidcAuthorizationCodeFlowEndabled() + { + return false; + } + + default boolean getOidcBearerTokenEnabled() + { + return false; + } default Optional<String> getOidcProviderBaseUrl() { @@ -174,19 +200,19 @@ default Optional<String> getOidcClientSecret() return Optional.empty(); } - default boolean getOidcSsoBackChannelLogoutEnabled() + default boolean getOidcBackChannelLogoutEnabled() { return false; } - default Optional<String> getOidcSsoBackChannelPath() + default Optional<String> getOidcBackChannelPath() { - return Optional.of(PROPERTY_JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT_PATH_DEFAULT); + return Optional.of(PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH_DEFAULT); } default Optional<OidcConfig> getOidcConfig() { - if (getOidcProviderBaseUrl().isEmpty() || getOidcClientId().isEmpty() || getOidcClientSecret().isEmpty()) + if (!getOidcAuthorizationCodeFlowEndabled() && !getOidcBearerTokenEnabled() && !getOidcBackChannelLogoutEnabled()) return Optional.empty(); Duration clientIdleTimeout = getOidcProviderClientIdleTimeout() @@ -196,12 +222,12 @@ default Optional<OidcConfig> getOidcConfig() char[] keyStorePassword = UUID.randomUUID().toString().toCharArray(); - return Optional - .of(new OidcConfig(getOidcProviderBaseUrl().get(), getOidcClientId().get(), getOidcClientSecret().get(), - getOidcSsoBackChannelLogoutEnabled(), getOidcSsoBackChannelPath().orElse(null), - clientIdleTimeout, clientConnectTimeout, getOidcProviderClientTrustStore().orElse(null), - getOidcProviderClientKeyStore(keyStorePassword).orElse(null), keyStorePassword, - getOidcClientProxy().orElse(null))); + return Optional.of(new OidcConfig(getOidcAuthorizationCodeFlowEndabled(), getOidcBearerTokenEnabled(), + getOidcProviderBaseUrl().get(), getOidcClientId().orElse(null), getOidcClientSecret().orElse(null), + getOidcBackChannelLogoutEnabled(), getOidcBackChannelPath().orElse(null), clientIdleTimeout, + clientConnectTimeout, getOidcProviderClientTrustStore().orElse(null), + getOidcProviderClientKeyStore(keyStorePassword).orElse(null), keyStorePassword, + getOidcClientProxy().orElse(null))); } default Optional<Path> getLog4JConfigPath() diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyServer.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyServer.java index 9cb40e773..1ca394296 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyServer.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyServer.java @@ -26,6 +26,7 @@ import org.slf4j.LoggerFactory; import dev.dsf.common.auth.BackChannelLogoutAuthenticator; +import dev.dsf.common.auth.BearerTokenAuthenticator; import dev.dsf.common.auth.ClientCertificateAuthenticator; import dev.dsf.common.auth.DelegatingAuthenticator; import dev.dsf.common.auth.DsfLoginService; @@ -69,31 +70,74 @@ public JettyServer(String serverModule, JettyConfig config, private void configureSecurityHandler(WebAppContext webAppContext, int statusConnectorPort, KeyStore clientTrustStore, OidcConfig oidcConfig) { + SessionHandler sessionHandler = webAppContext.getSessionHandler(); DsfLoginService dsfLoginService = new DsfLoginService(webAppContext); DsfOpenIdConfiguration openIdConfiguration = null; OpenIdAuthenticator openIdAuthenticator = null; DsfOpenIdLoginService openIdLoginService = null; + BearerTokenAuthenticator bearerTokenAuthenticator = null; BackChannelLogoutAuthenticator backChannelLogoutAuthenticator = null; if (oidcConfig != null) { openIdConfiguration = new DsfOpenIdConfiguration(oidcConfig.providerBaseUrl(), oidcConfig.clientId(), - oidcConfig.clientSecret(), createOidcClient(oidcConfig), oidcConfig.ssoBackChannelLogoutEnabled()); - openIdAuthenticator = new OpenIdAuthenticator(openIdConfiguration); - openIdLoginService = new DsfOpenIdLoginService(openIdConfiguration, dsfLoginService); + oidcConfig.clientSecret(), createOidcClient(oidcConfig), oidcConfig.bckChannelLogoutEnabled(), + oidcConfig.bearerTokenEnabled()); - if (oidcConfig.ssoBackChannelLogoutEnabled()) - backChannelLogoutAuthenticator = new BackChannelLogoutAuthenticator(openIdConfiguration, - oidcConfig.ssoBackChannelPath()); + if (oidcConfig.authorizationCodeFlowEnabled()) + { + if (oidcConfig.providerBaseUrl() == null) + throw JettyConfig.propertyNotDefined(JettyConfig.PROPERTY_JETTY_AUTH_OIDC_PROVIDER_BASE_URL).get(); + else if (oidcConfig.clientId() == null) + throw JettyConfig.propertyNotDefined(JettyConfig.PROPERTY_JETTY_AUTH_OIDC_CLIENT_ID).get(); + else if (oidcConfig.clientSecret() == null) + throw JettyConfig.propertyNotDefined(JettyConfig.PROPERTY_JETTY_AUTH_OIDC_CLIENT_SECRET).get(); + else + { + openIdAuthenticator = new OpenIdAuthenticator(openIdConfiguration); + logger.info("OIDC authorization code flow enabled"); + } + } + + if (oidcConfig.bearerTokenEnabled()) + { + if (oidcConfig.providerBaseUrl() == null) + throw JettyConfig.propertyNotDefined(JettyConfig.PROPERTY_JETTY_AUTH_OIDC_PROVIDER_BASE_URL).get(); + else + { + bearerTokenAuthenticator = new BearerTokenAuthenticator(openIdConfiguration); + logger.info("OIDC bearer token enabled"); + } + } + + if (oidcConfig.bckChannelLogoutEnabled()) + { + if (!oidcConfig.authorizationCodeFlowEnabled()) + throw JettyConfig + .propertyNotDefinedTrue(JettyConfig.PROPERTY_JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW).get(); + else if (oidcConfig.clientId() == null) + throw JettyConfig.propertyNotDefined(JettyConfig.PROPERTY_JETTY_AUTH_OIDC_CLIENT_ID).get(); + else if (oidcConfig.ssoBackChannelPath() == null) + throw JettyConfig.propertyNotDefined(JettyConfig.PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH) + .get(); + else + { + backChannelLogoutAuthenticator = new BackChannelLogoutAuthenticator(openIdConfiguration, + oidcConfig.ssoBackChannelPath()); + logger.info("OIDC back-channel logout enabled"); + } + } + + openIdLoginService = new DsfOpenIdLoginService(openIdConfiguration, dsfLoginService); } StatusPortAuthenticator statusPortAuthenticator = new StatusPortAuthenticator(statusConnectorPort); ClientCertificateAuthenticator clientCertificateAuthenticator = new ClientCertificateAuthenticator( clientTrustStore); - DelegatingAuthenticator delegatingAuthenticator = new DelegatingAuthenticator(statusPortAuthenticator, - clientCertificateAuthenticator, openIdAuthenticator, openIdLoginService, - backChannelLogoutAuthenticator); + DelegatingAuthenticator delegatingAuthenticator = new DelegatingAuthenticator(sessionHandler, + statusPortAuthenticator, clientCertificateAuthenticator, bearerTokenAuthenticator, openIdAuthenticator, + openIdLoginService, backChannelLogoutAuthenticator); SecurityHandler securityHandler = new DsfSecurityHandler(dsfLoginService, delegatingAuthenticator, openIdConfiguration); @@ -101,7 +145,6 @@ private void configureSecurityHandler(WebAppContext webAppContext, int statusCon webAppContext.setSecurityHandler(securityHandler); - SessionHandler sessionHandler = webAppContext.getSessionHandler(); sessionHandler.addEventListener(backChannelLogoutAuthenticator); } diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/OidcConfig.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/OidcConfig.java index f99cab643..78e1b1a0c 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/OidcConfig.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/OidcConfig.java @@ -5,9 +5,9 @@ import org.eclipse.jetty.client.ProxyConfiguration.Proxy; -public record OidcConfig(String providerBaseUrl, String clientId, String clientSecret, - boolean ssoBackChannelLogoutEnabled, String ssoBackChannelPath, Duration clientIdleTimeout, - Duration clientConnectTimeout, KeyStore clientTrustStore, KeyStore clientKeyStore, +public record OidcConfig(boolean authorizationCodeFlowEnabled, boolean bearerTokenEnabled, String providerBaseUrl, + String clientId, String clientSecret, boolean bckChannelLogoutEnabled, String ssoBackChannelPath, + Duration clientIdleTimeout, Duration clientConnectTimeout, KeyStore clientTrustStore, KeyStore clientKeyStore, char[] clientKeyStorePassword, Proxy clientProxy) { } diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/PropertyJettyConfig.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/PropertyJettyConfig.java index 5d7c7c21d..ecba54600 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/PropertyJettyConfig.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/PropertyJettyConfig.java @@ -223,6 +223,18 @@ public Optional<String> getClientCertificateHeaderName() PROPERTY_JETTY_AUTH_CLIENT_CERTIFICATE_HEADER_NAME_DEFAULT); } + @Override + public boolean getOidcAuthorizationCodeFlowEndabled() + { + return getBoolean(PROPERTY_JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW); + } + + @Override + public boolean getOidcBearerTokenEnabled() + { + return getBoolean(PROPERTY_JETTY_AUTH_OIDC_BEARER_TOKEN); + } + @Override public Optional<String> getOidcProviderBaseUrl() { @@ -285,16 +297,16 @@ public Optional<String> getOidcClientSecret() } @Override - public boolean getOidcSsoBackChannelLogoutEnabled() + public boolean getOidcBackChannelLogoutEnabled() { - return getBoolean(PROPERTY_JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT); + return getBoolean(PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT); } @Override - public Optional<String> getOidcSsoBackChannelPath() + public Optional<String> getOidcBackChannelPath() { - return getString(PROPERTY_JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT_PATH, - PROPERTY_JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT_PATH_DEFAULT); + return getString(PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH, + PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH_DEFAULT); } @Override diff --git a/dsf-docker-test-setup-3medic-ttp/docker-compose.yml b/dsf-docker-test-setup-3medic-ttp/docker-compose.yml index c5ada99fd..f8d1afe51 100644 --- a/dsf-docker-test-setup-3medic-ttp/docker-compose.yml +++ b/dsf-docker-test-setup-3medic-ttp/docker-compose.yml @@ -155,11 +155,13 @@ services: - HISTORY - PERMANENT_DELETE JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem + JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/medic1 JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem JETTY_AUTH_OIDC_CLIENT_ID: medic1-fhir JETTY_AUTH_OIDC_CLIENT_SECRET: mF0GEtjFoyWIM3in4VCwifGI3azb4DTn - JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT: 'true' networks: medic1-fhir-frontend: ipv4_address: 172.20.0.3 @@ -219,11 +221,13 @@ services: - HISTORY - PERMANENT_DELETE JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem + JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/medic2 JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem JETTY_AUTH_OIDC_CLIENT_ID: medic2-fhir JETTY_AUTH_OIDC_CLIENT_SECRET: P7XhxzBixIf9vPdprItkbOXZwtSX2JNt - JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT: 'true' networks: medic2-fhir-frontend: ipv4_address: 172.20.0.11 @@ -283,11 +287,13 @@ services: - HISTORY - PERMANENT_DELETE JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem + JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/medic3 JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem JETTY_AUTH_OIDC_CLIENT_ID: medic3-fhir JETTY_AUTH_OIDC_CLIENT_SECRET: 9i9WRfIedG7N3QoL5WuGM8hCoySblAhK - JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT: 'true' networks: medic3-fhir-frontend: ipv4_address: 172.20.0.19 @@ -354,11 +360,13 @@ services: - HISTORY - PERMANENT_DELETE JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem + JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/ttp JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem JETTY_AUTH_OIDC_CLIENT_ID: ttp-fhir JETTY_AUTH_OIDC_CLIENT_SECRET: SquCQFwjUFqIpU8xQj9pFg79fFxlu2Eu - JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT: 'true' networks: ttp-fhir-frontend: ipv4_address: 172.20.0.27 @@ -417,11 +425,13 @@ services: # property dev.dsf.bpe.allow.list.organization should only be set for testing, do not configure property in production, potential security risk DEV_DSF_BPE_ALLOW_LIST_ORGANIZATION: Test_TTP JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem + JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/medic1 JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem JETTY_AUTH_OIDC_CLIENT_ID: medic1-bpe JETTY_AUTH_OIDC_CLIENT_SECRET: ytqFCErw9GfhVUrrM8xc0Grbu4r7qGig - JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT: 'true' networks: medic1-bpe-frontend: ipv4_address: 172.20.0.35 @@ -480,11 +490,13 @@ services: # property dev.dsf.bpe.allow.list.organization should only be set for testing, do not configure property in production, potential security risk DEV_DSF_BPE_ALLOW_LIST_ORGANIZATION: Test_TTP JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem + JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/medic2 JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem JETTY_AUTH_OIDC_CLIENT_ID: medic2-bpe JETTY_AUTH_OIDC_CLIENT_SECRET: 5GtUIUfoXnQVcsRfd0Hg4EGv14iAknGq - JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT: 'true' networks: medic2-bpe-frontend: ipv4_address: 172.20.0.43 @@ -543,11 +555,13 @@ services: # property dev.dsf.bpe.allow.list.organization should only be set for testing, do not configure property in production, potential security risk DEV_DSF_BPE_ALLOW_LIST_ORGANIZATION: Test_TTP JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem + JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/medic3 JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem JETTY_AUTH_OIDC_CLIENT_ID: medic3-bpe JETTY_AUTH_OIDC_CLIENT_SECRET: VGTQD3WWH4uGUMz408NWNzcHF1MsfV0l - JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT: 'true' networks: medic3-bpe-frontend: ipv4_address: 172.20.0.51 @@ -608,11 +622,13 @@ services: # property dev.dsf.bpe.allow.list.organization should only be set for testing, do not configure property in production, potential security risk DEV_DSF_BPE_ALLOW_LIST_ORGANIZATION: Test_TTP JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem + JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/ttp JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem JETTY_AUTH_OIDC_CLIENT_ID: ttp-bpe JETTY_AUTH_OIDC_CLIENT_SECRET: dTB3Etd2lZ6cn6mK6YbUMvk3A5FmiOoA - JETTY_AUTH_OIDC_SSO_BACK_CHANNEL_LOGOUT: 'true' networks: ttp-bpe-frontend: ipv4_address: 172.20.0.59 diff --git a/dsf-docker-test-setup-3medic-ttp/keycloak/medic1.json b/dsf-docker-test-setup-3medic-ttp/keycloak/medic1.json index 666f14c80..aff81f768 100644 --- a/dsf-docker-test-setup-3medic-ttp/keycloak/medic1.json +++ b/dsf-docker-test-setup-3medic-ttp/keycloak/medic1.json @@ -565,7 +565,7 @@ "oidc.ciba.grant.enabled" : "false", "client.secret.creation.time" : "1678910228", "backchannel.logout.session.required" : "true", - "backchannel.logout.url" : "https://medic1/bpe/sso-logout", + "backchannel.logout.url" : "https://medic1/bpe/back-channel-logout", "post.logout.redirect.uris" : "+", "oauth2.device.authorization.grant.enabled" : "false", "display.on.consent.screen" : "false", @@ -605,7 +605,7 @@ "oidc.ciba.grant.enabled" : "false", "client.secret.creation.time" : "1678910084", "backchannel.logout.session.required" : "true", - "backchannel.logout.url" : "https://medic1/fhir/sso-logout", + "backchannel.logout.url" : "https://medic1/fhir/back-channel-logout", "post.logout.redirect.uris" : "+", "oauth2.device.authorization.grant.enabled" : "false", "display.on.consent.screen" : "false", diff --git a/dsf-docker-test-setup-3medic-ttp/keycloak/medic2.json b/dsf-docker-test-setup-3medic-ttp/keycloak/medic2.json index 3bfd64ab7..ac5bd283b 100644 --- a/dsf-docker-test-setup-3medic-ttp/keycloak/medic2.json +++ b/dsf-docker-test-setup-3medic-ttp/keycloak/medic2.json @@ -565,7 +565,7 @@ "oidc.ciba.grant.enabled" : "false", "client.secret.creation.time" : "1678911496", "backchannel.logout.session.required" : "true", - "backchannel.logout.url" : "https://medic2/bpe/sso-logout", + "backchannel.logout.url" : "https://medic2/bpe/back-channel-logout", "post.logout.redirect.uris" : "+", "oauth2.device.authorization.grant.enabled" : "false", "display.on.consent.screen" : "false", @@ -605,7 +605,7 @@ "oidc.ciba.grant.enabled" : "false", "client.secret.creation.time" : "1678911441", "backchannel.logout.session.required" : "true", - "backchannel.logout.url" : "https://medic2/fhir/sso-logout", + "backchannel.logout.url" : "https://medic2/fhir/back-channel-logout", "post.logout.redirect.uris" : "+", "oauth2.device.authorization.grant.enabled" : "false", "display.on.consent.screen" : "false", diff --git a/dsf-docker-test-setup-3medic-ttp/keycloak/medic3.json b/dsf-docker-test-setup-3medic-ttp/keycloak/medic3.json index bc362ab90..6de169b4e 100644 --- a/dsf-docker-test-setup-3medic-ttp/keycloak/medic3.json +++ b/dsf-docker-test-setup-3medic-ttp/keycloak/medic3.json @@ -565,7 +565,7 @@ "oidc.ciba.grant.enabled" : "false", "client.secret.creation.time" : "1678911603", "backchannel.logout.session.required" : "true", - "backchannel.logout.url" : "https://medic3/bpe/sso-logout", + "backchannel.logout.url" : "https://medic3/bpe/back-channel-logout", "post.logout.redirect.uris" : "+", "oauth2.device.authorization.grant.enabled" : "false", "display.on.consent.screen" : "false", @@ -605,7 +605,7 @@ "oidc.ciba.grant.enabled" : "false", "client.secret.creation.time" : "1678911557", "backchannel.logout.session.required" : "true", - "backchannel.logout.url" : "https://medic3/fhir/sso-logout", + "backchannel.logout.url" : "https://medic3/fhir/back-channel-logout", "post.logout.redirect.uris" : "+", "oauth2.device.authorization.grant.enabled" : "false", "display.on.consent.screen" : "false", diff --git a/dsf-docker-test-setup-3medic-ttp/keycloak/ttp.json b/dsf-docker-test-setup-3medic-ttp/keycloak/ttp.json index d06af5b52..54e295124 100644 --- a/dsf-docker-test-setup-3medic-ttp/keycloak/ttp.json +++ b/dsf-docker-test-setup-3medic-ttp/keycloak/ttp.json @@ -648,7 +648,7 @@ "tls-client-certificate-bound-access-tokens" : "false", "oidc.ciba.grant.enabled" : "false", "backchannel.logout.session.required" : "true", - "backchannel.logout.url" : "https://ttp/bpe/sso-logout", + "backchannel.logout.url" : "https://ttp/bpe/back-channel-logout", "client_credentials.use_refresh_token" : "false", "require.pushed.authorization.requests" : "false", "acr.loa.map" : "{}", @@ -689,7 +689,7 @@ "oidc.ciba.grant.enabled" : "false", "client.secret.creation.time" : "1678894574", "backchannel.logout.session.required" : "true", - "backchannel.logout.url" : "https://ttp/fhir/sso-logout", + "backchannel.logout.url" : "https://ttp/fhir/back-channel-logout", "post.logout.redirect.uris" : "+", "oauth2.device.authorization.grant.enabled" : "false", "display.on.consent.screen" : "false", From ab63324a46459ab68f074eeb9a85e90bd85f05e5 Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Mon, 12 Jun 2023 12:04:48 +0200 Subject: [PATCH 09/43] code formatting --- .../java/dev/dsf/common/auth/BearerTokenAuthenticator.java | 5 +++-- .../src/main/java/dev/dsf/common/jetty/JettyConfig.java | 3 ++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/BearerTokenAuthenticator.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/BearerTokenAuthenticator.java index 767849953..20af290f0 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/BearerTokenAuthenticator.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/auth/BearerTokenAuthenticator.java @@ -86,9 +86,10 @@ public Authentication validateRequest(ServletRequest request, ServletResponse re return new UserAuthentication(getAuthMethod(), user); } - catch(TokenExpiredException e) + catch (TokenExpiredException e) { - servletResponse.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), "Bearer error=\"invalid_token\", error_description=\"The access token expired\""); + servletResponse.setHeader(HttpHeader.WWW_AUTHENTICATE.asString(), + "Bearer error=\"invalid_token\", error_description=\"The access token expired\""); servletResponse.sendError(HttpServletResponse.SC_UNAUTHORIZED); return Authentication.SEND_FAILURE; } diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyConfig.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyConfig.java index 2b801380c..ee3166a05 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyConfig.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyConfig.java @@ -212,7 +212,8 @@ default Optional<String> getOidcBackChannelPath() default Optional<OidcConfig> getOidcConfig() { - if (!getOidcAuthorizationCodeFlowEndabled() && !getOidcBearerTokenEnabled() && !getOidcBackChannelLogoutEnabled()) + if (!getOidcAuthorizationCodeFlowEndabled() && !getOidcBearerTokenEnabled() + && !getOidcBackChannelLogoutEnabled()) return Optional.empty(); Duration clientIdleTimeout = getOidcProviderClientIdleTimeout() From 886c4ee4b837323f908ceacfafc0fd52854ae337 Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Tue, 13 Jun 2023 11:22:38 +0200 Subject: [PATCH 10/43] adds role UAC --- .../fhir/CodeSystem/dsf-organization-role-1.0.0.xml | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml index 7c8110583..fe867de67 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml @@ -18,7 +18,11 @@ <hierarchyMeaning value="grouped-by"/> <versionNeeded value="false"/> <content value="complete"/> - <count value="7"/> + <count value="8"/> + <concept> + <code value="UAC"/> + <display value="Use-and-Access Committee"/> + </concept> <concept> <code value="COS"/> <display value="Coordinating Site"/> From 827300d08f06ae67c99c3fc494e3d28deebc5025 Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Tue, 13 Jun 2023 14:20:17 +0200 Subject: [PATCH 11/43] rename missing files to 1.0.0, remove remaining highmed strings --- .../hapi/ActivityDefinitionWithExtension.java | 6 ++-- .../dev/dsf/fhir/hapi/CodeSystemTest.java | 6 ++-- .../integration/BundleIntegrationTest.java | 10 +++--- .../ReferenceResolverIntegrationTest.java | 8 ++--- .../fhir/integration/TaskIntegrationTest.java | 32 +++++++++---------- .../src/test/resources/bundle.xml | 2 +- .../resources/integration/allow-list.json | 2 +- ... => dsf-test-activity-definition1-1.0.xml} | 4 +-- ... => dsf-test-activity-definition2-1.0.xml} | 4 +-- ... => dsf-test-activity-definition3-1.0.xml} | 4 +-- ... => dsf-test-activity-definition4-1.0.xml} | 4 +-- ...est-task-0.5.xml => dsf-test-task-1.0.xml} | 2 +- ...-0.5.xml => dsf-test-task-profile-1.0.xml} | 4 +-- ...point-0.5.0.xml => dsf-endpoint-1.0.0.xml} | 6 ++-- ...xtension-certificate-thumbprint-1.0.0.xml} | 0 ...n-0.5.0.xml => dsf-organization-1.0.0.xml} | 10 +++--- ...hmed-task-0.5.0.xml => dsf-task-1.0.0.xml} | 6 ++-- 17 files changed, 55 insertions(+), 55 deletions(-) rename dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/{highmed-test-activity-definition1-0.5.xml => dsf-test-activity-definition1-1.0.xml} (95%) rename dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/{highmed-test-activity-definition2-0.5.xml => dsf-test-activity-definition2-1.0.xml} (95%) rename dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/{highmed-test-activity-definition3-0.5.xml => dsf-test-activity-definition3-1.0.xml} (97%) rename dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/{highmed-test-activity-definition4-0.5.xml => dsf-test-activity-definition4-1.0.xml} (97%) rename dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/{highmed-test-task-0.5.xml => dsf-test-task-1.0.xml} (97%) rename dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/{highmed-test-task-profile-0.5.xml => dsf-test-task-profile-1.0.xml} (92%) rename dsf-fhir/dsf-fhir-server/src/test/resources/profiles/{highmed-endpoint-0.5.0.xml => dsf-endpoint-1.0.0.xml} (90%) rename dsf-fhir/dsf-fhir-server/src/test/resources/profiles/{highmed-extension-certificate-thumbprint-0.5.0.xml => dsf-extension-certificate-thumbprint-1.0.0.xml} (100%) rename dsf-fhir/dsf-fhir-server/src/test/resources/profiles/{highmed-organization-0.5.0.xml => dsf-organization-1.0.0.xml} (88%) rename dsf-fhir/dsf-fhir-server/src/test/resources/profiles/{highmed-task-0.5.0.xml => dsf-task-1.0.0.xml} (97%) diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/hapi/ActivityDefinitionWithExtension.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/hapi/ActivityDefinitionWithExtension.java index 363fe496a..241705a88 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/hapi/ActivityDefinitionWithExtension.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/hapi/ActivityDefinitionWithExtension.java @@ -33,9 +33,9 @@ public void test() throws Exception a.setStatus(PublicationStatus.DRAFT); a.setExperimental(true); a.setDate(new Date()); - a.setPublisher("HiGHmed"); - a.getContactFirstRep().setName("HiGHmed").getTelecomFirstRep().setSystem(ContactPointSystem.EMAIL) - .setValue("pmo@highmed.org"); + a.setPublisher("DSF"); + a.getContactFirstRep().setName("DSF").getTelecomFirstRep().setSystem(ContactPointSystem.EMAIL) + .setValue("pmo@dsf.dev"); a.setDescription( "Process to send PING messages to remote Organizations and to receive corresponding PONG message"); a.setKind(ActivityDefinitionKind.TASK); diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/hapi/CodeSystemTest.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/hapi/CodeSystemTest.java index 2193f9939..84ed81e15 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/hapi/CodeSystemTest.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/hapi/CodeSystemTest.java @@ -25,12 +25,12 @@ public void testCodeSystem() throws Exception CodeSystem codeSystem = new CodeSystem(); codeSystem.setUrl("http://dsf.dev/fhir/CodeSystem/organization-role"); codeSystem.setVersion("0.1.0"); - codeSystem.setName("HiGHmed_Organization_Type"); - codeSystem.setTitle("HiGHmed Organization Type"); + codeSystem.setName("DSF_Organization_Type"); + codeSystem.setTitle("DSF Organization Type"); codeSystem.setStatus(PublicationStatus.ACTIVE); codeSystem.setExperimental(false); codeSystem.setDate(new Date()); - codeSystem.setPublisher("HiGHmed"); + codeSystem.setPublisher("DSF"); codeSystem.setCaseSensitive(true); codeSystem.setContent(CodeSystemContentMode.COMPLETE); codeSystem.setVersionNeeded(false); diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/BundleIntegrationTest.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/BundleIntegrationTest.java index 20760db00..5225dd55a 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/BundleIntegrationTest.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/BundleIntegrationTest.java @@ -58,7 +58,7 @@ public void testCreateBundle() throws Exception logger.debug(fhirContext.newJsonParser().encodeResourceToString(allowList)); Bundle updatedBundle = getWebserviceClient().updateConditionaly(allowList, Map.of("identifier", - Collections.singletonList("http://dsf.dev/fhir/CodeSystem/update-allow-list|highmed_allow_list"))); + Collections.singletonList("http://dsf.dev/fhir/CodeSystem/update-allow-list|allow_list"))); assertNotNull(updatedBundle); } @@ -72,7 +72,7 @@ public void testCreateBundleReturnMinimal() throws Exception logger.debug(fhirContext.newJsonParser().encodeResourceToString(allowList)); IdType id = getWebserviceClient().withMinimalReturn().updateConditionaly(allowList, Map.of("identifier", - Collections.singletonList("http://dsf.dev/fhir/CodeSystem/update-allow-list|highmed_allow_list"))); + Collections.singletonList("http://dsf.dev/fhir/CodeSystem/update-allow-list|allow_list"))); assertNotNull(id); } @@ -86,8 +86,8 @@ public void testCreateBundleReturnOperationOutcome() throws Exception logger.debug(fhirContext.newJsonParser().encodeResourceToString(allowList)); OperationOutcome outcome = getWebserviceClient().withOperationOutcomeReturn().updateConditionaly(allowList, - Map.of("identifier", Collections - .singletonList("http://dsf.dev/fhir/CodeSystem/update-allow-list|highmed_allow_list"))); + Map.of("identifier", + Collections.singletonList("http://dsf.dev/fhir/CodeSystem/update-allow-list|allow_list"))); assertNotNull(outcome); } @@ -95,7 +95,7 @@ public void testCreateBundleReturnOperationOutcome() throws Exception @Test public void testDeleteTaskProfileViaBundleTestSupportedProfilesInConformanceStatement() throws Exception { - final String taskProfileUrl = "http://dsf.dev/fhir/StructureDefinition/highmed-task-test"; + final String taskProfileUrl = "http://dsf.dev/fhir/StructureDefinition/task-test"; final String taskProfileVersion = "1.2.3"; StructureDefinition newS = new StructureDefinition(); diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/ReferenceResolverIntegrationTest.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/ReferenceResolverIntegrationTest.java index 9a4b3a409..778814407 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/ReferenceResolverIntegrationTest.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/ReferenceResolverIntegrationTest.java @@ -118,8 +118,8 @@ private void prepareServerWithActivityDefinitionAndTaskProfile() throws IOExcept private ActivityDefinition readActivityDefinition() throws IOException { - try (InputStream in = Files.newInputStream( - Paths.get("src/test/resources/integration/task/highmed-test-activity-definition2-0.5.xml"))) + try (InputStream in = Files + .newInputStream(Paths.get("src/test/resources/integration/task/dsf-test-activity-definition2-1.0.xml"))) { return fhirContext.newXmlParser().parseResource(ActivityDefinition.class, in); } @@ -128,7 +128,7 @@ private ActivityDefinition readActivityDefinition() throws IOException private StructureDefinition readTestTaskProfile() throws IOException { try (InputStream in = Files - .newInputStream(Paths.get("src/test/resources/integration/task/highmed-test-task-profile-0.5.xml"))) + .newInputStream(Paths.get("src/test/resources/integration/task/dsf-test-task-profile-1.0.xml"))) { return fhirContext.newXmlParser().parseResource(StructureDefinition.class, in); } @@ -203,7 +203,7 @@ private Task getTaskWithLogicalReferenceInputBasedOnUnknownNamingSystem() throws private Task readTestTask() throws IOException { try (InputStream in = Files - .newInputStream(Paths.get("src/test/resources/integration/task/highmed-test-task-0.5.xml"))) + .newInputStream(Paths.get("src/test/resources/integration/task/dsf-test-task-1.0.xml"))) { return fhirContext.newXmlParser().parseResource(Task.class, in).setAuthoredOn(new Date()); } diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java index b9a99884a..b5ec3dc13 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java @@ -630,7 +630,7 @@ private ActivityDefinition readActivityDefinition(String fileName) throws IOExce private StructureDefinition readTestTaskProfile() throws IOException { try (InputStream in = Files - .newInputStream(Paths.get("src/test/resources/integration/task/highmed-test-task-profile-0.5.xml"))) + .newInputStream(Paths.get("src/test/resources/integration/task/dsf-test-task-profile-1.0.xml"))) { return fhirContext.newXmlParser().parseResource(StructureDefinition.class, in); } @@ -639,7 +639,7 @@ private StructureDefinition readTestTaskProfile() throws IOException private Task readTestTask(String requester, String recipient) throws IOException { try (InputStream in = Files - .newInputStream(Paths.get("src/test/resources/integration/task/highmed-test-task-0.5.xml"))) + .newInputStream(Paths.get("src/test/resources/integration/task/dsf-test-task-1.0.xml"))) { Task task = fhirContext.newXmlParser().parseResource(Task.class, in); task.setAuthoredOn(new Date()); @@ -654,7 +654,7 @@ private Task readTestTask(String requester, String recipient) throws IOException @Test public void testCreateTaskAllowedLocalUser() throws Exception { - ActivityDefinition ad1 = readActivityDefinition("highmed-test-activity-definition1-0.5.xml"); + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition1-1.0.xml"); ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); assertNotNull(createdAd1); assertNotNull(createdAd1.getIdElement().getIdPart()); @@ -673,7 +673,7 @@ public void testCreateTaskAllowedLocalUser() throws Exception @Test public void testCreateTaskAllowedLocalUserVersionSpecificProfile() throws Exception { - ActivityDefinition ad1 = readActivityDefinition("highmed-test-activity-definition1-0.5.xml"); + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition1-1.0.xml"); ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); assertNotNull(createdAd1); assertNotNull(createdAd1.getIdElement().getIdPart()); @@ -685,7 +685,7 @@ public void testCreateTaskAllowedLocalUserVersionSpecificProfile() throws Except Task task = readTestTask("Test_Organization", "Test_Organization"); CanonicalType profile = task.getMeta().getProfile().get(0); - profile.setValue(profile.getValue() + "|0.5"); + profile.setValue(profile.getValue() + "|1.0"); Task createdTask = getWebserviceClient().create(task); assertNotNull(createdTask); assertNotNull(createdTask.getIdElement().getIdPart()); @@ -694,7 +694,7 @@ public void testCreateTaskAllowedLocalUserVersionSpecificProfile() throws Except @Test public void testCreateTaskAllowedLocalUserVersionSpecificProfileBadVersion() throws Exception { - ActivityDefinition ad1 = readActivityDefinition("highmed-test-activity-definition1-0.5.xml"); + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition1-1.0.xml"); ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); assertNotNull(createdAd1); assertNotNull(createdAd1.getIdElement().getIdPart()); @@ -714,7 +714,7 @@ public void testCreateTaskAllowedLocalUserVersionSpecificProfileBadVersion() thr @Test public void testCreateTaskNotAllowedRemoteUser() throws Exception { - ActivityDefinition ad1 = readActivityDefinition("highmed-test-activity-definition1-0.5.xml"); + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition1-1.0.xml"); ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); assertNotNull(createdAd1); assertNotNull(createdAd1.getIdElement().getIdPart()); @@ -731,7 +731,7 @@ public void testCreateTaskNotAllowedRemoteUser() throws Exception @Test public void testCreateTaskNotAllowedLocalUser() throws Exception { - ActivityDefinition ad2 = readActivityDefinition("highmed-test-activity-definition2-0.5.xml"); + ActivityDefinition ad2 = readActivityDefinition("dsf-test-activity-definition2-1.0.xml"); ActivityDefinition createdAd2 = getWebserviceClient().create(ad2); assertNotNull(createdAd2); assertNotNull(createdAd2.getIdElement().getIdPart()); @@ -748,7 +748,7 @@ public void testCreateTaskNotAllowedLocalUser() throws Exception @Test public void testCreateTaskAllowedRemoteUser() throws Exception { - ActivityDefinition ad2 = readActivityDefinition("highmed-test-activity-definition2-0.5.xml"); + ActivityDefinition ad2 = readActivityDefinition("dsf-test-activity-definition2-1.0.xml"); ActivityDefinition createdAd2 = getWebserviceClient().create(ad2); assertNotNull(createdAd2); assertNotNull(createdAd2.getIdElement().getIdPart()); @@ -767,7 +767,7 @@ public void testCreateTaskAllowedRemoteUser() throws Exception @Test public void testCreateTaskNotAllowedLocalUser2() throws Exception { - ActivityDefinition ad3 = readActivityDefinition("highmed-test-activity-definition3-0.5.xml"); + ActivityDefinition ad3 = readActivityDefinition("dsf-test-activity-definition3-1.0.xml"); ActivityDefinition createdAd3 = getWebserviceClient().create(ad3); assertNotNull(createdAd3); assertNotNull(createdAd3.getIdElement().getIdPart()); @@ -784,7 +784,7 @@ public void testCreateTaskNotAllowedLocalUser2() throws Exception @Test public void testCreateTaskAllowedRemoteUser2() throws Exception { - ActivityDefinition ad3 = readActivityDefinition("highmed-test-activity-definition3-0.5.xml"); + ActivityDefinition ad3 = readActivityDefinition("dsf-test-activity-definition3-1.0.xml"); ActivityDefinition createdAd3 = getWebserviceClient().create(ad3); assertNotNull(createdAd3); assertNotNull(createdAd3.getIdElement().getIdPart()); @@ -803,7 +803,7 @@ public void testCreateTaskAllowedRemoteUser2() throws Exception @Test public void testCreateTaskNotAllowedRemoteUser2() throws Exception { - ActivityDefinition ad3 = readActivityDefinition("highmed-test-activity-definition3-0.5.xml"); + ActivityDefinition ad3 = readActivityDefinition("dsf-test-activity-definition3-1.0.xml"); Coding recipient = (Coding) ad3 .getExtensionByUrl("http://dsf.dev/fhir/StructureDefinition/extension-process-authorization") .getExtensionByUrl("recipient").getValue(); @@ -829,7 +829,7 @@ public void testCreateTaskNotAllowedRemoteUser2() throws Exception @Test public void testCreateTaskAllowedRemoteUser3() throws Exception { - ActivityDefinition ad3 = readActivityDefinition("highmed-test-activity-definition4-0.5.xml"); + ActivityDefinition ad3 = readActivityDefinition("dsf-test-activity-definition4-1.0.xml"); ActivityDefinition createdAd3 = getWebserviceClient().create(ad3); assertNotNull(createdAd3); assertNotNull(createdAd3.getIdElement().getIdPart()); @@ -916,7 +916,7 @@ public void testDeletePermanentlyByExternalUser() throws Exception @Test public void testHistoryLiteralReferenceClean() throws Exception { - ActivityDefinition ad1 = readActivityDefinition("highmed-test-activity-definition1-0.5.xml"); + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition1-1.0.xml"); ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); assertNotNull(createdAd1); assertNotNull(createdAd1.getIdElement().getIdPart()); @@ -1077,7 +1077,7 @@ public void testSearchByProfile() throws Exception @Test public void testUpdateTaskFromInProgressToCompletedWithNonExistingInputReferenceToExternalBinary() throws Exception { - ActivityDefinition ad2 = readActivityDefinition("highmed-test-activity-definition2-0.5.xml"); + ActivityDefinition ad2 = readActivityDefinition("dsf-test-activity-definition2-1.0.xml"); ActivityDefinition createdAd2 = getWebserviceClient().create(ad2); assertNotNull(createdAd2); assertNotNull(createdAd2.getIdElement().getIdPart()); @@ -1111,7 +1111,7 @@ public void testUpdateTaskFromInProgressToCompletedWithNonExistingInputReference public void testUpdateTaskFromInProgressToCompletedWithNonExistingInputReferenceToExternalBinaryViaBundle() throws Exception { - ActivityDefinition ad2 = readActivityDefinition("highmed-test-activity-definition2-0.5.xml"); + ActivityDefinition ad2 = readActivityDefinition("dsf-test-activity-definition2-1.0.xml"); ActivityDefinition createdAd2 = getWebserviceClient().create(ad2); assertNotNull(createdAd2); assertNotNull(createdAd2.getIdElement().getIdPart()); diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/bundle.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/bundle.xml index c9a685ec0..4995ce26f 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/bundle.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/bundle.xml @@ -6,7 +6,7 @@ </meta> <identifier> <system value="http://dsf.dev/fhir/CodeSystem/bundle"></system> - <value value="HiGHmed_white_list"></value> + <value value="allow_list"></value> </identifier> <type value="transaction"></type> <entry> diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/allow-list.json b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/allow-list.json index e02019914..4205a1c11 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/allow-list.json +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/allow-list.json @@ -9,7 +9,7 @@ }, "identifier": { "system": "http://dsf.dev/fhir/CodeSystem/update-allowlist", - "value": "highmed_allowlist" + "value": "allowlist" }, "type": "transaction", "entry": [{ diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition1-0.5.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition1-1.0.xml similarity index 95% rename from dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition1-0.5.xml rename to dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition1-1.0.xml index 05136607c..a838c251a 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition1-0.5.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition1-1.0.xml @@ -10,7 +10,7 @@ <valueString value="test-message" /> </extension> <extension url="task-profile"> - <valueCanonical value="http://dsf.dev/fhir/StructureDefinition/test-task|0.5" /> + <valueCanonical value="http://dsf.dev/fhir/StructureDefinition/test-task|1.0" /> </extension> <extension url="requester"> <valueCoding> @@ -26,7 +26,7 @@ </extension> </extension> <url value="http://dsf.dev/bpe/Process/test" /> - <version value="0.5" /> + <version value="1.0" /> <status value="active" /> <kind value="Task" /> </ActivityDefinition> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition2-0.5.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition2-1.0.xml similarity index 95% rename from dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition2-0.5.xml rename to dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition2-1.0.xml index 7985edb61..9a1bef562 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition2-0.5.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition2-1.0.xml @@ -10,7 +10,7 @@ <valueString value="test-message" /> </extension> <extension url="task-profile"> - <valueCanonical value="http://dsf.dev/fhir/StructureDefinition/test-task|0.5" /> + <valueCanonical value="http://dsf.dev/fhir/StructureDefinition/test-task|1.0" /> </extension> <extension url="requester"> <valueCoding> @@ -26,7 +26,7 @@ </extension> </extension> <url value="http://dsf.dev/bpe/Process/test" /> - <version value="0.5" /> + <version value="1.0" /> <status value="active" /> <kind value="Task" /> </ActivityDefinition> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition3-0.5.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition3-1.0.xml similarity index 97% rename from dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition3-0.5.xml rename to dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition3-1.0.xml index 1c474ac57..714c28a2b 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition3-0.5.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition3-1.0.xml @@ -11,7 +11,7 @@ <valueString value="test-message" /> </extension> <extension url="task-profile"> - <valueCanonical value="http://dsf.dev/fhir/StructureDefinition/test-task|0.5" /> + <valueCanonical value="http://dsf.dev/fhir/StructureDefinition/test-task|1.0" /> </extension> <extension url="requester"> <valueCoding> @@ -47,7 +47,7 @@ </extension> </extension> <url value="http://dsf.dev/bpe/Process/test" /> - <version value="0.5" /> + <version value="1.0" /> <status value="active" /> <kind value="Task" /> </ActivityDefinition> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition4-0.5.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition4-1.0.xml similarity index 97% rename from dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition4-0.5.xml rename to dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition4-1.0.xml index 8f47ab8fb..11a9c8f1c 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-activity-definition4-0.5.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition4-1.0.xml @@ -11,7 +11,7 @@ <valueString value="test-message" /> </extension> <extension url="task-profile"> - <valueCanonical value="http://dsf.dev/fhir/StructureDefinition/test-task|0.5" /> + <valueCanonical value="http://dsf.dev/fhir/StructureDefinition/test-task|1.0" /> </extension> <extension url="requester"> <valueCoding> @@ -55,7 +55,7 @@ </extension> </extension> <url value="http://dsf.dev/bpe/Process/test" /> - <version value="0.5" /> + <version value="1.0" /> <status value="active" /> <kind value="Task" /> </ActivityDefinition> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-task-0.5.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-task-1.0.xml similarity index 97% rename from dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-task-0.5.xml rename to dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-task-1.0.xml index ab387a322..30cfa4b0b 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-task-0.5.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-task-1.0.xml @@ -2,7 +2,7 @@ <meta> <profile value="http://dsf.dev/fhir/StructureDefinition/test-task"></profile> </meta> - <instantiatesCanonical value="http://dsf.dev/bpe/Process/test|0.5"></instantiatesCanonical> + <instantiatesCanonical value="http://dsf.dev/bpe/Process/test|1.0"></instantiatesCanonical> <status value="requested"></status> <intent value="order"></intent> <!--<authoredOn value="2021-05-17T15:18:09+02:00"></authoredOn>--> diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-task-profile-0.5.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-task-profile-1.0.xml similarity index 92% rename from dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-task-profile-0.5.xml rename to dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-task-profile-1.0.xml index 71f8ce0c8..051af815e 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/highmed-test-task-profile-0.5.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-task-profile-1.0.xml @@ -6,7 +6,7 @@ </tag> </meta> <url value="http://dsf.dev/fhir/StructureDefinition/test-task" /> - <version value="0.5" /> + <version value="1.0" /> <name value="TestTask" /> <status value="active" /> <experimental value="false" /> @@ -20,7 +20,7 @@ <differential> <element id="Task.instantiatesCanonical"> <path value="Task.instantiatesCanonical" /> - <fixedCanonical value="http://dsf.dev/bpe/Process/test|0.5" /> + <fixedCanonical value="http://dsf.dev/bpe/Process/test|1.0" /> </element> <element id="Task.input:message-name"> <path value="Task.input" /> diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-endpoint-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/dsf-endpoint-1.0.0.xml similarity index 90% rename from dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-endpoint-0.5.0.xml rename to dsf-fhir/dsf-fhir-server/src/test/resources/profiles/dsf-endpoint-1.0.0.xml index c73f496cb..3b243c550 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-endpoint-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/dsf-endpoint-1.0.0.xml @@ -29,13 +29,13 @@ </element> <element id="Endpoint.identifier:sliceIdentifier.system"> <path value="Endpoint.identifier.system"/> - <fixedUri value="http://dsf.dev/fhir/CodeSystem/highmed-endpoint"/> + <fixedUri value="http://dsf.dev/fhir/CodeSystem/endpoint"/> </element> <element id="Endpoint.identifier:sliceIdentifier.value"> <path value="Endpoint.identifier.value"/> <binding> <strength value="required"/> - <valueSet value="http://dsf.dev/fhir/ValueSet/highmed-endpoint"/> + <valueSet value="http://dsf.dev/fhir/ValueSet/endpoint"/> </binding> </element> <element id="Endpoint.managingOrganization"> @@ -43,7 +43,7 @@ <min value="1"/> <type> <code value="Reference"/> - <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization"/> + <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization|1.0.0"/> </type> </element> </differential> diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-extension-certificate-thumbprint-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/dsf-extension-certificate-thumbprint-1.0.0.xml similarity index 100% rename from dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-extension-certificate-thumbprint-0.5.0.xml rename to dsf-fhir/dsf-fhir-server/src/test/resources/profiles/dsf-extension-certificate-thumbprint-1.0.0.xml diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-organization-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/dsf-organization-1.0.0.xml similarity index 88% rename from dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-organization-0.5.0.xml rename to dsf-fhir/dsf-fhir-server/src/test/resources/profiles/dsf-organization-1.0.0.xml index ff74a98a2..6b0c8854c 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-organization-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/dsf-organization-1.0.0.xml @@ -42,17 +42,17 @@ </slicing> <min value="1"/> </element> - <element id="Organization.identifier:HiGHmed"> + <element id="Organization.identifier:DSF"> <path value="Organization.identifier"/> - <sliceName value="HiGHmed"/> + <sliceName value="DSF"/> <min value="1"/> <max value="1"/> </element> - <element id="Organization.identifier:HiGHmed.system"> + <element id="Organization.identifier:DSF.system"> <path value="Organization.identifier.system"/> - <fixedUri value="http://dsf.dev/fhir/CodeSystem/highmed-organization"/> + <fixedUri value="http://dsf.dev/fhir/CodeSystem/organization"/> </element> - <element id="Organization.identifier:HiGHmed.value"> + <element id="Organization.identifier:DSF.value"> <path value="Organization.identifier.value"/> <binding> <strength value="required"/> diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-task-0.5.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/dsf-task-1.0.0.xml similarity index 97% rename from dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-task-0.5.0.xml rename to dsf-fhir/dsf-fhir-server/src/test/resources/profiles/dsf-task-1.0.0.xml index ee719ae9b..c7ab8810a 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/highmed-task-0.5.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/profiles/dsf-task-1.0.0.xml @@ -1,6 +1,6 @@ <?xml version="1.0" encoding="utf-8"?> <StructureDefinition xmlns="http://hl7.org/fhir"> - <url value="http://dsf.dev/fhir/StructureDefinition/highmed-task"/> + <url value="http://dsf.dev/fhir/StructureDefinition/task"/> <version value="1.0.0"/> <name value="Task"/> <status value="draft"/> @@ -44,7 +44,7 @@ <min value="1"/> <type> <code value="Reference"/> - <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization"/> + <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization|1.0.0"/> </type> </element> <element id="Task.restriction"> @@ -57,7 +57,7 @@ <max value="1"/> <type> <code value="Reference"/> - <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization"/> + <targetProfile value="http://dsf.dev/fhir/StructureDefinition/organization|1.0.0"/> </type> </element> <element id="Task.input"> From 10c522b861a06c8ae13b7006d0a42494b3d00fae Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Wed, 14 Jun 2023 11:17:37 +0200 Subject: [PATCH 12/43] remove not needed column --- .../db/db.structure_definition_snapshots.changelog-1.0.0.xml | 3 --- 1 file changed, 3 deletions(-) diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-1.0.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-1.0.0.xml index 108083bbb..3abad4a2e 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-1.0.0.xml @@ -18,9 +18,6 @@ <column name="structure_definition_snapshot" type="${json}"> <constraints nullable="false" /> </column> - <column name="structure_definition_snapshot_info" type="${json}"> - <constraints nullable="true" /> - </column> </createTable> <addPrimaryKey tableName="structure_definition_snapshots" columnNames="structure_definition_snapshot_id, version" /> From d7f539964d2d4e2833911075072b38bb5d681b36 Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Wed, 14 Jun 2023 11:27:08 +0200 Subject: [PATCH 13/43] remove structure_definition_snapshot_info index as well --- .../db/db.structure_definition_snapshots.changelog-1.0.0.xml | 1 - 1 file changed, 1 deletion(-) diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-1.0.0.xml b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-1.0.0.xml index 3abad4a2e..738b01351 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/db.structure_definition_snapshots.changelog-1.0.0.xml @@ -30,7 +30,6 @@ CREATE INDEX structure_definition_snapshot_id_index ON structure_definition_snapshots USING btree (structure_definition_snapshot_id); CREATE INDEX structure_definition_snapshot_index ON structure_definition_snapshots USING gin (structure_definition_snapshot); CREATE INDEX structure_definition_snapshot_id_version_index ON structure_definition_snapshots USING btree (structure_definition_snapshot_id, version); - CREATE INDEX structure_definition_snapshot_info_index ON structure_definition_snapshots USING gin (structure_definition_snapshot_info); </sql> <createView viewName="current_structure_definition_snapshots" replaceIfExists="true"> From 2b85967677a8cc5e444df3d71194e945dadf5226 Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Mon, 19 Jun 2023 15:01:33 +0200 Subject: [PATCH 14/43] initial task html view based on draft resources --- .../v1/activity/DefaultUserTaskListener.java | 34 +-- .../QuestionnaireResponseHandler.java | 1 - .../dev/dsf/fhir/adapter/HtmlFhirAdapter.java | 12 +- .../dsf/fhir/adapter/InputHtmlGenerator.java | 136 ++++++++++++ .../QuestionnaireResponseHtmlGenerator.java | 208 ++++++------------ .../dsf/fhir/adapter/TaskHtmlGenerator.java | 190 ++++++++++++++++ .../dsf/fhir/spring/config/AdapterConfig.java | 6 +- .../src/main/resources/static/form.css | 71 +++++- .../src/main/resources/static/form.js | 173 ++++++++++----- .../src/main/resources/static/tabs.js | 12 - .../src/main/resources/static/util.js | 11 + 11 files changed, 606 insertions(+), 248 deletions(-) create mode 100644 dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java create mode 100644 dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java create mode 100644 dsf-fhir/dsf-fhir-server/src/main/resources/static/util.js diff --git a/dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/activity/DefaultUserTaskListener.java b/dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/activity/DefaultUserTaskListener.java index 2685466d6..444a5d757 100644 --- a/dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/activity/DefaultUserTaskListener.java +++ b/dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/activity/DefaultUserTaskListener.java @@ -13,7 +13,6 @@ import org.hl7.fhir.r4.model.CodeableConcept; import org.hl7.fhir.r4.model.Questionnaire; import org.hl7.fhir.r4.model.QuestionnaireResponse; -import org.hl7.fhir.r4.model.QuestionnaireResponse.QuestionnaireResponseItemComponent; import org.hl7.fhir.r4.model.Reference; import org.hl7.fhir.r4.model.ResourceType; import org.hl7.fhir.r4.model.StringType; @@ -132,6 +131,7 @@ private Questionnaire readQuestionnaire(String urlWithVersion) return questionnaires.get(0); } + private QuestionnaireResponse createDefaultQuestionnaireResponse(String questionnaireUrlWithVersion, String businessKey, String userTaskId) { @@ -143,12 +143,9 @@ private QuestionnaireResponse createDefaultQuestionnaireResponse(String question .setIdentifier(api.getOrganizationProvider().getLocalOrganizationIdentifier() .orElseThrow(() -> new IllegalStateException("Local organization identifier unknown")))); - if (addBusinessKeyToQuestionnaireResponse()) - { - api.getQuestionnaireResponseHelper().addItemLeafWithAnswer(questionnaireResponse, - BpmnUserTask.Codes.BUSINESS_KEY, "The business-key of the process execution", - new StringType(businessKey)); - } + api.getQuestionnaireResponseHelper().addItemLeafWithAnswer(questionnaireResponse, + BpmnUserTask.Codes.BUSINESS_KEY, "The business-key of the process execution", + new StringType(businessKey)); api.getQuestionnaireResponseHelper().addItemLeafWithAnswer(questionnaireResponse, BpmnUserTask.Codes.USER_TASK_ID, "The user-task-id of the process execution", @@ -183,13 +180,10 @@ private void transformItem(QuestionnaireResponse questionnaireResponse, private void checkQuestionnaireResponse(QuestionnaireResponse questionnaireResponse) { - if (addBusinessKeyToQuestionnaireResponse()) - { - questionnaireResponse.getItem().stream().filter(i -> BpmnUserTask.Codes.BUSINESS_KEY.equals(i.getLinkId())) - .findFirst().orElseThrow( - () -> new RuntimeException("QuestionnaireResponse does not contain an item with linkId='" - + BpmnUserTask.Codes.BUSINESS_KEY + "'")); - } + questionnaireResponse.getItem().stream().filter(i -> BpmnUserTask.Codes.BUSINESS_KEY.equals(i.getLinkId())) + .findFirst() + .orElseThrow(() -> new RuntimeException("QuestionnaireResponse does not contain an item with linkId='" + + BpmnUserTask.Codes.BUSINESS_KEY + "'")); questionnaireResponse.getItem().stream().filter(i -> BpmnUserTask.Codes.USER_TASK_ID.equals(i.getLinkId())) .findFirst() @@ -200,18 +194,6 @@ private void checkQuestionnaireResponse(QuestionnaireResponse questionnaireRespo throw new RuntimeException("QuestionnaireResponse must be in status 'in-progress'"); } - /** - * <i>Override this method to decided if you want to add the Business-Key to the {@link QuestionnaireResponse} - * resource as an item with {@link QuestionnaireResponseItemComponent#getLinkId()} equal to - * {@link BpmnUserTask.Codes#BUSINESS_KEY}</i> - * - * @return <code>false</code> - */ - protected boolean addBusinessKeyToQuestionnaireResponse() - { - return false; - } - /** * <i>Override this method to modify the {@link QuestionnaireResponse} before it will be created in state * {@link QuestionnaireResponse.QuestionnaireResponseStatus#INPROGRESS} on the DSF FHIR server</i> diff --git a/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/subscription/QuestionnaireResponseHandler.java b/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/subscription/QuestionnaireResponseHandler.java index e12cf631a..5370ce0e9 100644 --- a/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/subscription/QuestionnaireResponseHandler.java +++ b/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/subscription/QuestionnaireResponseHandler.java @@ -72,7 +72,6 @@ public void onResource(QuestionnaireResponse questionnaireResponse) catch (Exception e) { logger.warn("Unable to complete UserTask", e); - throw new RuntimeException(e); } } diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/HtmlFhirAdapter.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/HtmlFhirAdapter.java index 52dddc39e..5e32d198b 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/HtmlFhirAdapter.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/HtmlFhirAdapter.java @@ -34,6 +34,7 @@ import org.hl7.fhir.r4.model.Bundle; import org.hl7.fhir.r4.model.IdType; import org.hl7.fhir.r4.model.Resource; +import org.hl7.fhir.r4.model.Task; import ca.uhn.fhir.context.FhirContext; import ca.uhn.fhir.model.api.annotation.ResourceDef; @@ -145,6 +146,7 @@ public void writeTo(BaseResource resource, Class<?> type, Type genericType, Anno <link rel="icon" type="image/png" href="${basePath}static/favicon_32x32.png" sizes="32x32"> <link rel="icon" type="image/png" href="${basePath}static/favicon_96x96.png" sizes="96x96"> <meta name="theme-color" content="#326F95"> + <script src="${basePath}static/util.js"></script> <script src="${basePath}static/prettify.js"></script> <script src="${basePath}static/tabs.js"></script> <script src="${basePath}static/bookmarks.js"></script> @@ -158,7 +160,7 @@ public void writeTo(BaseResource resource, Class<?> type, Type genericType, Anno + uriInfo.getPath() + "\n"); out.write("\n"); out.write("\n"); + + ");checkBookmarked();" + adaptFormInputs(resource) + "\">\n"); out.write("
\n"); @@ -433,6 +435,14 @@ private boolean isHtmlEnabled(Class resourceType) return htmlGeneratorsByType.containsKey(resourceType); } + private String adaptFormInputs(BaseResource resource) + { + if (resource instanceof Task task) + return Task.TaskStatus.DRAFT.equals(task.getStatus()) ? "adaptFormInputs();" : ""; + else + return ""; + } + private Optional getResourceName(BaseResource resource, String uuid) { if (resource instanceof Bundle) diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java new file mode 100644 index 000000000..abafc157c --- /dev/null +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java @@ -0,0 +1,136 @@ +package dev.dsf.fhir.adapter; + +import java.io.IOException; +import java.io.OutputStreamWriter; +import java.text.SimpleDateFormat; +import java.util.Date; + +import org.hl7.fhir.r4.model.BooleanType; +import org.hl7.fhir.r4.model.Coding; +import org.hl7.fhir.r4.model.DateTimeType; +import org.hl7.fhir.r4.model.DateType; +import org.hl7.fhir.r4.model.DecimalType; +import org.hl7.fhir.r4.model.Identifier; +import org.hl7.fhir.r4.model.IntegerType; +import org.hl7.fhir.r4.model.Reference; +import org.hl7.fhir.r4.model.StringType; +import org.hl7.fhir.r4.model.TimeType; +import org.hl7.fhir.r4.model.Type; +import org.hl7.fhir.r4.model.UriType; + +public abstract class InputHtmlGenerator +{ + protected static final String ELEMENT_TYPE_ROW = "row"; + protected static final String ELEMENT_TYPE_LINK = "link"; + protected static final String ELEMENT_TYPE_PATH = "path"; + protected static final SimpleDateFormat DATE_FORMAT = new SimpleDateFormat("yyyy-MM-dd"); + protected static final SimpleDateFormat DATE_TIME_FORMAT = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss"); + protected static final SimpleDateFormat DATE_TIME_DISPLAY_FORMAT = new SimpleDateFormat("dd.MM.yyyy HH:mm:ss"); + + protected void writeDisplayRow(String text, String elementId, boolean display, OutputStreamWriter out) + throws IOException + { + out.write("
\n"); + out.write("

" + text + "\n"); + out.write("

\n"); + } + + protected void writeInputRow(Type type, String elementId, String elementLabel, boolean display, boolean writable, + OutputStreamWriter out) throws IOException + { + out.write("
\n"); + out.write("\n"); + + writeInputField(type, elementId, writable, out); + + out.write("
    \n"); + out.write("
\n"); + out.write("
\n"); + } + + protected void writeInputField(Type type, String elementId, boolean writable, OutputStreamWriter out) + throws IOException + { + if (type != null) + { + if (type instanceof StringType) + { + String value = ((StringType) type).getValue(); + out.write("\n"); + } + else if (type instanceof IntegerType) + { + String value = String.valueOf(((IntegerType) type).getValue()); + out.write("\n"); + } + else if (type instanceof DecimalType) + { + String value = String.valueOf(((DecimalType) type).getValue()); + out.write("\n"); + } + else if (type instanceof BooleanType) + { + boolean valueIsTrue = ((BooleanType) type).getValue(); + + out.write("
\n"); + out.write("\n"); + out.write("\n"); + out.write("
\n"); + } + else if (type instanceof DateType) + { + Date value = ((DateType) type).getValue(); + String date = DATE_FORMAT.format(value); + + out.write("\n"); + } + else if (type instanceof TimeType) + { + String value = ((TimeType) type).getValue(); + out.write("\n"); + } + else if (type instanceof DateTimeType) + { + Date value = ((DateTimeType) type).getValue(); + String dateTime = DATE_TIME_FORMAT.format(value); + + out.write("\n"); + } + else if (type instanceof UriType) + { + String value = ((UriType) type).getValue(); + out.write("\n"); + } + else if (type instanceof Reference) + { + String value = ((Reference) type).getReference(); + out.write("\n"); + } + else if (type instanceof Identifier) + { + // TODO + } + else if (type instanceof Coding) + { + // TODO + } + else + { + throw new RuntimeException("Answer type '" + type.getClass().getName() + + "' in QuestionnaireResponse.item is not supported"); + } + } + } +} diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/QuestionnaireResponseHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/QuestionnaireResponseHtmlGenerator.java index 8aea82366..9fd386a6b 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/QuestionnaireResponseHtmlGenerator.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/QuestionnaireResponseHtmlGenerator.java @@ -2,30 +2,16 @@ import java.io.IOException; import java.io.OutputStreamWriter; -import java.text.SimpleDateFormat; -import java.util.Date; - -import org.hl7.fhir.r4.model.BooleanType; -import org.hl7.fhir.r4.model.DateTimeType; -import org.hl7.fhir.r4.model.DateType; -import org.hl7.fhir.r4.model.DecimalType; -import org.hl7.fhir.r4.model.IntegerType; + import org.hl7.fhir.r4.model.QuestionnaireResponse; -import org.hl7.fhir.r4.model.Reference; import org.hl7.fhir.r4.model.StringType; -import org.hl7.fhir.r4.model.TimeType; -import org.hl7.fhir.r4.model.Type; -import org.hl7.fhir.r4.model.UriType; -public class QuestionnaireResponseHtmlGenerator implements HtmlGenerator +public class QuestionnaireResponseHtmlGenerator extends InputHtmlGenerator + implements HtmlGenerator { private static final String CODESYSTEM_DSF_BPMN_USER_TASK_VALUE_BUSINESS_KEY = "business-key"; private static final String CODESYSTEM_DSF_BPMN_USER_TASK_VALUE_USER_TASK_ID = "user-task-id"; - private static final SimpleDateFormat DATE_FORMAT = new SimpleDateFormat("yyyy-MM-dd"); - private static final SimpleDateFormat DATE_TIME_FORMAT = new SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss"); - private static final SimpleDateFormat DATE_TIME_DISPLAY_FORMAT = new SimpleDateFormat("dd.MM.yyyy HH:mm:ss"); - @Override public Class getResourceType() { @@ -36,19 +22,20 @@ public Class getResourceType() public void writeHtml(String basePath, QuestionnaireResponse questionnaireResponse, OutputStreamWriter out) throws IOException { - boolean isCompleted = QuestionnaireResponse.QuestionnaireResponseStatus.COMPLETED + boolean completed = QuestionnaireResponse.QuestionnaireResponseStatus.COMPLETED .equals(questionnaireResponse.getStatus()); + out.write(""); out.write("
\n"); - out.write("
\n"); out.write("
"); - out.write("\n"); + out.write(""); out.write("Info\n"); - out.write("\"/>\n"); - out.write("\n"); + out.write(""); + out.write(""); out.write("
\n"); String urlVersion = questionnaireResponse.getQuestionnaire(); @@ -58,7 +45,7 @@ public void writeHtml(String basePath, QuestionnaireResponse questionnaireRespon out.write("
"); out.write("

\n"); out.write("This QuestionnaireResponse answers the Questionnaire:
" + + getColorClass(questionnaireResponse.getStatus(), ELEMENT_TYPE_LINK) + "\" href=\"" + href + "\">" + urlVersion + ""); out.write("

\n"); out.write("
    \n"); @@ -66,7 +53,7 @@ public void writeHtml(String basePath, QuestionnaireResponse questionnaireRespon out.write("
  • Process instance-id: " + getProcessInstanceId(questionnaireResponse) + "
    • \n"); String lastUpdated = DATE_TIME_DISPLAY_FORMAT.format(questionnaireResponse.getMeta().getLastUpdated()); - if (isCompleted) + if (completed) { out.write("
  • Completion date: " + lastUpdated + "
    • \n"); } @@ -79,21 +66,58 @@ public void writeHtml(String basePath, QuestionnaireResponse questionnaireRespon out.write("
\n"); out.write("
\n"); - out.write("
\n"); + out.write("
\n"); for (QuestionnaireResponse.QuestionnaireResponseItemComponent item : questionnaireResponse.getItem()) { - writeRow(item, isCompleted, out); + writeRow(item, completed, out); + } + + if (QuestionnaireResponse.QuestionnaireResponseStatus.INPROGRESS.equals(questionnaireResponse.getStatus())) + { + out.write("
\n"); + out.write( + "\n"); + out.write("
\n"); } - out.write("
\n"); - out.write("\n"); - out.write("
\n"); out.write("
\n"); out.write("\n"); } + private String getColorClass(QuestionnaireResponse.QuestionnaireResponseStatus status, String elementType) + { + switch (status) + { + case INPROGRESS: + if (ELEMENT_TYPE_ROW.equals(elementType)) + return "info-color-progress"; + else if (ELEMENT_TYPE_LINK.equals(elementType)) + return "info-link-progress"; + else if (ELEMENT_TYPE_PATH.equals(elementType)) + return "info-path-progress"; + case COMPLETED: + if (ELEMENT_TYPE_ROW.equals(elementType)) + return "info-color-completed"; + else if (ELEMENT_TYPE_LINK.equals(elementType)) + return "info-link-completed"; + else if (ELEMENT_TYPE_PATH.equals(elementType)) + return "info-path-completed"; + case STOPPED: + case ENTEREDINERROR: + if (ELEMENT_TYPE_ROW.equals(elementType)) + return "info-color-stopped-failed"; + else if (ELEMENT_TYPE_LINK.equals(elementType)) + return "info-link-stopped-failed"; + else if (ELEMENT_TYPE_PATH.equals(elementType)) + return "info-path-stopped-failed"; + case AMENDED: + case NULL: + default: + return ""; + } + } + private String getProcessInstanceId(QuestionnaireResponse questionnaireResponse) { return questionnaireResponse.getItem().stream() @@ -102,43 +126,18 @@ private String getProcessInstanceId(QuestionnaireResponse questionnaireResponse) .orElse("unknown"); } - private void writeRow(QuestionnaireResponse.QuestionnaireResponseItemComponent item, boolean isCompleted, - OutputStreamWriter out) throws IOException - { - if (item.hasAnswer()) - writeFormRow(item, isCompleted, out); - else - writeDisplayRow(item, out); - } - - private void writeDisplayRow(QuestionnaireResponse.QuestionnaireResponseItemComponent item, OutputStreamWriter out) - throws IOException - { - String linkId = item.getLinkId(); - - out.write("
\n"); - out.write("

" + item.getText() + "\n"); - out.write("

\n"); - } - - private void writeFormRow(QuestionnaireResponse.QuestionnaireResponseItemComponent item, boolean isCompleted, + private void writeRow(QuestionnaireResponse.QuestionnaireResponseItemComponent item, boolean completed, OutputStreamWriter out) throws IOException { String linkId = item.getLinkId(); + String text = item.getText(); + boolean display = display(linkId); + boolean writable = !completed; - out.write("
\n"); - out.write("\n"); - - writeFormInput(item.getAnswerFirstRep(), linkId, isCompleted, out); - - out.write("
    \n"); - out.write("
\n"); - out.write("
\n"); - } - - private String style(String linkId) - { - return display(linkId) ? "" : "style=\"display:none;\""; + if (item.hasAnswer()) + writeInputRow(item.getAnswerFirstRep().getValue(), linkId, text, display, writable, out); + else + writeDisplayRow(text, linkId, display, out); } private boolean display(String linkId) @@ -146,85 +145,4 @@ private boolean display(String linkId) return !(CODESYSTEM_DSF_BPMN_USER_TASK_VALUE_BUSINESS_KEY.equals(linkId) || CODESYSTEM_DSF_BPMN_USER_TASK_VALUE_USER_TASK_ID.equals(linkId)); } - - private void writeFormInput(QuestionnaireResponse.QuestionnaireResponseItemAnswerComponent answerPlaceholder, - String linkId, boolean isCompleted, OutputStreamWriter out) throws IOException - { - Type type = answerPlaceholder.getValue(); - - // if type is null, the corresponding Questionnaire.item is of type display - if (type != null) - { - if (type instanceof StringType) - { - String value = ((StringType) type).getValue(); - out.write("\n"); - } - else if (type instanceof IntegerType) - { - String value = String.valueOf(((IntegerType) type).getValue()); - out.write("\n"); - } - else if (type instanceof DecimalType) - { - String value = String.valueOf(((DecimalType) type).getValue()); - out.write("\n"); - } - else if (type instanceof BooleanType) - { - boolean valueIsTrue = ((BooleanType) type).getValue(); - - out.write("
\n"); - out.write("\n"); - out.write("\n"); - out.write("
\n"); - } - else if (type instanceof DateType) - { - Date value = ((DateType) type).getValue(); - String date = DATE_FORMAT.format(value); - - out.write("\n"); - } - else if (type instanceof TimeType) - { - String value = ((TimeType) type).getValue(); - out.write("\n"); - } - else if (type instanceof DateTimeType) - { - Date value = ((DateTimeType) type).getValue(); - String dateTime = DATE_TIME_FORMAT.format(value); - - out.write("\n"); - } - else if (type instanceof UriType) - { - String value = ((UriType) type).getValue(); - out.write("\n"); - } - else if (type instanceof Reference) - { - String value = ((Reference) type).getReference(); - out.write("\n"); - } - else - { - throw new RuntimeException("Answer type '" + type.getClass().getName() - + "' in QuestionnaireResponse.item is not supported"); - } - } - } } diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java new file mode 100644 index 000000000..b81771794 --- /dev/null +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java @@ -0,0 +1,190 @@ +package dev.dsf.fhir.adapter; + +import java.io.IOException; +import java.io.OutputStreamWriter; +import java.util.UUID; + +import org.hl7.fhir.r4.model.Coding; +import org.hl7.fhir.r4.model.Task; + +public class TaskHtmlGenerator extends InputHtmlGenerator implements HtmlGenerator +{ + private static final String CODESYSTEM_BPMN_MESSAGE_MESSAGE_NAME = "message-name"; + private static final String CODESYSTEM_BPMN_MESSAGE_BUSINESS_KEY = "business-key"; + private static final String CODESYSTEM_BPMN_MESSAGE_CORRELATION_KEY = "correlation-key"; + + @Override + public Class getResourceType() + { + return Task.class; + } + + @Override + public void writeHtml(String basePath, Task task, OutputStreamWriter out) throws IOException + { + boolean draft = Task.TaskStatus.DRAFT.equals(task.getStatus()); + + out.write(""); + out.write("
\n"); + out.write("
\n"); + + out.write("
"); + out.write(""); + out.write("Info\n"); + out.write(""); + out.write(""); + out.write("
\n"); + + String[] taskCanonicalSplit = task.getInstantiatesCanonical().split("\\|"); + String href = basePath + "ActivityDefinition?url=" + taskCanonicalSplit[0] + "&version=" + + taskCanonicalSplit[1]; + + out.write("
"); + out.write("

\n"); + out.write("This Task resource " + (draft ? "can be used" : "was used") + + " to instantiate the following process with:"); + out.write("

\n"); + out.write("\n"); + out.write("
\n"); + out.write("
\n"); + + out.write("
\n"); + + out.write("
\n"); + out.write("\n"); + out.write("\n"); + out.write("
\n"); + + out.write("
\n"); + out.write("\n"); + out.write("\n"); + out.write("
\n"); + + String authoredOn = DATE_TIME_FORMAT.format(task.getAuthoredOn()); + out.write("
\n"); + out.write("\n"); + out.write("\n"); + out.write("
\n"); + + for (Task.ParameterComponent input : task.getInput()) + { + writeInput(input, draft, out); + } + + if (draft) + { + out.write("
\n"); + out.write("\n"); + out.write("
\n"); + } + + for (Task.TaskOutputComponent output : task.getOutput()) + { + writeOutput(output, out); + } + + out.write("
\n"); + out.write("
\n"); + } + + private String getColorClass(Task.TaskStatus status, String elementType) + { + switch (status) + { + case DRAFT: + case REQUESTED: + { + if (ELEMENT_TYPE_ROW.equals(elementType)) + return "info-color-draft-requested"; + else if (ELEMENT_TYPE_LINK.equals(elementType)) + return "info-link-draft-requested"; + else if (ELEMENT_TYPE_PATH.equals(elementType)) + return "info-path-draft-requested"; + } + case INPROGRESS: + { + if (ELEMENT_TYPE_ROW.equals(elementType)) + return "info-color-progress"; + else if (ELEMENT_TYPE_LINK.equals(elementType)) + return "info-link-progress"; + else if (ELEMENT_TYPE_PATH.equals(elementType)) + return "info-path-progress"; + } + case COMPLETED: + { + if (ELEMENT_TYPE_ROW.equals(elementType)) + return "info-color-completed"; + else if (ELEMENT_TYPE_LINK.equals(elementType)) + return "info-link-completed"; + else if (ELEMENT_TYPE_PATH.equals(elementType)) + return "info-path-completed"; + } + case ENTEREDINERROR: + case REJECTED: + case CANCELLED: + case FAILED: + { + if (ELEMENT_TYPE_ROW.equals(elementType)) + return "info-color-stopped-failed"; + else if (ELEMENT_TYPE_LINK.equals(elementType)) + return "info-link-stopped-failed"; + else if (ELEMENT_TYPE_PATH.equals(elementType)) + return "info-path-stopped-failed"; + } + case RECEIVED: + case ACCEPTED: + case READY: + case ONHOLD: + case NULL: + default: + return ""; + } + } + + private void writeInput(Task.ParameterComponent input, boolean draft, OutputStreamWriter out) throws IOException + { + String typeCode = getTypeCode(input); + boolean display = display(draft, typeCode); + boolean writable = !draft; + + if (input.hasValue()) + { + writeInputRow(input.getValue(), typeCode, typeCode, display, writable, out); + } + } + + private void writeOutput(Task.TaskOutputComponent output, OutputStreamWriter out) throws IOException + { + // TODO + } + + private boolean display(boolean draft, String typeCode) + { + return !draft && ((CODESYSTEM_BPMN_MESSAGE_MESSAGE_NAME.equals(typeCode) + || CODESYSTEM_BPMN_MESSAGE_BUSINESS_KEY.equals(typeCode) + || CODESYSTEM_BPMN_MESSAGE_CORRELATION_KEY.equals(typeCode))); + } + + private String getTypeCode(Task.ParameterComponent input) + { + if (input.hasType()) + return input.getType().getCoding().stream().findFirst() + .orElse(new Coding().setCode(UUID.randomUUID().toString())).getCode(); + else + return UUID.randomUUID().toString(); + } +} diff --git a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/spring/config/AdapterConfig.java b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/spring/config/AdapterConfig.java index 3b71a3f5a..990641421 100755 --- a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/spring/config/AdapterConfig.java +++ b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/spring/config/AdapterConfig.java @@ -1,6 +1,6 @@ package dev.dsf.fhir.spring.config; -import java.util.Collections; +import java.util.List; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.context.annotation.Bean; @@ -9,6 +9,7 @@ import dev.dsf.fhir.adapter.FhirAdapter; import dev.dsf.fhir.adapter.HtmlFhirAdapter; import dev.dsf.fhir.adapter.QuestionnaireResponseHtmlGenerator; +import dev.dsf.fhir.adapter.TaskHtmlGenerator; @Configuration public class AdapterConfig @@ -19,7 +20,6 @@ public class AdapterConfig @Autowired private PropertiesConfig propertiesConfig; - @Bean public FhirAdapter fhirAdapter() { @@ -30,6 +30,6 @@ public FhirAdapter fhirAdapter() public HtmlFhirAdapter htmlFhirAdapter() { return new HtmlFhirAdapter(fhirConfig.fhirContext(), () -> propertiesConfig.getServerBaseUrl(), - Collections.singleton(new QuestionnaireResponseHtmlGenerator())); + List.of(new QuestionnaireResponseHtmlGenerator(), new TaskHtmlGenerator())); } } diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css index 41dcb0b29..6705650a1 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css @@ -5,7 +5,7 @@ form { font-family: Epilogue, sans-serif; } -fieldset#qr-form-fieldset { +fieldset#form-fieldset { display: block; margin: 0; padding: 0; @@ -49,9 +49,9 @@ fieldset#qr-form-fieldset { padding-top: 15px; } -.info-color-completed { - background-color: #a3c585; - color: #4b6043; +.info-color-draft-requested { + background-color: #deecf9; + color: #12395d; } .info-color-progress { @@ -59,32 +59,62 @@ fieldset#qr-form-fieldset { color: #864401; } +.info-color-completed { + background-color: #a3c585; + color: #4b6043; +} + +.info-color-stopped-failed { + background-color: #9858b; + color: #761137; +} + .info-link { font-family: monospace; font-size: 130%; } -.info-link-completed { - color: #4b6043; +.info-link-task { + color: #326F95; +} + +.info-link-draft-requested { + color: #12395d; } .info-link-progress { color: #864401; } +.info-link-completed { + color: #4b6043; +} + +.info-link-stopped-failed { + color: #761137; +} + .info-link:active { font-family: monospace; font-size: 130%; } -.info-link-completed:active { - color: #4b6043; +.info-link-draft-requested:active { + color: #12395d; } .info-link-progress:active { color: #864401; } +.info-link-completed:active { + color: #4b6043; +} + +.info-link-stopped-failed:active { + color: #761137; +} + .info-icon { padding-top: 15px; padding-right: 15px; @@ -92,14 +122,22 @@ fieldset#qr-form-fieldset { width: 35px; } -.info-icon > path.info-path-completed { - fill: #4b6043; +.info-icon > path.info-path-draft-requested { + fill: #12395d; } .info-icon > path.info-path-progress { fill: #864401; } +.info-icon > path.info-path-completed { + fill: #4b6043; +} + +.info-icon > path.info-path-stopped-failed { + fill: #761137; +} + .info-list { padding-left: 20px; } @@ -119,9 +157,16 @@ fieldset#qr-form-fieldset { label { display: block; padding: 12px 12px 12px 0; - font-weight: 500; + font-weight: regular; +} + +.row-label { + padding: 12px 12px 6px 6px; + font-weight: bold; + font-size: small; } + label.radio { padding: 5px 12px 5px 0; font-weight: 100; @@ -152,6 +197,10 @@ input[type=date], input[type=time], input[type=datetime-local], input[type=numbe display: block; } +.invisible { + display: none; +} + button.submit { background-color: #29235c; color: white; diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js index b6e5e388f..8df8806d9 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js @@ -1,9 +1,49 @@ +function startProcess() { + const taskStringBefore = document.getElementById("json").innerText + const task = JSON.parse(taskStringBefore) + + const errors = [] + readTaskInputsFromForm(task, errors) + + console.log(task) + console.log(errors) + + if (errors.length === 0) { + const taskStringAfter = JSON.stringify(task) + createTask(taskStringAfter) + } +} + +function readTaskInputsFromForm(task, errors) { + task.status = "requested" + + // TODO set requester as practitioner-identifier if OIDC + //task.requester.type = "Practitioner" + //task.requester.identifier.value = "" + //task.requester.identifier.system = "http://dsf.dev/sid/practitioner-identifier" + + task.authoredOn = new Date().toISOString() + task.meta.lastUpdated = null + task.meta.version = null + + task.input.forEach((input) => { + if (input.hasOwnProperty("type")) { + const id = input.type.coding[0].code + + if (id !== "message-name" && id !== "business-key" && id !== "correlation-key") { + const inputValueType = Object.keys(input).find((string) => string.startsWith("value")) + input[inputValueType] = readAndValidateValue(id, inputValueType, errors) + } + } + }) +} + function completeQuestionnaireResponse() { const questionnaireResponseStringBefore = document.getElementById("json").innerText const questionnaireResponse = JSON.parse(questionnaireResponseStringBefore) const errors = [] - readAnswersFromForm(questionnaireResponse, errors) + readQuestionnaireResponseAnswersFromForm(questionnaireResponse, errors) console.log(questionnaireResponse) console.log(errors) @@ -14,16 +54,16 @@ function completeQuestionnaireResponse() { } } -function readAnswersFromForm(questionnaireResponse, errors) { - questionnaireResponse.status = "completed"; +function readQuestionnaireResponseAnswersFromForm(questionnaireResponse, errors) { + questionnaireResponse.status = "completed" questionnaireResponse.item.forEach((item) => { - if (item.hasOwnProperty('answer')) { + if (item.hasOwnProperty("answer")) { const id = item.linkId if (id !== "business-key" && id !== "user-task-id") { const answer = item.answer[0] - const answerType = Object.keys(answer)[0] + const answerType = Object.keys(answer).find((string) => string.startsWith("value")) answer[answerType] = readAndValidateValue(id, answerType, errors) } @@ -31,31 +71,37 @@ function readAnswersFromForm(questionnaireResponse, errors) { }) } -function readAndValidateValue(id, answerType, errors) { +function readAndValidateValue(id, valueType, errors) { const value = document.getElementById(id).value - const rowElement = document.getElementById(id + "-answer-row"); - const errorListElement = document.getElementById(id + "-error"); + const rowElement = document.getElementById(id + "-input-row") + const errorListElement = document.getElementById(id + "-error") errorListElement.replaceChildren() - if (answerType === 'valueString') { + if (valueType === 'valueString') { return validateString(rowElement, errorListElement, value, errors, id) - } else if (answerType === 'valueInteger') { + } else if (valueType === 'valueInteger') { return validateInteger(rowElement, errorListElement, value, errors, id) - } else if (answerType === 'valueDecimal') { + } else if (valueType === 'valueDecimal') { return validateDecimal(rowElement, errorListElement, value, errors, id) - } else if (answerType === 'valueDate') { + } else if (valueType === 'valueDate') { return validateDate(rowElement, errorListElement, value, errors, id) - } else if (answerType === 'valueTime') { + } else if (valueType === 'valueTime') { return validateTime(rowElement, errorListElement, value, errors, id) - } else if (answerType === 'valueDateTime') { + } else if (valueType === 'valueDateTime') { return validateDateTime(rowElement, errorListElement, value, errors, id) - } else if (answerType === 'valueUri') { + } else if (valueType === 'valueUri') { return validateUrl(rowElement, errorListElement, value, errors, id) - } else if (answerType === 'valueReference') { + } else if (valueType === 'valueReference') { return validateReference(rowElement, errorListElement, value, errors, id) - } else if (answerType === 'valueBoolean') { + } else if (valueType === 'valueBoolean') { return document.querySelector("input[name=" + id + "]:checked").value + } else if (valueType === "valueIdentifier") { + // TODO + return null + } else if (valueType === "valueCoding") { + // TODO + return null } else { return null } @@ -137,7 +183,7 @@ function validateReference(rowElement, errorListElement, value, errors, id) { validateString(rowElement, errorListElement, value, errors, id) try { - new URL(value); + new URL(value) removeError(rowElement, errorListElement) return {reference: value} } catch (_) { @@ -150,7 +196,7 @@ function validateUrl(rowElement, errorListElement, value, errors, id) { validateString(rowElement, errorListElement, value, errors, id) try { - new URL(value); + new URL(value) removeError(rowElement, errorListElement) return value } catch (_) { @@ -164,56 +210,79 @@ function addError(rowElement, errorListElement, errors, id, message) { rowElement.classList.add("error") - const errorMessageElement = document.createElement("li"); - errorMessageElement.appendChild(document.createTextNode(message)); + const errorMessageElement = document.createElement("li") + errorMessageElement.appendChild(document.createTextNode(message)) - errorListElement.appendChild(errorMessageElement); - errorListElement.classList.remove("error-list-not-visible"); - errorListElement.classList.add("error-list-visible"); + errorListElement.appendChild(errorMessageElement) + errorListElement.classList.remove("error-list-not-visible") + errorListElement.classList.add("error-list-visible") } function removeError(rowElement, errorListElement) { - rowElement.classList.remove("error"); + rowElement.classList.remove("error") - errorListElement.classList.remove("error-list-visible"); - errorListElement.classList.add("error-list-not-visible"); + errorListElement.classList.remove("error-list-visible") + errorListElement.classList.add("error-list-not-visible") errorListElement.replaceChildren() } function updateQuestionnaireResponse(questionnaireResponse) { const fullUrl = window.location.origin + window.location.pathname - const url = fullUrl.slice(0, fullUrl.indexOf("/_history") + 1) + const requestUrl = fullUrl.slice(0, fullUrl.indexOf("/_history") + 1) + const resourceBaseUrlWithoutId = fullUrl.slice(0, fullUrl.indexOf("/QuestionnaireResponse") + "/QuestionnaireResponse".length) enableSpinner() - fetch(url, { + fetch(requestUrl, { method: "PUT", headers: { - 'Content-type': 'application/json' + 'Content-type': 'application/json', + 'Accept': 'application/json' }, body: questionnaireResponse }).then(response => { - console.log(response) + parseResponse(response, false, resourceBaseUrlWithoutId) + }) +} - if (response.ok) { - disableSpinner() - window.scrollTo(0, 0); - location.reload(); - } else if (response.status >= 400 && response.status < 600) { - response.text().then((responseText) => { - document.open(); - document.write(responseText); - document.close(); - }); - } else { - const status = response.status - const statusText = response.statusText === null ? " - " + response.statusText : "" - - response.text().then((responseText) => { - const alertText = "Status: " + status + statusText + "\n\n" + responseText.replace(//sg, "") - window.alert(alertText); +function createTask(task) { + const fullUrl = window.location.origin + window.location.pathname + const requestUrl = fullUrl.slice(0, fullUrl.indexOf("/Task") + "/Task".length) + + enableSpinner() + + fetch(requestUrl, { + method: "POST", + headers: { + 'Content-type': 'application/json', + 'Accept': 'application/json' + }, + body: task + }).then(response => { + parseResponse(response, true, requestUrl) + }) +} + +function parseResponse(response, redirect, resourceBaseUrlWithoutId) { + console.log(response) + + const status = response.status + const statusOk = response.ok + const statusText = response.statusText === null ? " - " + response.statusText : "" + + response.text().then((text) => { + console.log(text) + + if (statusOk) { + const resource = JSON.parse(text) + setTimeout(() => { disableSpinner() - }) + window.location.href = resourceBaseUrlWithoutId + "/" + resource.id + }, 1000) + } else { + disableSpinner() + const alertText = "Status: " + status + statusText + "\n\n" + text + window.alert(alertText) } }) } @@ -228,4 +297,10 @@ function disableSpinner() { const spinner = document.getElementById("spinner") spinner.classList.remove("spinner-enabled") spinner.classList.add("spinner-disabled") +} + +function adaptFormInputs() { + // TODO set requester as practitioner-identifier if OIDC + // TODO load cardinalities and add inputs + console.log("Cardinalities to be loaded..") } \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/static/tabs.js b/dsf-fhir/dsf-fhir-server/src/main/resources/static/tabs.js index ca0724177..7ff4ba911 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/static/tabs.js +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/static/tabs.js @@ -76,16 +76,4 @@ function getDownloadFileName(lang) { return resourceType[1] + '_' + resourceType[2].replace('/', '') + '_v' + resourceType[4].replace('/', '') + '.' + lang; } } -} - -function getResourceTypeForCurrentUrl() { - const url = window.location.pathname; - const regex = new RegExp('(?:(?:[A-Za-z0-9\-\\\.\:\%\$]*\/)+)?' - + '(Account|ActivityDefinition|AdverseEvent|AllergyIntolerance|Appointment|AppointmentResponse|AuditEvent|Basic|Binary|BiologicallyDerivedProduct|BodyStructure|Bundle|CapabilityStatement|CarePlan|CareTeam|CatalogEntry|ChargeItem|ChargeItemDefinition|Claim|ClaimResponse|ClinicalImpression|CodeSystem|Communication|CommunicationRequest|CompartmentDefinition|Composition|ConceptMap|Condition|Consent|Contract|Coverage|CoverageEligibilityRequest|CoverageEligibilityResponse|DetectedIssue|Device|DeviceDefinition|DeviceMetric|DeviceRequest|DeviceUseStatement|DiagnosticReport|DocumentManifest|DocumentReference|EffectEvidenceSynthesis|Encounter|Endpoint|EnrollmentRequest|EnrollmentResponse|EpisodeOfCare|EventDefinition|Evidence|EvidenceVariable|ExampleScenario|ExplanationOfBenefit|FamilyMemberHistory|Flag|Goal|GraphDefinition|Group|GuidanceResponse|HealthcareService|ImagingStudy|Immunization|ImmunizationEvaluation|ImmunizationRecommendation|ImplementationGuide|InsurancePlan|Invoice|Library|Linkage|List|Location|Measure|MeasureReport|Media|Medication|MedicationAdministration|MedicationDispense|MedicationKnowledge|MedicationRequest|MedicationStatement|MedicinalProduct|MedicinalProductAuthorization|MedicinalProductContraindication|MedicinalProductIndication|MedicinalProductIngredient|MedicinalProductInteraction|MedicinalProductManufactured|MedicinalProductPackaged|MedicinalProductPharmaceutical|MedicinalProductUndesirableEffect|MessageDefinition|MessageHeader|MolecularSequence|NamingSystem|NutritionOrder|Observation|ObservationDefinition|OperationDefinition|OperationOutcome|Organization|OrganizationAffiliation|Patient|PaymentNotice|PaymentReconciliation|Person|PlanDefinition|Practitioner|PractitionerRole|Procedure|Provenance|Questionnaire|QuestionnaireResponse|RelatedPerson|RequestGroup|ResearchDefinition|ResearchElementDefinition|ResearchStudy|ResearchSubject|RiskAssessment|RiskEvidenceSynthesis|Schedule|SearchParameter|ServiceRequest|Slot|Specimen|SpecimenDefinition|StructureDefinition|StructureMap|Subscription|Substance|SubstanceNucleicAcid|SubstancePolymer|SubstanceProtein|SubstanceReferenceInformation|SubstanceSourceMaterial|SubstanceSpecification|SupplyDelivery|SupplyRequest|Task|TerminologyCapabilities|TestReport|TestScript|ValueSet|VerificationResult|VisionPrescription)' - + '(?:(?:\/([A-Za-z0-9\-\.]{1,64}))?(?:\/(_history)(?:\/([0-9]{1,64}))?)?)?(?:\\?.*)?$'); - const match = regex.exec(url); - if (match != null) - return match; - else - return null; } \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/static/util.js b/dsf-fhir/dsf-fhir-server/src/main/resources/static/util.js new file mode 100644 index 000000000..3793d3f24 --- /dev/null +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/static/util.js @@ -0,0 +1,11 @@ +function getResourceTypeForCurrentUrl() { + const url = window.location.pathname; + const regex = new RegExp('(?:(?:[A-Za-z0-9\-\\\.\:\%\$]*\/)+)?' + + '(Account|ActivityDefinition|AdverseEvent|AllergyIntolerance|Appointment|AppointmentResponse|AuditEvent|Basic|Binary|BiologicallyDerivedProduct|BodyStructure|Bundle|CapabilityStatement|CarePlan|CareTeam|CatalogEntry|ChargeItem|ChargeItemDefinition|Claim|ClaimResponse|ClinicalImpression|CodeSystem|Communication|CommunicationRequest|CompartmentDefinition|Composition|ConceptMap|Condition|Consent|Contract|Coverage|CoverageEligibilityRequest|CoverageEligibilityResponse|DetectedIssue|Device|DeviceDefinition|DeviceMetric|DeviceRequest|DeviceUseStatement|DiagnosticReport|DocumentManifest|DocumentReference|EffectEvidenceSynthesis|Encounter|Endpoint|EnrollmentRequest|EnrollmentResponse|EpisodeOfCare|EventDefinition|Evidence|EvidenceVariable|ExampleScenario|ExplanationOfBenefit|FamilyMemberHistory|Flag|Goal|GraphDefinition|Group|GuidanceResponse|HealthcareService|ImagingStudy|Immunization|ImmunizationEvaluation|ImmunizationRecommendation|ImplementationGuide|InsurancePlan|Invoice|Library|Linkage|List|Location|Measure|MeasureReport|Media|Medication|MedicationAdministration|MedicationDispense|MedicationKnowledge|MedicationRequest|MedicationStatement|MedicinalProduct|MedicinalProductAuthorization|MedicinalProductContraindication|MedicinalProductIndication|MedicinalProductIngredient|MedicinalProductInteraction|MedicinalProductManufactured|MedicinalProductPackaged|MedicinalProductPharmaceutical|MedicinalProductUndesirableEffect|MessageDefinition|MessageHeader|MolecularSequence|NamingSystem|NutritionOrder|Observation|ObservationDefinition|OperationDefinition|OperationOutcome|Organization|OrganizationAffiliation|Patient|PaymentNotice|PaymentReconciliation|Person|PlanDefinition|Practitioner|PractitionerRole|Procedure|Provenance|Questionnaire|QuestionnaireResponse|RelatedPerson|RequestGroup|ResearchDefinition|ResearchElementDefinition|ResearchStudy|ResearchSubject|RiskAssessment|RiskEvidenceSynthesis|Schedule|SearchParameter|ServiceRequest|Slot|Specimen|SpecimenDefinition|StructureDefinition|StructureMap|Subscription|Substance|SubstanceNucleicAcid|SubstancePolymer|SubstanceProtein|SubstanceReferenceInformation|SubstanceSourceMaterial|SubstanceSpecification|SupplyDelivery|SupplyRequest|Task|TerminologyCapabilities|TestReport|TestScript|ValueSet|VerificationResult|VisionPrescription)' + + '(?:(?:\/([A-Za-z0-9\-\.]{1,64}))?(?:\/(_history)(?:\/([0-9]{1,64}))?)?)?(?:\\?.*)?$'); + const match = regex.exec(url); + if (match != null) + return match; + else + return null; +} \ No newline at end of file From bfe7a304d1e7f656f1fa602b86a7a61ea3a31989 Mon Sep 17 00:00:00 2001 From: Hauke Hund Date: Mon, 19 Jun 2023 14:50:51 +0200 Subject: [PATCH 15/43] replaced 'consortium' with 'parent-organization' --- .../process/ProcessAuthorizationHelper.java | 6 +- .../fhir/authorization/process/Recipient.java | 4 +- .../fhir/authorization/process/Requester.java | 13 ++- .../dsf/fhir/authorization/process/Role.java | 104 +++++++++--------- .../authorization/read/ReadAccessHelper.java | 6 +- .../read/ReadAccessHelperImpl.java | 80 ++++++++------ .../ProcessAuthorizationHelperTest.java | 48 ++++---- .../fhir/authorization/process/RoleTest.java | 49 +++++---- .../read/ReadAccessHelperTest.java | 24 ++-- ...req_remote_organization_rec_local_role.xml | 6 +- .../authorization/read-access/tag_role.xml | 6 +- .../ActivityDefinitionAuthorizationRule.java | 2 +- .../on_organization_affiliations_insert.sql | 12 +- .../on_organizations_insert.sql | 14 +-- .../trigger_functions/on_resources_insert.sql | 12 +- .../fhir/integration/TaskIntegrationTest.java | 5 +- .../dsf-test-activity-definition3-1.0.xml | 4 +- .../dsf-test-activity-definition4-1.0.xml | 8 +- .../dsf-organization-role-1.0.0.xml | 6 +- .../dsf-process-authorization-1.0.0.xml | 4 +- ...-local-parent-organization-role-1.0.0.xml} | 6 +- ...l-parent-organization-role-1.0.0.xml.post} | 2 +- ...remote-parent-organization-role-1.0.0.xml} | 6 +- ...e-parent-organization-role-1.0.0.xml.post} | 2 +- ...-extension-process-authorization-1.0.0.xml | 6 +- ...zation-parent-organization-role-1.0.0.xml} | 20 ++-- ...n-parent-organization-role-1.0.0.xml.post} | 2 +- ...access-parent-organization-role-1.0.0.xml} | 20 ++-- ...s-parent-organization-role-1.0.0.xml.post} | 2 +- .../ActivityDefinitionProfileTest.java | 27 ++--- .../fhir/profiles/CodeSystemProfileTest.java | 20 ++-- .../profiles/OrganizationProfileTest.java | 2 +- 32 files changed, 279 insertions(+), 249 deletions(-) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-coding-process-authorization-local-consortium-role-1.0.0.xml => dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml} (89%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-coding-process-authorization-local-consortium-role-1.0.0.xml.post => dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml.post} (54%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml => dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml} (89%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml.post => dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml.post} (54%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-process-authorization-consortium-role-1.0.0.xml => dsf-extension-process-authorization-parent-organization-role-1.0.0.xml} (82%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-process-authorization-consortium-role-1.0.0.xml.post => dsf-extension-process-authorization-parent-organization-role-1.0.0.xml.post} (56%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-read-access-consortium-role-1.0.0.xml => dsf-extension-read-access-parent-organization-role-1.0.0.xml} (82%) rename dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/{dsf-extension-read-access-consortium-role-1.0.0.xml.post => dsf-extension-read-access-parent-organization-role-1.0.0.xml.post} (61%) diff --git a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelper.java b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelper.java index e6b6e72ba..722c0b5cf 100644 --- a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelper.java +++ b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelper.java @@ -30,9 +30,9 @@ public interface ProcessAuthorizationHelper String EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION = "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization"; - String EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE = "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-consortium-role"; - String EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE_CONSORTIUM = "consortium"; - String EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE_ROLE = "role"; + String EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE = "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role"; + String EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION = "parent-organization"; + String EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ROLE = "role"; ActivityDefinition add(ActivityDefinition activityDefinition, String messageName, String taskProfile, Requester requester, Recipient recipient); diff --git a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Recipient.java b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Recipient.java index c40facf91..003b31b83 100644 --- a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Recipient.java +++ b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Recipient.java @@ -20,9 +20,9 @@ static Recipient localOrganization(String organizationIdentifier) return new Organization(true, organizationIdentifier); } - static Recipient localRole(String consortiumIdentifier, String roleSystem, String roleCode) + static Recipient localRole(String parentOrganizationIdentifier, String roleSystem, String roleCode) { - return new Role(true, consortiumIdentifier, roleSystem, roleCode); + return new Role(true, parentOrganizationIdentifier, roleSystem, roleCode); } boolean recipientMatches(Extension recipientExtension); diff --git a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Requester.java b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Requester.java index fd6ca6fab..891661d3c 100644 --- a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Requester.java +++ b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Requester.java @@ -40,19 +40,20 @@ static Requester organization(boolean localIdentity, String organizationIdentifi return new Organization(localIdentity, organizationIdentifier); } - static Requester localRole(String consortiumIdentifier, String roleSystem, String roleCode) + static Requester localRole(String parentOrganizationIdentifier, String roleSystem, String roleCode) { - return role(true, consortiumIdentifier, roleSystem, roleCode); + return role(true, parentOrganizationIdentifier, roleSystem, roleCode); } - static Requester remoteRole(String consortiumIdentifier, String roleSystem, String roleCode) + static Requester remoteRole(String parentOrganizationIdentifier, String roleSystem, String roleCode) { - return role(false, consortiumIdentifier, roleSystem, roleCode); + return role(false, parentOrganizationIdentifier, roleSystem, roleCode); } - static Requester role(boolean localIdentity, String consortiumIdentifier, String roleSystem, String roleCode) + static Requester role(boolean localIdentity, String parentOrganizationIdentifier, String roleSystem, + String roleCode) { - return new Role(localIdentity, consortiumIdentifier, roleSystem, roleCode); + return new Role(localIdentity, parentOrganizationIdentifier, roleSystem, roleCode); } boolean requesterMatches(Extension requesterExtension); diff --git a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Role.java b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Role.java index 1edcd20a0..e466acaf8 100644 --- a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Role.java +++ b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Role.java @@ -20,15 +20,15 @@ public class Role implements Recipient, Requester { private final boolean localIdentity; - private final String consortiumIdentifier; + private final String parentOrganizationIdentifier; private final String roleSystem; private final String roleCode; - public Role(boolean localIdentity, String consortiumIdentifier, String roleSystem, String roleCode) + public Role(boolean localIdentity, String parentOrganizationIdentifier, String roleSystem, String roleCode) { - Objects.requireNonNull(consortiumIdentifier, "consortiumIdentifier"); - if (consortiumIdentifier.isBlank()) - throw new IllegalArgumentException("consortiumIdentifier blank"); + Objects.requireNonNull(parentOrganizationIdentifier, "parentOrganizationIdentifier"); + if (parentOrganizationIdentifier.isBlank()) + throw new IllegalArgumentException("parentOrganizationIdentifier blank"); Objects.requireNonNull(roleSystem, "roleSystem"); if (roleSystem.isBlank()) throw new IllegalArgumentException("roleSystem blank"); @@ -37,7 +37,7 @@ public Role(boolean localIdentity, String consortiumIdentifier, String roleSyste throw new IllegalArgumentException("roleCode blank"); this.localIdentity = localIdentity; - this.consortiumIdentifier = consortiumIdentifier; + this.parentOrganizationIdentifier = parentOrganizationIdentifier; this.roleSystem = roleSystem; this.roleCode = roleCode; } @@ -58,10 +58,10 @@ private boolean isAuthorized(Identity identity, Stream { return identity != null && identity.getOrganization() != null && identity.getOrganization().getActive() && identity.isLocalIdentity() == localIdentity && affiliations != null - && hasConsortiumMemberRole(identity.getOrganization(), affiliations); + && hasParentOrganizationMemberRole(identity.getOrganization(), affiliations); } - private boolean hasConsortiumMemberRole(org.hl7.fhir.r4.model.Organization recipientOrganization, + private boolean hasParentOrganizationMemberRole(org.hl7.fhir.r4.model.Organization recipientOrganization, Stream affiliations) { return affiliations @@ -69,13 +69,13 @@ private boolean hasConsortiumMemberRole(org.hl7.fhir.r4.model.Organization recip // check affiliation active .filter(OrganizationAffiliation::getActive) - // check consortium identifier + // check parent-organization identifier .filter(OrganizationAffiliation::hasOrganization).filter(a -> a.getOrganization().hasIdentifier()) .filter(a -> a.getOrganization().getIdentifier().hasSystem()) .filter(a -> a.getOrganization().getIdentifier().hasValue()) .filter(a -> ReadAccessHelper.ORGANIZATION_IDENTIFIER_SYSTEM .equals(a.getOrganization().getIdentifier().getSystem())) - .filter(a -> consortiumIdentifier.equals(a.getOrganization().getIdentifier().getValue())) + .filter(a -> parentOrganizationIdentifier.equals(a.getOrganization().getIdentifier().getValue())) // check member identifier .filter(OrganizationAffiliation::hasParticipatingOrganization) @@ -113,19 +113,22 @@ public Extension toRequesterExtension() private Coding toCoding() { - Identifier consortium = new Reference().getIdentifier() - .setSystem(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM).setValue(consortiumIdentifier); - Extension consortiumExt = new Extension( - ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE_CONSORTIUM) - .setValue(consortium); + Identifier parentOrganization = new Reference().getIdentifier() + .setSystem(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM) + .setValue(parentOrganizationIdentifier); + Extension parentOrganizationExt = new Extension( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION) + .setValue(parentOrganization); Coding role = new Coding(roleSystem, roleCode, null); Extension roleExt = new Extension( - ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE_ROLE).setValue(role); + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ROLE) + .setValue(role); Coding coding = getProcessAuthorizationCode(); - coding.addExtension().setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE) - .addExtension(consortiumExt).addExtension(roleExt); + coding.addExtension() + .setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE) + .addExtension(parentOrganizationExt).addExtension(roleExt); return coding; } @@ -137,7 +140,7 @@ public boolean requesterMatches(Extension requesterExtension) .equals(requesterExtension.getUrl()) && requesterExtension.hasValue() && requesterExtension.getValue() instanceof Coding && matches((Coding) requesterExtension.getValue()) && requesterExtension.getValue().hasExtension() - && hasMatchingConsortiumRoleExtension(requesterExtension.getValue().getExtension()); + && hasMatchingParentOrganizationRoleExtension(requesterExtension.getValue().getExtension()); } @Override @@ -148,38 +151,39 @@ public boolean recipientMatches(Extension recipientExtension) .equals(recipientExtension.getUrl()) && recipientExtension.hasValue() && recipientExtension.getValue() instanceof Coding && matches((Coding) recipientExtension.getValue()) && recipientExtension.getValue().hasExtension() - && hasMatchingConsortiumRoleExtension(recipientExtension.getValue().getExtension()); + && hasMatchingParentOrganizationRoleExtension(recipientExtension.getValue().getExtension()); } - private boolean hasMatchingConsortiumRoleExtension(List extension) + private boolean hasMatchingParentOrganizationRoleExtension(List extension) { - return extension.stream().anyMatch(this::consortiumRoleExtensionMatches); + return extension.stream().anyMatch(this::parentOrganizationRoleExtensionMatches); } - private boolean consortiumRoleExtensionMatches(Extension extension) + private boolean parentOrganizationRoleExtensionMatches(Extension extension) { - return ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE.equals(extension.getUrl()) - && extension.hasExtension() && hasMatchingConsortiumExtension(extension.getExtension()) + return ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE + .equals(extension.getUrl()) && extension.hasExtension() + && hasMatchingParentOrganizationExtension(extension.getExtension()) && hasMatchingRoleExtension(extension.getExtension()); } - private boolean hasMatchingConsortiumExtension(List extension) + private boolean hasMatchingParentOrganizationExtension(List extension) { - return extension.stream().anyMatch(this::consortiumExtensionMatches); + return extension.stream().anyMatch(this::parentOrganizationExtensionMatches); } - private boolean consortiumExtensionMatches(Extension extension) + private boolean parentOrganizationExtensionMatches(Extension extension) { - return ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE_CONSORTIUM + return ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION .equals(extension.getUrl()) && extension.hasValue() && extension.getValue() instanceof Identifier - && consortiumIdentifierMatches((Identifier) extension.getValue()); + && parentOrganizationIdentifierMatches((Identifier) extension.getValue()); } - private boolean consortiumIdentifierMatches(Identifier identifier) + private boolean parentOrganizationIdentifierMatches(Identifier identifier) { return identifier != null && identifier.hasSystem() && identifier.hasValue() && ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM.equals(identifier.getSystem()) - && consortiumIdentifier.equals(identifier.getValue()); + && parentOrganizationIdentifier.equals(identifier.getValue()); } private boolean hasMatchingRoleExtension(List extension) @@ -189,7 +193,7 @@ private boolean hasMatchingRoleExtension(List extension) private boolean roleExtensionMatches(Extension extension) { - return ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE_ROLE + return ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ROLE .equals(extension.getUrl()) && extension.hasValue() && extension.getValue() instanceof Coding && roleMatches((Coding) extension.getValue()); } @@ -263,37 +267,39 @@ private static Optional from(boolean localIdentity, Coding coding, { if (coding != null && coding.hasExtension()) { - List consortiumRoles = coding.getExtension().stream().filter(Extension::hasUrl).filter( - e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE.equals(e.getUrl())) + List parentOrganizationRoles = coding.getExtension().stream().filter(Extension::hasUrl) + .filter(e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE + .equals(e.getUrl())) .collect(Collectors.toList()); - if (consortiumRoles.size() == 1) + if (parentOrganizationRoles.size() == 1) { - Extension consortiumRole = consortiumRoles.get(0); - List consortiums = consortiumRole.getExtension().stream().filter(Extension::hasUrl).filter( - e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE_CONSORTIUM + Extension parentOrganizationRole = parentOrganizationRoles.get(0); + List parentOrganizations = parentOrganizationRole.getExtension().stream() + .filter(Extension::hasUrl) + .filter(e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION .equals(e.getUrl())) .collect(Collectors.toList()); - List roles = consortiumRole.getExtension().stream().filter(Extension::hasUrl) - .filter(e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE_ROLE + List roles = parentOrganizationRole.getExtension().stream().filter(Extension::hasUrl).filter( + e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ROLE .equals(e.getUrl())) .collect(Collectors.toList()); - if (consortiums.size() == 1 && roles.size() == 1) + if (parentOrganizations.size() == 1 && roles.size() == 1) { - Extension consortium = consortiums.get(0); + Extension parentOrganization = parentOrganizations.get(0); Extension role = roles.get(0); - if (consortium.hasValue() && consortium.getValue() instanceof Identifier && role.hasValue() - && role.getValue() instanceof Coding) + if (parentOrganization.hasValue() && parentOrganization.getValue() instanceof Identifier + && role.hasValue() && role.getValue() instanceof Coding) { - Identifier consortiumIdentifier = (Identifier) consortium.getValue(); + Identifier parentOrganizationIdentifier = (Identifier) parentOrganization.getValue(); Coding roleCoding = (Coding) role.getValue(); if (ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM - .equals(consortiumIdentifier.getSystem()) - && organizationWithIdentifierExists.test(consortiumIdentifier) + .equals(parentOrganizationIdentifier.getSystem()) + && organizationWithIdentifierExists.test(parentOrganizationIdentifier) && roleExists.test(roleCoding)) { - return Optional.of(new Role(localIdentity, consortiumIdentifier.getValue(), + return Optional.of(new Role(localIdentity, parentOrganizationIdentifier.getValue(), roleCoding.getSystem(), roleCoding.getCode())); } } diff --git a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelper.java b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelper.java index ccd4c1518..ee3b0702d 100644 --- a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelper.java +++ b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelper.java @@ -24,9 +24,9 @@ public interface ReadAccessHelper String EXTENSION_READ_ACCESS_ORGANIZATION = "http://dsf.dev/fhir/StructureDefinition/extension-read-access-organization"; - String EXTENSION_READ_ACCESS_CONSORTIUM_ROLE = "http://dsf.dev/fhir/StructureDefinition/extension-read-access-consortium-role"; - String EXTENSION_READ_ACCESS_CONSORTIUM_ROLE_CONSORTIUM = "consortium"; - String EXTENSION_READ_ACCESS_CONSORTIUM_ROLE_ROLE = "role"; + String EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE = "http://dsf.dev/fhir/StructureDefinition/extension-read-access-parent-organization-role"; + String EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION = "parent-organization"; + String EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_ROLE = "role"; /** * Adds LOCAL tag. Removes ALL tag if present. diff --git a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelperImpl.java b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelperImpl.java index f0fe2ee2e..97796130e 100644 --- a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelperImpl.java +++ b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelperImpl.java @@ -78,12 +78,13 @@ public R addOrganization(R resource, Organization organizat } @Override - public R addRole(R resource, String consortiumIdentifier, String roleSystem, String roleCode) + public R addRole(R resource, String parentOrganizationIdentifier, String roleSystem, + String roleCode) { if (resource == null) return null; - Objects.requireNonNull(consortiumIdentifier, "consortiumIdentifier"); + Objects.requireNonNull(parentOrganizationIdentifier, "parentOrganizationIdentifier"); Objects.requireNonNull(roleSystem, "roleSystem"); Objects.requireNonNull(roleCode, "roleCode"); @@ -91,10 +92,10 @@ public R addRole(R resource, String consortiumIdentifier, S addLocal(resource); Extension ex = resource.getMeta().addTag().setSystem(READ_ACCESS_TAG_SYSTEM).setCode(READ_ACCESS_TAG_VALUE_ROLE) - .addExtension().setUrl(EXTENSION_READ_ACCESS_CONSORTIUM_ROLE); - ex.addExtension().setUrl(EXTENSION_READ_ACCESS_CONSORTIUM_ROLE_CONSORTIUM) - .setValue(new Identifier().setSystem(ORGANIZATION_IDENTIFIER_SYSTEM).setValue(consortiumIdentifier)); - ex.addExtension().setUrl(EXTENSION_READ_ACCESS_CONSORTIUM_ROLE_ROLE) + .addExtension().setUrl(EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE); + ex.addExtension().setUrl(EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION).setValue( + new Identifier().setSystem(ORGANIZATION_IDENTIFIER_SYSTEM).setValue(parentOrganizationIdentifier)); + ex.addExtension().setUrl(EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_ROLE) .setValue(new Coding().setSystem(roleSystem).setCode(roleCode)); return resource; } @@ -107,19 +108,20 @@ public R addRole(R resource, OrganizationAffiliation affili Objects.requireNonNull(affiliation, "affiliation"); if (!affiliation.hasOrganization()) - throw new IllegalArgumentException("affiliation has no consortium reference"); + throw new IllegalArgumentException("affiliation has no parent-organization reference"); if (!affiliation.getOrganization().hasIdentifier()) - throw new IllegalArgumentException("affiliation has no consortium reference with identifier"); + throw new IllegalArgumentException("affiliation has no parent-organization reference with identifier"); if (!affiliation.getOrganization().getIdentifier().hasSystem() || !ORGANIZATION_IDENTIFIER_SYSTEM.equals(affiliation.getOrganization().getIdentifier().getSystem())) throw new IllegalArgumentException( - "affiliation has no consortium reference with identifier system " + ORGANIZATION_IDENTIFIER_SYSTEM); + "affiliation has no parent-organization reference with identifier system " + + ORGANIZATION_IDENTIFIER_SYSTEM); if (!affiliation.getOrganization().getIdentifier().hasValue() || affiliation.getOrganization().getIdentifier().getValue().isBlank()) throw new IllegalArgumentException( - "affiliation has no consortium reference with non blank identifier value"); + "affiliation has no parent-organization reference with non blank identifier value"); - String consortiumIdentifier = affiliation.getOrganization().getIdentifier().getValue(); + String parentOrganizationIdentifier = affiliation.getOrganization().getIdentifier().getValue(); if (!affiliation.hasCode() || affiliation.getCode().size() != 1 || !affiliation.getCodeFirstRep().hasCoding() || affiliation.getCodeFirstRep().getCoding().size() != 1 @@ -130,7 +132,7 @@ public R addRole(R resource, OrganizationAffiliation affili String roleSystem = affiliation.getCodeFirstRep().getCodingFirstRep().getSystem(); String roleCode = affiliation.getCodeFirstRep().getCodingFirstRep().getCode(); - return addRole(resource, consortiumIdentifier, roleSystem, roleCode); + return addRole(resource, parentOrganizationIdentifier, roleSystem, roleCode); } @Override @@ -199,15 +201,16 @@ public boolean hasAnyOrganization(Resource resource) } @Override - public boolean hasRole(Resource resource, String consortiumIdentifier, String roleSystem, String roleCode) + public boolean hasRole(Resource resource, String parentOrganizationIdentifier, String roleSystem, String roleCode) { if (resource == null || !resource.hasMeta() || !resource.getMeta().hasTag()) return false; Stream extensions = getTagExtensions(resource, READ_ACCESS_TAG_SYSTEM, READ_ACCESS_TAG_VALUE_ROLE, - EXTENSION_READ_ACCESS_CONSORTIUM_ROLE); + EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE); - return extensions.filter(Extension::hasExtension).anyMatch(matches(consortiumIdentifier, roleSystem, roleCode)); + return extensions.filter(Extension::hasExtension) + .anyMatch(matches(parentOrganizationIdentifier, roleSystem, roleCode)); } @Override @@ -219,18 +222,20 @@ public boolean hasRole(Resource resource, List affiliat return affiliations.stream().anyMatch(affiliation -> hasRole(resource, affiliation)); } - private Predicate matches(String consortiumIdentifier, String roleSystem, String roleCode) + private Predicate matches(String parentOrganizationIdentifier, String roleSystem, + String roleCode) { return extensions -> { boolean cor = extensions.getExtension().stream().filter(Extension::hasUrl) - .filter(e -> Objects.equals(e.getUrl(), EXTENSION_READ_ACCESS_CONSORTIUM_ROLE_CONSORTIUM)) + .filter(e -> Objects.equals(e.getUrl(), + EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION)) .filter(Extension::hasValue).map(Extension::getValue).filter(v -> v instanceof Identifier) .map(v -> (Identifier) v).filter(Identifier::hasSystem).filter(Identifier::hasValue) .anyMatch(i -> ORGANIZATION_IDENTIFIER_SYSTEM.equals(i.getSystem()) - && Objects.equals(i.getValue(), consortiumIdentifier)); + && Objects.equals(i.getValue(), parentOrganizationIdentifier)); boolean role = extensions.getExtension().stream().filter(Extension::hasUrl) - .filter(e -> Objects.equals(e.getUrl(), EXTENSION_READ_ACCESS_CONSORTIUM_ROLE_ROLE)) + .filter(e -> Objects.equals(e.getUrl(), EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_ROLE)) .filter(Extension::hasValue).map(Extension::getValue).filter(v -> v instanceof Coding) .map(v -> (Coding) v) .anyMatch(c -> Objects.equals(c.getSystem(), roleSystem) && Objects.equals(c.getCode(), roleCode)); @@ -244,18 +249,18 @@ public boolean hasRole(Resource resource, OrganizationAffiliation affiliation) if (resource == null || affiliation == null || !affiliation.hasOrganization() || !affiliation.hasCode()) return false; - Reference consortiumRef = affiliation.getOrganization(); - if (!consortiumRef.hasIdentifier()) + Reference parentOrganizationRef = affiliation.getOrganization(); + if (!parentOrganizationRef.hasIdentifier()) return false; - Identifier consortiumId = consortiumRef.getIdentifier(); - if (!consortiumId.hasValue()) + Identifier parentOrganizationIdentifier = parentOrganizationRef.getIdentifier(); + if (!parentOrganizationIdentifier.hasValue()) return false; - String consortiumIdentifier = consortiumRef.getIdentifier().getValue(); + String parentOrganizationIdentifierValue = parentOrganizationRef.getIdentifier().getValue(); return affiliation.getCode().stream().filter(CodeableConcept::hasCoding).flatMap(c -> c.getCoding().stream()) .filter(Coding::hasSystem).filter(Coding::hasCode) - .anyMatch(c -> hasRole(resource, consortiumIdentifier, c.getSystem(), c.getCode())); + .anyMatch(c -> hasRole(resource, parentOrganizationIdentifierValue, c.getSystem(), c.getCode())); } @Override @@ -360,35 +365,38 @@ private boolean isValidRoleReadAccessTag(Coding coding, Predicate or Predicate roleExists) { List exts = coding.getExtension().stream().filter(e -> e.hasUrl()) - .filter(e -> EXTENSION_READ_ACCESS_CONSORTIUM_ROLE.equals(e.getUrl())).collect(Collectors.toList()); + .filter(e -> EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE.equals(e.getUrl())) + .collect(Collectors.toList()); - return coding.hasExtension() && exts.size() == 1 && isValidExtensionReadAccessConsortiumMemberRole(exts.get(0), - organizationWithIdentifierExists, roleExists); + return coding.hasExtension() && exts.size() == 1 && isValidExtensionReadAccessParentOrganizationMemberRole( + exts.get(0), organizationWithIdentifierExists, roleExists); } - private boolean isValidExtensionReadAccessConsortiumMemberRole(Extension extension, + private boolean isValidExtensionReadAccessParentOrganizationMemberRole(Extension extension, Predicate organizationWithIdentifierExists, Predicate roleExists) { return extension.hasExtension() && extension.getExtension().size() == 2 && extension.getExtension().stream() - .filter(e -> isValidExtensionReadAccessConsortiumMemberRoleConsortium(e, + .filter(e -> isValidExtensionReadAccessParentOrganizationMemberRoleParentOrganization(e, organizationWithIdentifierExists)) .count() == 1 && extension.getExtension().stream() - .filter(e -> isValidExtensionReadAccessConsortiumMemberRoleRole(e, roleExists)).count() == 1; + .filter(e -> isValidExtensionReadAccessParentOrganizationMemberRoleRole(e, roleExists)) + .count() == 1; } - private boolean isValidExtensionReadAccessConsortiumMemberRoleConsortium(Extension e, + private boolean isValidExtensionReadAccessParentOrganizationMemberRoleParentOrganization(Extension e, Predicate organizationWithIdentifierExists) { - return e.hasUrl() && EXTENSION_READ_ACCESS_CONSORTIUM_ROLE_CONSORTIUM.equals(e.getUrl()) && e.hasValue() - && e.getValue() instanceof Identifier + return e.hasUrl() && EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION.equals(e.getUrl()) + && e.hasValue() && e.getValue() instanceof Identifier && isValidOrganizationIdentifier((Identifier) e.getValue(), organizationWithIdentifierExists); } - private boolean isValidExtensionReadAccessConsortiumMemberRoleRole(Extension e, Predicate roleExists) + private boolean isValidExtensionReadAccessParentOrganizationMemberRoleRole(Extension e, + Predicate roleExists) { - return e.hasUrl() && EXTENSION_READ_ACCESS_CONSORTIUM_ROLE_ROLE.equals(e.getUrl()) && e.hasValue() + return e.hasUrl() && EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_ROLE.equals(e.getUrl()) && e.hasValue() && e.getValue() instanceof Coding && isValidRole((Coding) e.getValue(), roleExists); } diff --git a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java index 6ef0c4857..60eed029b 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java +++ b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java @@ -83,7 +83,7 @@ public void testActivityDefinitionRequesterRemoteAllRecipientLocalAllValidViaFil } @Test - public void testActivityDefinitionRequesterRemoteOrganizationRecipientLocalConsortiumRoleValidViaFile() + public void testActivityDefinitionRequesterRemoteOrganizationRecipientLocalParentOrganizationRoleValidViaFile() throws Exception { try (InputStream in = Files.newInputStream(Paths.get( @@ -130,7 +130,7 @@ public void testGetRequesterRemoteAllRecipientLocalAllViaFile() throws Exception } @Test - public void testGetRequesterRemoteOrganizationRecipientLocalConsortiumRoleViaFile() throws Exception + public void testGetRequesterRemoteOrganizationRecipientLocalParentOrganizationRoleViaFile() throws Exception { try (InputStream in = Files.newInputStream(Paths.get( "src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml"))) @@ -164,7 +164,7 @@ public void testGetRequesterRemoteOrganizationRecipientLocalConsortiumRoleViaFil OrganizationAffiliation affiliation = new OrganizationAffiliation(); affiliation.setActive(true); affiliation.getOrganization().getIdentifier() - .setSystem(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM).setValue("consortium.org"); + .setSystem(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM).setValue("parent.org"); affiliation.getParticipatingOrganization().getIdentifier() .setSystem(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM).setValue("member.com"); affiliation.getCodeFirstRep().getCodingFirstRep() @@ -507,18 +507,18 @@ public void testAddRequesterLocalRoleRemoteRoleRecipientLocalRole() throws Excep { String messageName = "messageName"; String taskProfile = "http://foo.com/fhir/StructureDefinition/bar"; - String consortium1 = "consortium1.org"; + String parentOrganization1 = "parent1.org"; String role1System = "http://baz.com/fhir/CodeSystem/cs1"; String role1Code = "code1"; - String consortium2 = "consortium2.org"; + String parentOrganization2 = "parent2.org"; String role2System = "http://baz.com/fhir/CodeSystem/cs2"; String role2Code = "code2"; - String consortium3 = "consortium3.org"; + String parentOrganization3 = "parent3.org"; String role3System = "http://baz.com/fhir/CodeSystem/cs3"; String role3Code = "code3"; - Requester requesterLocalRole = Requester.localRole(consortium1, role1System, role1Code); - Requester requesterRemoteRole = Requester.remoteRole(consortium2, role2System, role2Code); - Recipient recipientLocalRole = Recipient.localRole(consortium3, role3System, role3Code); + Requester requesterLocalRole = Requester.localRole(parentOrganization1, role1System, role1Code); + Requester requesterRemoteRole = Requester.remoteRole(parentOrganization2, role2System, role2Code); + Recipient recipientLocalRole = Recipient.localRole(parentOrganization3, role3System, role3Code); var ad = createActivityDefinition(); @@ -577,7 +577,8 @@ public void testAddRequesterLocalRoleRemoteRoleRecipientLocalRole() throws Excep Extension reqCode1Ext = reqCode1.getExtension().get(0); assertNotNull(reqCode1Ext); assertTrue(reqCode1Ext.hasUrl()); - assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE, reqCode1Ext.getUrl()); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE, + reqCode1Ext.getUrl()); assertTrue(reqCode1Ext.hasExtension()); assertFalse(reqCode1Ext.hasValue()); assertNotNull(reqCode1Ext.getExtension()); @@ -585,11 +586,12 @@ public void testAddRequesterLocalRoleRemoteRoleRecipientLocalRole() throws Excep List reqCode1ExtExts = reqCode1Ext.getExtension(); Extension reqCode1ExtC = reqCode1ExtExts.get(0); assertTrue(reqCode1ExtC.hasUrl()); - assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE_CONSORTIUM, + assertEquals( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION, reqCode1ExtC.getUrl()); Extension reqCode1ExtR = reqCode1ExtExts.get(1); assertTrue(reqCode1ExtR.hasUrl()); - assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE_ROLE, + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ROLE, reqCode1ExtR.getUrl()); assertTrue(reqCode1ExtC.hasValue()); assertTrue(reqCode1ExtC.getValue() instanceof Identifier); @@ -597,7 +599,7 @@ public void testAddRequesterLocalRoleRemoteRoleRecipientLocalRole() throws Excep assertEquals(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM, ((Identifier) reqCode1ExtC.getValue()).getSystem()); assertTrue(((Identifier) reqCode1ExtC.getValue()).hasValue()); - assertEquals(consortium1, ((Identifier) reqCode1ExtC.getValue()).getValue()); + assertEquals(parentOrganization1, ((Identifier) reqCode1ExtC.getValue()).getValue()); assertTrue(reqCode1ExtR.hasValue()); assertTrue(reqCode1ExtR.getValue() instanceof Coding); assertTrue(((Coding) reqCode1ExtR.getValue()).hasSystem()); @@ -626,7 +628,8 @@ public void testAddRequesterLocalRoleRemoteRoleRecipientLocalRole() throws Excep Extension reqCode2Ext = reqCode2.getExtension().get(0); assertNotNull(reqCode2Ext); assertTrue(reqCode2Ext.hasUrl()); - assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE, reqCode2Ext.getUrl()); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE, + reqCode2Ext.getUrl()); assertTrue(reqCode2Ext.hasExtension()); assertFalse(reqCode2Ext.hasValue()); assertNotNull(reqCode2Ext.getExtension()); @@ -634,11 +637,12 @@ public void testAddRequesterLocalRoleRemoteRoleRecipientLocalRole() throws Excep List reqCode2ExtExts = reqCode2Ext.getExtension(); Extension reqCode2ExtC = reqCode2ExtExts.get(0); assertTrue(reqCode2ExtC.hasUrl()); - assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE_CONSORTIUM, + assertEquals( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION, reqCode2ExtC.getUrl()); Extension reqCode2ExtR = reqCode2ExtExts.get(1); assertTrue(reqCode2ExtR.hasUrl()); - assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE_ROLE, + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ROLE, reqCode2ExtR.getUrl()); assertTrue(reqCode2ExtC.hasValue()); assertTrue(reqCode2ExtC.getValue() instanceof Identifier); @@ -646,7 +650,7 @@ public void testAddRequesterLocalRoleRemoteRoleRecipientLocalRole() throws Excep assertEquals(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM, ((Identifier) reqCode2ExtC.getValue()).getSystem()); assertTrue(((Identifier) reqCode2ExtC.getValue()).hasValue()); - assertEquals(consortium2, ((Identifier) reqCode2ExtC.getValue()).getValue()); + assertEquals(parentOrganization2, ((Identifier) reqCode2ExtC.getValue()).getValue()); assertTrue(reqCode2ExtR.hasValue()); assertTrue(reqCode2ExtR.getValue() instanceof Coding); assertTrue(((Coding) reqCode2ExtR.getValue()).hasSystem()); @@ -675,7 +679,8 @@ public void testAddRequesterLocalRoleRemoteRoleRecipientLocalRole() throws Excep Extension recCodeExt = recCode.getExtension().get(0); assertNotNull(recCodeExt); assertTrue(recCodeExt.hasUrl()); - assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE, recCodeExt.getUrl()); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE, + recCodeExt.getUrl()); assertTrue(recCodeExt.hasExtension()); assertFalse(recCodeExt.hasValue()); @@ -684,11 +689,12 @@ public void testAddRequesterLocalRoleRemoteRoleRecipientLocalRole() throws Excep List recCodeExtExts = recCodeExt.getExtension(); Extension recCodeExtC = recCodeExtExts.get(0); assertTrue(recCodeExtC.hasUrl()); - assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE_CONSORTIUM, + assertEquals( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION, recCodeExtC.getUrl()); Extension recCodeExtR = recCodeExtExts.get(1); assertTrue(recCodeExtR.hasUrl()); - assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_CONSORTIUM_ROLE_ROLE, + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ROLE, recCodeExtR.getUrl()); assertTrue(recCodeExtC.hasValue()); assertTrue(recCodeExtC.getValue() instanceof Identifier); @@ -696,7 +702,7 @@ public void testAddRequesterLocalRoleRemoteRoleRecipientLocalRole() throws Excep assertEquals(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM, ((Identifier) recCodeExtC.getValue()).getSystem()); assertTrue(((Identifier) recCodeExtC.getValue()).hasValue()); - assertEquals(consortium3, ((Identifier) recCodeExtC.getValue()).getValue()); + assertEquals(parentOrganization3, ((Identifier) recCodeExtC.getValue()).getValue()); assertTrue(recCodeExtR.hasValue()); assertTrue(recCodeExtR.getValue() instanceof Coding); assertTrue(((Coding) recCodeExtR.getValue()).hasSystem()); diff --git a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/RoleTest.java b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/RoleTest.java index c65aae7aa..7621b8d08 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/RoleTest.java +++ b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/RoleTest.java @@ -13,13 +13,15 @@ public class RoleTest { - private static final String CONSORTIUM_IDENTIFIER = "consortium.org"; + private static final String PARENT_ORGANIZATION_IDENTIFIER = "parent.org"; private static final String MEMBER_IDENTIFIER = "member.com"; private static final String MEMBER_ROLE_SYSTEM = "roleSystem"; private static final String MEMBER_ROLE_CODE = "roleCode"; - private static final Role local = new Role(true, CONSORTIUM_IDENTIFIER, MEMBER_ROLE_SYSTEM, MEMBER_ROLE_CODE); - private static final Role remote = new Role(false, CONSORTIUM_IDENTIFIER, MEMBER_ROLE_SYSTEM, MEMBER_ROLE_CODE); + private static final Role local = new Role(true, PARENT_ORGANIZATION_IDENTIFIER, MEMBER_ROLE_SYSTEM, + MEMBER_ROLE_CODE); + private static final Role remote = new Role(false, PARENT_ORGANIZATION_IDENTIFIER, MEMBER_ROLE_SYSTEM, + MEMBER_ROLE_CODE); private static org.hl7.fhir.r4.model.Organization createFhirOrganization(String identifierValue) { @@ -52,13 +54,14 @@ private static org.hl7.fhir.r4.model.Organization createFhirOrganization(String private static final Identity REMOTE_ORG_BAD_IDENTIFIER_SYSTEM = TestIdentity .remote(createFhirOrganization(MEMBER_IDENTIFIER, "bad.system")); - private static OrganizationAffiliation createOrganizationAffiliation(String consortiumIdentifier, + private static OrganizationAffiliation createOrganizationAffiliation(String parentOrganizationIdentifier, String memberIdentifier, String memberRoleSystem, String memberRoleCode) { var a = new OrganizationAffiliation(); a.setActive(true); a.getOrganization().setType("Organization").getIdentifier() - .setSystem(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM).setValue(consortiumIdentifier); + .setSystem(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM) + .setValue(parentOrganizationIdentifier); a.getParticipatingOrganization().setType("Organization").getIdentifier() .setSystem(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM).setValue(memberIdentifier); a.getCodeFirstRep().getCodingFirstRep().setSystem(memberRoleSystem).setCode(memberRoleCode); @@ -66,8 +69,8 @@ private static OrganizationAffiliation createOrganizationAffiliation(String cons return a; } - private static final OrganizationAffiliation OK_AFFILIATION = createOrganizationAffiliation(CONSORTIUM_IDENTIFIER, - MEMBER_IDENTIFIER, MEMBER_ROLE_SYSTEM, MEMBER_ROLE_CODE); + private static final OrganizationAffiliation OK_AFFILIATION = createOrganizationAffiliation( + PARENT_ORGANIZATION_IDENTIFIER, MEMBER_IDENTIFIER, MEMBER_ROLE_SYSTEM, MEMBER_ROLE_CODE); private static Stream okAffiliation() { @@ -131,8 +134,8 @@ public void testLocalRoleRecipientNotOkBadMemberIdentifierSystem() throws Except @Test public void testLocalRoleRecipientNotOkBadMemberRoleCode() throws Exception { - Stream affiliations = Stream.of(createOrganizationAffiliation(CONSORTIUM_IDENTIFIER, - MEMBER_IDENTIFIER, MEMBER_ROLE_SYSTEM, "bad.roleCode")); + Stream affiliations = Stream.of(createOrganizationAffiliation( + PARENT_ORGANIZATION_IDENTIFIER, MEMBER_IDENTIFIER, MEMBER_ROLE_SYSTEM, "bad.roleCode")); assertFalse(local.isRecipientAuthorized(LOCAL_ORG_ACTIVE, affiliations)); } @@ -140,8 +143,8 @@ public void testLocalRoleRecipientNotOkBadMemberRoleCode() throws Exception @Test public void testLocalRoleRecipientNotOkBadMemberRoleSystem() throws Exception { - Stream affiliations = Stream.of(createOrganizationAffiliation(CONSORTIUM_IDENTIFIER, - MEMBER_IDENTIFIER, "bad.roleSystem", MEMBER_ROLE_CODE)); + Stream affiliations = Stream.of(createOrganizationAffiliation( + PARENT_ORGANIZATION_IDENTIFIER, MEMBER_IDENTIFIER, "bad.roleSystem", MEMBER_ROLE_CODE)); assertFalse(local.isRecipientAuthorized(LOCAL_ORG_ACTIVE, affiliations)); } @@ -205,8 +208,8 @@ public void testRemoteRoleRecipientNotOkBadMemberIdentifierSystem() throws Excep @Test public void testRemoteRoleRecipientNotOkBadMemberRoleCode() throws Exception { - Stream affiliations = Stream.of(createOrganizationAffiliation(CONSORTIUM_IDENTIFIER, - MEMBER_IDENTIFIER, MEMBER_ROLE_SYSTEM, "bad.roleCode")); + Stream affiliations = Stream.of(createOrganizationAffiliation( + PARENT_ORGANIZATION_IDENTIFIER, MEMBER_IDENTIFIER, MEMBER_ROLE_SYSTEM, "bad.roleCode")); assertFalse(remote.isRecipientAuthorized(REMOTE_ORG_ACTIVE, affiliations)); } @@ -214,8 +217,8 @@ public void testRemoteRoleRecipientNotOkBadMemberRoleCode() throws Exception @Test public void testRemoteRoleRecipientNotOkMemberRoleSystem() throws Exception { - Stream affiliations = Stream.of(createOrganizationAffiliation(CONSORTIUM_IDENTIFIER, - MEMBER_IDENTIFIER, "bad.roleSystem", MEMBER_ROLE_CODE)); + Stream affiliations = Stream.of(createOrganizationAffiliation( + PARENT_ORGANIZATION_IDENTIFIER, MEMBER_IDENTIFIER, "bad.roleSystem", MEMBER_ROLE_CODE)); assertFalse(remote.isRecipientAuthorized(REMOTE_ORG_ACTIVE, affiliations)); } @@ -279,8 +282,8 @@ public void testLocalRoleRequesterNotOkBadMemberIdentifierSystem() throws Except @Test public void testLocalRoleRequesterNotOkBadMemberRoleCode() throws Exception { - Stream affiliations = Stream.of(createOrganizationAffiliation(CONSORTIUM_IDENTIFIER, - MEMBER_IDENTIFIER, MEMBER_ROLE_SYSTEM, "bad.roleCode")); + Stream affiliations = Stream.of(createOrganizationAffiliation( + PARENT_ORGANIZATION_IDENTIFIER, MEMBER_IDENTIFIER, MEMBER_ROLE_SYSTEM, "bad.roleCode")); assertFalse(local.isRequesterAuthorized(LOCAL_ORG_ACTIVE, affiliations)); } @@ -288,8 +291,8 @@ public void testLocalRoleRequesterNotOkBadMemberRoleCode() throws Exception @Test public void testLocalRoleRequesterNotOkMemberRoleSystem() throws Exception { - Stream affiliations = Stream.of(createOrganizationAffiliation(CONSORTIUM_IDENTIFIER, - MEMBER_IDENTIFIER, "bad.roleSystem", MEMBER_ROLE_CODE)); + Stream affiliations = Stream.of(createOrganizationAffiliation( + PARENT_ORGANIZATION_IDENTIFIER, MEMBER_IDENTIFIER, "bad.roleSystem", MEMBER_ROLE_CODE)); assertFalse(local.isRequesterAuthorized(LOCAL_ORG_ACTIVE, affiliations)); } @@ -353,8 +356,8 @@ public void testRemoteRoleRequesterNotOkBadMemberIdentifierSystem() throws Excep @Test public void testRemoteRoleRequesterNotOkBadMemberRoleCode() throws Exception { - Stream affiliations = Stream.of(createOrganizationAffiliation(CONSORTIUM_IDENTIFIER, - MEMBER_IDENTIFIER, MEMBER_ROLE_SYSTEM, "bad.roleCode")); + Stream affiliations = Stream.of(createOrganizationAffiliation( + PARENT_ORGANIZATION_IDENTIFIER, MEMBER_IDENTIFIER, MEMBER_ROLE_SYSTEM, "bad.roleCode")); assertFalse(remote.isRequesterAuthorized(REMOTE_ORG_ACTIVE, affiliations)); } @@ -362,8 +365,8 @@ public void testRemoteRoleRequesterNotOkBadMemberRoleCode() throws Exception @Test public void testRemoteRoleRequesterNotOkMemberRoleSystem() throws Exception { - Stream affiliations = Stream.of(createOrganizationAffiliation(CONSORTIUM_IDENTIFIER, - MEMBER_IDENTIFIER, "bad.roleSystem", MEMBER_ROLE_CODE)); + Stream affiliations = Stream.of(createOrganizationAffiliation( + PARENT_ORGANIZATION_IDENTIFIER, MEMBER_IDENTIFIER, "bad.roleSystem", MEMBER_ROLE_CODE)); assertFalse(remote.isRequesterAuthorized(REMOTE_ORG_ACTIVE, affiliations)); } diff --git a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/read/ReadAccessHelperTest.java b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/read/ReadAccessHelperTest.java index d6bdcadfe..49ae8a683 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/read/ReadAccessHelperTest.java +++ b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/read/ReadAccessHelperTest.java @@ -130,18 +130,18 @@ public void testHasOrganizationViaResource() throws Exception @Test public void testHasRole() throws Exception { - final String consortiumIdentifier = "consortium.com"; + final String parentOrganizationIdentifier = "parent.org"; final String roleSystem = "role-system"; final String roleCode = "role-code"; var r = new CodeSystem(); assertFalse(helper.hasLocal(r)); - assertFalse(helper.hasRole(r, consortiumIdentifier, roleSystem, roleCode)); + assertFalse(helper.hasRole(r, parentOrganizationIdentifier, roleSystem, roleCode)); assertFalse(helper.hasAll(r)); - helper.addRole(r, consortiumIdentifier, roleSystem, roleCode); + helper.addRole(r, parentOrganizationIdentifier, roleSystem, roleCode); assertTrue(helper.hasLocal(r)); - assertTrue(helper.hasRole(r, consortiumIdentifier, roleSystem, roleCode)); + assertTrue(helper.hasRole(r, parentOrganizationIdentifier, roleSystem, roleCode)); assertFalse(helper.hasAll(r)); } @@ -150,7 +150,7 @@ public void testHasRoleViaResource() throws Exception { OrganizationAffiliation affiliation = new OrganizationAffiliation(); affiliation.getOrganization().getIdentifier().setSystem("http://dsf.dev/sid/organization-identifier") - .setValue("consortium.com"); + .setValue("parent.org"); affiliation.addCode().addCoding().setSystem("role-system").setCode("role-code"); var r = new CodeSystem(); @@ -167,7 +167,7 @@ public void testHasRoleViaResource() throws Exception @Test public void testHasRoleViaFile() throws Exception { - final String consortiumIdentifier = "consortium.com"; + final String parentOrganizationIdentifier = "parent.org"; final String roleSystem = "http://dsf.dev/fhir/CodeSystem/organization-role"; final String roleCode = "DIC"; @@ -177,9 +177,9 @@ public void testHasRoleViaFile() throws Exception var r = FhirContext.forR4().newXmlParser().parseResource(CodeSystem.class, in); assertTrue(helper.isValid(r)); - assertTrue(helper.isValid(r, org -> consortiumIdentifier.equals(org.getValue()), + assertTrue(helper.isValid(r, org -> parentOrganizationIdentifier.equals(org.getValue()), role -> roleSystem.equals(role.getSystem()) && roleCode.equals(role.getCode()))); - assertTrue(helper.hasRole(r, consortiumIdentifier, roleSystem, roleCode)); + assertTrue(helper.hasRole(r, parentOrganizationIdentifier, roleSystem, roleCode)); } } @@ -243,7 +243,7 @@ public void testRoleValid() throws Exception { var r = new CodeSystem(); helper.addLocal(r); - helper.addRole(r, "consortium.com", "role-system", "role-code"); + helper.addRole(r, "parent.org", "role-system", "role-code"); assertTrue(helper.isValid(r)); } @@ -251,15 +251,15 @@ public void testRoleValid() throws Exception @Test public void testRoleValidWithTests() throws Exception { - final String consortiumIdentifier = "consortium.com"; + final String parentOrganizationIdentifier = "parent.org"; final String roleSystem = "role-system"; final String roleCode = "role-code"; var r = new CodeSystem(); helper.addLocal(r); - helper.addRole(r, consortiumIdentifier, roleSystem, roleCode); + helper.addRole(r, parentOrganizationIdentifier, roleSystem, roleCode); - assertTrue(helper.isValid(r, org -> consortiumIdentifier.equals(org.getValue()), + assertTrue(helper.isValid(r, org -> parentOrganizationIdentifier.equals(org.getValue()), role -> roleSystem.equals(role.getSystem()) && roleCode.equals(role.getCode()))); } diff --git a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml index e6dece0f1..78f37a9db 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml +++ b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml @@ -27,11 +27,11 @@ - - + + - + diff --git a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/read-access/tag_role.xml b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/read-access/tag_role.xml index 5ff1a9003..f27b4b1a1 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/read-access/tag_role.xml +++ b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/read-access/tag_role.xml @@ -5,11 +5,11 @@ - - + + - + diff --git a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/ActivityDefinitionAuthorizationRule.java b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/ActivityDefinitionAuthorizationRule.java index 463de7be0..b1859b8a0 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/ActivityDefinitionAuthorizationRule.java +++ b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/ActivityDefinitionAuthorizationRule.java @@ -68,7 +68,7 @@ private Optional newResourceOk(Connection connection, Identity identity, List errors = new ArrayList(); if (!processAuthorizationHelper.isValid(newResource, taskProfile -> true, organizationIdentifier -> true, - consortiumMemberRole -> true)) + parentOrganizationRole -> true)) { errors.add("ActivityDefinition.extension with url " + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organization_affiliations_insert.sql b/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organization_affiliations_insert.sql index 9185ada09..75d18941f 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organization_affiliations_insert.sql +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organization_affiliations_insert.sql @@ -1,7 +1,7 @@ CREATE OR REPLACE FUNCTION on_organization_affiliations_insert() RETURNS TRIGGER AS $$ DECLARE reference_regex TEXT := '((http|https):\/\/([A-Za-z0-9\-\\\.\:\%\$]*\/)+)?(Account|ActivityDefinition|AdverseEvent|AllergyIntolerance|Appointment|AppointmentResponse|AuditEvent|Basic|Binary|BiologicallyDerivedProduct|BodyStructure|Bundle|CapabilityStatement|CarePlan|CareTeam|CatalogEntry|ChargeItem|ChargeItemDefinition|Claim|ClaimResponse|ClinicalImpression|CodeSystem|Communication|CommunicationRequest|CompartmentDefinition|Composition|ConceptMap|Condition|Consent|Contract|Coverage|CoverageEligibilityRequest|CoverageEligibilityResponse|DetectedIssue|Device|DeviceDefinition|DeviceMetric|DeviceRequest|DeviceUseStatement|DiagnosticReport|DocumentManifest|DocumentReference|EffectEvidenceSynthesis|Encounter|Endpoint|EnrollmentRequest|EnrollmentResponse|EpisodeOfCare|EventDefinition|Evidence|EvidenceVariable|ExampleScenario|ExplanationOfBenefit|FamilyMemberHistory|Flag|Goal|GraphDefinition|Group|GuidanceResponse|HealthcareService|ImagingStudy|Immunization|ImmunizationEvaluation|ImmunizationRecommendation|ImplementationGuide|InsurancePlan|Invoice|Library|Linkage|List|Location|Measure|MeasureReport|Media|Medication|MedicationAdministration|MedicationDispense|MedicationKnowledge|MedicationRequest|MedicationStatement|MedicinalProduct|MedicinalProductAuthorization|MedicinalProductContraindication|MedicinalProductIndication|MedicinalProductIngredient|MedicinalProductInteraction|MedicinalProductManufactured|MedicinalProductPackaged|MedicinalProductPharmaceutical|MedicinalProductUndesirableEffect|MessageDefinition|MessageHeader|MolecularSequence|NamingSystem|NutritionOrder|Observation|ObservationDefinition|OperationDefinition|OperationOutcome|Organization|OrganizationAffiliation|Patient|PaymentNotice|PaymentReconciliation|Person|PlanDefinition|Practitioner|PractitionerRole|Procedure|Provenance|Questionnaire|QuestionnaireResponse|RelatedPerson|RequestGroup|ResearchDefinition|ResearchElementDefinition|ResearchStudy|ResearchSubject|RiskAssessment|RiskEvidenceSynthesis|Schedule|SearchParameter|ServiceRequest|Slot|Specimen|SpecimenDefinition|StructureDefinition|StructureMap|Subscription|Substance|SubstanceNucleicAcid|SubstancePolymer|SubstanceProtein|SubstanceReferenceInformation|SubstanceSourceMaterial|SubstanceSpecification|SupplyDelivery|SupplyRequest|Task|TerminologyCapabilities|TestReport|TestScript|ValueSet|VerificationResult|VisionPrescription)\/([A-Za-z0-9\-\.]{1,64})(\/_history\/([A-Za-z0-9\-\.]{1,64}))?'; - consortium_identifier TEXT; + parent_organization_identifier TEXT; member_organization_id UUID; insert_count INT; binary_insert_count INT; @@ -18,7 +18,7 @@ BEGIN RAISE NOTICE 'NEW.organization_affiliation->>''active'' = ''%''', NEW.organization_affiliation->>'active'; IF (NEW.organization_affiliation->>'active' = 'true') THEN - consortium_identifier := jsonb_path_query(organization, '$.identifier[*] ? (@.system == "http://dsf.dev/sid/organization-identifier")')->>'value' + parent_organization_identifier := jsonb_path_query(organization, '$.identifier[*] ? (@.system == "http://dsf.dev/sid/organization-identifier")')->>'value' FROM current_organizations WHERE organization_id = (regexp_match(NEW.organization_affiliation->'organization'->>'reference', reference_regex))[5]::uuid AND organization->>'active' = 'true'; @@ -26,8 +26,8 @@ BEGIN WHERE organization_id = (regexp_match(NEW.organization_affiliation->'participatingOrganization'->>'reference', reference_regex))[5]::uuid AND organization->>'active' = 'true'; - IF (consortium_identifier IS NOT NULL AND member_organization_id IS NOT NULL) THEN - RAISE NOTICE 'consortium_identifier IS NOT NULL AND member_organization_id IS NOT NULL'; + IF (parent_organization_identifier IS NOT NULL AND member_organization_id IS NOT NULL) THEN + RAISE NOTICE 'parent_organization_identifier IS NOT NULL AND member_organization_id IS NOT NULL'; INSERT INTO read_access SELECT DISTINCT r.id, r.version, 'ROLE', member_organization_id, NEW.organization_affiliation_id FROM ( @@ -46,8 +46,8 @@ BEGIN FROM all_resources ) AS r ON r.resource->'meta'->'tag' @> - ('[{"extension":[{"url":"http://dsf.dev/fhir/StructureDefinition/extension-read-access-consortium-role","extension":[{"url":"consortium","valueIdentifier":{"system":"http://dsf.dev/sid/organization-identifier","value":"' - || consortium_identifier || '"}},{"url":"role","valueCoding":{"system":"' + ('[{"extension":[{"url":"http://dsf.dev/fhir/StructureDefinition/extension-read-access-parent-organization-role","extension":[{"url":"parent-organization","valueIdentifier":{"system":"http://dsf.dev/sid/organization-identifier","value":"' + || parent_organization_identifier || '"}},{"url":"role","valueCoding":{"system":"' || c.system || '","code":"' || c.code || '"}}]}],"system":"http://dsf.dev/fhir/CodeSystem/read-access-tag","code":"ROLE"}]')::jsonb WHERE r.resource IS NOT NULL; diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organizations_insert.sql b/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organizations_insert.sql index 37c105856..1bd95b42b 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organizations_insert.sql +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organizations_insert.sql @@ -44,8 +44,8 @@ BEGIN SELECT r.id, r.version, 'ROLE', member_organization_id, organization_affiliation_id FROM ( SELECT DISTINCT organization_affiliation_id - , consortium_identifier - , consortium_organization_id + , parent_organization_identifier + , parent_organization_organization_id , member_organization_id , coding->>'system' AS coding_system , coding->>'code' AS coding_code @@ -54,9 +54,9 @@ BEGIN organization_affiliation_id , (SELECT jsonb_path_query(organization, '$.identifier[*]?(@.system == "http://dsf.dev/sid/organization-identifier")')->>'value' FROM current_organizations WHERE organization_id = (regexp_match(organization_affiliation->'organization'->>'reference', reference_regex))[5]::uuid - ) AS consortium_identifier + ) AS parent_organization_identifier , (regexp_match(organization_affiliation->'organization'->>'reference', reference_regex))[5]::uuid - AS consortium_organization_id + AS parent_organization_organization_id , (regexp_match(organization_affiliation->'participatingOrganization'->>'reference', reference_regex))[5]::uuid AS member_organization_id , jsonb_array_elements(jsonb_array_elements(organization_affiliation->'code')->'coding') AS coding @@ -69,14 +69,14 @@ BEGIN OR organization_id = (regexp_match(organization_affiliation->'participatingOrganization'->>'reference', reference_regex))[5]::uuid) ) = 2 ) AS oa1 - WHERE consortium_organization_id = NEW.organization_id OR member_organization_id = NEW.organization_id + WHERE parent_organization_organization_id = NEW.organization_id OR member_organization_id = NEW.organization_id ) AS oa LEFT JOIN ( SELECT id, version, resource FROM all_resources ) AS r ON r.resource->'meta'->'tag' @> - ('[{"extension":[{"url":"http://dsf.dev/fhir/StructureDefinition/extension-read-access-consortium-role","extension":[{"url":"consortium","valueIdentifier":{"system":"http://dsf.dev/sid/organization-identifier","value":"' - || consortium_identifier || '"}},{"url":"role","valueCoding":{"system":"' + ('[{"extension":[{"url":"http://dsf.dev/fhir/StructureDefinition/extension-read-access-parent-organization-role","extension":[{"url":"parent-organization","valueIdentifier":{"system":"http://dsf.dev/sid/organization-identifier","value":"' + || parent_organization_identifier || '"}},{"url":"role","valueCoding":{"system":"' || coding_system || '","code":"' || coding_code || '"}}]}],"system":"http://dsf.dev/fhir/CodeSystem/read-access-tag","code":"ROLE"}]')::jsonb WHERE r.resource IS NOT NULL diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_resources_insert.sql b/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_resources_insert.sql index 9f793d8ae..0ae3ddc25 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_resources_insert.sql +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_resources_insert.sql @@ -70,16 +70,16 @@ BEGIN ) AS oa LEFT JOIN ( SELECT - jsonb_path_query(consortium_role, '$.extension[*] ? (@.url == "consortium") - .valueIdentifier[*]?(@.system == "http://dsf.dev/sid/organization-identifier")')->>'value' AS consortium_identifier - , jsonb_path_query(consortium_role, '$.extension[*] ? (@.url == "role").valueCoding') AS role + jsonb_path_query(parent_organization_role, '$.extension[*] ? (@.url == "parent-organization") + .valueIdentifier[*]?(@.system == "http://dsf.dev/sid/organization-identifier")')->>'value' AS parent_organization_identifier + , jsonb_path_query(parent_organization_role, '$.extension[*] ? (@.url == "role").valueCoding') AS role FROM ( SELECT jsonb_path_query(new_resource,'$.meta.tag[*] ? (@.code == "ROLE" && @.system == "http://dsf.dev/fhir/CodeSystem/read-access-tag") - .extension[*] ? (@.url == "http://dsf.dev/fhir/StructureDefinition/extension-read-access-consortium-role")') AS consortium_role + .extension[*] ? (@.url == "http://dsf.dev/fhir/StructureDefinition/extension-read-access-parent-organization-role")') AS parent_organization_role ) AS cr ) AS t - ON oa.parent_organization_identifier = t.consortium_identifier AND oa.role->>'system' = t.role->>'system' AND oa.role->>'code' = t.role->>'code' - WHERE t.consortium_identifier IS NOT NULL AND t.role IS NOT NULL + ON oa.parent_organization_identifier = t.parent_organization_identifier AND oa.role->>'system' = t.role->>'system' AND oa.role->>'code' = t.role->>'code' + WHERE t.parent_organization_identifier IS NOT NULL AND t.role IS NOT NULL ) AS member_organizations; GET DIAGNOSTICS role_insert_count = ROW_COUNT; diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java index b5ec3dc13..56ba268e3 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java @@ -807,9 +807,8 @@ public void testCreateTaskNotAllowedRemoteUser2() throws Exception Coding recipient = (Coding) ad3 .getExtensionByUrl("http://dsf.dev/fhir/StructureDefinition/extension-process-authorization") .getExtensionByUrl("recipient").getValue(); - Coding role = (Coding) recipient - .getExtensionByUrl( - "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-consortium-role") + Coding role = (Coding) recipient.getExtensionByUrl( + "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role") .getExtensionByUrl("role").getValue(); role.setCode("TTP"); diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition3-1.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition3-1.0.xml index 714c28a2b..1d895607d 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition3-1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition3-1.0.xml @@ -27,8 +27,8 @@ - - + + diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition4-1.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition4-1.0.xml index 11a9c8f1c..2c76b8ec2 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition4-1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition4-1.0.xml @@ -15,8 +15,8 @@ - - + + @@ -35,8 +35,8 @@ - - + + diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml index fe867de67..ed92d9318 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml @@ -18,7 +18,7 @@ - + @@ -51,4 +51,8 @@ + + + + \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml index e4599658f..9a5236c4a 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml @@ -32,12 +32,12 @@ - + - + diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml similarity index 89% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-1.0.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml index ad6f525c3..845216ac3 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml @@ -5,9 +5,9 @@ - + - + @@ -35,7 +35,7 @@ - + diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml.post similarity index 54% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-1.0.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml.post index 9ab6aa4ee..6c8fc33d3 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-consortium-role-1.0.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-consortium-role&version=1.0.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-parent-organization-role&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml similarity index 89% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml index 0152c368f..df5eb5325 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml @@ -5,9 +5,9 @@ - + - + @@ -35,7 +35,7 @@ - + diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml.post similarity index 54% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml.post index 6a412a131..40f01c512 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-consortium-role&version=1.0.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-parent-organization-role&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml index b6a49be39..2311e5c66 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml @@ -85,10 +85,10 @@ - + - + @@ -111,7 +111,7 @@ - + diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-1.0.0.xml similarity index 82% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-1.0.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-1.0.0.xml index b20aff3e1..4e9d48b87 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-1.0.0.xml @@ -5,9 +5,9 @@ - + - + @@ -37,29 +37,29 @@ - + - + - + - + - + - + - + @@ -90,7 +90,7 @@ - + diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-1.0.0.xml.post similarity index 56% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-1.0.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-1.0.0.xml.post index 7945550e3..2027e393f 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-consortium-role-1.0.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-consortium-role&version=1.0.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-parent-organization-role-1.0.0.xml similarity index 82% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-1.0.0.xml rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-parent-organization-role-1.0.0.xml index 6b871842d..861fdc549 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-parent-organization-role-1.0.0.xml @@ -5,9 +5,9 @@ - + - + @@ -32,29 +32,29 @@ - + - + - + - + - + - + - + @@ -85,7 +85,7 @@ - + diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-parent-organization-role-1.0.0.xml.post similarity index 61% rename from dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-1.0.0.xml.post rename to dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-parent-organization-role-1.0.0.xml.post index f06995c32..436ec0047 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-consortium-role-1.0.0.xml.post +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-parent-organization-role-1.0.0.xml.post @@ -1 +1 @@ -url=http://dsf.dev/fhir/StructureDefinition/extension-read-access-consortium-role&version=1.0.0 \ No newline at end of file +url=http://dsf.dev/fhir/StructureDefinition/extension-read-access-parent-organization-role&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java index 81870a49d..1fe41f4b1 100644 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java @@ -27,18 +27,18 @@ public class ActivityDefinitionProfileTest { - private static final Logger logger = LoggerFactory.getLogger(EndpointProfileTest.class); + private static final Logger logger = LoggerFactory.getLogger(ActivityDefinitionProfileTest.class); @ClassRule public static final ValidationSupportRule validationRule = new ValidationSupportRule( Arrays.asList("dsf-activity-definition-1.0.0.xml", "dsf-extension-process-authorization-1.0.0.xml", - "dsf-extension-process-authorization-consortium-role-1.0.0.xml", + "dsf-extension-process-authorization-parent-organization-role-1.0.0.xml", "dsf-extension-process-authorization-organization-1.0.0.xml", "dsf-coding-process-authorization-local-all-1.0.0.xml", - "dsf-coding-process-authorization-local-consortium-role-1.0.0.xml", + "dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml", "dsf-coding-process-authorization-local-organization-1.0.0.xml", "dsf-coding-process-authorization-remote-all-1.0.0.xml", - "dsf-coding-process-authorization-remote-consortium-role-1.0.0.xml", + "dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml", "dsf-coding-process-authorization-remote-organization-1.0.0.xml"), Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-organization-role-1.0.0.xml", "dsf-process-authorization-1.0.0.xml"), @@ -57,6 +57,7 @@ private ActivityDefinition createActivityDefinition() ad.setVersion("1.0.0"); ad.setStatus(PublicationStatus.ACTIVE); ad.setKind(ActivityDefinitionKind.TASK); + ad.setName("TestProcess"); return ad; } @@ -117,10 +118,10 @@ public void testActivityDefinitionWithProcessAuthorizationRequesterRemoteOrganiz Coding recipientCoding = new Coding("http://dsf.dev/fhir/CodeSystem/process-authorization", "LOCAL_ROLE", null); Extension consortiumRole = recipientCoding.addExtension(); - consortiumRole - .setUrl("http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-consortium-role"); - consortiumRole.addExtension("consortium", - new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("consortium.org")); + consortiumRole.setUrl( + "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role"); + consortiumRole.addExtension("parent-organization", + new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("parent.org")); consortiumRole.addExtension("role", new Coding("http://dsf.dev/fhir/CodeSystem/organization-role", "DIC", null)); processAuthorization.addExtension("recipient", recipientCoding); @@ -155,10 +156,10 @@ public void testActivityDefinitionWithProcessAuthorizationRequesterRemoteOrganiz Coding recipientCoding = new Coding("http://dsf.dev/fhir/CodeSystem/process-authorization", "REMOTE_ROLE", null); Extension consortiumRole = recipientCoding.addExtension(); - consortiumRole - .setUrl("http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-consortium-role"); - consortiumRole.addExtension("consortium", - new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("consortium.org")); + consortiumRole.setUrl( + "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role"); + consortiumRole.addExtension("parent-organization", + new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("parent.org")); consortiumRole.addExtension("role", new Coding("http://dsf.dev/fhir/CodeSystem/organization-role", "DIC", null)); processAuthorization.addExtension("recipient", recipientCoding); @@ -170,6 +171,6 @@ public void testActivityDefinitionWithProcessAuthorizationRequesterRemoteOrganiz logMessages(result); assertFalse(result.isSuccessful()); - assertEquals(25, result.getMessages().size()); + assertEquals(24, result.getMessages().size()); } } diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java index b877ee095..7880fa0a9 100644 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java @@ -30,7 +30,7 @@ public class CodeSystemProfileTest @ClassRule public static final ValidationSupportRule validationRule = new ValidationSupportRule( Arrays.asList("dsf-code-system-1.0.0.xml", "dsf-extension-read-access-organization-1.0.0.xml", - "dsf-extension-read-access-consortium-role-1.0.0.xml"), + "dsf-extension-read-access-parent-organization-role-1.0.0.xml"), Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-organization-role-1.0.0.xml"), Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-organization-role-1.0.0.xml")); @@ -150,14 +150,15 @@ public void testCodeSystemWithTwoOrganizationsReadAccessValid() throws Exception } @Test - public void testCodeSystemWithConsortiumMemberReadAccessValid() throws Exception + public void testCodeSystemWithParentOrganizationMemberReadAccessValid() throws Exception { CodeSystem cs = createCodeSystem(); cs.getMeta().addTag().setSystem("http://dsf.dev/fhir/CodeSystem/read-access-tag").setCode("LOCAL"); Extension ex = cs.getMeta().addTag().setSystem("http://dsf.dev/fhir/CodeSystem/read-access-tag").setCode("ROLE") - .addExtension().setUrl("http://dsf.dev/fhir/StructureDefinition/extension-read-access-consortium-role"); - ex.addExtension().setUrl("consortium").setValue( - new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("consortium.com")); + .addExtension() + .setUrl("http://dsf.dev/fhir/StructureDefinition/extension-read-access-parent-organization-role"); + ex.addExtension().setUrl("parent-organization").setValue( + new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("parent.org")); ex.addExtension().setUrl("role") .setValue(new Coding().setSystem("http://dsf.dev/fhir/CodeSystem/organization-role").setCode("TTP")); @@ -171,14 +172,15 @@ public void testCodeSystemWithConsortiumMemberReadAccessValid() throws Exception } @Test - public void testCodeSystemWithConsortiumMemberReadAccessNotValid() throws Exception + public void testCodeSystemWithParentOrganizationMemberReadAccessNotValid() throws Exception { CodeSystem cs = createCodeSystem(); cs.getMeta().addTag().setSystem("http://dsf.dev/fhir/CodeSystem/read-access-tag").setCode("LOCAL"); Extension ex = cs.getMeta().addTag().setSystem("http://dsf.dev/fhir/CodeSystem/read-access-tag").setCode("ROLE") - .addExtension().setUrl("http://dsf.dev/fhir/StructureDefinition/extension-read-access-consortium-role"); - ex.addExtension().setUrl("consortium").setValue( - new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("consortium.com")); + .addExtension() + .setUrl("http://dsf.dev/fhir/StructureDefinition/extension-read-access-parent-organization-role"); + ex.addExtension().setUrl("parent-organization").setValue( + new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("parent.org")); ex.addExtension().setUrl("role") .setValue(new Coding().setSystem("http://dsf.dev/fhir/CodeSystem/organization-role").setCode("FOO")); diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationProfileTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationProfileTest.java index 6d4cd2370..9b846c0e0 100755 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationProfileTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/OrganizationProfileTest.java @@ -28,7 +28,7 @@ public class OrganizationProfileTest public static final ValidationSupportRule validationRule = new ValidationSupportRule( Arrays.asList("dsf-organization-1.0.0.xml", "dsf-organization-parent-1.0.0.xml", "dsf-extension-certificate-thumbprint-1.0.0.xml", "dsf-endpoint-1.0.0.xml", - "dsf-extension-read-access-consortium-role-1.0.0.xml", + "dsf-extension-read-access-parent-organization-role-1.0.0.xml", "dsf-extension-read-access-organization-1.0.0.xml"), Arrays.asList("dsf-read-access-tag-1.0.0.xml"), Arrays.asList("dsf-read-access-tag-1.0.0.xml")); From 51ce4042a7921d2831fefd0ee4fd07612f036ca3 Mon Sep 17 00:00:00 2001 From: Hauke Hund Date: Tue, 20 Jun 2023 18:50:58 +0200 Subject: [PATCH 16/43] fixed class name typo --- ...ateListener.java => ProcessPluginDeploymentStateListener.java} | 0 1 file changed, 0 insertions(+), 0 deletions(-) rename dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/{ProcessPluginDeplyomentStateListener.java => ProcessPluginDeploymentStateListener.java} (100%) diff --git a/dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/ProcessPluginDeplyomentStateListener.java b/dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/ProcessPluginDeploymentStateListener.java similarity index 100% rename from dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/ProcessPluginDeplyomentStateListener.java rename to dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/ProcessPluginDeploymentStateListener.java From 14adf935d3f6367acebd794e826bba3a9a4ab2e9 Mon Sep 17 00:00:00 2001 From: Hauke Hund Date: Tue, 20 Jun 2023 22:35:20 +0200 Subject: [PATCH 17/43] new ActivityDefinition authorization extensions for practitioner-roles Adds a CodeSystem (http://dsf.dev/fhir/CodeSystem/practitioner-role) with default roles for human users authenticated either via Client-Certificate or OpenID Connect. Adds three new ActivityDefinition authorization extensions as well as corresponding codes for the http://dsf.dev/fhir/CodeSystem/process-authorization CodeSystem. Modifies existing extensions to harmonize parameter names. Authorization for human users only works locally and the new extension can only be used to define the "requester". The old requester authorization codes/extensions (LOCAL_ALL, REMOTE_ALL, LOCAL_ORGANIZATION, REMOTE_ORGANIZATION, LOCAL_ROLE, REMOTE_ROLE) do not authorize local human (practitioner) users. If a process should be allowed for organizations and human (practitioner) users, at least one of the old and at least one of the new extensions need to be specified in combination. The new codes / extensions are: * LOCAL_ALL_PRACTITIONER http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-practitioner For local users with a specific role (Coding). * LOCAL_ORGANIZATION_PRACTITIONER http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization-practitioner For local users with a specific role (Coding) of a specific organization defined via DSF organization identifier. * LOCAL_ROLE_PRACTITIONER http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role-practitioner For local users with a specific role (Coding) of an organization with a specific role (Coding) in a parent organization defined via DSF organization identifier. --- .../ProcessPluginDeploymentStateListener.java | 2 +- .../bpe/plugin/ProcessPluginManagerImpl.java | 10 +- .../dsf/fhir/authorization/process/All.java | 170 ++++++-- .../authorization/process/Organization.java | 258 +++++++++--- .../process/ProcessAuthorizationHelper.java | 18 +- .../ProcessAuthorizationHelperImpl.java | 69 ++-- .../fhir/authorization/process/Recipient.java | 12 +- .../fhir/authorization/process/Requester.java | 58 ++- .../dsf/fhir/authorization/process/Role.java | 352 +++++++++++----- .../authorization/read/ReadAccessHelper.java | 2 +- .../read/ReadAccessHelperImpl.java | 9 +- .../fhir/authorization/process/AllTest.java | 76 +++- .../process/OrganizationTest.java | 87 +++- .../ProcessAuthorizationHelperTest.java | 384 +++++++++++++++++- .../fhir/authorization/process/RoleTest.java | 81 +++- ...ity.java => TestOrganizationIdentity.java} | 15 +- .../process/TestPractitionerIdentity.java | 102 +++++ ...req_remote_organization_rec_local_role.xml | 2 +- .../authorization/read-access/tag_role.xml | 2 +- .../ActivityDefinitionAuthorizationRule.java | 5 +- .../on_organization_affiliations_insert.sql | 2 +- .../on_organizations_insert.sql | 2 +- .../trigger_functions/on_resources_insert.sql | 2 +- .../java/dev/dsf/fhir/dao/BinaryDaoTest.java | 2 +- .../integration/AbstractIntegrationTest.java | 14 +- .../fhir/integration/TaskIntegrationTest.java | 271 +++++++++++- .../dsf/fhir/integration/TestJettyConfig.java | 17 +- .../fhir/integration/X509Certificates.java | 58 ++- .../dsf-test-activity-definition10-1.0.xml | 67 +++ .../dsf-test-activity-definition11-1.0.xml | 38 ++ .../dsf-test-activity-definition12-1.0.xml | 46 +++ .../dsf-test-activity-definition13-1.0.xml | 44 ++ .../dsf-test-activity-definition3-1.0.xml | 2 +- .../dsf-test-activity-definition4-1.0.xml | 4 +- .../dsf-test-activity-definition5-1.0.xml | 38 ++ .../dsf-test-activity-definition6-1.0.xml | 38 ++ .../dsf-test-activity-definition7-1.0.xml | 61 +++ .../dsf-test-activity-definition8-1.0.xml | 61 +++ .../dsf-test-activity-definition9-1.0.xml | 67 +++ .../dsf-practitioner-role-1.0.0.xml | 62 +++ .../dsf-practitioner-role-1.0.0.xml.post | 1 + .../dsf-process-authorization-1.0.0.xml | 27 +- ...orization-local-all-practitioner-1.0.0.xml | 52 +++ ...tion-local-all-practitioner-1.0.0.xml.post | 1 + ...-local-organization-practitioner-1.0.0.xml | 52 +++ ...l-organization-practitioner-1.0.0.xml.post | 1 + ...t-organization-role-practitioner-1.0.0.xml | 52 +++ ...anization-role-practitioner-1.0.0.xml.post | 1 + ...-extension-process-authorization-1.0.0.xml | 9 +- ...zation-organization-practitioner-1.0.0.xml | 100 +++++ ...n-organization-practitioner-1.0.0.xml.post | 1 + ...ization-parent-organization-role-1.0.0.xml | 16 +- ...t-organization-role-practitioner-1.0.0.xml | 125 ++++++ ...anization-role-practitioner-1.0.0.xml.post | 1 + ...ocess-authorization-practitioner-1.0.0.xml | 50 +++ ...-authorization-practitioner-1.0.0.xml.post | 1 + ...-access-parent-organization-role-1.0.0.xml | 14 +- .../ValueSet/dsf-practitioner-role-1.0.0.xml | 25 ++ .../dsf-practitioner-role-1.0.0.xml.post | 1 + ...-process-authorization-requester-1.0.0.xml | 12 + .../ActivityDefinitionProfileTest.java | 146 ++++++- .../fhir/profiles/CodeSystemProfileTest.java | 4 +- 62 files changed, 2947 insertions(+), 355 deletions(-) rename dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/{TestIdentity.java => TestOrganizationIdentity.java} (71%) create mode 100644 dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/TestPractitionerIdentity.java create mode 100644 dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition10-1.0.xml create mode 100644 dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition11-1.0.xml create mode 100644 dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition12-1.0.xml create mode 100644 dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition13-1.0.xml create mode 100644 dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition5-1.0.xml create mode 100644 dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition6-1.0.xml create mode 100644 dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition7-1.0.xml create mode 100644 dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition8-1.0.xml create mode 100644 dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition9-1.0.xml create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-practitioner-role-1.0.0.xml create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-practitioner-role-1.0.0.xml.post create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-practitioner-1.0.0.xml create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-practitioner-1.0.0.xml.post create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-practitioner-1.0.0.xml create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-practitioner-1.0.0.xml.post create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-practitioner-1.0.0.xml create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-practitioner-1.0.0.xml.post create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-practitioner-1.0.0.xml create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-practitioner-1.0.0.xml.post create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-practitioner-1.0.0.xml create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-practitioner-1.0.0.xml.post create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-practitioner-1.0.0.xml create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-practitioner-1.0.0.xml.post create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-practitioner-role-1.0.0.xml create mode 100644 dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-practitioner-role-1.0.0.xml.post diff --git a/dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/ProcessPluginDeploymentStateListener.java b/dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/ProcessPluginDeploymentStateListener.java index ec5645001..1e8076ffb 100644 --- a/dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/ProcessPluginDeploymentStateListener.java +++ b/dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/ProcessPluginDeploymentStateListener.java @@ -11,7 +11,7 @@ * Register a singleton {@link Bean} implementing this interface to execute custom code like connection tests if a * process has been deployed. */ -public interface ProcessPluginDeplyomentStateListener +public interface ProcessPluginDeploymentStateListener { void onProcessesDeployed(List processes); } diff --git a/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/plugin/ProcessPluginManagerImpl.java b/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/plugin/ProcessPluginManagerImpl.java index a7bc12851..6371227d1 100644 --- a/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/plugin/ProcessPluginManagerImpl.java +++ b/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/plugin/ProcessPluginManagerImpl.java @@ -27,7 +27,7 @@ import org.springframework.beans.factory.InitializingBean; import dev.dsf.bpe.camunda.ProcessPluginConsumer; -import dev.dsf.bpe.v1.ProcessPluginDeplyomentStateListener; +import dev.dsf.bpe.v1.ProcessPluginDeploymentStateListener; import dev.dsf.bpe.v1.constants.NamingSystems.OrganizationIdentifier; import dev.dsf.fhir.client.BasicFhirWebserviceClient; import dev.dsf.fhir.client.FhirWebserviceClient; @@ -190,12 +190,12 @@ private void onProcessesDeployed(List changes, List

activePluginProcesses = plugin.getProcessKeysAndVersions().stream() .filter(activeProcesses::contains).map(ProcessIdAndVersion::getId).toList(); - plugin.getApplicationContext().getBeansOfType(ProcessPluginDeplyomentStateListener.class).entrySet() + plugin.getApplicationContext().getBeansOfType(ProcessPluginDeploymentStateListener.class).entrySet() .forEach(onProcessesDeployed(plugin, activePluginProcesses)); }); } - private Consumer> onProcessesDeployed( + private Consumer> onProcessesDeployed( ProcessPlugin plugin, List activePluginProcesses) { return entry -> @@ -207,9 +207,9 @@ private Consumer> onProcesse catch (Exception e) { logger.warn("Error while executing {} bean {} for process plugin {}, {} - {}", - ProcessPluginDeplyomentStateListener.class.getName(), entry.getKey(), + ProcessPluginDeploymentStateListener.class.getName(), entry.getKey(), plugin.getJarFile().toString(), e.getClass().getName(), e.getMessage()); - logger.debug("Error while executing " + ProcessPluginDeplyomentStateListener.class.getName() + " bean " + logger.debug("Error while executing " + ProcessPluginDeploymentStateListener.class.getName() + " bean " + entry.getKey() + " for process plugin " + plugin.getJarFile().toString(), e); } }; diff --git a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/All.java b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/All.java index 3eefc112f..df14d0a99 100644 --- a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/All.java +++ b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/All.java @@ -1,6 +1,11 @@ package dev.dsf.fhir.authorization.process; +import java.util.Collections; +import java.util.List; import java.util.Optional; +import java.util.Set; +import java.util.function.Predicate; +import java.util.stream.Collectors; import java.util.stream.Stream; import org.hl7.fhir.r4.model.Coding; @@ -8,72 +13,161 @@ import org.hl7.fhir.r4.model.OrganizationAffiliation; import dev.dsf.common.auth.conf.Identity; +import dev.dsf.common.auth.conf.OrganizationIdentity; +import dev.dsf.common.auth.conf.PractitionerIdentity; public class All implements Recipient, Requester { private final boolean localIdentity; - public All(boolean localIdentity) + private final String practitionerRoleSystem; + private final String practitionerRoleCode; + + public All(boolean localIdentity, String practitionerRoleSystem, String practitionerRoleCode) { this.localIdentity = localIdentity; + + this.practitionerRoleSystem = practitionerRoleSystem; + this.practitionerRoleCode = practitionerRoleCode; + } + + private boolean needsPractitionerRole() + { + return practitionerRoleSystem != null && practitionerRoleCode != null; } @Override - public boolean isRequesterAuthorized(Identity requesterUser, Stream requesterAffiliations) + public boolean isRequesterAuthorized(Identity requester, Stream requesterAffiliations) { - return isAuthorized(requesterUser); + return isAuthorized(requester); } @Override - public boolean isRecipientAuthorized(Identity recipientUser, Stream recipientAffiliations) + public boolean isRecipientAuthorized(Identity recipient, Stream recipientAffiliations) { - return isAuthorized(recipientUser); + return isAuthorized(recipient); } private boolean isAuthorized(Identity identity) { return identity != null && identity.getOrganization() != null && identity.getOrganization().getActive() - && identity.isLocalIdentity() == localIdentity; + && identity.isLocalIdentity() == localIdentity + && ((needsPractitionerRole() && hasPractitionerRole(getPractitionerRoles(identity))) + || (!needsPractitionerRole() && identity instanceof OrganizationIdentity)); + } + + private Set getPractitionerRoles(Identity identity) + { + if (identity instanceof PractitionerIdentity) + return ((PractitionerIdentity) identity).getPractionerRoles(); + else + return Collections.emptySet(); + } + + private boolean hasPractitionerRole(Set practitionerRoles) + { + return practitionerRoles.stream().anyMatch( + c -> practitionerRoleSystem.equals(c.getSystem()) && practitionerRoleCode.equals(c.getCode())); } @Override - public boolean requesterMatches(Extension requesterExtension) + public Extension toRecipientExtension() { - return matches(requesterExtension, ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_REQUESTER); + return new Extension().setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_RECIPIENT) + .setValue(toCoding(false)); } @Override - public boolean recipientMatches(Extension recipientExtension) + public Extension toRequesterExtension() { - return matches(recipientExtension, ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_RECIPIENT); + return new Extension().setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_REQUESTER) + .setValue(toCoding(needsPractitionerRole())); } - private boolean matches(Extension recipientExtension, String url) + private Coding toCoding(boolean needsPractitionerRole) { - return recipientExtension != null && url.equals(recipientExtension.getUrl()) && recipientExtension.hasValue() - && recipientExtension.getValue() instanceof Coding && matches((Coding) recipientExtension.getValue()); + Coding coding = getProcessAuthorizationCode(); + + if (needsPractitionerRole) + coding.addExtension().setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PRACTITIONER) + .setValue(new Coding(practitionerRoleSystem, practitionerRoleCode, null)); + + return coding; } @Override public Coding getProcessAuthorizationCode() { if (localIdentity) - return new Coding(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, - ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL, null); + { + if (needsPractitionerRole()) + return new Coding(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, + ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL_PRACTITIONER, null); + else + return new Coding(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, + ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL, null); + } else + { return new Coding(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_REMOTE_ALL, null); + } + } + + @Override + public boolean requesterMatches(Extension requesterExtension) + { + return matches(requesterExtension, ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_REQUESTER) + && hasMatchingPractitionerExtension(requesterExtension.getValue().getExtension()); + } + + @Override + public boolean recipientMatches(Extension recipientExtension) + { + return matches(recipientExtension, ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_RECIPIENT); + } + + private boolean matches(Extension extension, String url) + { + return extension != null && url.equals(extension.getUrl()) && extension.hasValue() + && extension.getValue() instanceof Coding && matches((Coding) extension.getValue()); + } + + private boolean hasMatchingPractitionerExtension(List extensions) + { + return needsPractitionerRole() ? extensions.stream().anyMatch(this::practitionerExtensionMatches) + : extensions.stream().noneMatch(this::practitionerExtensionMatches); + } + + private boolean practitionerExtensionMatches(Extension extension) + { + return ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PRACTITIONER.equals(extension.getUrl()) + && extension.hasValue() && extension.getValue() instanceof Coding + && practitionerRoleMatches((Coding) extension.getValue()); + } + + private boolean practitionerRoleMatches(Coding coding) + { + return coding != null && coding.hasSystem() && coding.hasCode() + && practitionerRoleSystem.equals(coding.getSystem()) && practitionerRoleCode.equals(coding.getCode()); } @Override public boolean matches(Coding processAuthorizationCode) { if (localIdentity) - return processAuthorizationCode != null - && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM - .equals(processAuthorizationCode.getSystem()) - && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL - .equals(processAuthorizationCode.getCode()); + if (needsPractitionerRole()) + return processAuthorizationCode != null + && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM + .equals(processAuthorizationCode.getSystem()) + && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL_PRACTITIONER + .equals(processAuthorizationCode.getCode()); + else + return processAuthorizationCode != null + && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM + .equals(processAuthorizationCode.getSystem()) + && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL + .equals(processAuthorizationCode.getCode()); else return processAuthorizationCode != null && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM @@ -82,16 +176,44 @@ public boolean matches(Coding processAuthorizationCode) .equals(processAuthorizationCode.getCode()); } - public static Optional fromRequester(Coding coding) + public static Optional fromRequester(Coding coding, Predicate practitionerRoleExists) { if (coding != null && coding.hasSystem() && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM.equals(coding.getSystem()) && coding.hasCode()) { if (ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL.equals(coding.getCode())) - return Optional.of(new All(true)); + return Optional.of(new All(true, null, null)); else if (ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_REMOTE_ALL.equals(coding.getCode())) - return Optional.of(new All(false)); + return Optional.of(new All(false, null, null)); + else if (ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL_PRACTITIONER + .equals(coding.getCode())) + return fromPractitionerRequester(coding, practitionerRoleExists); + } + + return Optional.empty(); + } + + private static Optional fromPractitionerRequester(Coding coding, + Predicate practitionerRoleExists) + { + if (coding != null && coding.hasExtension()) + { + List practitionerRoles = coding.getExtension().stream().filter(Extension::hasUrl).filter( + e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PRACTITIONER.equals(e.getUrl())) + .collect(Collectors.toList()); + if (practitionerRoles.size() == 1) + { + Extension practitionerRole = practitionerRoles.get(0); + if (practitionerRole.hasValue() && practitionerRole.getValue() instanceof Coding) + { + Coding practitionerRoleCoding = (Coding) practitionerRole.getValue(); + if (practitionerRoleCoding.hasSystem() && practitionerRoleCoding.hasCode() + && practitionerRoleExists.test(coding)) + return Optional.of( + new All(true, practitionerRoleCoding.getSystem(), practitionerRoleCoding.getCode())); + } + } } return Optional.empty(); @@ -104,7 +226,7 @@ public static Optional fromRecipient(Coding coding) && coding.hasCode()) { if (ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL.equals(coding.getCode())) - return Optional.of(new All(true)); + return Optional.of(new All(true, null, null)); // remote not allowed for recipient } diff --git a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Organization.java b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Organization.java index 14c659466..aa85d7d08 100644 --- a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Organization.java +++ b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Organization.java @@ -1,8 +1,10 @@ package dev.dsf.fhir.authorization.process; +import java.util.Collections; import java.util.List; import java.util.Objects; import java.util.Optional; +import java.util.Set; import java.util.function.Predicate; import java.util.stream.Collectors; import java.util.stream.Stream; @@ -14,6 +16,8 @@ import org.hl7.fhir.r4.model.Reference; import dev.dsf.common.auth.conf.Identity; +import dev.dsf.common.auth.conf.OrganizationIdentity; +import dev.dsf.common.auth.conf.PractitionerIdentity; import dev.dsf.fhir.authorization.read.ReadAccessHelper; public class Organization implements Recipient, Requester @@ -21,7 +25,11 @@ public class Organization implements Recipient, Requester private final String organizationIdentifier; private final boolean localIdentity; - public Organization(boolean localIdentity, String organizationIdentifier) + private final String practitionerRoleSystem; + private final String practitionerRoleCode; + + public Organization(boolean localIdentity, String organizationIdentifier, String practitionerRoleSystem, + String practitionerRoleCode) { Objects.requireNonNull(organizationIdentifier, "organizationIdentifier"); if (organizationIdentifier.isBlank()) @@ -29,24 +37,34 @@ public Organization(boolean localIdentity, String organizationIdentifier) this.localIdentity = localIdentity; this.organizationIdentifier = organizationIdentifier; + + this.practitionerRoleSystem = practitionerRoleSystem; + this.practitionerRoleCode = practitionerRoleCode; + } + + private boolean needsPractitionerRole() + { + return practitionerRoleSystem != null && practitionerRoleCode != null; } @Override - public boolean isRequesterAuthorized(Identity requesterUser, Stream requesterAffiliations) + public boolean isRequesterAuthorized(Identity requester, Stream requesterAffiliations) { - return isAuthorized(requesterUser); + return isAuthorized(requester); } @Override - public boolean isRecipientAuthorized(Identity recipientUser, Stream recipientAffiliations) + public boolean isRecipientAuthorized(Identity recipient, Stream recipientAffiliations) { - return isAuthorized(recipientUser); + return isAuthorized(recipient); } private boolean isAuthorized(Identity identity) { return identity != null && identity.getOrganization() != null && identity.getOrganization().getActive() - && identity.isLocalIdentity() == localIdentity && hasOrganizationIdentifier(identity.getOrganization()); + && identity.isLocalIdentity() == localIdentity && hasOrganizationIdentifier(identity.getOrganization()) + && ((needsPractitionerRole() && hasPractitionerRole(getPractitionerRoles(identity))) + || (!needsPractitionerRole() && identity instanceof OrganizationIdentity)); } private boolean hasOrganizationIdentifier(org.hl7.fhir.r4.model.Organization organization) @@ -56,61 +74,119 @@ private boolean hasOrganizationIdentifier(org.hl7.fhir.r4.model.Organization org .anyMatch(i -> organizationIdentifier.equals(i.getValue())); } + private Set getPractitionerRoles(Identity identity) + { + if (identity instanceof PractitionerIdentity) + return ((PractitionerIdentity) identity).getPractionerRoles(); + else + return Collections.emptySet(); + } + + private boolean hasPractitionerRole(Set practitionerRoles) + { + return practitionerRoles.stream().anyMatch( + c -> practitionerRoleSystem.equals(c.getSystem()) && practitionerRoleCode.equals(c.getCode())); + } + @Override public Extension toRecipientExtension() { return new Extension().setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_RECIPIENT) - .setValue(toCoding()); + .setValue(toCoding(false)); } @Override public Extension toRequesterExtension() { return new Extension().setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_REQUESTER) - .setValue(toCoding()); + .setValue(toCoding(needsPractitionerRole())); } - private Coding toCoding() + private Coding toCoding(boolean needsPractitionerRole) { Identifier organization = new Reference().getIdentifier() .setSystem(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM).setValue(organizationIdentifier); Coding coding = getProcessAuthorizationCode(); - coding.addExtension().setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION) - .setValue(organization); + + if (needsPractitionerRole) + { + Extension extension = coding.addExtension() + .setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION_PRACTITIONER); + extension.addExtension( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION_PRACTITIONER_ORGANIZATION, + organization); + extension.addExtension( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION_PRACTITIONER_PRACTITIONER_ROLE, + new Coding(practitionerRoleSystem, practitionerRoleCode, null)); + } + else + { + coding.addExtension().setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION) + .setValue(organization); + } + return coding; } + @Override + public Coding getProcessAuthorizationCode() + { + if (localIdentity) + { + if (needsPractitionerRole()) + return new Coding(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, + ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ORGANIZATION_PRACTITIONER, null); + else + return new Coding(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, + ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ORGANIZATION, null); + } + else + return new Coding(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, + ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_REMOTE_ORGANIZATION, null); + } + @Override public boolean requesterMatches(Extension requesterExtension) { - return matches(requesterExtension, ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_REQUESTER); + return matches(requesterExtension, ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_REQUESTER, + needsPractitionerRole()); } @Override public boolean recipientMatches(Extension recipientExtension) { - return matches(recipientExtension, ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_RECIPIENT); + return matches(recipientExtension, ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_RECIPIENT, false); } - private boolean matches(Extension recipientExtension, String url) + private boolean matches(Extension extension, String url, boolean needsPractitionerRole) { - return recipientExtension != null && url.equals(recipientExtension.getUrl()) && recipientExtension.hasValue() - && recipientExtension.getValue() instanceof Coding && matches((Coding) recipientExtension.getValue()) - && recipientExtension.getValue().hasExtension() - && hasMatchingOrganizationExtension(recipientExtension.getValue().getExtension()); + return extension != null && url.equals(extension.getUrl()) && extension.hasValue() + && extension.getValue() instanceof Coding && matches((Coding) extension.getValue()) + && extension.getValue().hasExtension() + && hasMatchingOrganizationExtension(extension.getValue().getExtension(), needsPractitionerRole); } - private boolean hasMatchingOrganizationExtension(List extensions) + private boolean hasMatchingOrganizationExtension(List extensions, boolean needsPractitionerRole) { - return extensions.stream().anyMatch(this::organizationExtensionMatches); + return extensions.stream().anyMatch(organizationExtensionMatches(needsPractitionerRole)); } - private boolean organizationExtensionMatches(Extension extension) + private Predicate organizationExtensionMatches(boolean needsPractitionerRole) { - return ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION.equals(extension.getUrl()) - && extension.hasValue() && extension.getValue() instanceof Identifier - && organizationIdentifierMatches((Identifier) extension.getValue()); + if (needsPractitionerRole) + { + return extension -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION_PRACTITIONER + .equals(extension.getUrl()) && !extension.hasValue() + && hasMatchingSubOrganizationExtension(extension.getExtension()) + && hasMatchingPractitionerExtension(extension.getExtension()); + } + else + { + return extension -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION + .equals(extension.getUrl()) && extension.hasValue() && extension.getValue() instanceof Identifier + && organizationIdentifierMatches((Identifier) extension.getValue()); + } } private boolean organizationIdentifierMatches(Identifier identifier) @@ -120,26 +196,52 @@ private boolean organizationIdentifierMatches(Identifier identifier) && organizationIdentifier.equals(identifier.getValue()); } - @Override - public Coding getProcessAuthorizationCode() + private boolean hasMatchingSubOrganizationExtension(List extensions) { - if (localIdentity) - return new Coding(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, - ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ORGANIZATION, null); - else - return new Coding(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, - ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_REMOTE_ORGANIZATION, null); + return extensions.stream().anyMatch(this::subOrganizationExtensionMatches); + } + + private boolean subOrganizationExtensionMatches(Extension extension) + { + return ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION_PRACTITIONER_ORGANIZATION + .equals(extension.getUrl()) && extension.hasValue() && extension.getValue() instanceof Identifier + && organizationIdentifierMatches((Identifier) extension.getValue()); + } + + private boolean hasMatchingPractitionerExtension(List extensions) + { + return extensions.stream().anyMatch(this::practitionerExtensionMatches); + } + + private boolean practitionerExtensionMatches(Extension extension) + { + return ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION_PRACTITIONER_PRACTITIONER_ROLE + .equals(extension.getUrl()) && extension.hasValue() && extension.getValue() instanceof Coding + && practitionerRoleMatches((Coding) extension.getValue()); + } + + private boolean practitionerRoleMatches(Coding coding) + { + return coding != null && coding.hasSystem() && coding.hasCode() + && practitionerRoleSystem.equals(coding.getSystem()) && practitionerRoleCode.equals(coding.getCode()); } @Override public boolean matches(Coding processAuthorizationCode) { if (localIdentity) - return processAuthorizationCode != null - && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM - .equals(processAuthorizationCode.getSystem()) - && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ORGANIZATION - .equals(processAuthorizationCode.getCode()); + if (needsPractitionerRole()) + return processAuthorizationCode != null + && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM + .equals(processAuthorizationCode.getSystem()) + && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ORGANIZATION_PRACTITIONER + .equals(processAuthorizationCode.getCode()); + else + return processAuthorizationCode != null + && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM + .equals(processAuthorizationCode.getSystem()) + && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ORGANIZATION + .equals(processAuthorizationCode.getCode()); else return processAuthorizationCode != null && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM @@ -148,21 +250,27 @@ public boolean matches(Coding processAuthorizationCode) .equals(processAuthorizationCode.getCode()); } - @SuppressWarnings("unchecked") - public static Optional fromRequester(Coding coding, + public static Optional fromRequester(Coding coding, Predicate practitionerRoleExists, Predicate organizationWithIdentifierExists) { - return (Optional) from(coding, organizationWithIdentifierExists); - } + if (coding != null && coding.hasSystem() + && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM.equals(coding.getSystem()) + && coding.hasCode()) + { + if (ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ORGANIZATION.equals(coding.getCode())) + return from(true, coding, organizationWithIdentifierExists).map(r -> (Requester) r); + else if (ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_REMOTE_ORGANIZATION + .equals(coding.getCode())) + return from(false, coding, organizationWithIdentifierExists).map(r -> (Requester) r); + else if (ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ORGANIZATION_PRACTITIONER + .equals(coding.getCode())) + return fromPractitionerRequester(coding, practitionerRoleExists, organizationWithIdentifierExists); + } - @SuppressWarnings("unchecked") - public static Optional fromRecipient(Coding coding, - Predicate organizationWithIdentifierExists) - { - return (Optional) from(coding, organizationWithIdentifierExists); + return Optional.empty(); } - private static Optional from(Coding coding, + public static Optional fromRecipient(Coding coding, Predicate organizationWithIdentifierExists) { if (coding != null && coding.hasSystem() @@ -170,10 +278,7 @@ private static Optional from(Coding coding, && coding.hasCode()) { if (ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ORGANIZATION.equals(coding.getCode())) - return from(true, coding, organizationWithIdentifierExists); - else if (ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_REMOTE_ORGANIZATION - .equals(coding.getCode())) - return from(false, coding, organizationWithIdentifierExists); + return from(true, coding, organizationWithIdentifierExists).map(r -> (Recipient) r); } return Optional.empty(); @@ -195,7 +300,56 @@ private static Optional from(boolean localIdentity, Coding Identifier identifier = (Identifier) organization.getValue(); if (ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM.equals(identifier.getSystem()) && organizationWithIdentifierExists.test(identifier)) - return Optional.of(new Organization(localIdentity, identifier.getValue())); + return Optional.of(new Organization(localIdentity, identifier.getValue(), null, null)); + } + } + } + + return Optional.empty(); + } + + private static Optional fromPractitionerRequester(Coding coding, + Predicate practitionerRoleExists, Predicate organizationWithIdentifierExists) + { + if (coding != null && coding.hasExtension()) + { + List organizationPractitioners = coding.getExtension().stream().filter(Extension::hasUrl) + .filter(e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION_PRACTITIONER + .equals(e.getUrl())) + .collect(Collectors.toList()); + if (organizationPractitioners.size() == 1) + { + Extension organizationPractitioner = organizationPractitioners.get(0); + List organizations = organizationPractitioner.getExtension().stream() + .filter(Extension::hasUrl) + .filter(e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION_PRACTITIONER_ORGANIZATION + .equals(e.getUrl())) + .collect(Collectors.toList()); + List practitionerRoles = organizationPractitioner.getExtension().stream() + .filter(Extension::hasUrl) + .filter(e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION_PRACTITIONER_PRACTITIONER_ROLE + .equals(e.getUrl())) + .collect(Collectors.toList()); + if (organizations.size() == 1 && practitionerRoles.size() == 1) + { + Extension organization = organizations.get(0); + Extension practitionerRole = practitionerRoles.get(0); + + if (organization.hasValue() && organization.getValue() instanceof Identifier + && practitionerRole.hasValue() && practitionerRole.getValue() instanceof Coding) + { + Identifier organizationIdentifier = (Identifier) organization.getValue(); + Coding practitionerRoleCoding = (Coding) practitionerRole.getValue(); + + if (ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM + .equals(organizationIdentifier.getSystem()) + && organizationWithIdentifierExists.test(organizationIdentifier) + && practitionerRoleExists.test(practitionerRoleCoding)) + { + return Optional.of(new Organization(true, organizationIdentifier.getValue(), + practitionerRoleCoding.getSystem(), practitionerRoleCoding.getCode())); + } + } } } } diff --git a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelper.java b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelper.java index 722c0b5cf..62cb6b5f9 100644 --- a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelper.java +++ b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelper.java @@ -14,10 +14,13 @@ public interface ProcessAuthorizationHelper { String PROCESS_AUTHORIZATION_SYSTEM = "http://dsf.dev/fhir/CodeSystem/process-authorization"; String PROCESS_AUTHORIZATION_VALUE_LOCAL_ORGANIZATION = "LOCAL_ORGANIZATION"; + String PROCESS_AUTHORIZATION_VALUE_LOCAL_ORGANIZATION_PRACTITIONER = "LOCAL_ORGANIZATION_PRACTITIONER"; String PROCESS_AUTHORIZATION_VALUE_REMOTE_ORGANIZATION = "REMOTE_ORGANIZATION"; String PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE = "LOCAL_ROLE"; + String PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE_PRACTITIONER = "LOCAL_ROLE_PRACTITIONER"; String PROCESS_AUTHORIZATION_VALUE_REMOTE_ROLE = "REMOTE_ROLE"; String PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL = "LOCAL_ALL"; + String PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL_PRACTITIONER = "LOCAL_ALL_PRACTITIONER"; String PROCESS_AUTHORIZATION_VALUE_REMOTE_ALL = "REMOTE_ALL"; String ORGANIZATION_IDENTIFIER_SYSTEM = "http://dsf.dev/sid/organization-identifier"; @@ -28,11 +31,21 @@ public interface ProcessAuthorizationHelper String EXTENSION_PROCESS_AUTHORIZATION_REQUESTER = "requester"; String EXTENSION_PROCESS_AUTHORIZATION_RECIPIENT = "recipient"; + String EXTENSION_PROCESS_AUTHORIZATION_PRACTITIONER = "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-practitioner"; + String EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION = "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization"; + String EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION_PRACTITIONER = "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization-practitioner"; + String EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION_PRACTITIONER_ORGANIZATION = "organization"; + String EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION_PRACTITIONER_PRACTITIONER_ROLE = "practitioner-role"; + String EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE = "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role"; String EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION = "parent-organization"; - String EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ROLE = "role"; + String EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ORGANIZATION_ROLE = "organization-role"; + + String EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PRACTITIONER = "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role-practitioner"; + String EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PRACTITIONER_PRACTITIONER_ROLE = "practitioner-role"; + ActivityDefinition add(ActivityDefinition activityDefinition, String messageName, String taskProfile, Requester requester, Recipient recipient); @@ -41,7 +54,8 @@ ActivityDefinition add(ActivityDefinition activityDefinition, String messageName Collection requesters, Collection recipients); boolean isValid(ActivityDefinition activityDefinition, Predicate profileExists, - Predicate organizationWithIdentifierExists, Predicate roleExists); + Predicate practitionerRoleExists, Predicate organizationWithIdentifierExists, + Predicate organizationRoleExists); default Stream getRequesters(ActivityDefinition activityDefinition, String processUrl, String processVersion, String messageName, String taskProfile) diff --git a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperImpl.java b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperImpl.java index 4c00a451a..5090d1bde 100644 --- a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperImpl.java +++ b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperImpl.java @@ -132,7 +132,8 @@ private boolean hasAuthorization(Extension processAuthorization, Recipient autho @Override public boolean isValid(ActivityDefinition activityDefinition, Predicate profileExists, - Predicate organizationWithIdentifierExists, Predicate roleExists) + Predicate practitionerRoleExists, Predicate organizationWithIdentifierExists, + Predicate organizationRoleExists) { if (activityDefinition == null) return false; @@ -145,7 +146,8 @@ public boolean isValid(ActivityDefinition activityDefinition, Predicate isProcessAuthorizationValid(e, profileExists, organizationWithIdentifierExists, roleExists)) + .map(e -> isProcessAuthorizationValid(e, profileExists, practitionerRoleExists, + organizationWithIdentifierExists, organizationRoleExists)) .allMatch(v -> v) && messageNamesUnique(processAuthorizations); } @@ -157,7 +159,8 @@ private boolean messageNamesUnique(List processAuthorizations) } private boolean isProcessAuthorizationValid(Extension processAuthorization, Predicate profileExists, - Predicate organizationWithIdentifierExists, Predicate roleExists) + Predicate practitionerRoleExists, Predicate organizationWithIdentifierExists, + Predicate organizationRoleExists) { if (processAuthorization == null || !ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION.equals(processAuthorization.getUrl()) @@ -192,8 +195,10 @@ private boolean isProcessAuthorizationValid(Extension processAuthorization, Pred return false; return isMessageNameValid(messageNames.get(0)) && isTaskProfileValid(taskProfiles.get(0), profileExists) - && isRequestersValid(requesters, organizationWithIdentifierExists, roleExists) - && isRecipientsValid(recipients, organizationWithIdentifierExists, roleExists); + && isRequestersValid(requesters, practitionerRoleExists, organizationWithIdentifierExists, + organizationRoleExists) + && isRecipientsValid(recipients, practitionerRoleExists, organizationWithIdentifierExists, + organizationRoleExists); } private boolean isMessageNameValid(Extension messageName) @@ -216,14 +221,15 @@ private boolean isTaskProfileValid(Extension taskProfile, Predicate requesters, - Predicate organizationWithIdentifierExists, Predicate roleExists) + private boolean isRequestersValid(List requesters, Predicate practitionerRoleExists, + Predicate organizationWithIdentifierExists, Predicate organizationRoleExists) { - return requesters.stream().allMatch(r -> isRequesterValid(r, organizationWithIdentifierExists, roleExists)); + return requesters.stream().allMatch(r -> isRequesterValid(r, practitionerRoleExists, + organizationWithIdentifierExists, organizationRoleExists)); } - private boolean isRequesterValid(Extension requester, Predicate organizationWithIdentifierExists, - Predicate roleExists) + private boolean isRequesterValid(Extension requester, Predicate practitionerRoleExists, + Predicate organizationWithIdentifierExists, Predicate organizationRoleExists) { if (requester == null || !ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_REQUESTER.equals(requester.getUrl())) @@ -231,42 +237,47 @@ private boolean isRequesterValid(Extension requester, Predicate orga if (requester.hasValue() && requester.getValue() instanceof Coding) { - return requesterFrom((Coding) requester.getValue(), organizationWithIdentifierExists, roleExists) - .isPresent(); + return requesterFrom((Coding) requester.getValue(), practitionerRoleExists, + organizationWithIdentifierExists, organizationRoleExists).isPresent(); } return false; } - private Optional requesterFrom(Coding coding, Predicate organizationWithIdentifierExists, - Predicate roleExists) + private Optional requesterFrom(Coding coding, Predicate practitionerRoleExists, + Predicate organizationWithIdentifierExists, Predicate organizatioRoleExists) { switch (coding.getCode()) { case ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL: + case ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL_PRACTITIONER: case ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_REMOTE_ALL: - return All.fromRequester(coding); + return All.fromRequester(coding, practitionerRoleExists); case ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ORGANIZATION: + case ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ORGANIZATION_PRACTITIONER: case ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_REMOTE_ORGANIZATION: - return Organization.fromRequester(coding, organizationWithIdentifierExists); + return Organization.fromRequester(coding, practitionerRoleExists, organizationWithIdentifierExists); case ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE: + case ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE_PRACTITIONER: case ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_REMOTE_ROLE: - return Role.fromRequester(coding, organizationWithIdentifierExists, roleExists); + return Role.fromRequester(coding, practitionerRoleExists, organizationWithIdentifierExists, + organizatioRoleExists); } return Optional.empty(); } - private boolean isRecipientsValid(List recipients, - Predicate organizationWithIdentifierExists, Predicate roleExists) + private boolean isRecipientsValid(List recipients, Predicate practitionerRoleExists, + Predicate organizationWithIdentifierExists, Predicate organizationRoleExists) { - return recipients.stream().allMatch(r -> isRecipientValid(r, organizationWithIdentifierExists, roleExists)); + return recipients.stream().allMatch(r -> isRecipientValid(r, practitionerRoleExists, + organizationWithIdentifierExists, organizationRoleExists)); } - private boolean isRecipientValid(Extension recipient, Predicate organizationWithIdentifierExists, - Predicate roleExists) + private boolean isRecipientValid(Extension recipient, Predicate practitionerRoleExists, + Predicate organizationWithIdentifierExists, Predicate organizationRoleExists) { if (recipient == null || !ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_RECIPIENT.equals(recipient.getUrl())) @@ -274,15 +285,15 @@ private boolean isRecipientValid(Extension recipient, Predicate orga if (recipient.hasValue() && recipient.getValue() instanceof Coding) { - return recipientFrom((Coding) recipient.getValue(), organizationWithIdentifierExists, roleExists) - .isPresent(); + return recipientFrom((Coding) recipient.getValue(), practitionerRoleExists, + organizationWithIdentifierExists, organizationRoleExists).isPresent(); } return false; } - private Optional recipientFrom(Coding coding, Predicate organizationWithIdentifierExists, - Predicate roleExists) + private Optional recipientFrom(Coding coding, Predicate practitionerRoleExists, + Predicate organizationWithIdentifierExists, Predicate organizationRoleExists) { switch (coding.getCode()) { @@ -293,7 +304,7 @@ private Optional recipientFrom(Coding coding, Predicate o return Organization.fromRecipient(coding, organizationWithIdentifierExists); case ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE: - return Role.fromRecipient(coding, organizationWithIdentifierExists, roleExists); + return Role.fromRecipient(coding, organizationWithIdentifierExists, organizationRoleExists); } return Optional.empty(); @@ -314,7 +325,7 @@ public Stream getRequesters(ActivityDefinition activityDefinition, St .equals(e.getUrl())) .filter(Extension::hasValue).filter(e -> e.getValue() instanceof Coding) .map(e -> (Coding) e.getValue()) - .flatMap(coding -> requesterFrom(coding, i -> true, c -> true).stream()); + .flatMap(coding -> requesterFrom(coding, c -> true, i -> true, c -> true).stream()); } @Override @@ -332,7 +343,7 @@ public Stream getRecipients(ActivityDefinition activityDefinition, St .equals(e.getUrl())) .filter(Extension::hasValue).filter(e -> e.getValue() instanceof Coding) .map(e -> (Coding) e.getValue()) - .flatMap(coding -> recipientFrom(coding, i -> true, c -> true).stream()); + .flatMap(coding -> recipientFrom(coding, c -> true, i -> true, c -> true).stream()); } private Optional getAuthorizationExtension(ActivityDefinition activityDefinition, String processUrl, diff --git a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Recipient.java b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Recipient.java index 003b31b83..5da781971 100644 --- a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Recipient.java +++ b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Recipient.java @@ -12,17 +12,17 @@ public interface Recipient extends WithAuthorization { static Recipient localAll() { - return new All(true); + return new All(true, null, null); } static Recipient localOrganization(String organizationIdentifier) { - return new Organization(true, organizationIdentifier); + return new Organization(true, organizationIdentifier, null, null); } static Recipient localRole(String parentOrganizationIdentifier, String roleSystem, String roleCode) { - return new Role(true, parentOrganizationIdentifier, roleSystem, roleCode); + return new Role(true, parentOrganizationIdentifier, roleSystem, roleCode, null, null); } boolean recipientMatches(Extension recipientExtension); @@ -36,9 +36,5 @@ default boolean isRecipientAuthorized(Identity recipientUser, recipientAffiliations == null ? null : recipientAffiliations.stream()); } - default Extension toRecipientExtension() - { - return new Extension().setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_RECIPIENT) - .setValue(getProcessAuthorizationCode()); - } + Extension toRecipientExtension(); } diff --git a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Requester.java b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Requester.java index 891661d3c..6d8d29bf3 100644 --- a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Requester.java +++ b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Requester.java @@ -12,48 +12,70 @@ public interface Requester extends WithAuthorization { static Requester localAll() { - return all(true); + return all(true, null, null); + } + + static Requester localAllPractitioner(String practitionerRoleSystem, String practitionerRoleCode) + { + return all(true, practitionerRoleSystem, practitionerRoleCode); } static Requester remoteAll() { - return all(false); + return all(false, null, null); } - static Requester all(boolean localIdentity) + static Requester all(boolean localIdentity, String userRoleSystem, String userRoleCode) { - return new All(localIdentity); + return new All(localIdentity, userRoleSystem, userRoleCode); } static Requester localOrganization(String organizationIdentifier) { - return organization(true, organizationIdentifier); + return organization(true, organizationIdentifier, null, null); + } + + static Requester localOrganizationPractitioner(String organizationIdentifier, String practitionerRoleSystem, + String practitionerRoleCode) + { + return organization(true, organizationIdentifier, practitionerRoleSystem, practitionerRoleCode); } static Requester remoteOrganization(String organizationIdentifier) { - return organization(false, organizationIdentifier); + return organization(false, organizationIdentifier, null, null); } - static Requester organization(boolean localIdentity, String organizationIdentifier) + static Requester organization(boolean localIdentity, String organizationIdentifier, String practitionerRoleSystem, + String practitionerRoleCode) { - return new Organization(localIdentity, organizationIdentifier); + return new Organization(localIdentity, organizationIdentifier, practitionerRoleSystem, practitionerRoleCode); } - static Requester localRole(String parentOrganizationIdentifier, String roleSystem, String roleCode) + static Requester localRole(String parentOrganizationIdentifier, String organizatioRoleSystem, + String organizatioRoleCode) { - return role(true, parentOrganizationIdentifier, roleSystem, roleCode); + return role(true, parentOrganizationIdentifier, organizatioRoleSystem, organizatioRoleCode, null, null); } - static Requester remoteRole(String parentOrganizationIdentifier, String roleSystem, String roleCode) + static Requester localRolePractitioner(String parentOrganizationIdentifier, String organizatioRoleSystem, + String organizatioRoleCode, String practitionerRoleSystem, String practitionerRoleCode) { - return role(false, parentOrganizationIdentifier, roleSystem, roleCode); + return role(true, parentOrganizationIdentifier, organizatioRoleSystem, organizatioRoleCode, + practitionerRoleSystem, practitionerRoleCode); } - static Requester role(boolean localIdentity, String parentOrganizationIdentifier, String roleSystem, - String roleCode) + static Requester remoteRole(String parentOrganizationIdentifier, String organizatioRoleSystem, + String organizatioRoleCode) { - return new Role(localIdentity, parentOrganizationIdentifier, roleSystem, roleCode); + return role(false, parentOrganizationIdentifier, organizatioRoleSystem, organizatioRoleCode, null, null); + } + + static Requester role(boolean localIdentity, String parentOrganizationIdentifier, String organizatioRoleSystem, + String organizatioRoleCode, String practitionerRoleSystem, String practitionerRoleCode) + { + return new Role(localIdentity, parentOrganizationIdentifier, organizatioRoleSystem, organizatioRoleCode, + practitionerRoleSystem, practitionerRoleCode); } boolean requesterMatches(Extension requesterExtension); @@ -67,9 +89,5 @@ default boolean isRequesterAuthorized(Identity requesterUser, requesterAffiliations == null ? null : requesterAffiliations.stream()); } - default Extension toRequesterExtension() - { - return new Extension().setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_REQUESTER) - .setValue(getProcessAuthorizationCode()); - } + Extension toRequesterExtension(); } diff --git a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Role.java b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Role.java index e466acaf8..34d24fde8 100644 --- a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Role.java +++ b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/process/Role.java @@ -1,8 +1,10 @@ package dev.dsf.fhir.authorization.process; +import java.util.Collections; import java.util.List; import java.util.Objects; import java.util.Optional; +import java.util.Set; import java.util.function.Predicate; import java.util.stream.Collectors; import java.util.stream.Stream; @@ -15,50 +17,66 @@ import org.hl7.fhir.r4.model.Reference; import dev.dsf.common.auth.conf.Identity; +import dev.dsf.common.auth.conf.OrganizationIdentity; +import dev.dsf.common.auth.conf.PractitionerIdentity; import dev.dsf.fhir.authorization.read.ReadAccessHelper; public class Role implements Recipient, Requester { private final boolean localIdentity; private final String parentOrganizationIdentifier; - private final String roleSystem; - private final String roleCode; + private final String organizationRoleSystem; + private final String organizationRoleCode; - public Role(boolean localIdentity, String parentOrganizationIdentifier, String roleSystem, String roleCode) + private final String practitionerRoleSystem; + private final String practitionerRoleCode; + + public Role(boolean localIdentity, String parentOrganizationIdentifier, String organizatioRoleSystem, + String organizationRoleCode, String practitionerRoleSystem, String practitionerRoleCode) { Objects.requireNonNull(parentOrganizationIdentifier, "parentOrganizationIdentifier"); if (parentOrganizationIdentifier.isBlank()) throw new IllegalArgumentException("parentOrganizationIdentifier blank"); - Objects.requireNonNull(roleSystem, "roleSystem"); - if (roleSystem.isBlank()) - throw new IllegalArgumentException("roleSystem blank"); - Objects.requireNonNull(roleCode, "roleCode"); - if (roleCode.isBlank()) - throw new IllegalArgumentException("roleCode blank"); + Objects.requireNonNull(organizatioRoleSystem, "organizatioRoleSystem"); + if (organizatioRoleSystem.isBlank()) + throw new IllegalArgumentException("organizatioRoleSystem blank"); + Objects.requireNonNull(organizationRoleCode, "organizationRoleCode"); + if (organizationRoleCode.isBlank()) + throw new IllegalArgumentException("organizationRoleCode blank"); this.localIdentity = localIdentity; this.parentOrganizationIdentifier = parentOrganizationIdentifier; - this.roleSystem = roleSystem; - this.roleCode = roleCode; + this.organizationRoleSystem = organizatioRoleSystem; + this.organizationRoleCode = organizationRoleCode; + + this.practitionerRoleSystem = practitionerRoleSystem; + this.practitionerRoleCode = practitionerRoleCode; + } + + private boolean needsPractitionerRole() + { + return practitionerRoleSystem != null && practitionerRoleCode != null; } @Override - public boolean isRequesterAuthorized(Identity requesterUser, Stream requesterAffiliations) + public boolean isRequesterAuthorized(Identity requester, Stream requesterAffiliations) { - return isAuthorized(requesterUser, requesterAffiliations); + return isAuthorized(requester, requesterAffiliations); } @Override - public boolean isRecipientAuthorized(Identity recipientUser, Stream recipientAffiliations) + public boolean isRecipientAuthorized(Identity recipient, Stream recipientAffiliations) { - return isAuthorized(recipientUser, recipientAffiliations); + return isAuthorized(recipient, recipientAffiliations); } private boolean isAuthorized(Identity identity, Stream affiliations) { return identity != null && identity.getOrganization() != null && identity.getOrganization().getActive() && identity.isLocalIdentity() == localIdentity && affiliations != null - && hasParentOrganizationMemberRole(identity.getOrganization(), affiliations); + && hasParentOrganizationMemberRole(identity.getOrganization(), affiliations) + && ((needsPractitionerRole() && hasPractitionerRole(getPractitionerRoles(identity))) + || (!needsPractitionerRole() && identity instanceof OrganizationIdentity)); } private boolean hasParentOrganizationMemberRole(org.hl7.fhir.r4.model.Organization recipientOrganization, @@ -93,83 +111,140 @@ private boolean hasParentOrganizationMemberRole(org.hl7.fhir.r4.model.Organizati // check role .filter(OrganizationAffiliation::hasCode).flatMap(a -> a.getCode().stream()) .filter(CodeableConcept::hasCoding).flatMap(c -> c.getCoding().stream()).filter(Coding::hasSystem) - .filter(Coding::hasCode) - .anyMatch(c -> c.getSystem().equals(roleSystem) && c.getCode().equals(roleCode)); + .filter(Coding::hasCode).anyMatch( + c -> c.getSystem().equals(organizationRoleSystem) && c.getCode().equals(organizationRoleCode)); + } + + private Set getPractitionerRoles(Identity identity) + { + if (identity instanceof PractitionerIdentity) + return ((PractitionerIdentity) identity).getPractionerRoles(); + else + return Collections.emptySet(); + } + + private boolean hasPractitionerRole(Set practitionerRoles) + { + return practitionerRoles.stream().anyMatch( + c -> practitionerRoleSystem.equals(c.getSystem()) && practitionerRoleCode.equals(c.getCode())); } @Override public Extension toRecipientExtension() { return new Extension().setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_RECIPIENT) - .setValue(toCoding()); + .setValue(toCoding(false)); } @Override public Extension toRequesterExtension() { return new Extension().setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_REQUESTER) - .setValue(toCoding()); + .setValue(toCoding(needsPractitionerRole())); } - private Coding toCoding() + private Coding toCoding(boolean needsPractitionerRole) { Identifier parentOrganization = new Reference().getIdentifier() .setSystem(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM) .setValue(parentOrganizationIdentifier); Extension parentOrganizationExt = new Extension( - ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION) - .setValue(parentOrganization); + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION, + parentOrganization); - Coding role = new Coding(roleSystem, roleCode, null); - Extension roleExt = new Extension( - ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ROLE) - .setValue(role); + Coding organizationRole = new Coding(organizationRoleSystem, organizationRoleCode, null); + Extension organizationRoleExt = new Extension( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ORGANIZATION_ROLE, + organizationRole); Coding coding = getProcessAuthorizationCode(); - coding.addExtension() - .setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE) - .addExtension(parentOrganizationExt).addExtension(roleExt); + + if (needsPractitionerRole) + { + Extension practitionerRoleExt = new Extension( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PRACTITIONER_PRACTITIONER_ROLE, + new Coding(practitionerRoleSystem, practitionerRoleCode, null)); + + coding.addExtension().setUrl( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PRACTITIONER) + .addExtension(parentOrganizationExt).addExtension(organizationRoleExt) + .addExtension(practitionerRoleExt); + } + else + { + coding.addExtension() + .setUrl(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE) + .addExtension(parentOrganizationExt).addExtension(organizationRoleExt); + } + return coding; } + @Override + public Coding getProcessAuthorizationCode() + { + if (localIdentity) + { + if (needsPractitionerRole()) + return new Coding(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, + ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE_PRACTITIONER, null); + else + return new Coding(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, + ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE, null); + } + else + return new Coding(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, + ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_REMOTE_ROLE, null); + } + @Override public boolean requesterMatches(Extension requesterExtension) { - return requesterExtension != null - && ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_REQUESTER - .equals(requesterExtension.getUrl()) - && requesterExtension.hasValue() && requesterExtension.getValue() instanceof Coding - && matches((Coding) requesterExtension.getValue()) && requesterExtension.getValue().hasExtension() - && hasMatchingParentOrganizationRoleExtension(requesterExtension.getValue().getExtension()); + return matches(requesterExtension, ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_REQUESTER, + needsPractitionerRole()); } @Override public boolean recipientMatches(Extension recipientExtension) { - return recipientExtension != null - && ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_RECIPIENT - .equals(recipientExtension.getUrl()) - && recipientExtension.hasValue() && recipientExtension.getValue() instanceof Coding - && matches((Coding) recipientExtension.getValue()) && recipientExtension.getValue().hasExtension() - && hasMatchingParentOrganizationRoleExtension(recipientExtension.getValue().getExtension()); + return matches(recipientExtension, ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_RECIPIENT, false); } - private boolean hasMatchingParentOrganizationRoleExtension(List extension) + private boolean matches(Extension extension, String url, boolean needsPractitionerRole) { - return extension.stream().anyMatch(this::parentOrganizationRoleExtensionMatches); + return extension != null && url.equals(extension.getUrl()) && extension.hasValue() + && extension.getValue() instanceof Coding && matches((Coding) extension.getValue()) + && extension.getValue().hasExtension() && hasMatchingParentOrganizationRoleExtension( + extension.getValue().getExtension(), needsPractitionerRole); } - private boolean parentOrganizationRoleExtensionMatches(Extension extension) + private boolean hasMatchingParentOrganizationRoleExtension(List extension, boolean needsPractitionerRole) { - return ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE - .equals(extension.getUrl()) && extension.hasExtension() - && hasMatchingParentOrganizationExtension(extension.getExtension()) - && hasMatchingRoleExtension(extension.getExtension()); + return extension.stream().anyMatch(parentOrganizationRoleExtensionMatches(needsPractitionerRole)); } - private boolean hasMatchingParentOrganizationExtension(List extension) + private Predicate parentOrganizationRoleExtensionMatches(boolean needsPractitionerRole) { - return extension.stream().anyMatch(this::parentOrganizationExtensionMatches); + if (needsPractitionerRole) + { + return extension -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PRACTITIONER + .equals(extension.getUrl()) && extension.hasExtension() + && hasMatchingParentOrganizationExtension(extension.getExtension()) + && hasMatchingOrganizationRoleExtension(extension.getExtension()) + && hasMatchingPractitionerRoleExtension(extension.getExtension()); + } + else + { + return extension -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE + .equals(extension.getUrl()) && extension.hasExtension() + && hasMatchingParentOrganizationExtension(extension.getExtension()) + && hasMatchingOrganizationRoleExtension(extension.getExtension()); + } + } + + private boolean hasMatchingParentOrganizationExtension(List extensions) + { + return extensions.stream().anyMatch(this::parentOrganizationExtensionMatches); } private boolean parentOrganizationExtensionMatches(Extension extension) @@ -186,44 +261,58 @@ private boolean parentOrganizationIdentifierMatches(Identifier identifier) && parentOrganizationIdentifier.equals(identifier.getValue()); } - private boolean hasMatchingRoleExtension(List extension) + private boolean hasMatchingOrganizationRoleExtension(List extensions) { - return extension.stream().anyMatch(this::roleExtensionMatches); + return extensions.stream().anyMatch(this::organizationRoleExtensionMatches); } - private boolean roleExtensionMatches(Extension extension) + private boolean organizationRoleExtensionMatches(Extension extension) { - return ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ROLE + return ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ORGANIZATION_ROLE .equals(extension.getUrl()) && extension.hasValue() && extension.getValue() instanceof Coding - && roleMatches((Coding) extension.getValue()); + && organizationRoleMatches((Coding) extension.getValue()); } - private boolean roleMatches(Coding coding) + private boolean organizationRoleMatches(Coding coding) { - return coding != null && coding.hasSystem() && coding.hasCode() && roleSystem.equals(coding.getSystem()) - && roleCode.equals(coding.getCode()); + return coding != null && coding.hasSystem() && coding.hasCode() + && organizationRoleSystem.equals(coding.getSystem()) && organizationRoleCode.equals(coding.getCode()); } - @Override - public Coding getProcessAuthorizationCode() + private boolean hasMatchingPractitionerRoleExtension(List extensions) { - if (localIdentity) - return new Coding(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, - ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE, null); - else - return new Coding(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, - ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_REMOTE_ROLE, null); + return extensions.stream().anyMatch(this::practitionerRoleExtensionMatches); + } + + private boolean practitionerRoleExtensionMatches(Extension extension) + { + return ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PRACTITIONER_PRACTITIONER_ROLE + .equals(extension.getUrl()) && extension.hasValue() && extension.getValue() instanceof Coding + && practitionerRoleMatches((Coding) extension.getValue()); + } + + private boolean practitionerRoleMatches(Coding coding) + { + return coding != null && coding.hasSystem() && coding.hasCode() + && practitionerRoleSystem.equals(coding.getSystem()) && practitionerRoleCode.equals(coding.getCode()); } @Override public boolean matches(Coding processAuthorizationCode) { if (localIdentity) - return processAuthorizationCode != null - && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM - .equals(processAuthorizationCode.getSystem()) - && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE - .equals(processAuthorizationCode.getCode()); + if (needsPractitionerRole()) + return processAuthorizationCode != null + && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM + .equals(processAuthorizationCode.getSystem()) + && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE_PRACTITIONER + .equals(processAuthorizationCode.getCode()); + else + return processAuthorizationCode != null + && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM + .equals(processAuthorizationCode.getSystem()) + && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE + .equals(processAuthorizationCode.getCode()); else return processAuthorizationCode != null && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM @@ -232,38 +321,45 @@ public boolean matches(Coding processAuthorizationCode) .equals(processAuthorizationCode.getCode()); } - @SuppressWarnings("unchecked") - public static Optional fromRequester(Coding coding, - Predicate organizationWithIdentifierExists, Predicate roleExists) + public static Optional fromRequester(Coding coding, Predicate practitionerRoleExists, + Predicate organizationWithIdentifierExists, Predicate organizationRoleExists) { - return (Optional) from(coding, organizationWithIdentifierExists, roleExists); - } + if (coding != null && coding.hasSystem() + && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM.equals(coding.getSystem()) + && coding.hasCode()) + { + if (ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE.equals(coding.getCode())) + return from(true, coding, organizationWithIdentifierExists, organizationRoleExists) + .map(r -> (Requester) r); + else if (ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_REMOTE_ROLE.equals(coding.getCode())) + return from(false, coding, organizationWithIdentifierExists, organizationRoleExists) + .map(r -> (Requester) r); + else if (ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE_PRACTITIONER + .equals(coding.getCode())) + return fromPractitionerRequester(coding, practitionerRoleExists, organizationWithIdentifierExists, + organizationRoleExists); + } - @SuppressWarnings("unchecked") - public static Optional fromRecipient(Coding coding, - Predicate organizationWithIdentifierExists, Predicate roleExists) - { - return (Optional) from(coding, organizationWithIdentifierExists, roleExists); + return Optional.empty(); } - private static Optional from(Coding coding, Predicate organizationWithIdentifierExists, - Predicate roleExists) + public static Optional fromRecipient(Coding coding, + Predicate organizationWithIdentifierExists, Predicate organizationRoleExists) { if (coding != null && coding.hasSystem() && ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM.equals(coding.getSystem()) && coding.hasCode()) { if (ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE.equals(coding.getCode())) - return from(true, coding, organizationWithIdentifierExists, roleExists); - else if (ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_REMOTE_ROLE.equals(coding.getCode())) - return from(false, coding, organizationWithIdentifierExists, roleExists); + return from(true, coding, organizationWithIdentifierExists, organizationRoleExists) + .map(r -> (Recipient) r); } return Optional.empty(); } - private static Optional from(boolean localIdentity, Coding coding, - Predicate organizationWithIdentifierExists, Predicate roleExists) + private static Optional from(boolean localIdentity, Coding coding, + Predicate organizationWithIdentifierExists, Predicate organizationRoleExists) { if (coding != null && coding.hasExtension()) { @@ -279,28 +375,90 @@ private static Optional from(boolean localIdentity, Coding coding, .filter(e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION .equals(e.getUrl())) .collect(Collectors.toList()); - List roles = parentOrganizationRole.getExtension().stream().filter(Extension::hasUrl).filter( - e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ROLE + List organizationRoles = parentOrganizationRole.getExtension().stream() + .filter(Extension::hasUrl) + .filter(e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ORGANIZATION_ROLE .equals(e.getUrl())) .collect(Collectors.toList()); - if (parentOrganizations.size() == 1 && roles.size() == 1) + if (parentOrganizations.size() == 1 && organizationRoles.size() == 1) { Extension parentOrganization = parentOrganizations.get(0); - Extension role = roles.get(0); + Extension organizationRole = organizationRoles.get(0); if (parentOrganization.hasValue() && parentOrganization.getValue() instanceof Identifier - && role.hasValue() && role.getValue() instanceof Coding) + && organizationRole.hasValue() && organizationRole.getValue() instanceof Coding) { Identifier parentOrganizationIdentifier = (Identifier) parentOrganization.getValue(); - Coding roleCoding = (Coding) role.getValue(); + Coding organizationRoleCoding = (Coding) organizationRole.getValue(); if (ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM .equals(parentOrganizationIdentifier.getSystem()) && organizationWithIdentifierExists.test(parentOrganizationIdentifier) - && roleExists.test(roleCoding)) + && organizationRoleExists.test(organizationRoleCoding)) { return Optional.of(new Role(localIdentity, parentOrganizationIdentifier.getValue(), - roleCoding.getSystem(), roleCoding.getCode())); + organizationRoleCoding.getSystem(), organizationRoleCoding.getCode(), null, null)); + } + } + } + } + } + + return Optional.empty(); + } + + private static Optional fromPractitionerRequester(Coding coding, + Predicate practitionerRoleExists, Predicate organizationWithIdentifierExists, + Predicate organizationRoleExists) + { + if (coding != null && coding.hasExtension()) + { + List parentOrganizationRolePractitioners = coding.getExtension().stream() + .filter(Extension::hasUrl) + .filter(e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PRACTITIONER + .equals(e.getUrl())) + .collect(Collectors.toList()); + if (parentOrganizationRolePractitioners.size() == 1) + { + Extension parentOrganizationRolePractitioner = parentOrganizationRolePractitioners.get(0); + List parentOrganizations = parentOrganizationRolePractitioner.getExtension().stream() + .filter(Extension::hasUrl) + .filter(e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION + .equals(e.getUrl())) + .collect(Collectors.toList()); + List organizationRoles = parentOrganizationRolePractitioner.getExtension().stream() + .filter(Extension::hasUrl) + .filter(e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ORGANIZATION_ROLE + .equals(e.getUrl())) + .collect(Collectors.toList()); + List practitionerRoles = parentOrganizationRolePractitioner.getExtension().stream() + .filter(Extension::hasUrl) + .filter(e -> ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PRACTITIONER_PRACTITIONER_ROLE + .equals(e.getUrl())) + .collect(Collectors.toList()); + if (parentOrganizations.size() == 1 && organizationRoles.size() == 1 && practitionerRoles.size() == 1) + { + Extension parentOrganization = parentOrganizations.get(0); + Extension organizationRole = organizationRoles.get(0); + Extension practitionerRole = practitionerRoles.get(0); + + if (parentOrganization.hasValue() && parentOrganization.getValue() instanceof Identifier + && organizationRole.hasValue() && organizationRole.getValue() instanceof Coding + && practitionerRole.hasValue() && practitionerRole.getValue() instanceof Coding) + { + Identifier parentOrganizationIdentifier = (Identifier) parentOrganization.getValue(); + Coding organizationRoleCoding = (Coding) organizationRole.getValue(); + Coding practitionerRoleCoding = (Coding) practitionerRole.getValue(); + + if (ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM + .equals(parentOrganizationIdentifier.getSystem()) + && organizationWithIdentifierExists.test(parentOrganizationIdentifier) + && organizationRoleExists.test(organizationRoleCoding) + && practitionerRoleExists.test(practitionerRoleCoding)) + { + return Optional.of(new Role(true, parentOrganizationIdentifier.getValue(), + organizationRoleCoding.getSystem(), organizationRoleCoding.getCode(), + practitionerRoleCoding.getSystem(), practitionerRoleCoding.getCode())); } } } diff --git a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelper.java b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelper.java index ee3b0702d..608bc64c5 100644 --- a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelper.java +++ b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelper.java @@ -26,7 +26,7 @@ public interface ReadAccessHelper String EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE = "http://dsf.dev/fhir/StructureDefinition/extension-read-access-parent-organization-role"; String EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION = "parent-organization"; - String EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_ROLE = "role"; + String EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_ORGANIZATION_ROLE = "organization-role"; /** * Adds LOCAL tag. Removes ALL tag if present. diff --git a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelperImpl.java b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelperImpl.java index 97796130e..5aff0e3bb 100644 --- a/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelperImpl.java +++ b/dsf-fhir/dsf-fhir-auth/src/main/java/dev/dsf/fhir/authorization/read/ReadAccessHelperImpl.java @@ -95,7 +95,7 @@ public R addRole(R resource, String parentOrganizationIdent .addExtension().setUrl(EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE); ex.addExtension().setUrl(EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION).setValue( new Identifier().setSystem(ORGANIZATION_IDENTIFIER_SYSTEM).setValue(parentOrganizationIdentifier)); - ex.addExtension().setUrl(EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_ROLE) + ex.addExtension().setUrl(EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_ORGANIZATION_ROLE) .setValue(new Coding().setSystem(roleSystem).setCode(roleCode)); return resource; } @@ -235,7 +235,8 @@ private Predicate matches(String parentOrganizationIdentifier .anyMatch(i -> ORGANIZATION_IDENTIFIER_SYSTEM.equals(i.getSystem()) && Objects.equals(i.getValue(), parentOrganizationIdentifier)); boolean role = extensions.getExtension().stream().filter(Extension::hasUrl) - .filter(e -> Objects.equals(e.getUrl(), EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_ROLE)) + .filter(e -> Objects.equals(e.getUrl(), + EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_ORGANIZATION_ROLE)) .filter(Extension::hasValue).map(Extension::getValue).filter(v -> v instanceof Coding) .map(v -> (Coding) v) .anyMatch(c -> Objects.equals(c.getSystem(), roleSystem) && Objects.equals(c.getCode(), roleCode)); @@ -396,8 +397,8 @@ private boolean isValidExtensionReadAccessParentOrganizationMemberRoleParentOrga private boolean isValidExtensionReadAccessParentOrganizationMemberRoleRole(Extension e, Predicate roleExists) { - return e.hasUrl() && EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_ROLE.equals(e.getUrl()) && e.hasValue() - && e.getValue() instanceof Coding && isValidRole((Coding) e.getValue(), roleExists); + return e.hasUrl() && EXTENSION_READ_ACCESS_PARENT_ORGANIZATION_ROLE_ORGANIZATION_ROLE.equals(e.getUrl()) + && e.hasValue() && e.getValue() instanceof Coding && isValidRole((Coding) e.getValue(), roleExists); } private boolean isValidRole(Coding coding, Predicate roleExists) diff --git a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/AllTest.java b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/AllTest.java index ca5ff9a07..7e689fd4d 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/AllTest.java +++ b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/AllTest.java @@ -5,6 +5,7 @@ import java.util.stream.Stream; +import org.hl7.fhir.r4.model.Coding; import org.hl7.fhir.r4.model.Organization; import org.junit.Test; @@ -12,15 +13,36 @@ public class AllTest { - private static final Identity REMOTE_NO_ORG = TestIdentity.remote(null); - private static final Identity REMOTE_ORG_NOT_ACTIVE = TestIdentity.remote(new Organization().setActive(false)); - private static final Identity REMOTE_ORG_ACTIVE = TestIdentity.remote(new Organization().setActive(true)); - private static final Identity LOCAL_NO_ORG = TestIdentity.local(null); - private static final Identity LOCAL_ORG_NOT_ACTIVE = TestIdentity.local(new Organization().setActive(false)); - private static final Identity LOCAL_ORG_ACTIVE = TestIdentity.local(new Organization().setActive(true)); - - private static final All local = new All(true); - private static final All remote = new All(false); + private static final Identity REMOTE_NO_ORG = TestOrganizationIdentity.remote(null); + private static final Identity REMOTE_ORG_NOT_ACTIVE = TestOrganizationIdentity + .remote(new Organization().setActive(false)); + private static final Identity REMOTE_ORG_ACTIVE = TestOrganizationIdentity + .remote(new Organization().setActive(true)); + private static final Identity LOCAL_NO_ORG = TestOrganizationIdentity.local(null); + private static final Identity LOCAL_ORG_NOT_ACTIVE = TestOrganizationIdentity + .local(new Organization().setActive(false)); + private static final Identity LOCAL_ORG_ACTIVE = TestOrganizationIdentity.local(new Organization().setActive(true)); + + private static final Identity LOCAL_PRACTITIONER_ORG_ACTIVE = TestPractitionerIdentity.practitioner( + new Organization().setActive(true), + new Coding("http://dsf.dev/fhir/CodeSystem/practitioner-role", "DIC_USER", null)); + private static final Identity LOCAL_PRACTITIONER_ORG_ACTIVE_BAD_ROLE1 = TestPractitionerIdentity.practitioner( + new Organization().setActive(true), + new Coding("http://dsf.dev/fhir/CodeSystem/practitioner-role", "UAC_USER", null)); + private static final Identity LOCAL_PRACTITIONER_ORG_ACTIVE_BAD_ROLE2 = TestPractitionerIdentity.practitioner( + new Organization().setActive(true), + new Coding("http://dsf.dev/fhir/CodeSystem/bad-system", "DIC_USER", null)); + private static final Identity LOCAL_PRACTITIONER_ORG_NOT_ACTIVE = TestPractitionerIdentity.practitioner( + new Organization().setActive(false), + new Coding("http://dsf.dev/fhir/CodeSystem/practitioner-role", "DIC_USER", null)); + private static final Identity LOCAL_PRACTITIONER_ORG_ACTIVE_NO_ROLES = TestPractitionerIdentity + .practitioner(new Organization().setActive(true)); + + private static final All local = new All(true, null, null); + private static final All remote = new All(false, null, null); + + private static final All localPractitioner = new All(true, "http://dsf.dev/fhir/CodeSystem/practitioner-role", + "DIC_USER"); @Test public void testLocalAllRecipientOk() throws Exception @@ -141,4 +163,40 @@ public void testRemoteAllRequesterNotOkLocalOrganization() throws Exception { assertFalse(remote.isRequesterAuthorized(LOCAL_ORG_ACTIVE, Stream.empty())); } + + @Test + public void testLocalAllPractitionerRequesterOk() throws Exception + { + assertTrue(localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_ACTIVE, Stream.empty())); + } + + @Test + public void testLocalAllPractitionerRequesterNotOkOrganizationNotActive() throws Exception + { + assertFalse(localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_NOT_ACTIVE, Stream.empty())); + } + + @Test + public void testLocalAllPractitionerRequesterNotOkPractitionerNoRoles() throws Exception + { + assertFalse(localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_ACTIVE_NO_ROLES, Stream.empty())); + } + + @Test + public void testLocalAllPractitionerRequesterNotOkPractitionerBadRole1() throws Exception + { + assertFalse(localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_ACTIVE_BAD_ROLE1, Stream.empty())); + } + + @Test + public void testLocalAllPractitionerRequesterNotOkPractitionerBadRole2() throws Exception + { + assertFalse(localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_ACTIVE_BAD_ROLE2, Stream.empty())); + } + + @Test + public void testLocalAllPractitionerRequesterNotOkNotAPractitioner() throws Exception + { + assertFalse(localPractitioner.isRequesterAuthorized(LOCAL_ORG_ACTIVE, Stream.empty())); + } } diff --git a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/OrganizationTest.java b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/OrganizationTest.java index 7f036fa4e..a115344b6 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/OrganizationTest.java +++ b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/OrganizationTest.java @@ -5,6 +5,7 @@ import java.util.stream.Stream; +import org.hl7.fhir.r4.model.Coding; import org.junit.Test; import dev.dsf.common.auth.conf.Identity; @@ -22,21 +23,44 @@ private static org.hl7.fhir.r4.model.Organization createFhirOrganization(String return o; } - private static final Identity LOCAL_ORG_ACTIVE = TestIdentity.local(createFhirOrganization(IDENTIFIER)); - private static final Identity LOCAL_ORG_NOT_ACTIVE = TestIdentity + private static final Identity LOCAL_ORG_ACTIVE = TestOrganizationIdentity.local(createFhirOrganization(IDENTIFIER)); + private static final Identity LOCAL_ORG_NOT_ACTIVE = TestOrganizationIdentity .local(createFhirOrganization(IDENTIFIER).setActive(false)); - private static final Identity LOCAL_NO_ORG = TestIdentity.local(null); - private static final Identity LOCAL_ORG_BAD_IDENTIFIER_ACTIVE = TestIdentity + private static final Identity LOCAL_NO_ORG = TestOrganizationIdentity.local(null); + private static final Identity LOCAL_ORG_BAD_IDENTIFIER_ACTIVE = TestOrganizationIdentity .local(createFhirOrganization("bad.identifier")); - private static final Identity REMOTE_ORG_ACTIVE = TestIdentity.remote(createFhirOrganization(IDENTIFIER)); - private static final Identity REMOTE_ORG_NOT_ACTIVE = TestIdentity + private static final Identity REMOTE_ORG_ACTIVE = TestOrganizationIdentity + .remote(createFhirOrganization(IDENTIFIER)); + private static final Identity REMOTE_ORG_NOT_ACTIVE = TestOrganizationIdentity .remote(createFhirOrganization(IDENTIFIER).setActive(false)); - private static final Identity REMOTE_NO_ORG = TestIdentity.remote((org.hl7.fhir.r4.model.Organization) null); - private static final Identity REMOTE_ORG_BAD_IDENTIFIER_ACTIVE = TestIdentity + private static final Identity REMOTE_NO_ORG = TestOrganizationIdentity + .remote((org.hl7.fhir.r4.model.Organization) null); + private static final Identity REMOTE_ORG_BAD_IDENTIFIER_ACTIVE = TestOrganizationIdentity .remote(createFhirOrganization("bad.identifier")); - private static final Organization local = new Organization(true, IDENTIFIER); - private static final Organization remote = new Organization(false, IDENTIFIER); + private static final Identity LOCAL_PRACTITIONER_ORG_ACTIVE = TestPractitionerIdentity.practitioner( + createFhirOrganization(IDENTIFIER).setActive(true), + new Coding("http://dsf.dev/fhir/CodeSystem/practitioner-role", "DIC_USER", null)); + private static final Identity LOCAL_PRACTITIONER_ORG_ACTIVE_BAD_ROLE1 = TestPractitionerIdentity.practitioner( + createFhirOrganization(IDENTIFIER).setActive(true), + new Coding("http://dsf.dev/fhir/CodeSystem/practitioner-role", "UAC_USER", null)); + private static final Identity LOCAL_PRACTITIONER_ORG_ACTIVE_BAD_ROLE2 = TestPractitionerIdentity.practitioner( + createFhirOrganization(IDENTIFIER).setActive(true), + new Coding("http://dsf.dev/fhir/CodeSystem/bad-system", "DIC_USER", null)); + private static final Identity LOCAL_PRACTITIONER_ORG_NOT_ACTIVE = TestPractitionerIdentity.practitioner( + createFhirOrganization(IDENTIFIER).setActive(false), + new Coding("http://dsf.dev/fhir/CodeSystem/practitioner-role", "DIC_USER", null)); + private static final Identity LOCAL_PRACTITIONER_ORG_ACTIVE_NO_ROLES = TestPractitionerIdentity + .practitioner(createFhirOrganization(IDENTIFIER).setActive(true)); + private static final Identity LOCAL_PRACTITIONER_ORG_BAD_IDENTIFIER_ACTIVE = TestPractitionerIdentity.practitioner( + createFhirOrganization("bad.identifier").setActive(true), + new Coding("http://dsf.dev/fhir/CodeSystem/practitioner-role", "DIC_USER", null)); + + private static final Organization local = new Organization(true, IDENTIFIER, null, null); + private static final Organization remote = new Organization(false, IDENTIFIER, null, null); + + private static final Organization localPractitioner = new Organization(true, IDENTIFIER, + "http://dsf.dev/fhir/CodeSystem/practitioner-role", "DIC_USER"); @Test public void testLocalOrganizationRecipientOk() throws Exception @@ -181,4 +205,47 @@ public void testRemoteOrganizationRequesterNotOkIdentifierWrong() throws Excepti { assertFalse(remote.isRequesterAuthorized(REMOTE_ORG_BAD_IDENTIFIER_ACTIVE, Stream.empty())); } + + @Test + public void testLocalOrganizationPractitionerRequesterOk() throws Exception + { + assertTrue(localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_ACTIVE, Stream.empty())); + } + + @Test + public void testLocalOrganizationPractitionerRequesterNotOkOrganizationNotActive() throws Exception + { + assertFalse(localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_NOT_ACTIVE, Stream.empty())); + } + + @Test + public void testLocalOrganizationPractitionerRequesterNotOkPractitionerNoRoles() throws Exception + { + assertFalse(localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_ACTIVE_NO_ROLES, Stream.empty())); + } + + @Test + public void testLocalOrganizationPractitionerRequesterNotOkPractitionerBadRole1() throws Exception + { + assertFalse(localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_ACTIVE_BAD_ROLE1, Stream.empty())); + } + + @Test + public void testLocalOrganizationPractitionerRequesterNotOkPractitionerBadRole2() throws Exception + { + assertFalse(localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_ACTIVE_BAD_ROLE2, Stream.empty())); + } + + @Test + public void testLocalOrganizationPractitionerRequesterNotOkNotAPractitioner() throws Exception + { + assertFalse(localPractitioner.isRequesterAuthorized(LOCAL_ORG_ACTIVE, Stream.empty())); + } + + @Test + public void testLocalOrganizationPractitionerRequesterNotOkBadOrganizationIdentifier() throws Exception + { + assertFalse( + localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_BAD_IDENTIFIER_ACTIVE, Stream.empty())); + } } diff --git a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java index 60eed029b..70eaf7315 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java +++ b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/ProcessAuthorizationHelperTest.java @@ -67,7 +67,7 @@ public void testActivityDefinitionNotValidWithProcessAuthorizationsSameMessageNa pa2.addExtension("recipient", new Coding("http://dsf.dev/fhir/CodeSystem/process-authorization", "LOCAL_ALL", null)); - assertFalse(helper.isValid(ad, p -> true, o -> true, c -> true)); + assertFalse(helper.isValid(ad, p -> true, c -> true, o -> true, c -> true)); } @Test @@ -78,7 +78,7 @@ public void testActivityDefinitionRequesterRemoteAllRecipientLocalAllValidViaFil { var ad = FhirContext.forR4().newXmlParser().parseResource(ActivityDefinition.class, in); - assertTrue(helper.isValid(ad, p -> true, o -> true, c -> true)); + assertTrue(helper.isValid(ad, p -> true, c -> true, o -> true, c -> true)); } } @@ -91,7 +91,7 @@ public void testActivityDefinitionRequesterRemoteOrganizationRecipientLocalParen { var ad = FhirContext.forR4().newXmlParser().parseResource(ActivityDefinition.class, in); - assertTrue(helper.isValid(ad, c -> true, o -> true, c -> true)); + assertTrue(helper.isValid(ad, p -> true, c -> true, o -> true, c -> true)); } } @@ -112,7 +112,7 @@ public void testGetRequesterRemoteAllRecipientLocalAllViaFile() throws Exception assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_REMOTE_ALL, requestersList.get(0).getProcessAuthorizationCode().getCode()); assertTrue(requestersList.get(0).isRequesterAuthorized( - TestIdentity.remote(new org.hl7.fhir.r4.model.Organization().setActive(true)), + TestOrganizationIdentity.remote(new org.hl7.fhir.r4.model.Organization().setActive(true)), Collections.emptyList())); Stream recipients = helper.getRecipients(ad, "http://dsf.dev/bpe/Process/test", "1.0.0", "foo", @@ -124,7 +124,7 @@ public void testGetRequesterRemoteAllRecipientLocalAllViaFile() throws Exception assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL, recipientsList.get(0).getProcessAuthorizationCode().getCode()); assertTrue(recipientsList.get(0).isRecipientAuthorized( - TestIdentity.local(new org.hl7.fhir.r4.model.Organization().setActive(true)), + TestOrganizationIdentity.local(new org.hl7.fhir.r4.model.Organization().setActive(true)), Collections.emptyList())); } } @@ -145,9 +145,11 @@ public void testGetRequesterRemoteOrganizationRecipientLocalParentOrganizationRo assertTrue(requestersList.get(0) instanceof Organization); assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_REMOTE_ORGANIZATION, requestersList.get(0).getProcessAuthorizationCode().getCode()); - Identity remoteUser = TestIdentity.remote(new org.hl7.fhir.r4.model.Organization().setActive(true) - .addIdentifier(new Identifier().setSystem(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM) - .setValue("organization.com"))); + Identity remoteUser = TestOrganizationIdentity + .remote(new org.hl7.fhir.r4.model.Organization().setActive(true) + .addIdentifier(new Identifier() + .setSystem(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM) + .setValue("organization.com"))); assertTrue(requestersList.get(0).isRequesterAuthorized(remoteUser, Collections.emptyList())); Stream recipients = helper.getRecipients(ad, "http://dsf.dev/bpe/Process/test", "1.0.0", "foo", @@ -158,7 +160,7 @@ public void testGetRequesterRemoteOrganizationRecipientLocalParentOrganizationRo assertTrue(recipientsList.get(0) instanceof Role); assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE, recipientsList.get(0).getProcessAuthorizationCode().getCode()); - Identity localUser = TestIdentity.local(new org.hl7.fhir.r4.model.Organization().setActive(true) + Identity localUser = TestOrganizationIdentity.local(new org.hl7.fhir.r4.model.Organization().setActive(true) .addIdentifier(new Identifier().setSystem(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM) .setValue("member.com"))); OrganizationAffiliation affiliation = new OrganizationAffiliation(); @@ -591,7 +593,8 @@ public void testAddRequesterLocalRoleRemoteRoleRecipientLocalRole() throws Excep reqCode1ExtC.getUrl()); Extension reqCode1ExtR = reqCode1ExtExts.get(1); assertTrue(reqCode1ExtR.hasUrl()); - assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ROLE, + assertEquals( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ORGANIZATION_ROLE, reqCode1ExtR.getUrl()); assertTrue(reqCode1ExtC.hasValue()); assertTrue(reqCode1ExtC.getValue() instanceof Identifier); @@ -642,7 +645,8 @@ public void testAddRequesterLocalRoleRemoteRoleRecipientLocalRole() throws Excep reqCode2ExtC.getUrl()); Extension reqCode2ExtR = reqCode2ExtExts.get(1); assertTrue(reqCode2ExtR.hasUrl()); - assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ROLE, + assertEquals( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ORGANIZATION_ROLE, reqCode2ExtR.getUrl()); assertTrue(reqCode2ExtC.hasValue()); assertTrue(reqCode2ExtC.getValue() instanceof Identifier); @@ -694,7 +698,8 @@ public void testAddRequesterLocalRoleRemoteRoleRecipientLocalRole() throws Excep recCodeExtC.getUrl()); Extension recCodeExtR = recCodeExtExts.get(1); assertTrue(recCodeExtR.hasUrl()); - assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ROLE, + assertEquals( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ORGANIZATION_ROLE, recCodeExtR.getUrl()); assertTrue(recCodeExtC.hasValue()); assertTrue(recCodeExtC.getValue() instanceof Identifier); @@ -710,4 +715,359 @@ public void testAddRequesterLocalRoleRemoteRoleRecipientLocalRole() throws Excep assertTrue(((Coding) recCodeExtR.getValue()).hasCode()); assertEquals(role3Code, ((Coding) recCodeExtR.getValue()).getCode()); } + + @Test + public void testAddRequesterLocalAllPractitioner() throws Exception + { + String messageName = "messageName"; + String taskProfile = "http://foo.com/fhir/StructureDefinition/bar"; + String practitionerRoleSystem = "http://baz.com/fhir/CodeSystem/cs1"; + String practitionerRoleCode = "code"; + + Recipient recipientLocalAll = Recipient.localAll(); + Requester requesterLocalAllPractitioner = Requester.localAllPractitioner(practitionerRoleSystem, + practitionerRoleCode); + + var ad = createActivityDefinition(); + + ad = helper.add(ad, messageName, taskProfile, Collections.singleton(requesterLocalAllPractitioner), + Collections.singleton(recipientLocalAll)); + + assertNotNull(ad); + assertTrue(ad.hasExtension()); + assertNotNull(ad.getExtension()); + assertEquals(1, ad.getExtension().size()); + + Extension authExt = ad.getExtension().get(0); + assertNotNull(authExt); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION, authExt.getUrl()); + assertTrue(authExt.hasExtension()); + assertEquals(4, authExt.getExtension().size()); + + Extension mnExt = authExt.getExtension().get(0); + assertNotNull(mnExt); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_MESSAGE_NAME, mnExt.getUrl()); + assertTrue(mnExt.hasValue()); + assertNotNull(mnExt.getValue()); + assertTrue(mnExt.getValue() instanceof StringType); + assertTrue(((StringType) mnExt.getValue()).hasValue()); + assertNotNull(((StringType) mnExt.getValue()).getValueAsString()); + assertEquals(messageName, ((StringType) mnExt.getValue()).getValueAsString()); + + Extension tpExt = authExt.getExtension().get(1); + assertNotNull(tpExt); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_TASK_PROFILE, tpExt.getUrl()); + assertTrue(tpExt.hasValue()); + assertNotNull(tpExt.getValue()); + assertTrue(tpExt.getValue() instanceof CanonicalType); + assertTrue(((CanonicalType) tpExt.getValue()).hasValue()); + assertNotNull(((CanonicalType) tpExt.getValue()).getValueAsString()); + assertEquals(taskProfile, ((CanonicalType) tpExt.getValue()).getValueAsString()); + + Extension reqExt = authExt.getExtension().get(2); + assertNotNull(reqExt); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_REQUESTER, reqExt.getUrl()); + assertTrue(reqExt.hasValue()); + assertNotNull(reqExt.getValue()); + assertTrue(reqExt.getValue() instanceof Coding); + Coding reqCode = (Coding) reqExt.getValue(); + assertTrue(reqCode.hasSystem()); + assertTrue(reqCode.hasCode()); + assertNotNull(reqCode.getSystem()); + assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, reqCode.getSystem()); + assertNotNull(reqCode.getCode()); + assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL_PRACTITIONER, reqCode.getCode()); + assertTrue(requesterLocalAllPractitioner.requesterMatches(reqExt)); + assertTrue(requesterLocalAllPractitioner.matches((Coding) reqExt.getValue())); + assertTrue(reqCode.hasExtension()); + + assertNotNull(reqCode.getExtension()); + assertEquals(1, reqCode.getExtension().size()); + Extension reqCodeExt = reqCode.getExtension().get(0); + assertNotNull(reqCodeExt); + assertTrue(reqCodeExt.hasUrl()); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PRACTITIONER, reqCodeExt.getUrl()); + assertFalse(reqCodeExt.hasExtension()); + assertTrue(reqCodeExt.hasValue()); + assertNotNull(reqCodeExt.getValue()); + assertTrue(reqCodeExt.getValue() instanceof Coding); + assertTrue(((Coding) reqCodeExt.getValue()).hasSystem()); + assertNotNull(((Coding) reqCodeExt.getValue()).getSystem()); + assertEquals(practitionerRoleSystem, ((Coding) reqCodeExt.getValue()).getSystem()); + assertTrue(((Coding) reqCodeExt.getValue()).hasCode()); + assertNotNull(((Coding) reqCodeExt.getValue()).getCode()); + assertEquals(practitionerRoleCode, ((Coding) reqCodeExt.getValue()).getCode()); + + Extension recExt = authExt.getExtension().get(3); + assertNotNull(recExt); + assertTrue(recExt.hasUrl()); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_RECIPIENT, recExt.getUrl()); + assertTrue(recExt.hasValue()); + assertNotNull(recExt.getValue()); + assertTrue(recExt.getValue() instanceof Coding); + assertTrue(((Coding) recExt.getValue()).hasSystem()); + assertTrue(((Coding) recExt.getValue()).hasCode()); + assertNotNull(((Coding) recExt.getValue()).getSystem()); + assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, ((Coding) recExt.getValue()).getSystem()); + assertNotNull(((Coding) recExt.getValue()).getCode()); + assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL, + ((Coding) recExt.getValue()).getCode()); + assertTrue(recipientLocalAll.recipientMatches(recExt)); + assertTrue(recipientLocalAll.matches((Coding) recExt.getValue())); + } + + @Test + public void testAddRequesterLocalOrganizationPractitioner() throws Exception + { + String messageName = "messageName"; + String taskProfile = "http://foo.com/fhir/StructureDefinition/bar"; + String organizationIdentifer = "organization.com"; + String practitionerRoleSystem = "http://baz.com/fhir/CodeSystem/cs1"; + String practitionerRoleCode = "code"; + + Recipient recipientLocalAll = Recipient.localAll(); + Requester requesterLocalOrganizationPractitioner = Requester + .localOrganizationPractitioner(organizationIdentifer, practitionerRoleSystem, practitionerRoleCode); + + var ad = createActivityDefinition(); + + ad = helper.add(ad, messageName, taskProfile, Collections.singleton(requesterLocalOrganizationPractitioner), + Collections.singleton(recipientLocalAll)); + + assertNotNull(ad); + assertTrue(ad.hasExtension()); + assertNotNull(ad.getExtension()); + assertEquals(1, ad.getExtension().size()); + + Extension authExt = ad.getExtension().get(0); + assertNotNull(authExt); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION, authExt.getUrl()); + assertTrue(authExt.hasExtension()); + assertEquals(4, authExt.getExtension().size()); + + Extension mnExt = authExt.getExtension().get(0); + assertNotNull(mnExt); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_MESSAGE_NAME, mnExt.getUrl()); + assertTrue(mnExt.hasValue()); + assertNotNull(mnExt.getValue()); + assertTrue(mnExt.getValue() instanceof StringType); + assertTrue(((StringType) mnExt.getValue()).hasValue()); + assertNotNull(((StringType) mnExt.getValue()).getValueAsString()); + assertEquals(messageName, ((StringType) mnExt.getValue()).getValueAsString()); + + Extension tpExt = authExt.getExtension().get(1); + assertNotNull(tpExt); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_TASK_PROFILE, tpExt.getUrl()); + assertTrue(tpExt.hasValue()); + assertNotNull(tpExt.getValue()); + assertTrue(tpExt.getValue() instanceof CanonicalType); + assertTrue(((CanonicalType) tpExt.getValue()).hasValue()); + assertNotNull(((CanonicalType) tpExt.getValue()).getValueAsString()); + assertEquals(taskProfile, ((CanonicalType) tpExt.getValue()).getValueAsString()); + + Extension reqExt = authExt.getExtension().get(2); + assertNotNull(reqExt); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_REQUESTER, reqExt.getUrl()); + assertTrue(reqExt.hasValue()); + assertNotNull(reqExt.getValue()); + assertTrue(reqExt.getValue() instanceof Coding); + Coding reqCode = (Coding) reqExt.getValue(); + assertTrue(reqCode.hasSystem()); + assertTrue(reqCode.hasCode()); + assertNotNull(reqCode.getSystem()); + assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, reqCode.getSystem()); + assertNotNull(reqCode.getCode()); + assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ORGANIZATION_PRACTITIONER, + reqCode.getCode()); + assertTrue(requesterLocalOrganizationPractitioner.requesterMatches(reqExt)); + assertTrue(requesterLocalOrganizationPractitioner.matches((Coding) reqExt.getValue())); + assertTrue(reqCode.hasExtension()); + assertNotNull(reqCode.getExtension()); + assertEquals(1, reqCode.getExtension().size()); + Extension reqCodeExt = reqCode.getExtension().get(0); + assertNotNull(reqCodeExt); + assertTrue(reqCodeExt.hasUrl()); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION_PRACTITIONER, + reqCodeExt.getUrl()); + assertTrue(reqCodeExt.hasExtension()); + assertFalse(reqCodeExt.hasValue()); + assertNotNull(reqCodeExt.getExtension()); + assertEquals(2, reqCodeExt.getExtension().size()); + List reqCodeExtExts = reqCodeExt.getExtension(); + Extension reqCodeExtO = reqCodeExtExts.get(0); + assertTrue(reqCodeExtO.hasUrl()); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION_PRACTITIONER_ORGANIZATION, + reqCodeExtO.getUrl()); + Extension recCodeExtR = reqCodeExtExts.get(1); + assertTrue(recCodeExtR.hasUrl()); + assertEquals( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_ORGANIZATION_PRACTITIONER_PRACTITIONER_ROLE, + recCodeExtR.getUrl()); + assertTrue(reqCodeExtO.hasValue()); + assertTrue(reqCodeExtO.getValue() instanceof Identifier); + assertTrue(((Identifier) reqCodeExtO.getValue()).hasSystem()); + assertEquals(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM, + ((Identifier) reqCodeExtO.getValue()).getSystem()); + assertTrue(((Identifier) reqCodeExtO.getValue()).hasValue()); + assertEquals(organizationIdentifer, ((Identifier) reqCodeExtO.getValue()).getValue()); + assertTrue(recCodeExtR.hasValue()); + assertTrue(recCodeExtR.getValue() instanceof Coding); + assertTrue(((Coding) recCodeExtR.getValue()).hasSystem()); + assertEquals(practitionerRoleSystem, ((Coding) recCodeExtR.getValue()).getSystem()); + assertTrue(((Coding) recCodeExtR.getValue()).hasCode()); + assertEquals(practitionerRoleCode, ((Coding) recCodeExtR.getValue()).getCode()); + + Extension recExt = authExt.getExtension().get(3); + assertNotNull(recExt); + assertTrue(recExt.hasUrl()); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_RECIPIENT, recExt.getUrl()); + assertTrue(recExt.hasValue()); + assertNotNull(recExt.getValue()); + assertTrue(recExt.getValue() instanceof Coding); + assertTrue(((Coding) recExt.getValue()).hasSystem()); + assertTrue(((Coding) recExt.getValue()).hasCode()); + assertNotNull(((Coding) recExt.getValue()).getSystem()); + assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, ((Coding) recExt.getValue()).getSystem()); + assertNotNull(((Coding) recExt.getValue()).getCode()); + assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL, + ((Coding) recExt.getValue()).getCode()); + assertTrue(recipientLocalAll.recipientMatches(recExt)); + assertTrue(recipientLocalAll.matches((Coding) recExt.getValue())); + } + + @Test + public void testAddRequesterLocalRolePractitioner() throws Exception + { + String messageName = "messageName"; + String taskProfile = "http://foo.com/fhir/StructureDefinition/bar"; + String parentOrganizationIdentifer = "parent.org"; + String organizationRoleSystem = "http://baz.com/fhir/CodeSystem/cs1"; + String organizationRoleCode = "code1"; + String practitionerRoleSystem = "http://baz.com/fhir/CodeSystem/cs2"; + String practitionerRoleCode = "code2"; + + Recipient recipientLocalAll = Recipient.localAll(); + Requester requesterLocalRolePractitioner = Requester.localRolePractitioner(parentOrganizationIdentifer, + organizationRoleSystem, organizationRoleCode, practitionerRoleSystem, practitionerRoleCode); + + var ad = createActivityDefinition(); + + ad = helper.add(ad, messageName, taskProfile, Collections.singleton(requesterLocalRolePractitioner), + Collections.singleton(recipientLocalAll)); + + System.out.println(FhirContext.forR4().newXmlParser().setPrettyPrint(true).encodeResourceToString(ad)); + + assertNotNull(ad); + assertTrue(ad.hasExtension()); + assertNotNull(ad.getExtension()); + assertEquals(1, ad.getExtension().size()); + + Extension authExt = ad.getExtension().get(0); + assertNotNull(authExt); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION, authExt.getUrl()); + assertTrue(authExt.hasExtension()); + assertEquals(4, authExt.getExtension().size()); + + Extension mnExt = authExt.getExtension().get(0); + assertNotNull(mnExt); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_MESSAGE_NAME, mnExt.getUrl()); + assertTrue(mnExt.hasValue()); + assertNotNull(mnExt.getValue()); + assertTrue(mnExt.getValue() instanceof StringType); + assertTrue(((StringType) mnExt.getValue()).hasValue()); + assertNotNull(((StringType) mnExt.getValue()).getValueAsString()); + assertEquals(messageName, ((StringType) mnExt.getValue()).getValueAsString()); + + Extension tpExt = authExt.getExtension().get(1); + assertNotNull(tpExt); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_TASK_PROFILE, tpExt.getUrl()); + assertTrue(tpExt.hasValue()); + assertNotNull(tpExt.getValue()); + assertTrue(tpExt.getValue() instanceof CanonicalType); + assertTrue(((CanonicalType) tpExt.getValue()).hasValue()); + assertNotNull(((CanonicalType) tpExt.getValue()).getValueAsString()); + assertEquals(taskProfile, ((CanonicalType) tpExt.getValue()).getValueAsString()); + + Extension reqExt = authExt.getExtension().get(2); + assertNotNull(reqExt); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_REQUESTER, reqExt.getUrl()); + assertTrue(reqExt.hasValue()); + assertNotNull(reqExt.getValue()); + assertTrue(reqExt.getValue() instanceof Coding); + Coding reqCode = (Coding) reqExt.getValue(); + assertTrue(reqCode.hasSystem()); + assertTrue(reqCode.hasCode()); + assertNotNull(reqCode.getSystem()); + assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, reqCode.getSystem()); + assertNotNull(reqCode.getCode()); + assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ROLE_PRACTITIONER, reqCode.getCode()); + assertTrue(requesterLocalRolePractitioner.requesterMatches(reqExt)); + assertTrue(requesterLocalRolePractitioner.matches((Coding) reqExt.getValue())); + + assertTrue(reqCode.hasExtension()); + assertNotNull(reqCode.getExtension()); + assertEquals(1, reqCode.getExtension().size()); + Extension reqCodeExt = reqCode.getExtension().get(0); + assertNotNull(reqCodeExt); + assertTrue(reqCodeExt.hasUrl()); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PRACTITIONER, + reqCodeExt.getUrl()); + assertTrue(reqCodeExt.hasExtension()); + assertFalse(reqCodeExt.hasValue()); + assertNotNull(reqCodeExt.getExtension()); + assertEquals(3, reqCodeExt.getExtension().size()); + List reqCodeExtExts = reqCodeExt.getExtension(); + + Extension reqCodeExtPO = reqCodeExtExts.get(0); + assertTrue(reqCodeExtPO.hasUrl()); + assertEquals( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PARENT_ORGANIZATION, + reqCodeExtPO.getUrl()); + Extension recCodeExtOR = reqCodeExtExts.get(1); + assertTrue(recCodeExtOR.hasUrl()); + assertEquals( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_ORGANIZATION_ROLE, + recCodeExtOR.getUrl()); + Extension recCodeExtPR = reqCodeExtExts.get(2); + assertTrue(recCodeExtPR.hasUrl()); + assertEquals( + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_PARENT_ORGANIZATION_ROLE_PRACTITIONER_PRACTITIONER_ROLE, + recCodeExtPR.getUrl()); + assertTrue(reqCodeExtPO.hasValue()); + assertTrue(reqCodeExtPO.getValue() instanceof Identifier); + assertTrue(((Identifier) reqCodeExtPO.getValue()).hasSystem()); + assertEquals(ProcessAuthorizationHelper.ORGANIZATION_IDENTIFIER_SYSTEM, + ((Identifier) reqCodeExtPO.getValue()).getSystem()); + assertTrue(((Identifier) reqCodeExtPO.getValue()).hasValue()); + assertEquals(parentOrganizationIdentifer, ((Identifier) reqCodeExtPO.getValue()).getValue()); + assertTrue(recCodeExtOR.hasValue()); + assertTrue(recCodeExtOR.getValue() instanceof Coding); + assertTrue(((Coding) recCodeExtOR.getValue()).hasSystem()); + assertEquals(organizationRoleSystem, ((Coding) recCodeExtOR.getValue()).getSystem()); + assertTrue(((Coding) recCodeExtOR.getValue()).hasCode()); + assertEquals(organizationRoleCode, ((Coding) recCodeExtOR.getValue()).getCode()); + assertTrue(recCodeExtPR.hasValue()); + assertTrue(recCodeExtPR.getValue() instanceof Coding); + assertTrue(((Coding) recCodeExtPR.getValue()).hasSystem()); + assertEquals(practitionerRoleSystem, ((Coding) recCodeExtPR.getValue()).getSystem()); + assertTrue(((Coding) recCodeExtPR.getValue()).hasCode()); + assertEquals(practitionerRoleCode, ((Coding) recCodeExtPR.getValue()).getCode()); + + Extension recExt = authExt.getExtension().get(3); + assertNotNull(recExt); + assertTrue(recExt.hasUrl()); + assertEquals(ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION_RECIPIENT, recExt.getUrl()); + assertTrue(recExt.hasValue()); + assertNotNull(recExt.getValue()); + assertTrue(recExt.getValue() instanceof Coding); + assertTrue(((Coding) recExt.getValue()).hasSystem()); + assertTrue(((Coding) recExt.getValue()).hasCode()); + assertNotNull(((Coding) recExt.getValue()).getSystem()); + assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_SYSTEM, ((Coding) recExt.getValue()).getSystem()); + assertNotNull(((Coding) recExt.getValue()).getCode()); + assertEquals(ProcessAuthorizationHelper.PROCESS_AUTHORIZATION_VALUE_LOCAL_ALL, + ((Coding) recExt.getValue()).getCode()); + assertTrue(recipientLocalAll.recipientMatches(recExt)); + assertTrue(recipientLocalAll.matches((Coding) recExt.getValue())); + } } diff --git a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/RoleTest.java b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/RoleTest.java index 7621b8d08..df7172f44 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/RoleTest.java +++ b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/RoleTest.java @@ -5,6 +5,7 @@ import java.util.stream.Stream; +import org.hl7.fhir.r4.model.Coding; import org.hl7.fhir.r4.model.Organization; import org.hl7.fhir.r4.model.OrganizationAffiliation; import org.junit.Test; @@ -19,9 +20,12 @@ public class RoleTest private static final String MEMBER_ROLE_CODE = "roleCode"; private static final Role local = new Role(true, PARENT_ORGANIZATION_IDENTIFIER, MEMBER_ROLE_SYSTEM, - MEMBER_ROLE_CODE); + MEMBER_ROLE_CODE, null, null); private static final Role remote = new Role(false, PARENT_ORGANIZATION_IDENTIFIER, MEMBER_ROLE_SYSTEM, - MEMBER_ROLE_CODE); + MEMBER_ROLE_CODE, null, null); + + private static final Role localPractitioner = new Role(true, PARENT_ORGANIZATION_IDENTIFIER, MEMBER_ROLE_SYSTEM, + MEMBER_ROLE_CODE, "http://dsf.dev/fhir/CodeSystem/practitioner-role", "DIC_USER"); private static org.hl7.fhir.r4.model.Organization createFhirOrganization(String identifierValue) { @@ -37,23 +41,40 @@ private static org.hl7.fhir.r4.model.Organization createFhirOrganization(String return o; } - private static final Identity LOCAL_ORG_ACTIVE = TestIdentity.local(createFhirOrganization(MEMBER_IDENTIFIER)); - private static final Identity LOCAL_ORG_NOT_ACTIVE = TestIdentity + private static final Identity LOCAL_ORG_ACTIVE = TestOrganizationIdentity + .local(createFhirOrganization(MEMBER_IDENTIFIER)); + private static final Identity LOCAL_ORG_NOT_ACTIVE = TestOrganizationIdentity .local(createFhirOrganization(MEMBER_IDENTIFIER).setActive(false)); - private static final Identity LOCAL_NO_ORG = TestIdentity.local(null); - private static final Identity LOCAL_ORG_BAD_IDENTIFIER = TestIdentity + private static final Identity LOCAL_NO_ORG = TestOrganizationIdentity.local(null); + private static final Identity LOCAL_ORG_BAD_IDENTIFIER = TestOrganizationIdentity .local(createFhirOrganization("wrong.identifier")); - private static final Identity LOCAL_ORG_BAD_IDENTIFIER_SYSTEM = TestIdentity + private static final Identity LOCAL_ORG_BAD_IDENTIFIER_SYSTEM = TestOrganizationIdentity .local(createFhirOrganization(MEMBER_IDENTIFIER, "bad.system")); - private static final Identity REMOTE_ORG_ACTIVE = TestIdentity.remote(createFhirOrganization(MEMBER_IDENTIFIER)); - private static final Identity REMOTE_ORG_NOT_ACTIVE = TestIdentity + private static final Identity REMOTE_ORG_ACTIVE = TestOrganizationIdentity + .remote(createFhirOrganization(MEMBER_IDENTIFIER)); + private static final Identity REMOTE_ORG_NOT_ACTIVE = TestOrganizationIdentity .remote(createFhirOrganization(MEMBER_IDENTIFIER).setActive(false)); - private static final Identity REMOTE_NO_ORG = TestIdentity.remote((Organization) null); - private static final Identity REMOTE_ORG_BAD_IDENTIFIER = TestIdentity + private static final Identity REMOTE_NO_ORG = TestOrganizationIdentity.remote((Organization) null); + private static final Identity REMOTE_ORG_BAD_IDENTIFIER = TestOrganizationIdentity .remote(createFhirOrganization("wrong.identifier")); - private static final Identity REMOTE_ORG_BAD_IDENTIFIER_SYSTEM = TestIdentity + private static final Identity REMOTE_ORG_BAD_IDENTIFIER_SYSTEM = TestOrganizationIdentity .remote(createFhirOrganization(MEMBER_IDENTIFIER, "bad.system")); + private static final Identity LOCAL_PRACTITIONER_ORG_ACTIVE = TestPractitionerIdentity.practitioner( + createFhirOrganization(MEMBER_IDENTIFIER).setActive(true), + new Coding("http://dsf.dev/fhir/CodeSystem/practitioner-role", "DIC_USER", null)); + private static final Identity LOCAL_PRACTITIONER_ORG_ACTIVE_BAD_ROLE1 = TestPractitionerIdentity.practitioner( + createFhirOrganization(MEMBER_IDENTIFIER).setActive(true), + new Coding("http://dsf.dev/fhir/CodeSystem/practitioner-role", "UAC_USER", null)); + private static final Identity LOCAL_PRACTITIONER_ORG_ACTIVE_BAD_ROLE2 = TestPractitionerIdentity.practitioner( + createFhirOrganization(MEMBER_IDENTIFIER).setActive(true), + new Coding("http://dsf.dev/fhir/CodeSystem/bad-system", "DIC_USER", null)); + private static final Identity LOCAL_PRACTITIONER_ORG_NOT_ACTIVE = TestPractitionerIdentity.practitioner( + createFhirOrganization(MEMBER_IDENTIFIER).setActive(false), + new Coding("http://dsf.dev/fhir/CodeSystem/practitioner-role", "DIC_USER", null)); + private static final Identity LOCAL_PRACTITIONER_ORG_ACTIVE_NO_ROLES = TestPractitionerIdentity + .practitioner(createFhirOrganization(MEMBER_IDENTIFIER).setActive(true)); + private static OrganizationAffiliation createOrganizationAffiliation(String parentOrganizationIdentifier, String memberIdentifier, String memberRoleSystem, String memberRoleCode) { @@ -370,4 +391,40 @@ public void testRemoteRoleRequesterNotOkMemberRoleSystem() throws Exception assertFalse(remote.isRequesterAuthorized(REMOTE_ORG_ACTIVE, affiliations)); } + + @Test + public void testLocalRolePractitionerRequesterOk() throws Exception + { + assertTrue(localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_ACTIVE, okAffiliation())); + } + + @Test + public void testLocalRolePractitionerRequesterNotOkOrganizationNotActive() throws Exception + { + assertFalse(localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_NOT_ACTIVE, okAffiliation())); + } + + @Test + public void testLocalRolePractitionerRequesterNotOkPractitionerNoRoles() throws Exception + { + assertFalse(localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_ACTIVE_NO_ROLES, okAffiliation())); + } + + @Test + public void testLocalRolePractitionerRequesterNotOkPractitionerBadRole1() throws Exception + { + assertFalse(localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_ACTIVE_BAD_ROLE1, okAffiliation())); + } + + @Test + public void testLocalRolePractitionerRequesterNotOkPractitionerBadRole2() throws Exception + { + assertFalse(localPractitioner.isRequesterAuthorized(LOCAL_PRACTITIONER_ORG_ACTIVE_BAD_ROLE2, okAffiliation())); + } + + @Test + public void testLocalRolePractitionerRequesterNotOkNotAPractitioner() throws Exception + { + assertFalse(localPractitioner.isRequesterAuthorized(LOCAL_ORG_ACTIVE, okAffiliation())); + } } diff --git a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/TestIdentity.java b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/TestOrganizationIdentity.java similarity index 71% rename from dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/TestIdentity.java rename to dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/TestOrganizationIdentity.java index 6d4cccc42..78837a12f 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/TestIdentity.java +++ b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/TestOrganizationIdentity.java @@ -7,28 +7,28 @@ import org.hl7.fhir.r4.model.Organization; import dev.dsf.common.auth.conf.DsfRole; -import dev.dsf.common.auth.conf.Identity; +import dev.dsf.common.auth.conf.OrganizationIdentity; -public class TestIdentity implements Identity +public class TestOrganizationIdentity implements OrganizationIdentity { private final boolean localIdentity; private final Organization organization; - private TestIdentity(boolean localIdentity, Organization organization) + private TestOrganizationIdentity(boolean localIdentity, Organization organization) { this.localIdentity = localIdentity; this.organization = organization; } - public static TestIdentity remote(Organization organization) + public static TestOrganizationIdentity remote(Organization organization) { - return new TestIdentity(false, organization); + return new TestOrganizationIdentity(false, organization); } - public static TestIdentity local(Organization organization) + public static TestOrganizationIdentity local(Organization organization) { - return new TestIdentity(true, organization); + return new TestOrganizationIdentity(true, organization); } @Override @@ -77,5 +77,6 @@ public boolean hasDsfRole(DsfRole role) public Optional getCertificate() { throw new UnsupportedOperationException(); + } } diff --git a/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/TestPractitionerIdentity.java b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/TestPractitionerIdentity.java new file mode 100644 index 000000000..2b333db00 --- /dev/null +++ b/dsf-fhir/dsf-fhir-auth/src/test/java/dev/dsf/fhir/authorization/process/TestPractitionerIdentity.java @@ -0,0 +1,102 @@ +package dev.dsf.fhir.authorization.process; + +import java.security.cert.X509Certificate; +import java.util.Arrays; +import java.util.Collection; +import java.util.HashSet; +import java.util.Optional; +import java.util.Set; + +import org.hl7.fhir.r4.model.Coding; +import org.hl7.fhir.r4.model.Organization; +import org.hl7.fhir.r4.model.Practitioner; + +import dev.dsf.common.auth.DsfOpenIdCredentials; +import dev.dsf.common.auth.conf.DsfRole; +import dev.dsf.common.auth.conf.PractitionerIdentity; + +public class TestPractitionerIdentity implements PractitionerIdentity +{ + private final Organization organization; + private final Set roles = new HashSet<>(); + + private TestPractitionerIdentity(Organization organization, Collection roles) + { + this.organization = organization; + + if (roles != null) + this.roles.addAll(roles); + } + + public static TestPractitionerIdentity practitioner(Organization organization, Coding... roles) + { + return new TestPractitionerIdentity(organization, Arrays.asList(roles)); + } + + @Override + public String getName() + { + throw new UnsupportedOperationException(); + } + + @Override + public String getDisplayName() + { + throw new UnsupportedOperationException(); + } + + @Override + public boolean isLocalIdentity() + { + return true; + } + + @Override + public Organization getOrganization() + { + return organization; + } + + @Override + public Optional getOrganizationIdentifierValue() + { + throw new UnsupportedOperationException(); + } + + @Override + public Set getDsfRoles() + { + throw new UnsupportedOperationException(); + } + + @Override + public boolean hasDsfRole(DsfRole role) + { + throw new UnsupportedOperationException(); + } + + @Override + public Optional getCertificate() + { + throw new UnsupportedOperationException(); + + } + + @Override + public Practitioner getPractitioner() + { + throw new UnsupportedOperationException(); + } + + @Override + public Set getPractionerRoles() + { + return roles; + } + + @Override + public Optional getCredentials() + { + throw new UnsupportedOperationException(); + } +} diff --git a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml index 78f37a9db..fdf4e8bb9 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml +++ b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/process-authorization/req_remote_organization_rec_local_role.xml @@ -34,7 +34,7 @@ - + diff --git a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/read-access/tag_role.xml b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/read-access/tag_role.xml index f27b4b1a1..cbd8df324 100644 --- a/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/read-access/tag_role.xml +++ b/dsf-fhir/dsf-fhir-auth/src/test/resources/authorization/read-access/tag_role.xml @@ -12,7 +12,7 @@ - + diff --git a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/ActivityDefinitionAuthorizationRule.java b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/ActivityDefinitionAuthorizationRule.java index b1859b8a0..da5d2da3e 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/ActivityDefinitionAuthorizationRule.java +++ b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/ActivityDefinitionAuthorizationRule.java @@ -67,8 +67,9 @@ private Optional newResourceOk(Connection connection, Identity identity, { List errors = new ArrayList(); - if (!processAuthorizationHelper.isValid(newResource, taskProfile -> true, organizationIdentifier -> true, - parentOrganizationRole -> true)) + // TODO check existence of profiles, codes and identifier against DB + if (!processAuthorizationHelper.isValid(newResource, taskProfile -> true, practitionerRole -> true, + organizationIdentifier -> true, organizationRole -> true)) { errors.add("ActivityDefinition.extension with url " + ProcessAuthorizationHelper.EXTENSION_PROCESS_AUTHORIZATION diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organization_affiliations_insert.sql b/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organization_affiliations_insert.sql index 75d18941f..5437390a7 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organization_affiliations_insert.sql +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organization_affiliations_insert.sql @@ -47,7 +47,7 @@ BEGIN ) AS r ON r.resource->'meta'->'tag' @> ('[{"extension":[{"url":"http://dsf.dev/fhir/StructureDefinition/extension-read-access-parent-organization-role","extension":[{"url":"parent-organization","valueIdentifier":{"system":"http://dsf.dev/sid/organization-identifier","value":"' - || parent_organization_identifier || '"}},{"url":"role","valueCoding":{"system":"' + || parent_organization_identifier || '"}},{"url":"organization-role","valueCoding":{"system":"' || c.system || '","code":"' || c.code || '"}}]}],"system":"http://dsf.dev/fhir/CodeSystem/read-access-tag","code":"ROLE"}]')::jsonb WHERE r.resource IS NOT NULL; diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organizations_insert.sql b/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organizations_insert.sql index 1bd95b42b..2eb3218c1 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organizations_insert.sql +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_organizations_insert.sql @@ -76,7 +76,7 @@ BEGIN ) AS r ON r.resource->'meta'->'tag' @> ('[{"extension":[{"url":"http://dsf.dev/fhir/StructureDefinition/extension-read-access-parent-organization-role","extension":[{"url":"parent-organization","valueIdentifier":{"system":"http://dsf.dev/sid/organization-identifier","value":"' - || parent_organization_identifier || '"}},{"url":"role","valueCoding":{"system":"' + || parent_organization_identifier || '"}},{"url":"organization-role","valueCoding":{"system":"' || coding_system || '","code":"' || coding_code || '"}}]}],"system":"http://dsf.dev/fhir/CodeSystem/read-access-tag","code":"ROLE"}]')::jsonb WHERE r.resource IS NOT NULL diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_resources_insert.sql b/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_resources_insert.sql index 0ae3ddc25..e650ae792 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_resources_insert.sql +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/db/trigger_functions/on_resources_insert.sql @@ -72,7 +72,7 @@ BEGIN SELECT jsonb_path_query(parent_organization_role, '$.extension[*] ? (@.url == "parent-organization") .valueIdentifier[*]?(@.system == "http://dsf.dev/sid/organization-identifier")')->>'value' AS parent_organization_identifier - , jsonb_path_query(parent_organization_role, '$.extension[*] ? (@.url == "role").valueCoding') AS role + , jsonb_path_query(parent_organization_role, '$.extension[*] ? (@.url == "organization-role").valueCoding') AS role FROM ( SELECT jsonb_path_query(new_resource,'$.meta.tag[*] ? (@.code == "ROLE" && @.system == "http://dsf.dev/fhir/CodeSystem/read-access-tag") .extension[*] ? (@.url == "http://dsf.dev/fhir/StructureDefinition/extension-read-access-parent-organization-role")') AS parent_organization_role diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/BinaryDaoTest.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/BinaryDaoTest.java index b26c82ca6..78534cb94 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/BinaryDaoTest.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/dao/BinaryDaoTest.java @@ -259,7 +259,7 @@ public void testSearchBinaryWithSecurityContextRole() throws Exception .addExtension().setUrl("http://dsf.dev/fhir/StructureDefinition/extension-read-access-consortium-role"); ex.addExtension().setUrl("consortium").setValue( new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("Test_Consortium")); - ex.addExtension().setUrl("role") + ex.addExtension().setUrl("organization-role") .setValue(new Coding().setSystem("http://dsf.dev/fhir/CodeSystem/organization-role").setCode("DIC")); ResearchStudy createdRs = researchStudyDao.create(rs); diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/AbstractIntegrationTest.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/AbstractIntegrationTest.java index 905a09481..69c5b5cbc 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/AbstractIntegrationTest.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/AbstractIntegrationTest.java @@ -98,6 +98,7 @@ public abstract class AbstractIntegrationTest extends AbstractDbTest private static JettyServer fhirServer; private static FhirWebserviceClient webserviceClient; private static FhirWebserviceClient externalWebserviceClient; + private static FhirWebserviceClient practitionerWebserviceClient; @BeforeClass public static void beforeClass() throws Exception @@ -119,6 +120,12 @@ public static void beforeClass() throws Exception certificates.getExternalClientCertificate().getKeyStore(), certificates.getExternalClientCertificate().getKeyStorePassword(), fhirContext, referenceCleaner); + logger.info("Creating practitioner client ..."); + practitionerWebserviceClient = createWebserviceClient( + certificates.getPractitionerClientCertificate().getTrustStore(), + certificates.getPractitionerClientCertificate().getKeyStore(), + certificates.getPractitionerClientCertificate().getKeyStorePassword(), fhirContext, referenceCleaner); + logger.info("Starting FHIR Server ..."); fhirServer = startFhirServer(); @@ -151,7 +158,7 @@ private static JettyServer startFhirServer() throws Exception DATABASE_DELETE_USER, DATABASE_DELETE_USER_PASSWORD, BASE_URL, certificates.getClientCertificate(), "Test_Organization", FHIR_BUNDLE_FILE, certificates.getCaCertificateFile(), certificates.getClientCertificateFile(), certificates.getClientCertificatePrivateKeyFile(), - X509Certificates.PASSWORD); + X509Certificates.PASSWORD, certificates.getPractitionerClientCertificate()); JettyServer server = new JettyServer("fhir-server", jettyConfig, Stream.of(JakartaWebSocketShutdownContainer.class, JakartaWebSocketServletContainerInitializer.class, @@ -286,6 +293,11 @@ protected static FhirWebserviceClient getExternalWebserviceClient() return externalWebserviceClient; } + protected static FhirWebserviceClient getPractitionerWebserviceClient() + { + return practitionerWebserviceClient; + } + protected static WebsocketClient getWebsocketClient() { Bundle bundle = getWebserviceClient().searchWithStrictHandling(Subscription.class, diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java index 56ba268e3..8c6f9a36d 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java @@ -670,6 +670,148 @@ public void testCreateTaskAllowedLocalUser() throws Exception assertNotNull(createdTask.getIdElement().getIdPart()); } + @Test + public void testCreateTaskAllowedLocalUserWithRole() throws Exception + { + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition5-1.0.xml"); + ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); + assertNotNull(createdAd1); + assertNotNull(createdAd1.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + Task createdTask = getPractitionerWebserviceClient().create(task); + assertNotNull(createdTask); + assertNotNull(createdTask.getIdElement().getIdPart()); + } + + @Test + public void testCreateTaskNotAllowedLocalUserWithoutRole() throws Exception + { + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition6-1.0.xml"); + ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); + assertNotNull(createdAd1); + assertNotNull(createdAd1.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + testCreateExpectForbidden(getPractitionerWebserviceClient(), task); + } + + @Test + public void testCreateTaskAllowedLocalUserWithRole2() throws Exception + { + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition7-1.0.xml"); + ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); + assertNotNull(createdAd1); + assertNotNull(createdAd1.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + Task createdTask = getPractitionerWebserviceClient().create(task); + assertNotNull(createdTask); + assertNotNull(createdTask.getIdElement().getIdPart()); + } + + @Test + public void testCreateTaskNotAllowedLocalUserWithoutRole2() throws Exception + { + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition8-1.0.xml"); + ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); + assertNotNull(createdAd1); + assertNotNull(createdAd1.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + testCreateExpectForbidden(getPractitionerWebserviceClient(), task); + } + + @Test + public void testCreateTaskNotAllowedLocalOrganizationWithoutRole2() throws Exception + { + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition8-1.0.xml"); + ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); + assertNotNull(createdAd1); + assertNotNull(createdAd1.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + testCreateExpectForbidden(getWebserviceClient(), task); + } + + @Test + public void testCreateTaskAllowedLocalUserWithRole3() throws Exception + { + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition9-1.0.xml"); + ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); + assertNotNull(createdAd1); + assertNotNull(createdAd1.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + Task createdTask = getPractitionerWebserviceClient().create(task); + assertNotNull(createdTask); + assertNotNull(createdTask.getIdElement().getIdPart()); + } + + @Test + public void testCreateTaskNotAllowedLocalUserWithoutRole3() throws Exception + { + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition10-1.0.xml"); + ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); + assertNotNull(createdAd1); + assertNotNull(createdAd1.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + testCreateExpectForbidden(getPractitionerWebserviceClient(), task); + } + + @Test + public void testCreateTaskNotAllowedLocalOrganizationWithoutRole3() throws Exception + { + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition10-1.0.xml"); + ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); + assertNotNull(createdAd1); + assertNotNull(createdAd1.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + testCreateExpectForbidden(getWebserviceClient(), task); + } + @Test public void testCreateTaskAllowedLocalUserVersionSpecificProfile() throws Exception { @@ -728,6 +870,133 @@ public void testCreateTaskNotAllowedRemoteUser() throws Exception testCreateExpectForbidden(getExternalWebserviceClient(), task); } + @Test + public void testCreateTaskNotAllowedPractitioner1() throws Exception + { + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition1-1.0.xml"); + ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); + assertNotNull(createdAd1); + assertNotNull(createdAd1.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + testCreateExpectForbidden(getPractitionerWebserviceClient(), task); + } + + @Test + public void testCreateTaskAllowedLocalUser11() throws Exception + { + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition11-1.0.xml"); + ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); + assertNotNull(createdAd1); + assertNotNull(createdAd1.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + Task createdTask = getWebserviceClient().create(task); + assertNotNull(createdTask); + assertNotNull(createdTask.getIdElement().getIdPart()); + } + + @Test + public void testCreateTaskNotAllowedPractitioner11() throws Exception + { + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition11-1.0.xml"); + ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); + assertNotNull(createdAd1); + assertNotNull(createdAd1.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + testCreateExpectForbidden(getPractitionerWebserviceClient(), task); + } + + @Test + public void testCreateTaskAllowedLocalUser12() throws Exception + { + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition12-1.0.xml"); + ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); + assertNotNull(createdAd1); + assertNotNull(createdAd1.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + Task createdTask = getWebserviceClient().create(task); + assertNotNull(createdTask); + assertNotNull(createdTask.getIdElement().getIdPart()); + } + + @Test + public void testCreateTaskNotAllowedPractitioner12() throws Exception + { + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition12-1.0.xml"); + ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); + assertNotNull(createdAd1); + assertNotNull(createdAd1.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + testCreateExpectForbidden(getPractitionerWebserviceClient(), task); + } + + @Test + public void testCreateTaskAllowedLocalUser13() throws Exception + { + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition13-1.0.xml"); + ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); + assertNotNull(createdAd1); + assertNotNull(createdAd1.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + Task createdTask = getWebserviceClient().create(task); + assertNotNull(createdTask); + assertNotNull(createdTask.getIdElement().getIdPart()); + } + + @Test + public void testCreateTaskAllowedPractitioner13() throws Exception + { + ActivityDefinition ad1 = readActivityDefinition("dsf-test-activity-definition13-1.0.xml"); + ActivityDefinition createdAd1 = getWebserviceClient().create(ad1); + assertNotNull(createdAd1); + assertNotNull(createdAd1.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + Task createdTask = getPractitionerWebserviceClient().create(task); + assertNotNull(createdTask); + assertNotNull(createdTask.getIdElement().getIdPart()); + } + @Test public void testCreateTaskNotAllowedLocalUser() throws Exception { @@ -809,7 +1078,7 @@ public void testCreateTaskNotAllowedRemoteUser2() throws Exception .getExtensionByUrl("recipient").getValue(); Coding role = (Coding) recipient.getExtensionByUrl( "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role") - .getExtensionByUrl("role").getValue(); + .getExtensionByUrl("organization-role").getValue(); role.setCode("TTP"); ActivityDefinition createdAd3 = getWebserviceClient().create(ad3); diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TestJettyConfig.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TestJettyConfig.java index 20c15f938..92bf6da0b 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TestJettyConfig.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TestJettyConfig.java @@ -30,7 +30,8 @@ public TestJettyConfig(int statusPort, int port, String contextPath, Path client String databaseUserUsername, String databaseUserPassword, String databaseDeleteUserUsername, String databaseDeleteUserPassword, String serverBaseUrl, ClientCertificate clientCertificate, String organizationIdentifierValue, Path fhirBundleFile, Path caCertificateFile, Path clientCertificateFile, - Path clientCertificatePrivateKeyFile, char[] clientCertificatePrivateKeyPassword) + Path clientCertificatePrivateKeyFile, char[] clientCertificatePrivateKeyPassword, + ClientCertificate practitionerClientCertificate) { super(AbstractJettyConfig.httpsConnector()); @@ -62,7 +63,19 @@ public TestJettyConfig(int statusPort, int port, String contextPath, Path client clientCertificatePrivateKeyFile.toString()); additionalProperties.put("dev.dsf.fhir.client.certificate.private.key.password", String.valueOf(clientCertificatePrivateKeyPassword)); - additionalProperties.put("dev.dsf.fhir.server.roleConfig", ""); + additionalProperties.put("dev.dsf.fhir.server.roleConfig", String.format(""" + - practitioner-test-user: + thumbprint: %s + dsf-role: + - CREATE + - READ + - UPDATE + - DELETE + - SEARCH + - HISTORY + practitioner-role: + - http://dsf.dev/fhir/CodeSystem/practitioner-role|DIC_USER + """, practitionerClientCertificate.getCertificateSha512ThumbprintHex())); } @Override diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/X509Certificates.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/X509Certificates.java index b27dee5d5..1a2577c30 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/X509Certificates.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/X509Certificates.java @@ -94,6 +94,7 @@ public String getCertificateSha512ThumbprintHex() private final X509Certificates parent; private ClientCertificate clientCertificate; + private ClientCertificate practitionerClientCertificate; private ClientCertificate externalClientCertificate; private Path caCertificateFile; @@ -103,6 +104,8 @@ public String getCertificateSha512ThumbprintHex() private Path clientCertificatePrivateKeyFile; private Path externalClientCertificateFile; private Path externalClientCertificatePrivateKeyFile; + private Path practitionerClientCertificateFile; + private Path practitionerClientCertificatePrivateKeyFile; private List filesToDelete; @@ -157,6 +160,14 @@ public ClientCertificate getExternalClientCertificate() return externalClientCertificate; } + public ClientCertificate getPractitionerClientCertificate() + { + if (parentBeforeRan()) + return parent.getPractitionerClientCertificate(); + else + return practitionerClientCertificate; + } + public Path getCaCertificateFile() { if (parentBeforeRan()) @@ -213,6 +224,22 @@ public Path getExternalClientCertificatePrivateKeyFile() return externalClientCertificatePrivateKeyFile; } + public Path getPractitionerClientCertificateFile() + { + if (parentBeforeRan()) + return parent.getPractitionerClientCertificateFile(); + + return practitionerClientCertificateFile; + } + + public Path getPractitionerClientCertificatePrivateKeyFile() + { + if (parentBeforeRan()) + return parent.getPractitionerClientCertificatePrivateKeyFile(); + + return practitionerClientCertificatePrivateKeyFile; + } + private void createX509Certificates() throws InvalidKeyException, NoSuchAlgorithmException, KeyStoreException, CertificateException, OperatorCreationException, IllegalStateException, IOException, InvalidKeySpecException { @@ -225,6 +252,8 @@ private void createX509Certificates() throws InvalidKeyException, NoSuchAlgorith Path clientCertificatePrivateKeyFile = Paths.get("target", UUID.randomUUID().toString() + ".pem"); Path externalClientCertificateFile = Paths.get("target", UUID.randomUUID().toString() + ".pem"); Path externalClientCertificatePrivateKeyFile = Paths.get("target", UUID.randomUUID().toString() + ".pem"); + Path practitionerClientCertificateFile = Paths.get("target", UUID.randomUUID().toString() + ".pem"); + Path practitionerClientCertificatePrivateKeyFile = Paths.get("target", UUID.randomUUID().toString() + ".pem"); CertificateAuthority.registerBouncyCastleProvider(); @@ -287,10 +316,34 @@ private void createX509Certificates() throws InvalidKeyException, NoSuchAlgorith externalClientRsaKeyPair.getPrivate(), PASSWORD); // external client -- + // -- practitioner client + X500Name practitionerClientSubject = CertificationRequestBuilder.createSubject("DE", null, null, null, null, + "practitioner-client"); + KeyPair practitionerClientRsaKeyPair = CertificationRequestBuilder.createRsaKeyPair4096Bit(); + JcaPKCS10CertificationRequest practitionerClientRequest = CertificationRequestBuilder + .createClientCertificationRequest(practitionerClientSubject, practitionerClientRsaKeyPair, + "practitioner@test.org"); + + X509Certificate practitionerClientCertificate = ca.signWebClientCertificate(practitionerClientRequest); + + KeyStore practitionerClientKeyStore = CertificateHelper.toPkcs12KeyStore( + practitionerClientRsaKeyPair.getPrivate(), + new Certificate[] { practitionerClientCertificate, caCertificate }, "practitioner-client", PASSWORD); + + CertificateWriter.toPkcs12(practitionerClientCertificateFile, practitionerClientRsaKeyPair.getPrivate(), + PASSWORD, practitionerClientCertificate, caCertificate, "client"); + + PemIo.writeX509CertificateToPem(practitionerClientCertificate, practitionerClientCertificateFile); + PemIo.writeAes128EncryptedPrivateKeyToPkcs8(provider, practitionerClientCertificatePrivateKeyFile, + practitionerClientRsaKeyPair.getPrivate(), PASSWORD); + // practitioner client -- + this.clientCertificate = new ClientCertificate(clientCertificate, CertificateHelper.extractTrust(clientKeyStore), clientKeyStore, PASSWORD); this.externalClientCertificate = new ClientCertificate(externalClientCertificate, CertificateHelper.extractTrust(externalClientKeyStore), externalClientKeyStore, PASSWORD); + this.practitionerClientCertificate = new ClientCertificate(practitionerClientCertificate, + CertificateHelper.extractTrust(practitionerClientKeyStore), practitionerClientKeyStore, PASSWORD); this.caCertificateFile = caCertificateFile; this.serverCertificateFile = serverCertificateFile; @@ -299,10 +352,13 @@ private void createX509Certificates() throws InvalidKeyException, NoSuchAlgorith this.clientCertificatePrivateKeyFile = clientCertificatePrivateKeyFile; this.externalClientCertificateFile = externalClientCertificateFile; this.externalClientCertificatePrivateKeyFile = externalClientCertificatePrivateKeyFile; + this.practitionerClientCertificateFile = practitionerClientCertificateFile; + this.practitionerClientCertificatePrivateKeyFile = practitionerClientCertificatePrivateKeyFile; this.filesToDelete = Arrays.asList(caCertificateFile, serverCertificateFile, serverCertificatePrivateKeyFile, clientCertificateFile, clientCertificatePrivateKeyFile, externalClientCertificateFile, - externalClientCertificatePrivateKeyFile); + externalClientCertificatePrivateKeyFile, practitionerClientCertificateFile, + practitionerClientCertificatePrivateKeyFile); } private void deleteX509Certificates() diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition10-1.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition10-1.0.xml new file mode 100644 index 000000000..a92dfa7c8 --- /dev/null +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition10-1.0.xml @@ -0,0 +1,67 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition11-1.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition11-1.0.xml new file mode 100644 index 000000000..b0bb251c3 --- /dev/null +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition11-1.0.xml @@ -0,0 +1,38 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition12-1.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition12-1.0.xml new file mode 100644 index 000000000..1076deda6 --- /dev/null +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition12-1.0.xml @@ -0,0 +1,46 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition13-1.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition13-1.0.xml new file mode 100644 index 000000000..49bbffbf9 --- /dev/null +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition13-1.0.xml @@ -0,0 +1,44 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition3-1.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition3-1.0.xml index 1d895607d..a052741bf 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition3-1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition3-1.0.xml @@ -34,7 +34,7 @@ - + diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition4-1.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition4-1.0.xml index 2c76b8ec2..bc9f6e8cb 100644 --- a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition4-1.0.xml +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition4-1.0.xml @@ -22,7 +22,7 @@ - + @@ -42,7 +42,7 @@ - + diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition5-1.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition5-1.0.xml new file mode 100644 index 000000000..643cce3a5 --- /dev/null +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition5-1.0.xml @@ -0,0 +1,38 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition6-1.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition6-1.0.xml new file mode 100644 index 000000000..def346911 --- /dev/null +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition6-1.0.xml @@ -0,0 +1,38 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition7-1.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition7-1.0.xml new file mode 100644 index 000000000..584d33ce6 --- /dev/null +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition7-1.0.xml @@ -0,0 +1,61 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition8-1.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition8-1.0.xml new file mode 100644 index 000000000..0d15aeced --- /dev/null +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition8-1.0.xml @@ -0,0 +1,61 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition9-1.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition9-1.0.xml new file mode 100644 index 000000000..eee33d69b --- /dev/null +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition9-1.0.xml @@ -0,0 +1,67 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-practitioner-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-practitioner-role-1.0.0.xml new file mode 100644 index 000000000..7106dac73 --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-practitioner-role-1.0.0.xml @@ -0,0 +1,62 @@ + + + + + + + + + + + + <status value="active"/> + <experimental value="false"/> + <date value="2022-06-19"/> + <publisher value="DSF"/> + <description value="CodeSystem with DSF practitioner roles"/> + <caseSensitive value="true"/> + <hierarchyMeaning value="grouped-by"/> + <versionNeeded value="false"/> + <content value="complete"/> + <count value="10"/> + <concept> + <code value="UAC_USER"/> + <display value="Use-and-Access Committee Member"/> + </concept> + <concept> + <code value="COS_USER"/> + <display value="Coordinating Site Member"/> + </concept> + <concept> + <code value="CRR_USER"/> + <display value="Central Research Repository Member"/> + </concept> + <concept> + <code value="DIC_USER"/> + <display value="Data Integration Center Member"/> + </concept> + <concept> + <code value="DMS_USER"/> + <display value="Data Management Site Member"/> + </concept> + <concept> + <code value="DTS_USER"/> + <display value="Data Transfer Site Member"/> + </concept> + <concept> + <code value="HRP_USER"/> + <display value="Health Research Platform Member"/> + </concept> + <concept> + <code value="TTP_USER"/> + <display value="Trusted Third Party Member"/> + </concept> + <concept> + <code value="AMS_USER"/> + <display value="Allowlist Management Site Member"/> + </concept> + <concept> + <code value="DSF_ADMIN" /> + <display value="DSF Administrator"/> + </concept> +</CodeSystem> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-practitioner-role-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-practitioner-role-1.0.0.xml.post new file mode 100644 index 000000000..5b9a23843 --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-practitioner-role-1.0.0.xml.post @@ -0,0 +1 @@ +url=http://dsf.dev/fhir/CodeSystem/organization-role&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml index 9a5236c4a..fa416480c 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml @@ -11,39 +11,54 @@ <title value="DSF Process Authorization"/> <status value="active"/> <experimental value="false"/> - <date value="2023-05-19"/> + <date value="2023-06-19"/> <publisher value="DSF"/> <description value="CodeSystem with proces authorization codes"/> <caseSensitive value="true"/> <hierarchyMeaning value="grouped-by"/> <versionNeeded value="false"/> <content value="complete"/> - <count value="6"/> + <count value="9"/> <concept> <code value="LOCAL_ORGANIZATION"/> <display value="LOCAL_ORGANIZATION"/> - <definition value="Process authorization for a local organization specified via extension http://dsf.dev/fhir/StructureDefinition/extension"/> + <definition value="Process authorization for a local organization specified via extension http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization"/> + </concept> + <concept> + <code value="LOCAL_ORGANIZATION_PRACTITIONER"/> + <display value="LOCAL_ORGANIZATION_PRACTITIONER"/> + <definition value="Process authorization for local users with a specific practitioner role in an organization specified via extension http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization-practitioner"/> </concept> <concept> <code value="REMOTE_ORGANIZATION"/> <display value="REMOTE_ORGANIZATION"/> - <definition value="Process authorization for a remote organization specified via extension http://dsf.dev/fhir/StructureDefinition/extension"/> + <definition value="Process authorization for a remote organization specified via extension http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization"/> </concept> <concept> <code value="LOCAL_ROLE"/> <display value="LOCAL_ROLE"/> - <definition value="Process authorization for a local parent organization member with a role specified via extension http://dsf.dev/fhir/StructureDefinition/extension"/> + <definition value="Process authorization for a local parent organization member with a role specified via extension http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role"/> + </concept> + <concept> + <code value="LOCAL_ROLE_PRACTITIONER"/> + <display value="LOCAL_ROLE_PRACTITIONER"/> + <definition value="Process authorization for local users with a specific practitioner role in a parent organization member with a role specified via extension http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role-practitioner"/> </concept> <concept> <code value="REMOTE_ROLE"/> <display value="REMOTE_ROLE"/> - <definition value="Process authorization for a remote parent organization member with a role specified via extension http://dsf.dev/fhir/StructureDefinition/extension"/> + <definition value="Process authorization for a remote parent organization member with a role specified via extension http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role"/> </concept> <concept> <code value="LOCAL_ALL"/> <display value="LOCAL_ALL"/> <definition value="Process authorization for all local organizations"/> </concept> + <concept> + <code value="LOCAL_ALL_PRACTITIONER"/> + <display value="LOCAL_ALL_PRACTITIONER"/> + <definition value="Process authorization for all local users with a specific practitioner role specified via extension http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-practitioner"/> + </concept> <concept> <code value="REMOTE_ALL"/> <display value="REMOTE_ALL"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-practitioner-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-practitioner-1.0.0.xml new file mode 100644 index 000000000..ea7e3ad32 --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-practitioner-1.0.0.xml @@ -0,0 +1,52 @@ +<StructureDefinition xmlns="http://hl7.org/fhir"> + <meta> + <tag> + <system value="http://dsf.dev/fhir/CodeSystem/read-access-tag" /> + <code value="ALL" /> + </tag> + </meta> + <url value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-all-practitioner" /> + <version value="1.0.0" /> + <name value="ProcessAuthorizationLocalAllPractitioner" /> + <status value="active" /> + <experimental value="false" /> + <date value="2023-06-19" /> + <fhirVersion value="4.0.1" /> + <kind value="complex-type" /> + <abstract value="false" /> + <type value="Coding" /> + <baseDefinition value="http://hl7.org/fhir/StructureDefinition/Coding" /> + <derivation value="constraint" /> + <differential> + <element id="Coding.extension"> + <path value="Coding.extension" /> + <slicing> + <discriminator> + <type value="value" /> + <path value="url" /> + </discriminator> + <rules value="open" /> + </slicing> + </element> + <element id="Coding.extension:practitioner"> + <path value="Coding.extension" /> + <sliceName value="practitioner" /> + <min value="1" /> + <max value="1" /> + <type> + <code value="Extension" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-practitioner|1.0.0" /> + </type> + </element> + <element id="Coding.system"> + <path value="Coding.system" /> + <min value="1" /> + <fixedUri value="http://dsf.dev/fhir/CodeSystem/process-authorization" /> + </element> + <element id="Coding.code"> + <path value="Coding.code" /> + <min value="1" /> + <fixedCode value="LOCAL_ALL_PRACTITIONER" /> + </element> + </differential> +</StructureDefinition> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-practitioner-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-practitioner-1.0.0.xml.post new file mode 100644 index 000000000..3191d59f0 --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-practitioner-1.0.0.xml.post @@ -0,0 +1 @@ +url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-all-practitioner&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-practitioner-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-practitioner-1.0.0.xml new file mode 100644 index 000000000..96f034b8b --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-practitioner-1.0.0.xml @@ -0,0 +1,52 @@ +<StructureDefinition xmlns="http://hl7.org/fhir"> + <meta> + <tag> + <system value="http://dsf.dev/fhir/CodeSystem/read-access-tag" /> + <code value="ALL" /> + </tag> + </meta> + <url value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-organization-practitioner" /> + <version value="1.0.0" /> + <name value="ProcessAuthorizationLocalOrganizationPractitioner" /> + <status value="active" /> + <experimental value="false" /> + <date value="2023-06-19" /> + <fhirVersion value="4.0.1" /> + <kind value="complex-type" /> + <abstract value="false" /> + <type value="Coding" /> + <baseDefinition value="http://hl7.org/fhir/StructureDefinition/Coding" /> + <derivation value="constraint" /> + <differential> + <element id="Coding.extension"> + <path value="Coding.extension" /> + <slicing> + <discriminator> + <type value="value" /> + <path value="url" /> + </discriminator> + <rules value="open" /> + </slicing> + </element> + <element id="Coding.extension:organization-practitioner"> + <path value="Coding.extension" /> + <sliceName value="organization-practitioner" /> + <min value="1" /> + <max value="1" /> + <type> + <code value="Extension" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization-practitioner|1.0.0" /> + </type> + </element> + <element id="Coding.system"> + <path value="Coding.system" /> + <min value="1" /> + <fixedUri value="http://dsf.dev/fhir/CodeSystem/process-authorization" /> + </element> + <element id="Coding.code"> + <path value="Coding.code" /> + <min value="1" /> + <fixedCode value="LOCAL_ORGANIZATION_PRACTITIONER" /> + </element> + </differential> +</StructureDefinition> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-practitioner-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-practitioner-1.0.0.xml.post new file mode 100644 index 000000000..26d7d6bbb --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-practitioner-1.0.0.xml.post @@ -0,0 +1 @@ +url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-organization-practitioner&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-practitioner-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-practitioner-1.0.0.xml new file mode 100644 index 000000000..13cd9d52d --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-practitioner-1.0.0.xml @@ -0,0 +1,52 @@ +<StructureDefinition xmlns="http://hl7.org/fhir"> + <meta> + <tag> + <system value="http://dsf.dev/fhir/CodeSystem/read-access-tag" /> + <code value="ALL" /> + </tag> + </meta> + <url value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-parent-organization-role-practitioner" /> + <version value="1.0.0" /> + <name value="ProcessAuthorizationLocalParentOrganizationRolePractitioner" /> + <status value="active" /> + <experimental value="false" /> + <date value="2023-06-19" /> + <fhirVersion value="4.0.1" /> + <kind value="complex-type" /> + <abstract value="false" /> + <type value="Coding" /> + <baseDefinition value="http://hl7.org/fhir/StructureDefinition/Coding" /> + <derivation value="constraint" /> + <differential> + <element id="Coding.extension"> + <path value="Coding.extension" /> + <slicing> + <discriminator> + <type value="value" /> + <path value="url" /> + </discriminator> + <rules value="open" /> + </slicing> + </element> + <element id="Coding.extension:consortium-role-practitioner"> + <path value="Coding.extension" /> + <sliceName value="consortium-role-practitioner" /> + <min value="1" /> + <max value="1" /> + <type> + <code value="Extension" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role-practitioner|1.0.0" /> + </type> + </element> + <element id="Coding.system"> + <path value="Coding.system" /> + <min value="1" /> + <fixedUri value="http://dsf.dev/fhir/CodeSystem/process-authorization" /> + </element> + <element id="Coding.code"> + <path value="Coding.code" /> + <min value="1" /> + <fixedCode value="LOCAL_ROLE_PRACTITIONER" /> + </element> + </differential> +</StructureDefinition> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-practitioner-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-practitioner-1.0.0.xml.post new file mode 100644 index 000000000..f18f1ae96 --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-practitioner-1.0.0.xml.post @@ -0,0 +1 @@ +url=http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-parent-organization-role-practitioner&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml index 2311e5c66..6b8916b56 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml @@ -85,11 +85,14 @@ <type> <code value="Coding" /> <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-all|1.0.0" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-parent-organization-role|1.0.0" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-all-practitioner|1.0.0" /> <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-organization|1.0.0" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-organization-practitioner|1.0.0" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-parent-organization-role|1.0.0" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-parent-organization-role-practitioner|1.0.0" /> <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-all|1.0.0" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-parent-organization-role|1.0.0" /> <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-organization|1.0.0" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-remote-parent-organization-role|1.0.0" /> </type> <binding> <strength value="required" /> @@ -111,8 +114,8 @@ <type> <code value="Coding" /> <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-all|1.0.0" /> - <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-parent-organization-role|1.0.0" /> <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-organization|1.0.0" /> + <profile value="http://dsf.dev/fhir/StructureDefinition/coding-process-authorization-local-parent-organization-role|1.0.0" /> </type> <binding> <strength value="required" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-practitioner-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-practitioner-1.0.0.xml new file mode 100644 index 000000000..4cadd9704 --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-practitioner-1.0.0.xml @@ -0,0 +1,100 @@ +<StructureDefinition xmlns="http://hl7.org/fhir"> + <meta> + <tag> + <system value="http://dsf.dev/fhir/CodeSystem/read-access-tag" /> + <code value="ALL" /> + </tag> + </meta> + <url value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization-practitioner" /> + <version value="1.0.0" /> + <name value="ProcessAuthorizationOrganizationPractitioner" /> + <status value="active" /> + <experimental value="false" /> + <date value="2023-05-19" /> + <fhirVersion value="4.0.1" /> + <kind value="complex-type" /> + <abstract value="false" /> + <context> + <type value="element" /> + <expression value="Coding" /> + </context> + <type value="Extension" /> + <baseDefinition value="http://hl7.org/fhir/StructureDefinition/Extension" /> + <derivation value="constraint" /> + <differential> + <element id="Extension"> + <path value="Extension" /> + <min value="1" /> + <max value="1" /> + </element> + <element id="Extension.extension"> + <path value="Extension.extension" /> + <slicing> + <discriminator> + <type value="value" /> + <path value="url" /> + </discriminator> + <rules value="open" /> + </slicing> + </element> + <element id="Extension.extension:organization"> + <path value="Extension.extension" /> + <sliceName value="organization" /> + <min value="1" /> + <max value="1" /> + </element> + <element id="Extension.extension:organization.url"> + <path value="Extension.extension.url" /> + <fixedUri value="organization" /> + </element> + <element id="Extension.extension:organization.value[x]"> + <path value="Extension.extension.value[x]" /> + <min value="1" /> + <type> + <code value="Identifier" /> + </type> + </element> + <element id="Extension.extension:organization.value[x].system"> + <path value="Extension.extension.value[x].system" /> + <min value="1" /> + <fixedUri value="http://dsf.dev/sid/organization-identifier" /> + </element> + <element id="Extension.extension:organization.value[x].value"> + <path value="Extension.extension.value[x].value" /> + <min value="1" /> + </element> + <element id="Extension.extension:practitionerRole"> + <path value="Extension.extension" /> + <sliceName value="practitionerRole" /> + <min value="1" /> + <max value="1" /> + </element> + <element id="Extension.extension:practitionerRole.url"> + <path value="Extension.extension.url" /> + <fixedUri value="practitioner-role" /> + </element> + <element id="Extension.extension:practitionerRole.value[x]"> + <path value="Extension.extension.value[x]" /> + <min value="1" /> + <type> + <code value="Coding" /> + </type> + </element> + <element id="Extension.extension:practitionerRole.value[x].system"> + <path value="Extension.extension.value[x].system" /> + <min value="1" /> + </element> + <element id="Extension.extension:practitionerRole.value[x].code"> + <path value="Extension.extension.value[x].code" /> + <min value="1" /> + </element> + <element id="Extension.url"> + <path value="Extension.url" /> + <fixedUri value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization-practitioner" /> + </element> + <element id="Extension.value[x]"> + <path value="Extension.value[x]" /> + <max value="0" /> + </element> + </differential> +</StructureDefinition> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-practitioner-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-practitioner-1.0.0.xml.post new file mode 100644 index 000000000..b98fa22cb --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-practitioner-1.0.0.xml.post @@ -0,0 +1 @@ +url=http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization-practitioner&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-1.0.0.xml index 4e9d48b87..2598cd0dc 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-1.0.0.xml @@ -63,28 +63,28 @@ <path value="Extension.extension.value[x].value" /> <min value="1" /> </element> - <element id="Extension.extension:role"> + <element id="Extension.extension:organizationRole"> <path value="Extension.extension" /> - <sliceName value="role" /> + <sliceName value="organizationRole" /> <min value="1" /> <max value="1" /> </element> - <element id="Extension.extension:role.url"> + <element id="Extension.extension:organizationRole.url"> <path value="Extension.extension.url" /> - <fixedUri value="role" /> + <fixedUri value="organization-role" /> </element> - <element id="Extension.extension:role.value[x]"> + <element id="Extension.extension:organizationRole.value[x]"> <path value="Extension.extension.value[x]" /> <min value="1" /> <type> <code value="Coding" /> </type> </element> - <element id="Extension.extension:role.value[x].system"> + <element id="Extension.extension:organizationRole.value[x].system"> <path value="Extension.extension.value[x].system" /> <min value="1" /> </element> - <element id="Extension.extension:role.value[x].code"> + <element id="Extension.extension:organizationRole.value[x].code"> <path value="Extension.extension.value[x].code" /> <min value="1" /> </element> @@ -94,7 +94,7 @@ </element> <element id="Extension.value[x]"> <path value="Extension.value[x]" /> - <max value="0" /> + <max value="0" /> </element> </differential> </StructureDefinition> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-practitioner-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-practitioner-1.0.0.xml new file mode 100644 index 000000000..d7d6a479b --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-practitioner-1.0.0.xml @@ -0,0 +1,125 @@ +<StructureDefinition xmlns="http://hl7.org/fhir"> + <meta> + <tag> + <system value="http://dsf.dev/fhir/CodeSystem/read-access-tag" /> + <code value="ALL" /> + </tag> + </meta> + <url value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role-practitioner" /> + <version value="1.0.0" /> + <name value="ProcessAuthorizationParentOrganizatioRolePractitioner" /> + <status value="active" /> + <experimental value="false" /> + <date value="2023-06-19" /> + <fhirVersion value="4.0.1" /> + <kind value="complex-type" /> + <abstract value="false" /> + <context> + <type value="element" /> + <expression value="Coding" /> + </context> + <type value="Extension" /> + <baseDefinition value="http://hl7.org/fhir/StructureDefinition/Extension" /> + <derivation value="constraint" /> + <differential> + <element id="Extension"> + <path value="Extension" /> + <min value="1" /> + <max value="1" /> + </element> + <element id="Extension.extension"> + <path value="Extension.extension" /> + <slicing> + <discriminator> + <type value="value" /> + <path value="url" /> + </discriminator> + <rules value="open" /> + </slicing> + </element> + <element id="Extension.extension:parentOrganization"> + <path value="Extension.extension" /> + <sliceName value="parentOrganization" /> + <min value="1" /> + <max value="1" /> + </element> + <element id="Extension.extension:parentOrganization.url"> + <path value="Extension.extension.url" /> + <fixedUri value="parent-organization" /> + </element> + <element id="Extension.extension:parentOrganization.value[x]"> + <path value="Extension.extension.value[x]" /> + <min value="1" /> + <type> + <code value="Identifier" /> + </type> + </element> + <element id="Extension.extension:parentOrganization.value[x].system"> + <path value="Extension.extension.value[x].system" /> + <min value="1" /> + <fixedUri value="http://dsf.dev/sid/organization-identifier" /> + </element> + <element id="Extension.extension:parentOrganization.value[x].value"> + <path value="Extension.extension.value[x].value" /> + <min value="1" /> + </element> + <element id="Extension.extension:organizationRole"> + <path value="Extension.extension" /> + <sliceName value="organizationRole" /> + <min value="1" /> + <max value="1" /> + </element> + <element id="Extension.extension:organizationRole.url"> + <path value="Extension.extension.url" /> + <fixedUri value="organization-role" /> + </element> + <element id="Extension.extension:organizationRole.value[x]"> + <path value="Extension.extension.value[x]" /> + <min value="1" /> + <type> + <code value="Coding" /> + </type> + </element> + <element id="Extension.extension:organizationRole.value[x].system"> + <path value="Extension.extension.value[x].system" /> + <min value="1" /> + </element> + <element id="Extension.extension:organizationRole.value[x].code"> + <path value="Extension.extension.value[x].code" /> + <min value="1" /> + </element> + <element id="Extension.extension:practitionerRole"> + <path value="Extension.extension" /> + <sliceName value="practitionerRole" /> + <min value="1" /> + <max value="1" /> + </element> + <element id="Extension.extension:practitionerRole.url"> + <path value="Extension.extension.url" /> + <fixedUri value="practitioner-role" /> + </element> + <element id="Extension.extension:practitionerRole.value[x]"> + <path value="Extension.extension.value[x]" /> + <min value="1" /> + <type> + <code value="Coding" /> + </type> + </element> + <element id="Extension.extension:practitionerRole.value[x].system"> + <path value="Extension.extension.value[x].system" /> + <min value="1" /> + </element> + <element id="Extension.extension:practitionerRole.value[x].code"> + <path value="Extension.extension.value[x].code" /> + <min value="1" /> + </element> + <element id="Extension.url"> + <path value="Extension.url" /> + <fixedUri value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role-practitioner" /> + </element> + <element id="Extension.value[x]"> + <path value="Extension.value[x]" /> + <max value="0" /> + </element> + </differential> +</StructureDefinition> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-practitioner-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-practitioner-1.0.0.xml.post new file mode 100644 index 000000000..66b2fd5e7 --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-practitioner-1.0.0.xml.post @@ -0,0 +1 @@ +url=http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role-practitioner&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-practitioner-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-practitioner-1.0.0.xml new file mode 100644 index 000000000..c56a5903e --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-practitioner-1.0.0.xml @@ -0,0 +1,50 @@ +<StructureDefinition xmlns="http://hl7.org/fhir"> + <meta> + <tag> + <system value="http://dsf.dev/fhir/CodeSystem/read-access-tag" /> + <code value="ALL" /> + </tag> + </meta> + <url value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-practitioner" /> + <version value="1.0.0" /> + <name value="ProcessAuthorizationPractitioner" /> + <status value="active" /> + <experimental value="false" /> + <date value="2023-06-19" /> + <fhirVersion value="4.0.1" /> + <kind value="complex-type" /> + <abstract value="false" /> + <context> + <type value="element" /> + <expression value="Coding" /> + </context> + <type value="Extension" /> + <baseDefinition value="http://hl7.org/fhir/StructureDefinition/Extension" /> + <derivation value="constraint" /> + <differential> + <element id="Extension"> + <path value="Extension" /> + <min value="1" /> + <max value="1" /> + </element> + <element id="Extension.url"> + <path value="Extension.url" /> + <fixedUri value="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-practitioner" /> + </element> + <element id="Extension.value[x]"> + <path value="Extension.value[x]" /> + <min value="1" /> + <type> + <code value="Coding" /> + </type> + </element> + <element id="Extension.value[x].system"> + <path value="Extension.value[x].system" /> + <min value="1" /> + </element> + <element id="Extension.value[x].code"> + <path value="Extension.value[x].code" /> + <min value="1" /> + </element> + </differential> +</StructureDefinition> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-practitioner-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-practitioner-1.0.0.xml.post new file mode 100644 index 000000000..086f697b3 --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-practitioner-1.0.0.xml.post @@ -0,0 +1 @@ +url=http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-practitioner&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-parent-organization-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-parent-organization-role-1.0.0.xml index 861fdc549..ebcb141d1 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-parent-organization-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-parent-organization-role-1.0.0.xml @@ -58,28 +58,28 @@ <path value="Extension.extension.value[x].value" /> <min value="1" /> </element> - <element id="Extension.extension:role"> + <element id="Extension.extension:organizationRole"> <path value="Extension.extension" /> - <sliceName value="role" /> + <sliceName value="organizationRole" /> <min value="1" /> <max value="1" /> </element> - <element id="Extension.extension:role.url"> + <element id="Extension.extension:organizationRole.url"> <path value="Extension.extension.url" /> - <fixedUri value="role" /> + <fixedUri value="organization-role" /> </element> - <element id="Extension.extension:role.value[x]"> + <element id="Extension.extension:organizationRole.value[x]"> <path value="Extension.extension.value[x]" /> <min value="1" /> <type> <code value="Coding" /> </type> </element> - <element id="Extension.extension:role.value[x].system"> + <element id="Extension.extension:organizationRole.value[x].system"> <path value="Extension.extension.value[x].system" /> <min value="1" /> </element> - <element id="Extension.extension:role.value[x].code"> + <element id="Extension.extension:organizationRole.value[x].code"> <path value="Extension.extension.value[x].code" /> <min value="1" /> </element> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-practitioner-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-practitioner-role-1.0.0.xml new file mode 100644 index 000000000..4ea00d564 --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-practitioner-role-1.0.0.xml @@ -0,0 +1,25 @@ +<ValueSet xmlns="http://hl7.org/fhir"> + <meta> + <tag> + <system value="http://dsf.dev/fhir/CodeSystem/read-access-tag"/> + <code value="ALL"/> + </tag> + </meta> + <url value="http://dsf.dev/fhir/ValueSet/practitioner-role"/> + <version value="1.0.0"/> + <name value="DSF_Practitioner_Role"/> + <title value="DSF Practitioner Role"/> + <status value="active"/> + <experimental value="false"/> + <date value="2023-06-19"/> + <publisher value="DSF"/> + <description + value="ValueSet with DSF practitioner roles used in OrganizationAffiliation resources"/> + <immutable value="true"/> + <compose> + <include> + <system value="http://dsf.dev/fhir/CodeSystem/practitioner-role"/> + <version value="1.0.0"/> + </include> + </compose> +</ValueSet> \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-practitioner-role-1.0.0.xml.post b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-practitioner-role-1.0.0.xml.post new file mode 100644 index 000000000..57ccaf0c9 --- /dev/null +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-practitioner-role-1.0.0.xml.post @@ -0,0 +1 @@ +url=http://dsf.dev/fhir/ValueSet/practitioner-role&version=1.0.0 \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-1.0.0.xml index fc8633aa4..32f69909c 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-1.0.0.xml @@ -24,6 +24,10 @@ <code value="LOCAL_ORGANIZATION"/> <display value="LOCAL_ORGANIZATION"/> </concept> + <concept> + <code value="LOCAL_ORGANIZATION_PRACTITIONER"/> + <display value="LOCAL_ORGANIZATION_PRACTITIONER"/> + </concept> <concept> <code value="REMOTE_ORGANIZATION"/> <display value="REMOTE_ORGANIZATION"/> @@ -32,6 +36,10 @@ <code value="LOCAL_ROLE"/> <display value="LOCAL_ROLE"/> </concept> + <concept> + <code value="LOCAL_ROLE_PRACTITIONER"/> + <display value="LOCAL_ROLE_PRACTITIONER"/> + </concept> <concept> <code value="REMOTE_ROLE"/> <display value="REMOTE_ROLE"/> @@ -40,6 +48,10 @@ <code value="LOCAL_ALL"/> <display value="LOCAL_ALL"/> </concept> + <concept> + <code value="LOCAL_ALL_PRACTITIONER"/> + <display value="LOCAL_ALL_PRACTITIONER"/> + </concept> <concept> <code value="REMOTE_ALL"/> <display value="REMOTE_ALL"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java index 1fe41f4b1..c81c1d8ad 100644 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/ActivityDefinitionProfileTest.java @@ -32,18 +32,25 @@ public class ActivityDefinitionProfileTest @ClassRule public static final ValidationSupportRule validationRule = new ValidationSupportRule( Arrays.asList("dsf-activity-definition-1.0.0.xml", "dsf-extension-process-authorization-1.0.0.xml", - "dsf-extension-process-authorization-parent-organization-role-1.0.0.xml", + "dsf-extension-process-authorization-practitioner-1.0.0.xml", "dsf-extension-process-authorization-organization-1.0.0.xml", + "dsf-extension-process-authorization-organization-practitioner-1.0.0.xml", + "dsf-extension-process-authorization-parent-organization-role-1.0.0.xml", + "dsf-extension-process-authorization-parent-organization-role-practitioner-1.0.0.xml", "dsf-coding-process-authorization-local-all-1.0.0.xml", - "dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml", + "dsf-coding-process-authorization-local-all-practitioner-1.0.0.xml", "dsf-coding-process-authorization-local-organization-1.0.0.xml", + "dsf-coding-process-authorization-local-organization-practitioner-1.0.0.xml", + "dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml", + "dsf-coding-process-authorization-local-parent-organization-role-practitioner-1.0.0.xml", "dsf-coding-process-authorization-remote-all-1.0.0.xml", - "dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml", - "dsf-coding-process-authorization-remote-organization-1.0.0.xml"), + "dsf-coding-process-authorization-remote-organization-1.0.0.xml", + "dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml"), Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-organization-role-1.0.0.xml", - "dsf-process-authorization-1.0.0.xml"), + "dsf-practitioner-role-1.0.0.xml", "dsf-process-authorization-1.0.0.xml"), Arrays.asList("dsf-read-access-tag-1.0.0.xml", "dsf-organization-role-1.0.0.xml", - "dsf-process-authorization-recipient-1.0.0.xml", "dsf-process-authorization-requester-1.0.0.xml")); + "dsf-practitioner-role-1.0.0.xml", "dsf-process-authorization-recipient-1.0.0.xml", + "dsf-process-authorization-requester-1.0.0.xml")); private ResourceValidator resourceValidator = new ResourceValidatorImpl(validationRule.getFhirContext(), validationRule.getValidationSupport()); @@ -99,7 +106,36 @@ public void testActivityDefinitionWithProcessAuthorizationRequesterRemoteAllReci } @Test - public void testActivityDefinitionWithProcessAuthorizationRequesterRemoteOrganizationRecipientLocalConsortiumRoleValid() + public void testActivityDefinitionWithProcessAuthorizationRequesterLocalPractitionerRoleRecipientLocalAllValid() + throws Exception + { + ActivityDefinition ad = createActivityDefinition(); + Extension processAuthorization = ad.addExtension() + .setUrl("http://dsf.dev/fhir/StructureDefinition/extension-process-authorization"); + processAuthorization.addExtension("message-name", new StringType("foo")); + processAuthorization.addExtension("task-profile", + new CanonicalType("http://bar.org/fhir/StructureDefinition/baz")); + + Coding requesterCoding = new Coding("http://dsf.dev/fhir/CodeSystem/process-authorization", + "LOCAL_ALL_PRACTITIONER", null); + requesterCoding.addExtension( + "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-practitioner", + new Coding("http://dsf.dev/fhir/CodeSystem/user-role", "DIC_USER", null)); + processAuthorization.addExtension("requester", requesterCoding); + processAuthorization.addExtension("recipient", + new Coding("http://dsf.dev/fhir/CodeSystem/process-authorization", "LOCAL_ALL", null)); + + logResource(ad); + + ValidationResult result = resourceValidator.validate(ad); + + logMessages(result); + + assertTrue(result.isSuccessful()); + } + + @Test + public void testActivityDefinitionWithProcessAuthorizationRequesterRemoteOrganizationRecipientLocalParentOrganizationRoleValid() throws Exception { ActivityDefinition ad = createActivityDefinition(); @@ -117,12 +153,12 @@ public void testActivityDefinitionWithProcessAuthorizationRequesterRemoteOrganiz processAuthorization.addExtension("requester", requesterCoding); Coding recipientCoding = new Coding("http://dsf.dev/fhir/CodeSystem/process-authorization", "LOCAL_ROLE", null); - Extension consortiumRole = recipientCoding.addExtension(); - consortiumRole.setUrl( + Extension recipientCodingExtension = recipientCoding.addExtension(); + recipientCodingExtension.setUrl( "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role"); - consortiumRole.addExtension("parent-organization", + recipientCodingExtension.addExtension("parent-organization", new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("parent.org")); - consortiumRole.addExtension("role", + recipientCodingExtension.addExtension("organization-role", new Coding("http://dsf.dev/fhir/CodeSystem/organization-role", "DIC", null)); processAuthorization.addExtension("recipient", recipientCoding); @@ -135,6 +171,83 @@ public void testActivityDefinitionWithProcessAuthorizationRequesterRemoteOrganiz assertTrue(result.isSuccessful()); } + @Test + public void testActivityDefinitionWithProcessAuthorizationRequesterOrganizationPractitionerRoleRecipientLocalParentOrganizationRoleValid() + throws Exception + { + ActivityDefinition ad = createActivityDefinition(); + Extension processAuthorization = ad.addExtension() + .setUrl("http://dsf.dev/fhir/StructureDefinition/extension-process-authorization"); + processAuthorization.addExtension("message-name", new StringType("foo")); + processAuthorization.addExtension("task-profile", + new CanonicalType("http://bar.org/fhir/StructureDefinition/baz")); + + Coding requesterCoding = new Coding("http://dsf.dev/fhir/CodeSystem/process-authorization", + "LOCAL_ORGANIZATION_PRACTITIONER", null); + Extension requesterCodingExtension = requesterCoding.addExtension(); + requesterCodingExtension.setUrl( + "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization-practitioner"); + requesterCodingExtension.addExtension("organization", + new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("organization.com")); + requesterCodingExtension.addExtension("practitioner-role", + new Coding("http://dsf.dev/fhir/CodeSystem/practitioner-role", "DSF_ADMIN", null)); + processAuthorization.addExtension("requester", requesterCoding); + + Coding recipientCoding = new Coding("http://dsf.dev/fhir/CodeSystem/process-authorization", "LOCAL_ROLE", null); + Extension recipientCodingExtension = recipientCoding.addExtension(); + recipientCodingExtension.setUrl( + "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role"); + recipientCodingExtension.addExtension("parent-organization", + new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("parent.org")); + recipientCodingExtension.addExtension("organization-role", + new Coding("http://dsf.dev/fhir/CodeSystem/organization-role", "DIC", null)); + processAuthorization.addExtension("recipient", recipientCoding); + + logResource(ad); + + ValidationResult result = resourceValidator.validate(ad); + + logMessages(result); + + assertTrue(result.isSuccessful()); + } + + @Test + public void testActivityDefinitionWithProcessAuthorizationRequesterParentOrganizationRolePractitionerRoleRecipientLocalAllValid() + throws Exception + { + ActivityDefinition ad = createActivityDefinition(); + Extension processAuthorization = ad.addExtension() + .setUrl("http://dsf.dev/fhir/StructureDefinition/extension-process-authorization"); + processAuthorization.addExtension("message-name", new StringType("foo")); + processAuthorization.addExtension("task-profile", + new CanonicalType("http://bar.org/fhir/StructureDefinition/baz")); + + Coding requesterCoding = new Coding("http://dsf.dev/fhir/CodeSystem/process-authorization", + "LOCAL_ROLE_PRACTITIONER", null); + Extension requesterCodingExtension = requesterCoding.addExtension(); + requesterCodingExtension.setUrl( + "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role-practitioner"); + requesterCodingExtension.addExtension("parent-organization", + new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("parent.org")); + requesterCodingExtension.addExtension("organization-role", + new Coding("http://dsf.dev/fhir/CodeSystem/organization-role", "DIC", null)); + requesterCodingExtension.addExtension("practitioner-role", + new Coding("http://dsf.dev/fhir/CodeSystem/practitioner-role", "DSF_ADMIN", null)); + processAuthorization.addExtension("requester", requesterCoding); + + processAuthorization.addExtension("recipient", + new Coding("http://dsf.dev/fhir/CodeSystem/process-authorization", "LOCAL_ALL", null)); + + logResource(ad); + + ValidationResult result = resourceValidator.validate(ad); + + logMessages(result); + + assertTrue(result.isSuccessful()); + } + @Test public void testActivityDefinitionWithProcessAuthorizationRequesterRemoteOrganizationRecipientRemoteConsortiumRoleNotValid() throws Exception @@ -150,18 +263,11 @@ public void testActivityDefinitionWithProcessAuthorizationRequesterRemoteOrganiz "REMOTE_ORGANIZATION", null); requesterCoding.addExtension( "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-organization", - new Identifier().setSystem("http://dsf.dev/sid/does-not-exists").setValue("organization.com")); + new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("organization.com")); processAuthorization.addExtension("requester", requesterCoding); Coding recipientCoding = new Coding("http://dsf.dev/fhir/CodeSystem/process-authorization", "REMOTE_ROLE", null); - Extension consortiumRole = recipientCoding.addExtension(); - consortiumRole.setUrl( - "http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role"); - consortiumRole.addExtension("parent-organization", - new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("parent.org")); - consortiumRole.addExtension("role", - new Coding("http://dsf.dev/fhir/CodeSystem/organization-role", "DIC", null)); processAuthorization.addExtension("recipient", recipientCoding); logResource(ad); @@ -171,6 +277,6 @@ public void testActivityDefinitionWithProcessAuthorizationRequesterRemoteOrganiz logMessages(result); assertFalse(result.isSuccessful()); - assertEquals(24, result.getMessages().size()); + assertEquals(7, result.getMessages().size()); } } diff --git a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java index 7880fa0a9..d852f2001 100644 --- a/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java +++ b/dsf-fhir/dsf-fhir-validation/src/test/java/dev/dsf/fhir/profiles/CodeSystemProfileTest.java @@ -159,7 +159,7 @@ public void testCodeSystemWithParentOrganizationMemberReadAccessValid() throws E .setUrl("http://dsf.dev/fhir/StructureDefinition/extension-read-access-parent-organization-role"); ex.addExtension().setUrl("parent-organization").setValue( new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("parent.org")); - ex.addExtension().setUrl("role") + ex.addExtension().setUrl("organization-role") .setValue(new Coding().setSystem("http://dsf.dev/fhir/CodeSystem/organization-role").setCode("TTP")); logResource(cs); @@ -181,7 +181,7 @@ public void testCodeSystemWithParentOrganizationMemberReadAccessNotValid() throw .setUrl("http://dsf.dev/fhir/StructureDefinition/extension-read-access-parent-organization-role"); ex.addExtension().setUrl("parent-organization").setValue( new Identifier().setSystem("http://dsf.dev/sid/organization-identifier").setValue("parent.org")); - ex.addExtension().setUrl("role") + ex.addExtension().setUrl("organization-role") .setValue(new Coding().setSystem("http://dsf.dev/fhir/CodeSystem/organization-role").setCode("FOO")); logResource(cs); From ce225c66f467cc5d63b9e3fb743e108c052c3762 Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Fri, 23 Jun 2023 17:16:28 +0200 Subject: [PATCH 18/43] add identifier and coding values for input elements, prepare structure definition loading --- .../dsf/fhir/adapter/InputHtmlGenerator.java | 47 +++++- .../dsf/fhir/adapter/TaskHtmlGenerator.java | 74 ++++++--- .../src/main/resources/static/form.css | 13 +- .../src/main/resources/static/form.js | 140 ++++++++++++++---- 4 files changed, 211 insertions(+), 63 deletions(-) diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java index abafc157c..99723a8ef 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java @@ -11,6 +11,7 @@ import org.hl7.fhir.r4.model.DateType; import org.hl7.fhir.r4.model.DecimalType; import org.hl7.fhir.r4.model.Identifier; +import org.hl7.fhir.r4.model.InstantType; import org.hl7.fhir.r4.model.IntegerType; import org.hl7.fhir.r4.model.Reference; import org.hl7.fhir.r4.model.StringType; @@ -106,25 +107,45 @@ else if (type instanceof DateTimeType) + (writable ? "placeholder=\"yyyy.MM.dd hh:mm:ss\"" : "value=\"" + dateTime + "\"") + "></input>\n"); } + else if (type instanceof InstantType) + { + Date value = ((InstantType) type).getValue(); + String dateTime = DATE_TIME_FORMAT.format(value); + + out.write("<input type=\"datetime-local\" id=\"" + elementId + "\" name=\"" + elementId + "\" " + + (writable ? "placeholder=\"yyyy.MM.dd hh:mm:ss\"" : "value=\"" + dateTime + "\"") + + "></input>\n"); + } else if (type instanceof UriType) { String value = ((UriType) type).getValue(); out.write("<input type=\"url\" id=\"" + elementId + "\" name=\"" + elementId + "\" " + (writable ? "placeholder=\"" + value + "\"" : "value=\"" + value + "\"") + "></input>\n"); } - else if (type instanceof Reference) + else if (type instanceof Reference reference) { - String value = ((Reference) type).getReference(); - out.write("<input type=\"url\" id=\"" + elementId + "\" name=\"" + elementId + "\" " - + (writable ? "placeholder=\"" + value + "\"" : "value=\"" + value + "\"") + "></input>\n"); + if (reference.hasReference()) + { + out.write("<input type=\"url\" id=\"" + elementId + "\" name=\"" + elementId + "\" " + + (writable ? "placeholder=\"" + reference.getReference() + "\"" + : "value=\"" + reference.getReference() + "\"") + + "></input>\n"); + } + else if (reference.hasIdentifier()) + { + Identifier identifier = reference.getIdentifier(); + writeInputFieldSystemValueInput(elementId, writable, identifier.getSystem(), identifier.getValue(), + out); + } } - else if (type instanceof Identifier) + else if (type instanceof Identifier identifier) { - // TODO + writeInputFieldSystemValueInput(elementId, writable, identifier.getSystem(), identifier.getValue(), + out); } - else if (type instanceof Coding) + else if (type instanceof Coding coding) { - // TODO + writeInputFieldSystemValueInput(elementId, writable, coding.getSystem(), coding.getCode(), out); } else { @@ -133,4 +154,14 @@ else if (type instanceof Coding) } } } + + private void writeInputFieldSystemValueInput(String elementId, boolean writable, String system, String value, + OutputStreamWriter out) throws IOException + { + out.write("<input type=\"url\" id=\"" + elementId + "-system\" name=\"" + elementId + "-system\" " + + (writable ? "placeholder=\"" + system + "\"" : "value=\"" + system + "\"") + "></input>\n"); + out.write("<input class=\"identifier-coding-value\" type=\"text\" id=\"" + elementId + "-value\" name=\"" + + elementId + "-value\" " + (writable ? "placeholder=\"" + value + "\"" : "value=\"" + value + "\"") + + "></input>\n"); + } } diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java index b81771794..94f3372a1 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java @@ -4,6 +4,7 @@ import java.io.OutputStreamWriter; import java.util.UUID; +import org.hl7.fhir.r4.model.CodeableConcept; import org.hl7.fhir.r4.model.Coding; import org.hl7.fhir.r4.model.Task; @@ -79,22 +80,38 @@ public void writeHtml(String basePath, Task task, OutputStreamWriter out) throws + (draft ? "placeholder=\"yyyy.MM.dd hh:mm:ss\"" : "value=\"" + authoredOn + "\"") + "></input>\n"); out.write("</div>\n"); - for (Task.ParameterComponent input : task.getInput()) + if (task.hasInput()) { - writeInput(input, draft, out); - } + out.write("<section>"); + out.write("<h2 class=\"input-output-header\">Inputs</h2>"); - if (draft) - { - out.write("<div class=\"row row-submit\" id=\"submit-row\">\n"); - out.write("<button type=\"button\" id=\"submit\" class=\"submit\" " + "onclick=\"startProcess();\"" - + ">Start Process</button>\n"); - out.write("</div>\n"); + for (Task.ParameterComponent input : task.getInput()) + { + writeInput(input, draft, out); + } + + if (draft) + { + out.write("<div class=\"row row-submit\" id=\"submit-row\">\n"); + out.write("<button type=\"button\" id=\"submit\" class=\"submit\" " + "onclick=\"startProcess();\"" + + ">Start Process</button>\n"); + out.write("</div>\n"); + } + + out.write("</section>"); } - for (Task.TaskOutputComponent output : task.getOutput()) + if (task.hasOutput()) { - writeOutput(output, out); + out.write("<section>"); + out.write("<h2 class=\"input-output-header\">Outputs</h2>"); + + for (Task.TaskOutputComponent output : task.getOutput()) + { + writeOutput(output, out); + } + + out.write("</section>"); } out.write("</fieldset>\n"); @@ -159,32 +176,45 @@ private void writeInput(Task.ParameterComponent input, boolean draft, OutputStre { String typeCode = getTypeCode(input); boolean display = display(draft, typeCode); - boolean writable = !draft; if (input.hasValue()) { - writeInputRow(input.getValue(), typeCode, typeCode, display, writable, out); + writeInputRow(input.getValue(), typeCode, typeCode, display, draft, out); } } private void writeOutput(Task.TaskOutputComponent output, OutputStreamWriter out) throws IOException { - // TODO + String typeCode = getTypeCode(output); + if (output.hasValue()) + { + writeInputRow(output.getValue(), typeCode, typeCode, true, false, out); + } } private boolean display(boolean draft, String typeCode) { - return !draft && ((CODESYSTEM_BPMN_MESSAGE_MESSAGE_NAME.equals(typeCode) - || CODESYSTEM_BPMN_MESSAGE_BUSINESS_KEY.equals(typeCode) - || CODESYSTEM_BPMN_MESSAGE_CORRELATION_KEY.equals(typeCode))); + if (draft) + return !((CODESYSTEM_BPMN_MESSAGE_MESSAGE_NAME.equals(typeCode) + || CODESYSTEM_BPMN_MESSAGE_BUSINESS_KEY.equals(typeCode) + || CODESYSTEM_BPMN_MESSAGE_CORRELATION_KEY.equals(typeCode))); + else + return true; } private String getTypeCode(Task.ParameterComponent input) { - if (input.hasType()) - return input.getType().getCoding().stream().findFirst() - .orElse(new Coding().setCode(UUID.randomUUID().toString())).getCode(); - else - return UUID.randomUUID().toString(); + return getCode(input.getType()); + } + + private String getTypeCode(Task.TaskOutputComponent output) + { + return getCode(output.getType()); + } + + private String getCode(CodeableConcept codeableConcept) + { + return codeableConcept.getCoding().stream().findFirst() + .orElse(new Coding().setCode(UUID.randomUUID().toString())).getCode(); } } diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css index 6705650a1..5d957f1be 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css @@ -148,7 +148,6 @@ fieldset#form-fieldset { clear: both; } - .row-submit { background-color: #ffffff; padding: 0; @@ -197,6 +196,10 @@ input[type=date], input[type=time], input[type=datetime-local], input[type=numbe display: block; } +input.identifier-coding-value { + margin-top: 6px; +} + .invisible { display: none; } @@ -218,6 +221,14 @@ button.submit[disabled] { cursor: not-allowed; } +.input-output-header { + font-family: monospace; + font-size: 1.75em; + color: #326F95; + padding-left: 5px; + margin-bottom: 12px; +} + .spinner-enabled { display: block; } diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js index 8df8806d9..bbbcbd0ea 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js @@ -1,30 +1,30 @@ function startProcess() { - const taskStringBefore = document.getElementById("json").innerText - const task = JSON.parse(taskStringBefore) - + const task = getResourceAsJson() const errors = [] + readTaskInputsFromForm(task, errors) console.log(task) console.log(errors) if (errors.length === 0) { - const taskStringAfter = JSON.stringify(task) - createTask(taskStringAfter) + const taskString = JSON.stringify(task) + createTask(taskString) } } function readTaskInputsFromForm(task, errors) { - task.status = "requested" + task.id = null + task.meta.lastUpdated = null + task.meta.version = null // TODO set requester as practitioner-identifier if OIDC //task.requester.type = "Practitioner" //task.requester.identifier.value = "" //task.requester.identifier.system = "http://dsf.dev/sid/practitioner-identifier" + task.status = "requested" task.authoredOn = new Date().toISOString() - task.meta.lastUpdated = null - task.meta.version = null task.input.forEach((input) => { if (input.hasOwnProperty("type")) { @@ -32,25 +32,24 @@ function readTaskInputsFromForm(task, errors) { if (id !== "message-name" && id !== "business-key" && id !== "correlation-key") { const inputValueType = Object.keys(input).find((string) => string.startsWith("value")) - input[inputValueType] = readAndValidateValue(id, inputValueType, errors) + input[inputValueType] = readAndValidateValue(input, id, inputValueType, errors) } } }) } function completeQuestionnaireResponse() { - const questionnaireResponseStringBefore = document.getElementById("json").innerText - const questionnaireResponse = JSON.parse(questionnaireResponseStringBefore) - + const questionnaireResponse = getResourceAsJson() const errors = [] + readQuestionnaireResponseAnswersFromForm(questionnaireResponse, errors) console.log(questionnaireResponse) console.log(errors) if (errors.length === 0) { - const questionnaireResponseStringAfter = JSON.stringify(questionnaireResponse) - updateQuestionnaireResponse(questionnaireResponseStringAfter) + const questionnaireResponseString = JSON.stringify(questionnaireResponse) + updateQuestionnaireResponse(questionnaireResponseString) } } @@ -65,14 +64,16 @@ function readQuestionnaireResponseAnswersFromForm(questionnaireResponse, errors) const answer = item.answer[0] const answerType = Object.keys(answer).find((string) => string.startsWith("value")) - answer[answerType] = readAndValidateValue(id, answerType, errors) + answer[answerType] = readAndValidateValue(answer, id, answerType, errors) } } }) } -function readAndValidateValue(id, valueType, errors) { - const value = document.getElementById(id).value +function readAndValidateValue(templateValue, id, valueType, errors) { + const value = document.getElementById(id)?.value + const valueSystem = document.getElementById(id + "-system")?.value + const valueValue = document.getElementById(id + "-value")?.value const rowElement = document.getElementById(id + "-input-row") const errorListElement = document.getElementById(id + "-error") @@ -90,18 +91,23 @@ function readAndValidateValue(id, valueType, errors) { return validateTime(rowElement, errorListElement, value, errors, id) } else if (valueType === 'valueDateTime') { return validateDateTime(rowElement, errorListElement, value, errors, id) + } else if (valueType === 'valueInstant') { + return validateInstant(rowElement, errorListElement, value, errors, id) } else if (valueType === 'valueUri') { return validateUrl(rowElement, errorListElement, value, errors, id) } else if (valueType === 'valueReference') { - return validateReference(rowElement, errorListElement, value, errors, id) + if (value) { + return validateReference(rowElement, errorListElement, value, errors, id) + } else { + const valueIdentifier = validateIdentifier(rowElement, errorListElement, valueSystem, valueValue, errors, id) + return {identifier: valueIdentifier, type: templateValue?.valueReference?.type} + } } else if (valueType === 'valueBoolean') { return document.querySelector("input[name=" + id + "]:checked").value } else if (valueType === "valueIdentifier") { - // TODO - return null + return validateIdentifier(rowElement, errorListElement, valueSystem, valueValue, errors, id) } else if (valueType === "valueCoding") { - // TODO - return null + return validateCoding(rowElement, errorListElement, value, errors, id) } else { return null } @@ -179,6 +185,19 @@ function validateDateTime(rowElement, errorListElement, value, errors, id) { } } +function validateInstant(rowElement, errorListElement, value, errors, id) { + validateString(rowElement, errorListElement, value, errors, id) + + try { + const dateTime = new Date(value).toISOString() + removeError(rowElement, errorListElement) + return dateTime + } catch (_) { + addError(rowElement, errorListElement, errors, id, "Value is not an instant") + return null + } +} + function validateReference(rowElement, errorListElement, value, errors, id) { validateString(rowElement, errorListElement, value, errors, id) @@ -205,6 +224,32 @@ function validateUrl(rowElement, errorListElement, value, errors, id) { } } +function validateIdentifier(rowElement, errorListElement, valueSystem, valueValue, errors, id) { + const validatedSystem = validateUrl(rowElement, errorListElement, valueSystem, errors, id) + const validatedValue = validateString(rowElement, errorListElement, valueValue, errors, id) + + if (validatedSystem && validatedValue) { + removeError(rowElement, errorListElement) + return {system: valueSystem, value: valueValue} + } else { + addError(rowElement, errorListElement, errors, id, "System or value not usable for identifier") + return null + } +} + +function validateCode(rowElement, errorListElement, valueSystem, valueValue, errors, id) { + const validatedSystem = validateUrl(rowElement, errorListElement, valueSystem, errors, id) + const validatedCode = validateString(rowElement, errorListElement, valueValue, errors, id) + + if (validatedSystem && validatedValue) { + removeError(rowElement, errorListElement) + return {system: valueSystem, code: valueValue} + } else { + addError(rowElement, errorListElement, errors, id, "System or code not usable for coding") + return null + } +} + function addError(rowElement, errorListElement, errors, id, message) { errors.push({id: id, error: message}) @@ -266,14 +311,10 @@ function createTask(task) { function parseResponse(response, redirect, resourceBaseUrlWithoutId) { console.log(response) - const status = response.status - const statusOk = response.ok - const statusText = response.statusText === null ? " - " + response.statusText : "" - response.text().then((text) => { console.log(text) - if (statusOk) { + if (response.ok) { const resource = JSON.parse(text) setTimeout(() => { disableSpinner() @@ -281,8 +322,8 @@ function parseResponse(response, redirect, resourceBaseUrlWithoutId) { }, 1000) } else { disableSpinner() - const alertText = "Status: " + status + statusText + "\n\n" + text - window.alert(alertText) + const statusText = response.statusText === null ? " - " + response.statusText : "" + window.alert("Status: " + response.status + statusText + "\n\n" + text) } }) } @@ -300,7 +341,42 @@ function disableSpinner() { } function adaptFormInputs() { - // TODO set requester as practitioner-identifier if OIDC - // TODO load cardinalities and add inputs - console.log("Cardinalities to be loaded..") +// const resourceType = getResourceTypeForCurrentUrl(); +// +// if (resourceType !== null && resourceType[1] !== undefined && resourceType[1] === 'Task') { +// const task = getResourceAsJson() +// +// if (task.meta !== null && task.meta.profile !== null && task.meta.profile.length > 0) { +// const profile = task.meta.profile[0].split("|") +// +// if (profile.length > 0) { +// let currentUrl = window.location.origin + window.location.pathname +// let requestUrl = currentUrl.slice(0, currentUrl.indexOf("/Task")) + "/StructureDefinition?url=" + profile[0] +// +// if (profile.length > 1) { +// requestUrl = requestUrl + "&version=" + profile[1] +// } +// +// fetch(requestUrl, { +// method: "GET", +// headers: { +// 'Accept': 'application/json' +// } +// }).then(response => { +// console.log(response) +// +// if (response.ok) { +// response.json().then((json) => { +// // TODO +// }) +// } +// }) +// } +// } +// } +} + +function getResourceAsJson() { + const resource = document.getElementById("json").innerText + return JSON.parse(resource) } \ No newline at end of file From e6ce512fe8bef93d71ea739756f06565c0c19a60 Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Sun, 25 Jun 2023 16:34:10 +0200 Subject: [PATCH 19/43] improve task javascript --- .../dev/dsf/fhir/adapter/InputHtmlGenerator.java | 8 ++++---- .../java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java | 1 + .../src/main/resources/static/form.js | 12 +++++++----- 3 files changed, 12 insertions(+), 9 deletions(-) diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java index 99723a8ef..96ff4c017 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java @@ -78,10 +78,10 @@ else if (type instanceof BooleanType) boolean valueIsTrue = ((BooleanType) type).getValue(); out.write("<div>\n"); - out.write("<label class=\"radio\"><input type=\"radio\" id=\"" + elementId + "\" name=\"" + elementId - + "\" value=\"true\" " + ((valueIsTrue) ? "checked" : "") + "/>Yes</label>\n"); - out.write("<label class=\"radio\"><input type=\"radio\" id=\"" + elementId + "\" name=\"" + elementId - + "\" value=\"false\" " + ((!valueIsTrue) ? "checked" : "") + "/>No</label>\n"); + out.write("<label class=\"radio\"><input type=\"radio\" id=\"" + elementId + "-true\" name=\"" + + elementId + "\" value=\"true\" " + ((valueIsTrue) ? "checked" : "") + "/>Yes</label>\n"); + out.write("<label class=\"radio\"><input type=\"radio\" id=\"" + elementId + "-false\" name=\"" + + elementId + "\" value=\"false\" " + ((!valueIsTrue) ? "checked" : "") + "/>No</label>\n"); out.write("</div>\n"); } else if (type instanceof DateType) diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java index 94f3372a1..132af11e5 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java @@ -189,6 +189,7 @@ private void writeOutput(Task.TaskOutputComponent output, OutputStreamWriter out if (output.hasValue()) { writeInputRow(output.getValue(), typeCode, typeCode, true, false, out); + // TODO write extensions } } diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js index bbbcbd0ea..53158acb3 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js @@ -71,7 +71,9 @@ function readQuestionnaireResponseAnswersFromForm(questionnaireResponse, errors) } function readAndValidateValue(templateValue, id, valueType, errors) { - const value = document.getElementById(id)?.value + const parentElement = document.getElementById(id) + + const value = parentElement?.value const valueSystem = document.getElementById(id + "-system")?.value const valueValue = document.getElementById(id + "-value")?.value @@ -96,7 +98,7 @@ function readAndValidateValue(templateValue, id, valueType, errors) { } else if (valueType === 'valueUri') { return validateUrl(rowElement, errorListElement, value, errors, id) } else if (valueType === 'valueReference') { - if (value) { + if (parentElement) { return validateReference(rowElement, errorListElement, value, errors, id) } else { const valueIdentifier = validateIdentifier(rowElement, errorListElement, valueSystem, valueValue, errors, id) @@ -107,7 +109,7 @@ function readAndValidateValue(templateValue, id, valueType, errors) { } else if (valueType === "valueIdentifier") { return validateIdentifier(rowElement, errorListElement, valueSystem, valueValue, errors, id) } else if (valueType === "valueCoding") { - return validateCoding(rowElement, errorListElement, value, errors, id) + return validateCoding(rowElement, errorListElement, valueSystem, valueValue, errors, id) } else { return null } @@ -237,11 +239,11 @@ function validateIdentifier(rowElement, errorListElement, valueSystem, valueValu } } -function validateCode(rowElement, errorListElement, valueSystem, valueValue, errors, id) { +function validateCoding(rowElement, errorListElement, valueSystem, valueValue, errors, id) { const validatedSystem = validateUrl(rowElement, errorListElement, valueSystem, errors, id) const validatedCode = validateString(rowElement, errorListElement, valueValue, errors, id) - if (validatedSystem && validatedValue) { + if (validatedSystem && validatedCode) { removeError(rowElement, errorListElement) return {system: valueSystem, code: valueValue} } else { From 1ce70f4ffce7ca26c5944bd2cc48b557a3d7c195 Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Mon, 26 Jun 2023 10:59:42 +0200 Subject: [PATCH 20/43] write extensions of output --- .../dsf/fhir/adapter/InputHtmlGenerator.java | 32 +++++++++++++++++-- .../QuestionnaireResponseHtmlGenerator.java | 4 ++- .../dsf/fhir/adapter/TaskHtmlGenerator.java | 5 ++- .../src/main/resources/static/form.css | 15 +++++++++ 4 files changed, 50 insertions(+), 6 deletions(-) diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java index 96ff4c017..78ba4488d 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java @@ -4,12 +4,14 @@ import java.io.OutputStreamWriter; import java.text.SimpleDateFormat; import java.util.Date; +import java.util.List; import org.hl7.fhir.r4.model.BooleanType; import org.hl7.fhir.r4.model.Coding; import org.hl7.fhir.r4.model.DateTimeType; import org.hl7.fhir.r4.model.DateType; import org.hl7.fhir.r4.model.DecimalType; +import org.hl7.fhir.r4.model.Extension; import org.hl7.fhir.r4.model.Identifier; import org.hl7.fhir.r4.model.InstantType; import org.hl7.fhir.r4.model.IntegerType; @@ -37,19 +39,45 @@ protected void writeDisplayRow(String text, String elementId, boolean display, O out.write("</div>\n"); } - protected void writeInputRow(Type type, String elementId, String elementLabel, boolean display, boolean writable, - OutputStreamWriter out) throws IOException + protected void writeInputRow(Type type, List<Extension> extensions, String elementId, String elementLabel, + boolean display, boolean writable, OutputStreamWriter out) throws IOException { out.write("<div class=\"row " + (display ? "" : "invisible") + "\" id=\"" + elementId + "-input-row\">\n"); out.write("<label class=\"row-label\" for=\"" + elementId + "\">" + elementLabel + "</label>\n"); writeInputField(type, elementId, writable, out); + writeExtensionFields(extensions, elementId, writable, 0, out); out.write("<ul class=\"error-list-not-visible\" id=\"" + elementId + "-error\">\n"); out.write("</ul>\n"); out.write("</div>\n"); } + protected void writeExtensionFields(List<Extension> extensions, String elementId, boolean writable, int depth, + OutputStreamWriter out) throws IOException + { + for (Extension extension : extensions) + { + String extensionElementId = elementId + "-" + extension.getUrl(); + out.write("<div class=\"" + (depth == 0 ? "row-extension-0" : "row-extension") + "\" id=\"" + + extensionElementId + "-extension-row\">\n"); + + out.write("<label class=\"row-label" + (extension.hasValue() ? "" : " row-label-extension-no-value") + + "\" for=\"" + extensionElementId + "\"> Extension: " + extension.getUrl() + "</label>\n"); + + if (extension.hasValue()) + { + writeInputField(extension.getValue(), extensionElementId, writable, out); + } + + if (extension.hasExtension()) + { + writeExtensionFields(extension.getExtension(), extensionElementId, writable, ++depth, out); + } + out.write("</div>\n"); + } + } + protected void writeInputField(Type type, String elementId, boolean writable, OutputStreamWriter out) throws IOException { diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/QuestionnaireResponseHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/QuestionnaireResponseHtmlGenerator.java index 9fd386a6b..dfa93364a 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/QuestionnaireResponseHtmlGenerator.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/QuestionnaireResponseHtmlGenerator.java @@ -2,6 +2,7 @@ import java.io.IOException; import java.io.OutputStreamWriter; +import java.util.Collections; import org.hl7.fhir.r4.model.QuestionnaireResponse; import org.hl7.fhir.r4.model.StringType; @@ -135,7 +136,8 @@ private void writeRow(QuestionnaireResponse.QuestionnaireResponseItemComponent i boolean writable = !completed; if (item.hasAnswer()) - writeInputRow(item.getAnswerFirstRep().getValue(), linkId, text, display, writable, out); + writeInputRow(item.getAnswerFirstRep().getValue(), Collections.emptyList(), linkId, text, display, writable, + out); else writeDisplayRow(text, linkId, display, out); } diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java index 132af11e5..c75410224 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java @@ -179,7 +179,7 @@ private void writeInput(Task.ParameterComponent input, boolean draft, OutputStre if (input.hasValue()) { - writeInputRow(input.getValue(), typeCode, typeCode, display, draft, out); + writeInputRow(input.getValue(), input.getExtension(), typeCode, typeCode, display, draft, out); } } @@ -188,8 +188,7 @@ private void writeOutput(Task.TaskOutputComponent output, OutputStreamWriter out String typeCode = getTypeCode(output); if (output.hasValue()) { - writeInputRow(output.getValue(), typeCode, typeCode, true, false, out); - // TODO write extensions + writeInputRow(output.getValue(), output.getExtension(), typeCode, typeCode, true, false, out); } } diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css index 5d957f1be..79e468074 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css @@ -20,6 +20,21 @@ fieldset#form-fieldset { background-color: #f2f2f2; } +.row-extension-0 { + margin-top: 12px; + padding: 0 0 12px 12px; + border-radius: 5px; + background-color: #e2e2e2; +} + +.row-label-extension-no-value { + margin-bottom: -10px; +} + +.row-extension { + padding: 10px 0 0 15px; +} + .row-display { padding-top: 15px; } From a180b9ab553058d21c0434e5ef06f55c3c970bd4 Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Mon, 26 Jun 2023 11:45:40 +0200 Subject: [PATCH 21/43] move input label generation in its own function --- .../dsf/fhir/adapter/InputHtmlGenerator.java | 32 +++++++++++++++---- 1 file changed, 25 insertions(+), 7 deletions(-) diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java index 78ba4488d..b12fbe919 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java @@ -5,6 +5,7 @@ import java.text.SimpleDateFormat; import java.util.Date; import java.util.List; +import java.util.function.Supplier; import org.hl7.fhir.r4.model.BooleanType; import org.hl7.fhir.r4.model.Coding; @@ -43,17 +44,30 @@ protected void writeInputRow(Type type, List<Extension> extensions, String eleme boolean display, boolean writable, OutputStreamWriter out) throws IOException { out.write("<div class=\"row " + (display ? "" : "invisible") + "\" id=\"" + elementId + "-input-row\">\n"); - out.write("<label class=\"row-label\" for=\"" + elementId + "\">" + elementLabel + "</label>\n"); + writeInputLabel(type, elementId, elementLabel, () -> "", out); writeInputField(type, elementId, writable, out); - writeExtensionFields(extensions, elementId, writable, 0, out); + writeInputExtensionFields(extensions, elementId, writable, 0, out); out.write("<ul class=\"error-list-not-visible\" id=\"" + elementId + "-error\">\n"); out.write("</ul>\n"); out.write("</div>\n"); } - protected void writeExtensionFields(List<Extension> extensions, String elementId, boolean writable, int depth, + protected void writeInputLabel(Type type, String elementId, String elementLabel, Supplier<String> additionalClasses, + OutputStreamWriter out) throws IOException + { + if (type instanceof Identifier || type instanceof Coding) + { + elementId = elementId + "-system"; + } + + String forElement = type != null ? " for=\"" + elementId + "\"" : ""; + out.write("<label class=\"row-label " + additionalClasses.get() + "\"" + forElement + ">" + elementLabel + + "</label>\n"); + } + + protected void writeInputExtensionFields(List<Extension> extensions, String elementId, boolean writable, int depth, OutputStreamWriter out) throws IOException { for (Extension extension : extensions) @@ -62,17 +76,21 @@ protected void writeExtensionFields(List<Extension> extensions, String elementId out.write("<div class=\"" + (depth == 0 ? "row-extension-0" : "row-extension") + "\" id=\"" + extensionElementId + "-extension-row\">\n"); - out.write("<label class=\"row-label" + (extension.hasValue() ? "" : " row-label-extension-no-value") - + "\" for=\"" + extensionElementId + "\"> Extension: " + extension.getUrl() + "</label>\n"); - + String extensionElementLabel = "Extension: " + extension.getUrl(); if (extension.hasValue()) { + writeInputLabel(extension.getValue(), extensionElementId, extensionElementLabel, () -> "", out); writeInputField(extension.getValue(), extensionElementId, writable, out); } + else + { + writeInputLabel(null, extensionElementId, extensionElementLabel, () -> "row-label-extension-no-value", + out); + } if (extension.hasExtension()) { - writeExtensionFields(extension.getExtension(), extensionElementId, writable, ++depth, out); + writeInputExtensionFields(extension.getExtension(), extensionElementId, writable, ++depth, out); } out.write("</div>\n"); } From 40f4f2a706747b17d0c39d2585108ea72cbd949d Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Mon, 26 Jun 2023 12:18:21 +0200 Subject: [PATCH 22/43] upgrade to PostgreSQL 15 --- dsf-bpe/dsf-bpe-server/pom.xml | 2 +- .../{start-postgres13.bat => start-postgres15.bat} | 2 +- .../{start-postgres13.sh => start-postgres15.sh} | 2 +- dsf-docker-test-setup-3dic-ttp/docker-compose.yml | 2 +- dsf-docker-test-setup/bpe/docker-compose.yml | 2 +- dsf-docker-test-setup/fhir/docker-compose.yml | 2 +- dsf-fhir/dsf-fhir-server/pom.xml | 2 +- 7 files changed, 7 insertions(+), 7 deletions(-) rename dsf-docker-for-junit-testing/{start-postgres13.bat => start-postgres15.bat} (74%) rename dsf-docker-for-junit-testing/{start-postgres13.sh => start-postgres15.sh} (75%) diff --git a/dsf-bpe/dsf-bpe-server/pom.xml b/dsf-bpe/dsf-bpe-server/pom.xml index 011b9f4c2..88cb9970a 100755 --- a/dsf-bpe/dsf-bpe-server/pom.xml +++ b/dsf-bpe/dsf-bpe-server/pom.xml @@ -235,7 +235,7 @@ <configuration> <images> <image> - <name>postgres:13</name> + <name>postgres:15</name> <run> <ports> <port>127.0.0.1:54321:5432</port> diff --git a/dsf-docker-for-junit-testing/start-postgres13.bat b/dsf-docker-for-junit-testing/start-postgres15.bat similarity index 74% rename from dsf-docker-for-junit-testing/start-postgres13.bat rename to dsf-docker-for-junit-testing/start-postgres15.bat index 9e3366da8..5683df534 100644 --- a/dsf-docker-for-junit-testing/start-postgres13.bat +++ b/dsf-docker-for-junit-testing/start-postgres15.bat @@ -1,4 +1,4 @@ @echo off echo starting postgres docker container at 127.0.0.1:54321 ... -docker run -it --rm -e POSTGRES_PASSWORD=password -e TZ=Europe/Berlin -e POSTGRES_DB=db -p 127.0.0.1:54321:5432 postgres:13 postgres -c log_statement=all -c log_min_messages=NOTICE +docker run -it --rm -e POSTGRES_PASSWORD=password -e TZ=Europe/Berlin -e POSTGRES_DB=db -p 127.0.0.1:54321:5432 postgres:15 postgres -c log_statement=all -c log_min_messages=NOTICE diff --git a/dsf-docker-for-junit-testing/start-postgres13.sh b/dsf-docker-for-junit-testing/start-postgres15.sh similarity index 75% rename from dsf-docker-for-junit-testing/start-postgres13.sh rename to dsf-docker-for-junit-testing/start-postgres15.sh index c54567242..dfb8826a1 100644 --- a/dsf-docker-for-junit-testing/start-postgres13.sh +++ b/dsf-docker-for-junit-testing/start-postgres15.sh @@ -1,4 +1,4 @@ #!/bin/bash echo starting postgres docker container at 127.0.0.1:54321 ... -docker run -it --rm -e POSTGRES_PASSWORD=password -e TZ=Europe/Berlin -e POSTGRES_DB=db -p 127.0.0.1:54321:5432 postgres:13 postgres -c log_statement=all -c log_min_messages=NOTICE +docker run -it --rm -e POSTGRES_PASSWORD=password -e TZ=Europe/Berlin -e POSTGRES_DB=db -p 127.0.0.1:54321:5432 postgres:15 postgres -c log_statement=all -c log_min_messages=NOTICE diff --git a/dsf-docker-test-setup-3dic-ttp/docker-compose.yml b/dsf-docker-test-setup-3dic-ttp/docker-compose.yml index 04deb458a..1675f4011 100644 --- a/dsf-docker-test-setup-3dic-ttp/docker-compose.yml +++ b/dsf-docker-test-setup-3dic-ttp/docker-compose.yml @@ -45,7 +45,7 @@ services: TZ: Europe/Berlin db: - image: postgres:13 + image: postgres:15 restart: "no" healthcheck: test: [ "CMD-SHELL", "pg_isready -U postgres -d postgres" ] diff --git a/dsf-docker-test-setup/bpe/docker-compose.yml b/dsf-docker-test-setup/bpe/docker-compose.yml index 57d1455dd..6aa663648 100755 --- a/dsf-docker-test-setup/bpe/docker-compose.yml +++ b/dsf-docker-test-setup/bpe/docker-compose.yml @@ -45,7 +45,7 @@ services: - db db: - image: postgres:13 + image: postgres:15 restart: "no" # ports: # - 127.0.0.1:5432:5432 diff --git a/dsf-docker-test-setup/fhir/docker-compose.yml b/dsf-docker-test-setup/fhir/docker-compose.yml index 570a57c55..341ad537f 100755 --- a/dsf-docker-test-setup/fhir/docker-compose.yml +++ b/dsf-docker-test-setup/fhir/docker-compose.yml @@ -85,7 +85,7 @@ services: - db db: - image: postgres:13 + image: postgres:15 restart: "no" # ports: # - 127.0.0.1:5432:5432 diff --git a/dsf-fhir/dsf-fhir-server/pom.xml b/dsf-fhir/dsf-fhir-server/pom.xml index cbcc4e83c..a15e748f3 100755 --- a/dsf-fhir/dsf-fhir-server/pom.xml +++ b/dsf-fhir/dsf-fhir-server/pom.xml @@ -274,7 +274,7 @@ <configuration> <images> <image> - <name>postgres:13</name> + <name>postgres:15</name> <run> <ports> <port>127.0.0.1:54321:5432</port> From 11ba8d927faeaf24a0080a3e1a1c6439c96c808d Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Mon, 26 Jun 2023 12:18:58 +0200 Subject: [PATCH 23/43] dependency version upgrades --- pom.xml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/pom.xml b/pom.xml index 4b4972254..968f6224d 100755 --- a/pom.xml +++ b/pom.xml @@ -164,12 +164,12 @@ <dependency> <groupId>de.hs-heilbronn.mi</groupId> <artifactId>crypto-utils</artifactId> - <version>3.5.0</version> + <version>3.6.0</version> </dependency> <dependency> <groupId>de.hs-heilbronn.mi</groupId> <artifactId>db-test-utils</artifactId> - <version>0.20.0</version> + <version>0.21.0</version> </dependency> <dependency> From 85c693254ece5a3b793d1003d953d30ce2cad199 Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Mon, 26 Jun 2023 12:21:14 +0200 Subject: [PATCH 24/43] config parameters to set liquibase lock wait timeout force unlock --- .../java/dev/dsf/bpe/BpeDbMigratorConfig.java | 20 +++++++ .../dev/dsf/fhir/FhirDbMigratorConfig.java | 20 +++++++ .../java/dev/dsf/tools/db/DbMigrator.java | 58 ++++++++++++++++++- .../dev/dsf/tools/db/DbMigratorConfig.java | 4 ++ 4 files changed, 101 insertions(+), 1 deletion(-) diff --git a/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeDbMigratorConfig.java b/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeDbMigratorConfig.java index 32aa5ea6b..fe24c4b27 100644 --- a/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeDbMigratorConfig.java +++ b/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeDbMigratorConfig.java @@ -49,6 +49,14 @@ public class BpeDbMigratorConfig implements DbMigratorConfig @Value("${dev.dsf.bpe.db.user.password}") private char[] dbPassword; + @Documentation(description = "To force liquibase to unlock the migration lock set to `true`", recommendation = "Only use this option temporarily to unlock a stuck DB migration step") + @Value("${dev.dsf.bpe.db.liquibase.forceUnlock:false}") + private boolean dbLiquibaseUnlock; + + @Documentation(description = "Liquibase change lock wait time in minutes, default 2 minutes") + @Value("${dev.dsf.bpe.db.liquibase.lockWaitTime:2}") + private long dbLiquibaseLockWaitTime; + @Documentation(description = "The name of the user group to access the database from the DSF BPE server for camunda processes") @Value("${dev.dsf.bpe.db.user.camunda.group:camunda_users}") private String dbCamundaUsersGroup; @@ -100,4 +108,16 @@ private String toString(char[] password) { return password == null ? null : String.valueOf(password); } + + @Override + public boolean forceLiquibaseUnlock() + { + return dbLiquibaseUnlock; + } + + @Override + public long getLiquibaseLockWaitTime() + { + return dbLiquibaseLockWaitTime; + } } diff --git a/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirDbMigratorConfig.java b/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirDbMigratorConfig.java index 1677bf6aa..86d04c04b 100644 --- a/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirDbMigratorConfig.java +++ b/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirDbMigratorConfig.java @@ -37,6 +37,14 @@ public class FhirDbMigratorConfig implements DbMigratorConfig @Value("${dev.dsf.fhir.db.liquibase.password}") private char[] dbLiquibasePassword; + @Documentation(description = "To force liquibase to unlock the migration lock set to `true`", recommendation = "Only use this option temporarily to unlock a stuck DB migration step") + @Value("${dev.dsf.fhir.db.liquibase.forceUnlock:false}") + private boolean dbLiquibaseUnlock; + + @Documentation(description = "Liquibase change lock wait time in minutes, default 2 minutes") + @Value("${dev.dsf.fhir.db.liquibase.lockWaitTime:2}") + private long dbLiquibaseLockWaitTime; + @Documentation(description = "The name of the user group to access the database from the DSF FHIR server") @Value("${dev.dsf.fhir.db.user.group:fhir_users}") private String dbUsersGroup; @@ -101,4 +109,16 @@ private String toString(char[] password) { return password == null ? null : String.valueOf(password); } + + @Override + public boolean forceLiquibaseUnlock() + { + return dbLiquibaseUnlock; + } + + @Override + public long getLiquibaseLockWaitTime() + { + return dbLiquibaseLockWaitTime; + } } diff --git a/dsf-tools/dsf-tools-db-migration/src/main/java/dev/dsf/tools/db/DbMigrator.java b/dsf-tools/dsf-tools-db-migration/src/main/java/dev/dsf/tools/db/DbMigrator.java index b7c9c1b3e..e39cd0323 100755 --- a/dsf-tools/dsf-tools-db-migration/src/main/java/dev/dsf/tools/db/DbMigrator.java +++ b/dsf-tools/dsf-tools-db-migration/src/main/java/dev/dsf/tools/db/DbMigrator.java @@ -6,6 +6,8 @@ import java.sql.Connection; import java.sql.SQLException; import java.util.Arrays; +import java.util.HashMap; +import java.util.Map; import org.apache.commons.dbcp2.BasicDataSource; import org.postgresql.Driver; @@ -17,9 +19,12 @@ import liquibase.Scope; import liquibase.changelog.ChangeLogParameters; import liquibase.command.CommandScope; +import liquibase.command.core.ReleaseLocksCommandStep; import liquibase.command.core.UpdateCommandStep; import liquibase.command.core.helpers.DatabaseChangelogCommandStep; import liquibase.command.core.helpers.DbUrlConnectionCommandStep; +import liquibase.configuration.AbstractMapConfigurationValueProvider; +import liquibase.configuration.LiquibaseConfiguration; import liquibase.database.Database; import liquibase.database.DatabaseFactory; import liquibase.database.jvm.JdbcConnection; @@ -40,6 +45,37 @@ private static final class DbMigratorExceptions extends RuntimeException } } + + private static final class LiquibaseConfigProvider extends AbstractMapConfigurationValueProvider + { + static final String LIQUIBASE_CHANGELOGLOCK_WAIT_TIME = "liquibase.changelogLockWaitTimeInMinutes"; + + final Map<String, Object> map = new HashMap<>(); + + LiquibaseConfigProvider(long changelogLockWaitTimeInMinutes) + { + map.put(LIQUIBASE_CHANGELOGLOCK_WAIT_TIME, changelogLockWaitTimeInMinutes); + } + + @Override + public int getPrecedence() + { + return 350; + } + + @Override + protected Map<?, ?> getMap() + { + return map; + } + + @Override + protected String getSourceDescription() + { + return "DSF config"; + } + } + private final DbMigratorConfig config; public DbMigrator(DbMigratorConfig config) @@ -60,15 +96,35 @@ public void migrate() dataSource.setUsername(config.getDbLiquibaseUsername()); dataSource.setPassword(toString(config.getDbLiquibasePassword())); + LiquibaseConfiguration liquibaseConfiguration = Scope.getCurrentScope() + .getSingleton(LiquibaseConfiguration.class); + liquibaseConfiguration + .registerProvider(new LiquibaseConfigProvider(config.getLiquibaseLockWaitTime())); + try (Connection connection = dataSource.getConnection()) { Database database = DatabaseFactory.getInstance() .findCorrectDatabaseImplementation(new JdbcConnection(connection)); + if (config.forceLiquibaseUnlock()) + { + ByteArrayOutputStream output = new ByteArrayOutputStream(); + CommandScope unlockCommand = new CommandScope(ReleaseLocksCommandStep.COMMAND_NAME); + unlockCommand.addArgumentValue(DbUrlConnectionCommandStep.DATABASE_ARG, database); + unlockCommand.setOutput(output); + + logger.warn("Unlocking DB for migration ..."); + unlockCommand.execute(); + + Arrays.stream(output.toString().split("[\r\n]+")).filter(row -> !row.isBlank()) + .forEach(row -> logger.debug("{}", row)); + logger.warn("Unlocking DB for migration [Done]"); + } + ChangeLogParameters changeLogParameters = new ChangeLogParameters(database); config.getChangeLogParameters().forEach(changeLogParameters::set); - ByteArrayOutputStream output = new ByteArrayOutputStream(); + ByteArrayOutputStream output = new ByteArrayOutputStream(); CommandScope updateCommand = new CommandScope(UpdateCommandStep.COMMAND_NAME); updateCommand.addArgumentValue(DbUrlConnectionCommandStep.DATABASE_ARG, database); updateCommand.addArgumentValue(UpdateCommandStep.CHANGELOG_FILE_ARG, "db/db.changelog.xml"); diff --git a/dsf-tools/dsf-tools-db-migration/src/main/java/dev/dsf/tools/db/DbMigratorConfig.java b/dsf-tools/dsf-tools-db-migration/src/main/java/dev/dsf/tools/db/DbMigratorConfig.java index a8bbd6458..40e8651f2 100644 --- a/dsf-tools/dsf-tools-db-migration/src/main/java/dev/dsf/tools/db/DbMigratorConfig.java +++ b/dsf-tools/dsf-tools-db-migration/src/main/java/dev/dsf/tools/db/DbMigratorConfig.java @@ -11,4 +11,8 @@ public interface DbMigratorConfig char[] getDbLiquibasePassword(); Map<String, String> getChangeLogParameters(); + + boolean forceLiquibaseUnlock(); + + long getLiquibaseLockWaitTime(); } From b89c3727fc6b9bca92b95b2d7158d2b2b50874d8 Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Mon, 26 Jun 2023 12:22:02 +0200 Subject: [PATCH 25/43] fixed copy/paste error in log message --- .../fhir/authorization/AbstractMetaTagAuthorizationRule.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/AbstractMetaTagAuthorizationRule.java b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/AbstractMetaTagAuthorizationRule.java index e1a7e37b3..837c91c36 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/AbstractMetaTagAuthorizationRule.java +++ b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/AbstractMetaTagAuthorizationRule.java @@ -171,7 +171,7 @@ public final Optional<String> reasonUpdateAllowed(Connection connection, Identit logger.warn( "Update of {}/{}/_history/{} unauthorized for identity '{}', not a local identity or no role {}", getResourceTypeName(), resourceId.toString(), resourceVersion, identity.getName(), - FhirServerRole.DELETE); + FhirServerRole.UPDATE); return Optional.empty(); } } From 240f37e6d9e5a42c69b08ce57015f94e219a8098 Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Mon, 26 Jun 2023 12:23:16 +0200 Subject: [PATCH 26/43] added additional draft Task validation for input and output parameters --- .../dsf/bpe/plugin/AbstractProcessPlugin.java | 36 ++++++++++++++++++- 1 file changed, 35 insertions(+), 1 deletion(-) diff --git a/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/plugin/AbstractProcessPlugin.java b/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/plugin/AbstractProcessPlugin.java index 7dfd75aa5..0af7ec673 100644 --- a/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/plugin/AbstractProcessPlugin.java +++ b/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/plugin/AbstractProcessPlugin.java @@ -73,6 +73,7 @@ import ca.uhn.fhir.context.FhirContext; import ca.uhn.fhir.parser.IParser; +import dev.dsf.bpe.v1.constants.CodeSystems; import dev.dsf.bpe.v1.constants.NamingSystems.OrganizationIdentifier; import dev.dsf.bpe.v1.constants.NamingSystems.TaskIdentifier; @@ -1159,6 +1160,7 @@ private boolean isValid(Task resource, String file, String localOrganizationIden logger.warn( "Ignoring FHIR resource {} from process plugin {}-{}: No Task.identifier with system '{}' and value, or value contains | character", file, getDefinitionName(), getDefinitionVersion(), TaskIdentifier.SID); + // Additional checks see instantiatesCanonicalMatchesProcessIdAndIdentifierValid(...) } boolean statusOk = TaskStatus.DRAFT.equals(resource.getStatus()); @@ -1200,10 +1202,42 @@ private boolean isValid(Task resource, String file, String localOrganizationIden logger.warn( "Ignoring FHIR resource {} from process plugin {}-{}: Task.instantiatesCanonical not matching {}", file, getDefinitionName(), getDefinitionVersion(), INSTANTIATES_CANONICAL_PATTERN_STRING); + // Additional checks see instantiatesCanonicalMatchesProcessIdAndIdentifierValid(...) + } + + boolean inputOk = false; + if (!resource.hasInput()) + { + logger.warn( + "Ignoring FHIR resource {} from process plugin {}-{}: Task.input empty, input parameter with {}|{} expected", + file, getDefinitionName(), getDefinitionVersion(), CodeSystems.BpmnMessage.URL, + CodeSystems.BpmnMessage.Codes.MESSAGE_NAME); + } + else + { + inputOk = resource + .getInput().stream().filter( + i -> i.getType().getCoding().stream() + .anyMatch(c -> CodeSystems.BpmnMessage.URL.equals(c.getSystem()) + && CodeSystems.BpmnMessage.Codes.MESSAGE_NAME.equals(c.getCode()))) + .count() == 1; + + if (!inputOk) + logger.warn( + "Ignoring FHIR resource {} from process plugin {}-{}: One input parameter with {}|{} expected", + file, getDefinitionName(), getDefinitionVersion(), CodeSystems.BpmnMessage.URL, + CodeSystems.BpmnMessage.Codes.MESSAGE_NAME); + } + + boolean outputOk = !resource.hasOutput(); + if (!outputOk) + { + logger.warn("Ignoring FHIR resource {} from process plugin {}-{}: Task.output not empty", file, + getDefinitionName(), getDefinitionVersion()); } // TODO add additional validation steps - return identifierOk && statusOk && requesterOk && recipientOk && instantiatesCanonicalOk; + return identifierOk && statusOk && requesterOk && recipientOk && instantiatesCanonicalOk && inputOk && outputOk; } private boolean isLocalOrganization(Reference reference, String refLocation, String file, From 4a2d2558969168836a5d9079e4e4533921ae67cf Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Mon, 26 Jun 2023 12:31:48 +0200 Subject: [PATCH 27/43] new TaskAuthorizationRule implementation, and new integration tests Task resources with status 'draft' can now only be created by the local organization identity (aka. BPE client certificate). Draft Task resources are not executed and thus do not need to be allowed by a matching ActivityDefinition authorization extension. But 'draft' Task resources must have an identifier with system http://dsf.dev/sid/task-identifier, requester and recipient must reference the local organization, must have instantiatesCanonical defined, one 'message-name' input parameter set and no output parameters. The status of Task resources created with status 'draft' can not be modified via update. External organization can now only create Task resources with status 'requested' updated are only allowed for the local organization identity. Same is true for the DELETE operation. --- .../authorization/TaskAuthorizationRule.java | 582 ++++++++++++++---- .../fhir/integration/TaskIntegrationTest.java | 78 ++- .../dsf-test-activity-definition14-1.0.xml | 46 ++ 3 files changed, 581 insertions(+), 125 deletions(-) create mode 100644 dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition14-1.0.xml diff --git a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/TaskAuthorizationRule.java b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/TaskAuthorizationRule.java index e819e5417..f29ac73bd 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/TaskAuthorizationRule.java +++ b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/TaskAuthorizationRule.java @@ -3,7 +3,6 @@ import java.sql.Connection; import java.sql.SQLException; import java.util.ArrayList; -import java.util.EnumSet; import java.util.List; import java.util.Objects; import java.util.Optional; @@ -27,6 +26,7 @@ import ca.uhn.fhir.context.FhirContext; import dev.dsf.common.auth.conf.Identity; +import dev.dsf.common.auth.conf.OrganizationIdentity; import dev.dsf.fhir.authentication.FhirServerRole; import dev.dsf.fhir.authentication.OrganizationProvider; import dev.dsf.fhir.authorization.process.ProcessAuthorizationHelper; @@ -37,7 +37,6 @@ import dev.dsf.fhir.service.ReferenceResolver; import dev.dsf.fhir.service.ResourceReference; -//TODO rework log messages and authorization reason texts public class TaskAuthorizationRule extends AbstractAuthorizationRule<Task, TaskDao> { private static final Logger logger = LoggerFactory.getLogger(TaskAuthorizationRule.class); @@ -51,6 +50,8 @@ public class TaskAuthorizationRule extends AbstractAuthorizationRule<Task, TaskD private static final Pattern INSTANTIATES_CANONICAL_PATTERN = Pattern .compile(INSTANTIATES_CANONICAL_PATTERN_STRING); + private static final String NAMING_SYSTEM_TASK_IDENTIFIER = "http://dsf.dev/sid/task-identifier"; + private final ProcessAuthorizationHelper processAuthorizationHelper; public TaskAuthorizationRule(DaoProvider daoProvider, String serverBase, ReferenceResolver referenceResolver, @@ -76,69 +77,238 @@ public Optional<String> reasonCreateAllowed(Connection connection, Identity iden { if (identity.hasDsfRole(FhirServerRole.CREATE)) { - Optional<String> errors = newResourceOk(connection, identity, newResource); - if (errors.isEmpty()) + if (TaskStatus.DRAFT.equals(newResource.getStatus())) { - if (taskAllowed(connection, identity, newResource)) + if (identity.isLocalIdentity() && identity instanceof OrganizationIdentity) { - logger.info("Create of Task authorized for identity '{}'", identity.getName()); - return Optional.of( - "local or remote user, task.status draft or requested, task.requester current users organization, task.restriction.recipient local organization, process with instantiatesCanonical and message-name allowed for current user, task matches profile"); + Optional<String> errors = draftTaskOk(connection, identity, newResource); + if (errors.isEmpty()) + { + logger.info("Create of Task authorized for local organization identity '{}', Task.status draft", + identity.getName()); + return Optional.of("Local identity, Task.status draft"); + } + else + { + logger.warn("Create of Task unauthorized for identity '{}', Task.status draft, {}", + identity.getName(), errors.get()); + return Optional.empty(); + } } else { logger.warn( - "Create of Task unauthorized, process with instantiatesCanonical, message-name, requester or recipient not allowed for current user", + "Create of Task unauthorized for identity '{}', Task.status draft, not allowed for non local organization identity", identity.getName()); return Optional.empty(); } } + else if (TaskStatus.REQUESTED.equals(newResource.getStatus())) + { + Optional<String> errors = requestedTaskOk(connection, identity, newResource); + if (errors.isEmpty()) + { + if (taskAllowedForRequesterAndRecipient(connection, identity, newResource)) + { + logger.info( + "Create of Task authorized for identity '{}', Task.status requested, process allowed for current identity", + identity.getName()); + return Optional.of( + "Local or remote identity, Task.status requested, Task.requester current identity's organization, Task.restriction.recipient local organization, " + + "process with instantiatesCanonical and message-name allowed for current identity, Task defines needed profile"); + } + else + { + logger.warn( + "Create of Task unauthorized for identity '{}', Task.status requested, process with instantiatesCanonical, message-name, requester or recipient not allowed", + identity.getName()); + return Optional.empty(); + } + } + else + { + logger.warn("Create of Task unauthorized for identity '{}', Task.status requested, {}", + identity.getName(), errors.get()); + return Optional.empty(); + } + } else { - logger.warn("Create of Task unauthorized, " + errors.get()); + logger.warn("Create of Task unauthorized for identity '{}', Task.status not {} and not {}", + identity.getName(), TaskStatus.DRAFT.toCode(), TaskStatus.REQUESTED.toCode()); return Optional.empty(); } } else { - logger.warn("Create of Task unauthorized for identity '{}', no role {}", getResourceTypeName(), + logger.warn("Create of Task unauthorized for identity '{}', no role {}", identity.getName(), FhirServerRole.CREATE); return Optional.empty(); } } - private Optional<String> newResourceOk(Connection connection, Identity identity, Task newResource) + /** + * Current identity must be part of referenced organization in Task.requester, Task.restriction.recipient must + * reference the local organization, must have task.instantiatesCanonical and one 'message-name' Task.input + * parameter, may not have an identifier with system {@link TaskAuthorizationRule#NAMING_SYSTEM_TASK_IDENTIFIER}, + * Task.output must be empty. + * + * @param connection + * not <code>null</code> + * @param identity + * not <code>null</code> + * @param newResource + * not <code>null</code> + * @return {@link Optional#empty()} if no error, else {@link Optional} with error description + */ + private Optional<String> requestedTaskOk(Connection connection, Identity identity, Task newResource) { List<String> errors = new ArrayList<String>(); - if (newResource.hasStatus()) + if (newResource.getIdentifier().stream().anyMatch(i -> NAMING_SYSTEM_TASK_IDENTIFIER.equals(i.getSystem()))) { - if (!EnumSet.of(TaskStatus.DRAFT, TaskStatus.REQUESTED).contains(newResource.getStatus())) - errors.add("task.status not draft or requested"); + errors.add("Task.identifier[" + NAMING_SYSTEM_TASK_IDENTIFIER + "] defined"); + } + + if (newResource.hasRequester()) + { + if (!isCurrentIdentityPartOfReferencedOrganization(connection, identity, "Task.requester", + newResource.getRequester())) + { + errors.add("Task.requester current identity not part of referenced organization"); + } } else { - errors.add("task.status missing"); + errors.add("Task.requester missing"); + } + + if (newResource.hasRestriction()) + { + if (newResource.getRestriction().getRecipient().size() == 1) + { + ResourceReference reference = new ResourceReference("Task.restriction.recipient", + newResource.getRestriction().getRecipientFirstRep(), Organization.class); + Optional<Resource> recipient = referenceResolver.resolveReference(identity, reference, connection); + if (recipient.isPresent()) + { + if (recipient.get() instanceof Organization) + { + if (!isLocalOrganization((Organization) recipient.get())) + errors.add("Task.restriction.recipient not local organization"); + } + else + { + errors.add("Task.restriction.recipient not a organization"); + } + } + else + { + errors.add("Task.restriction.recipient could not be resolved"); + } + } + else + { + errors.add("Task.restriction.recipient missing or more than one"); + } + } + else + { + errors.add("Task.restriction not defined"); + } + + if (newResource.hasInstantiatesCanonical()) + { + if (!INSTANTIATES_CANONICAL_PATTERN.matcher(newResource.getInstantiatesCanonical()).matches()) + { + errors.add("Task.instantiatesCanonical not matching " + INSTANTIATES_CANONICAL_PATTERN_STRING + + " pattern"); + } + } + else + { + errors.add("Task.instantiatesCanonical not defined"); + } + + if (newResource.hasInput()) + { + if (getMessageNames(newResource).count() != 1) + { + errors.add("Task.input with system " + CODE_SYSTEM_BPMN_MESSAGE + " and code " + + CODE_SYSTEM_BPMN_MESSAGE_MESSAGE_NAME + + " with non empty string value not defined or more than one"); + } + } + else + { + errors.add("Task.input empty"); + } + + if (newResource.hasOutput()) + { + errors.add("Task.output not empty"); + } + + if (errors.isEmpty()) + return Optional.empty(); + else + return Optional.of(errors.stream().collect(Collectors.joining(", "))); + } + + /** + * A Task.identifier with system {@link #NAMING_SYSTEM_TASK_IDENTIFIER} must be defined, Task.requester and + * Task.restriction.recipient must reference the local organization, must have task.instantiatesCanonical and one + * 'message-name' Task.input parameter, Task.output must be empty. + * + * @param connection + * not <code>null</code> + * @param identity + * not <code>null</code> + * @param newResource + * not <code>null</code> + * @return {@link Optional#empty()} if no error, else {@link Optional} with error description + */ + private Optional<String> draftTaskOk(Connection connection, Identity identity, Task newResource) + { + List<String> errors = new ArrayList<String>(); + + if (newResource.getIdentifier().stream().noneMatch(i -> NAMING_SYSTEM_TASK_IDENTIFIER.equals(i.getSystem()))) + { + errors.add("Task.identifier[" + NAMING_SYSTEM_TASK_IDENTIFIER + "] missing"); } if (newResource.hasRequester()) { - if (!isCurrentIdentityPartOfReferencedOrganization(connection, identity, "task.requester", - newResource.getRequester())) + ResourceReference reference = new ResourceReference("Task.requester", newResource.getRequester(), + Organization.class); + Optional<Resource> requester = referenceResolver.resolveReference(identity, reference, connection); + if (requester.isPresent()) + { + if (requester.get() instanceof Organization) + { + if (!isLocalOrganization((Organization) requester.get())) + errors.add("Task.requester not local organization"); + } + else + { + errors.add("Task.requester not a organization"); + } + } + else { - errors.add("task.requester user not part of referenced organization"); + errors.add("Task.requester could not be resolved"); } } else { - errors.add("task.requester missing"); + errors.add("Task.requester missing"); } if (newResource.hasRestriction()) { if (newResource.getRestriction().getRecipient().size() == 1) { - ResourceReference reference = new ResourceReference("task.restriction.recipient", + ResourceReference reference = new ResourceReference("Task.restriction.recipient", newResource.getRestriction().getRecipientFirstRep(), Organization.class); Optional<Resource> recipient = referenceResolver.resolveReference(identity, reference, connection); if (recipient.isPresent()) @@ -146,58 +316,58 @@ private Optional<String> newResourceOk(Connection connection, Identity identity, if (recipient.get() instanceof Organization) { if (!isLocalOrganization((Organization) recipient.get())) - errors.add("task.restriction.recipient not local organization"); + errors.add("Task.restriction.recipient not local organization"); } else { - errors.add("task.restriction.recipient not a organization"); + errors.add("Task.restriction.recipient not a organization"); } } else { - errors.add("task.restriction.recipient could not be resolved"); + errors.add("Task.restriction.recipient could not be resolved"); } } else { - errors.add("task.restriction.recipient missing or more than one"); + errors.add("Task.restriction.recipient missing or more than one"); } } else { - errors.add("task.restriction missing"); + errors.add("Task.restriction not defined"); } if (newResource.hasInstantiatesCanonical()) { if (!INSTANTIATES_CANONICAL_PATTERN.matcher(newResource.getInstantiatesCanonical()).matches()) { - errors.add("task.instantiatesCanonical not matching " + INSTANTIATES_CANONICAL_PATTERN_STRING + errors.add("Task.instantiatesCanonical not matching " + INSTANTIATES_CANONICAL_PATTERN_STRING + " pattern"); } } else { - errors.add("task.instantiatesCanonical missing"); + errors.add("Task.instantiatesCanonical not defined"); } if (newResource.hasInput()) { if (getMessageNames(newResource).count() != 1) { - errors.add("task.input with system " + CODE_SYSTEM_BPMN_MESSAGE + " and code " + errors.add("Task.input with system " + CODE_SYSTEM_BPMN_MESSAGE + " and code " + CODE_SYSTEM_BPMN_MESSAGE_MESSAGE_NAME - + " with string value not empty missing or more than one"); + + " with non empty string value not defined or more than one"); } } else { - errors.add("task.input empty"); + errors.add("Task.input empty"); } if (newResource.hasOutput()) { - errors.add("task.output not empty"); + errors.add("Task.output not empty"); } if (errors.isEmpty()) @@ -217,7 +387,7 @@ private Stream<String> getMessageNames(Task newResource) .filter(s -> !s.isBlank()); } - private boolean taskAllowed(Connection connection, Identity requester, Task newResource) + private boolean taskAllowedForRequesterAndRecipient(Connection connection, Identity requester, Task newResource) { Optional<Identity> recipientOpt = organizationProvider.getLocalOrganizationAsIdentity(); if (recipientOpt.isEmpty()) @@ -264,9 +434,11 @@ private boolean taskAllowed(Connection connection, Identity requester, Task newR .anyMatch(r -> r.isRequesterAuthorized(requester, getAffiliations(connection, requester.getOrganizationIdentifierValue().orElse(null)))); - if (!okForRecipient) + if (!okForRecipient && !okForRequester) + logger.warn("Task not allowed for requester and recipient"); + else if (!okForRecipient) logger.warn("Task not allowed for recipient"); - if (!okForRequester) + else if (!okForRequester) logger.warn("Task not allowed for requester"); return okForRecipient && okForRequester; @@ -280,7 +452,68 @@ private boolean taskAllowed(Connection connection, Identity requester, Task newR } else { - logger.warn("task.instantiatesCanonical not matching {} pattern", INSTANTIATES_CANONICAL_PATTERN_STRING); + logger.warn("Task.instantiatesCanonical not matching {} pattern", INSTANTIATES_CANONICAL_PATTERN_STRING); + return false; + } + } + + private boolean taskAllowedForRecipient(Connection connection, Task newResource) + { + Optional<Identity> recipientOpt = organizationProvider.getLocalOrganizationAsIdentity(); + if (recipientOpt.isEmpty()) + { + logger.warn("Local organization does not exist"); + return false; + } + + Matcher matcher = INSTANTIATES_CANONICAL_PATTERN.matcher(newResource.getInstantiatesCanonical()); + if (matcher.matches()) + { + String processUrl = matcher.group("processUrl"); + String processVersion = matcher.group("processVersion"); + + try + { + Optional<ActivityDefinition> activityDefinitionOpt = daoProvider.getActivityDefinitionDao() + .readByProcessUrlVersionAndStatusDraftOrActiveWithTransaction(connection, processUrl, + processVersion); + + if (activityDefinitionOpt.isEmpty()) + { + logger.warn("No ActivityDefinition with process-url '{}' and process-version '{}'", processUrl, + processVersion); + return false; + } + else + { + ActivityDefinition activityDefinition = activityDefinitionOpt.get(); + Identity recipient = recipientOpt.get(); + + List<String> taskProfiles = newResource.getMeta().getProfile().stream() + .filter(CanonicalType::hasValue).map(CanonicalType::getValueAsString) + .collect(Collectors.toList()); + String messageName = getMessageNames(newResource).findFirst().get(); + + boolean okForRecipient = processAuthorizationHelper + .getRecipients(activityDefinition, processUrl, processVersion, messageName, taskProfiles) + .anyMatch(r -> r.isRecipientAuthorized(recipient, getAffiliations(connection, + organizationProvider.getLocalOrganizationIdentifierValue()))); + + if (!okForRecipient) + logger.warn("Task not allowed for recipient"); + + return okForRecipient; + } + } + catch (SQLException e) + { + logger.warn("Error while reading ActivityDefinitions", e); + return false; + } + } + else + { + logger.warn("Task.instantiatesCanonical not matching {} pattern", INSTANTIATES_CANONICAL_PATTERN_STRING); return false; } } @@ -288,39 +521,40 @@ private boolean taskAllowed(Connection connection, Identity requester, Task newR @Override public Optional<String> reasonReadAllowed(Connection connection, Identity identity, Task existingResource) { - final String resourceId = existingResource.getIdElement().getIdPart(); + final String resourceId = parameterConverter + .toUuid(getResourceTypeName(), existingResource.getIdElement().getIdPart()).toString(); final long resourceVersion = existingResource.getIdElement().getVersionIdPartAsLong(); if (identity.hasDsfRole(FhirServerRole.READ)) { - if (isCurrentIdentityPartOfReferencedOrganization(connection, identity, "task.requester", + if (isCurrentIdentityPartOfReferencedOrganization(connection, identity, "Task.requester", existingResource.getRequester())) { logger.info( - "Read of Task authorized, task.requester reference could be resolved and user '{}' is part of referenced organization", - identity.getName()); - return Optional.of("task.requester resolved and user part of referenced organization"); + "Read of Task/{}/_history/{} authorized for identity '{}', Task.requester reference could be resolved and current identity part of referenced organization", + resourceId, resourceVersion, identity.getName()); + return Optional.of("Task.requester resolved and identity part of referenced organization"); } else if (identity.isLocalIdentity() && isCurrentIdentityPartOfReferencedOrganization(connection, identity, - "task.restriction.recipient", existingResource.getRestriction().getRecipientFirstRep())) + "Task.restriction.recipient", existingResource.getRestriction().getRecipientFirstRep())) { logger.info( - "Read of Task authorized, task.restriction.recipient reference could be resolved and user '{}' is part of referenced organization", - identity.getName()); + "Read of Task/{}/_history/{} authorized for identity '{}', Task.restriction.recipient reference could be resolved and current identity part of referenced organization", + resourceId, resourceVersion, identity.getName()); return Optional - .of("task.restriction.recipient resolved and local user part of referenced organization"); + .of("Task.restriction.recipient resolved and local identity part of referenced organization"); } else { logger.warn( - "Read of Task unauthorized, task.requester or task.restriction.recipient references could not be resolved or user '{}' not part of referenced organizations", - identity.getName()); + "Read of Task/{}/_history/{} unauthorized for identity '{}', Task.requester or Task.restriction.recipient references could not be resolved or current identity not part of referenced organizations", + resourceId, resourceVersion, identity.getName()); return Optional.empty(); } } else { - logger.warn("Read of Task/{}/_history/{} unauthorized for identity '{}', no role {}", resourceId.toString(), + logger.warn("Read of Task/{}/_history/{} unauthorized for identity '{}', no role {}", resourceId, resourceVersion, identity.getName(), FhirServerRole.READ); return Optional.empty(); } @@ -330,87 +564,188 @@ else if (identity.isLocalIdentity() && isCurrentIdentityPartOfReferencedOrganiza public Optional<String> reasonUpdateAllowed(Connection connection, Identity identity, Task oldResource, Task newResource) { - final String resourceId = oldResource.getIdElement().getIdPart(); - final long resourceVersion = oldResource.getIdElement().getVersionIdPartAsLong(); + final String oldResourceId = parameterConverter + .toUuid(getResourceTypeName(), oldResource.getIdElement().getIdPart()).toString(); + final long oldResourceVersion = oldResource.getIdElement().getVersionIdPartAsLong(); if (identity.hasDsfRole(FhirServerRole.UPDATE)) { - if (TaskStatus.DRAFT.equals(oldResource.getStatus()) && isCurrentIdentityPartOfReferencedOrganization( - connection, identity, "task.requester", oldResource.getRequester())) + if (identity.isLocalIdentity() && identity instanceof OrganizationIdentity) { - Optional<String> errors = newResourceOk(connection, identity, newResource); - if (errors.isEmpty()) + // DRAFT -> DRAFT + if (TaskStatus.DRAFT.equals(oldResource.getStatus()) + && TaskStatus.DRAFT.equals(newResource.getStatus())) { - logger.info("Update of Task authorized for local or remote user '{}'", identity.getName()); - return Optional.of( - "local or remote user, task.status draft or requested, task.requester current users organization, task.restriction.recipient local organization"); + Optional<String> errors = draftTaskOk(connection, identity, newResource); + if (errors.isEmpty()) + { + logger.info("Update of Task/{}/_history/{} ({} -> {}) authorized for local identity '{}'", + oldResourceId, oldResourceVersion, TaskStatus.DRAFT.toCode(), TaskStatus.DRAFT.toCode(), + identity.getName()); + return Optional.of("Local identity, old Task.status draft, new Task.status draft"); + } + else + { + logger.warn("Update of Task/{}/_history/{} ({} -> {}) unauthorized for identity '{}', {}", + oldResourceId, oldResourceVersion, TaskStatus.DRAFT.toCode(), TaskStatus.DRAFT.toCode(), + identity.getName(), errors.get()); + return Optional.empty(); + } } - else + + // REQUESTED -> INPROGRESS + else if (TaskStatus.REQUESTED.equals(oldResource.getStatus()) + && TaskStatus.INPROGRESS.equals(newResource.getStatus())) { - logger.warn("Create of Task unauthorized, " + errors.get()); - return Optional.empty(); + final Optional<String> same = reasonNotSame(oldResource, newResource); + if (same.isEmpty()) + { + if (taskAllowedForRecipient(connection, newResource)) + { + if (!newResource.hasOutput()) + { + String businessKeyAdded = !hasBusinessKey(oldResource) && hasBusinessKey(newResource) + ? " (" + CODE_SYSTEM_BPMN_MESSAGE_BUSINESS_KEY + " added)" + : ""; + + logger.info( + "Update of Task/{}/_history/{} ({} -> {}) authorized for local identity '{}', old Task.status requested, new Task.status in-progress, process allowed for current identity", + oldResourceId, oldResourceVersion, TaskStatus.REQUESTED.toCode(), + TaskStatus.INPROGRESS.toCode(), identity.getName()); + return Optional.of( + "Local identity, Task.status in-progress, Task.restriction.recipient local organization, process with instantiatesCanonical and message-name allowed for current identity" + + ", Task defines needed profile, Task.instantiatesCanonical not modified, Task.requester not modified, Task.restriction not modified, Task.input not modified" + + businessKeyAdded + ", Task has no output"); + } + else + { + logger.warn( + "Update of Task/{}/_history/{} ({} -> {}) unauthorized for local identity '{}', Task.output not expected", + oldResourceId, oldResourceVersion, TaskStatus.REQUESTED.toCode(), + TaskStatus.INPROGRESS.toCode(), identity.getName()); + return Optional.empty(); + } + } + else + { + logger.warn( + "Update of Task/{}/_history/{} ({} -> {}) unauthorized for local identity '{}', process with instantiatesCanonical, message-name, requester or recipient not allowed", + oldResourceId, oldResourceVersion, TaskStatus.REQUESTED.toCode(), + TaskStatus.INPROGRESS.toCode(), identity.getName()); + return Optional.empty(); + } + } + else + { + logger.warn( + "Update of Task/{}/_history/{} ({} -> {}) unauthorized for local identity '{}', modification of Task properties {} not allowed", + oldResourceId, oldResourceVersion, TaskStatus.REQUESTED.toCode(), + TaskStatus.INPROGRESS.toCode(), identity.getName(), same.get()); + return Optional.empty(); + } } - } - else if (identity.isLocalIdentity() - && EnumSet.of(TaskStatus.REQUESTED, TaskStatus.INPROGRESS).contains(oldResource.getStatus()) - && isCurrentIdentityPartOfReferencedOrganization(connection, identity, "task.restriction.recipient", - oldResource.getRestriction().getRecipientFirstRep())) - { - Optional<String> same = reasonNotSame(oldResource, newResource); - if (same.isEmpty()) + + // INPROGRESS -> COMPLETED + else if (TaskStatus.INPROGRESS.equals(oldResource.getStatus()) + && TaskStatus.COMPLETED.equals(newResource.getStatus())) { - // REQUESTED -> INPROGRESS - if (TaskStatus.REQUESTED.equals(oldResource.getStatus()) - && TaskStatus.INPROGRESS.equals(newResource.getStatus())) + final Optional<String> same = reasonNotSame(oldResource, newResource); + if (same.isEmpty()) { - if (!newResource.hasOutput()) + if (taskAllowedForRecipient(connection, newResource)) { logger.info( - "local user (user is part of task.restriction.recipient organization), task.status inprogress, properties task.instantiatesCanonical, task.requester, task.restriction, task.input not changed"); + "Update of Task/{}/_history/{} ({} -> {}) authorized for local identity '{}', old Task.status in-progress, new Task.status completed, process allowed for current identity", + oldResourceId, oldResourceVersion, TaskStatus.INPROGRESS.toCode(), + TaskStatus.COMPLETED.toCode(), identity.getName()); return Optional.of( - "local user (user part of task.restriction.recipient), task.status inprogress, properties task.instantiatesCanonical, task.requester, task.restriction, task.input not changed"); + "Local identity, Task.status completed, Task.restriction.recipient local organization, process with instantiatesCanonical and message-name allowed for current identity" + + ", Task defines needed profile, Task.instantiatesCanonical not modified, Task.requester not modified, Task.restriction not modified, Task.input not modified"); } else { - logger.warn("Update of Task unauthorized, task.output not expected"); + logger.warn( + "Update of Task/{}/_history/{} ({} -> {}) unauthorized for local identity '{}', process with instantiatesCanonical, message-name, requester or recipient not allowed", + oldResourceId, oldResourceVersion, TaskStatus.INPROGRESS.toCode(), + TaskStatus.COMPLETED.toCode(), identity.getName()); return Optional.empty(); } } - // INPROGRESS -> COMPLETED or FAILED - else if (TaskStatus.INPROGRESS.equals(oldResource.getStatus()) - && (TaskStatus.COMPLETED.equals(newResource.getStatus()) - || TaskStatus.FAILED.equals(newResource.getStatus()))) + else { - // might have output - logger.info( - "local user (user is part of task.restriction.recipient organization), task.status completed or failed, properties task.instantiatesCanonical, task.requester, task.restriction, task.input not changed"); - return Optional.of( - "local user (user part of task.restriction.recipient), task.status completed or failed, properties task.instantiatesCanonical, task.requester, task.restriction, task.input not changed"); + logger.warn( + "Update of Task/{}/_history/{} ({} -> {}) unauthorized for local identity '{}', modification of Task properties {} not allowed", + oldResourceId, oldResourceVersion, TaskStatus.INPROGRESS.toCode(), + TaskStatus.COMPLETED.toCode(), identity.getName(), same.get()); + return Optional.empty(); + } + } + + // INPROGRESS -> FAILED + else if (TaskStatus.INPROGRESS.equals(oldResource.getStatus()) + && TaskStatus.FAILED.equals(newResource.getStatus())) + { + final Optional<String> same = reasonNotSame(oldResource, newResource); + if (same.isEmpty()) + { + if (taskAllowedForRecipient(connection, newResource)) + { + logger.info( + "Update of Task/{}/_history/{} ({} -> {}) authorized for local identity '{}', old Task.status in-progress, new Task.status failed, process allowed for current identity", + oldResourceId, oldResourceVersion, TaskStatus.INPROGRESS.toCode(), + TaskStatus.FAILED.toCode(), identity.getName()); + return Optional.of( + "Local identity, Task.status failed, Task.restriction.recipient local organization, process with instantiatesCanonical and message-name allowed for current identity" + + ", Task defines needed profile, Task.instantiatesCanonical not modified, Task.requester not modified, Task.restriction not modified, Task.input not modified"); + } + else + { + logger.warn( + "Update of Task/{}/_history/{} ({} -> {}) unauthorized for local identity '{}', process with instantiatesCanonical, message-name, requester or recipient not allowed", + oldResourceId, oldResourceVersion, TaskStatus.INPROGRESS.toCode(), + TaskStatus.FAILED.toCode(), identity.getName()); + return Optional.empty(); + } } else { - logger.warn("Update of Task unauthorized, task.status change {} -> {} not allowed", - oldResource.getStatus(), newResource.getStatus()); + logger.warn( + "Update of Task/{}/_history/{} ({} -> {}) unauthorized for local identity '{}', modification of Task properties {} not allowed", + oldResourceId, oldResourceVersion, TaskStatus.INPROGRESS.toCode(), + TaskStatus.FAILED.toCode(), identity.getName(), same.get()); return Optional.empty(); } } + else { - logger.warn("Update of Task unauthorized, task properties {} changed", same.get()); + logger.warn( + "Update of Task/{}/_history/{} ({} -> {}) unauthorized for local identity '{}', old vs. new Task.status not one of {}", + oldResourceId, oldResourceVersion, + oldResource.getStatus() != null ? oldResource.getStatus().toCode() : null, + newResource.getStatus() != null ? newResource.getStatus().toCode() : null, + identity.getName(), Stream.of(Stream.of(TaskStatus.DRAFT, TaskStatus.DRAFT), + // Stream.of(TaskStatus.DRAFT, TaskStatus.REQUESTED), + Stream.of(TaskStatus.REQUESTED, TaskStatus.INPROGRESS), + Stream.of(TaskStatus.INPROGRESS, TaskStatus.COMPLETED), + Stream.of(TaskStatus.INPROGRESS, TaskStatus.FAILED)) + .map(s -> s.map(TaskStatus::toCode).collect(Collectors.joining("->"))) + .collect(Collectors.joining(", ", "[", "]"))); return Optional.empty(); } } else { - logger.warn( - "Update of Task unauthorized, expected task.status draft and current user part of task.requester or task.status requester or inprogress and current local user part of task.restriction.recipient"); + logger.warn("Update of Task/{}/_history/{} unauthorized for non local organization identity '{}'", + oldResourceId, oldResourceVersion, identity.getName()); return Optional.empty(); } } else { logger.warn("Update of Task/{}/_history/{} unauthorized for identity '{}', no role {}", - resourceId.toString(), resourceVersion, identity.getName(), FhirServerRole.UPDATE); + getResourceTypeName(), oldResourceId, oldResourceVersion, identity.getName(), + FhirServerRole.UPDATE); return Optional.empty(); } } @@ -420,34 +755,32 @@ private Optional<String> reasonNotSame(Task oldResource, Task newResource) List<String> errors = new ArrayList<String>(); if (!oldResource.getRequester().equalsDeep(newResource.getRequester())) { - errors.add("task.requester"); + errors.add("Task.requester"); } if (!oldResource.getRestriction().equalsDeep(newResource.getRestriction())) { - errors.add("task.restriction"); + errors.add("Task.restriction"); } if (!oldResource.getInstantiatesCanonical().equals(newResource.getInstantiatesCanonical())) { - errors.add("task.instantiatesCanonical"); + errors.add("Task.instantiatesCanonical"); } List<ParameterComponent> oldResourceInputs = oldResource.getInput(); List<ParameterComponent> newResourceInputs = newResource.getInput(); - if (TaskStatus.REQUESTED.equals(oldResource.getStatus()) - && oldResourceInputs.stream().noneMatch(isBusinessKey()) - && TaskStatus.INPROGRESS.equals(newResource.getStatus()) - && newResourceInputs.stream().anyMatch(isBusinessKey())) + if (TaskStatus.REQUESTED.equals(oldResource.getStatus()) && !hasBusinessKey(oldResource) + && TaskStatus.INPROGRESS.equals(newResource.getStatus()) && hasBusinessKey(newResource)) { - // business-key added from requested to in-progress: filtering for equality check + // business-key added from requested to in-progress: removing for equality check newResourceInputs = newResourceInputs.stream().filter(isBusinessKey().negate()).toList(); } if (oldResourceInputs.size() != newResourceInputs.size()) { - errors.add("task.input"); + errors.add("Task.input"); } else { @@ -455,7 +788,7 @@ private Optional<String> reasonNotSame(Task oldResource, Task newResource) { if (!oldResourceInputs.get(i).equalsDeep(newResourceInputs.get(i))) { - errors.add("task.input[" + i + "]"); + errors.add("Task.input[" + i + "]"); break; } } @@ -473,6 +806,11 @@ private Optional<String> reasonNotSame(Task oldResource, Task newResource) } } + private boolean hasBusinessKey(Task resource) + { + return resource.getInput().stream().anyMatch(isBusinessKey()); + } + private Predicate<ParameterComponent> isBusinessKey() { return i -> i.getType().getCoding().stream().anyMatch(c -> CODE_SYSTEM_BPMN_MESSAGE.equals(c.getSystem()) @@ -482,41 +820,39 @@ private Predicate<ParameterComponent> isBusinessKey() @Override public Optional<String> reasonDeleteAllowed(Connection connection, Identity identity, Task oldResource) { - final String resourceId = oldResource.getIdElement().getIdPart(); - final long resourceVersion = oldResource.getIdElement().getVersionIdPartAsLong(); + final String oldResourceId = parameterConverter + .toUuid(getResourceTypeName(), oldResource.getIdElement().getIdPart()).toString(); + final long oldResourceVersion = oldResource.getIdElement().getVersionIdPartAsLong(); if (identity.hasDsfRole(FhirServerRole.DELETE)) { - if (TaskStatus.DRAFT.equals(oldResource.getStatus()) && isCurrentIdentityPartOfReferencedOrganization( - connection, identity, "task.requester", oldResource.getRequester())) + if (identity.isLocalIdentity() && identity instanceof OrganizationIdentity) { - logger.info( - "Delete of Task authorized for user '{}', task.status draft, task.requester resolved and user part of referenced organization", - identity.getName()); - return Optional - .of("task.status draft, task.requester resolved and user part of referenced organization"); - } - else if (identity.isLocalIdentity() && TaskStatus.DRAFT.equals(oldResource.getStatus()) - && isCurrentIdentityPartOfReferencedOrganization(connection, identity, "task.restriction.recipient", - oldResource.getRestriction().getRecipientFirstRep())) - { - logger.info( - "Delete of Task authorized for local user '{}', task.status draft, task.restriction.recipient resolved and user part of referenced organization", - identity.getName()); - return Optional.of( - "local user, task.status draft, task.restriction.recipient resolved and user part of referenced organization"); + if (TaskStatus.DRAFT.equals(oldResource.getStatus())) + { + logger.info("Delete of Task/{}/_history/{} authorized for local identity '{}', Task.status draft", + oldResourceId, oldResourceVersion, identity.getName()); + return Optional.of("Local identity, Task.status draft"); + } + else + { + logger.warn( + "Delete of Task/{}/_history/{} unauthorized for local identity '{}', Task.status not draft", + oldResourceId, oldResourceVersion, identity.getName()); + return Optional.empty(); + } } else { - logger.warn( - "Delete of Task unauthorized, task.status not draft, task.requester not current user or task.restriction.recipient not local user"); + logger.warn("Delete of Task/{}/_history/{} unauthorized for non local organization identity '{}'", + oldResourceId, oldResourceVersion, identity.getName()); return Optional.empty(); } } else { - logger.warn("Delete of Task/{}/_history/{} unauthorized for identity '{}', no role {}", - resourceId.toString(), resourceVersion, identity.getName(), FhirServerRole.DELETE); + logger.warn("Delete of Task/{}/_history/{} unauthorized for identity '{}', no role {}", identity.getName(), + FhirServerRole.DELETE); return Optional.empty(); } } diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java index 8c6f9a36d..7f7fdf56f 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TaskIntegrationTest.java @@ -169,6 +169,19 @@ private void testCreateExpectForbidden(FhirWebserviceClient client, Task task) t } } + private void testUpdateExpectForbidden(FhirWebserviceClient client, Task task) throws Exception + { + try + { + client.update(task); + fail("WebApplicationException expected"); + } + catch (WebApplicationException e) + { + assertEquals(403, e.getResponse().getStatus()); + } + } + @Test public void testCreateForbiddenLocalUserNotPartOfRequesterOrganization() throws Exception { @@ -629,8 +642,12 @@ private ActivityDefinition readActivityDefinition(String fileName) throws IOExce private StructureDefinition readTestTaskProfile() throws IOException { - try (InputStream in = Files - .newInputStream(Paths.get("src/test/resources/integration/task/dsf-test-task-profile-1.0.xml"))) + return readTestTaskProfile("dsf-test-task-profile-1.0.xml"); + } + + private StructureDefinition readTestTaskProfile(String fileName) throws IOException + { + try (InputStream in = Files.newInputStream(Paths.get("src/test/resources/integration/task", fileName))) { return fhirContext.newXmlParser().parseResource(StructureDefinition.class, in); } @@ -1437,4 +1454,61 @@ public void testUpdateTaskFromInProgressToCompletedWithNonExistingInputReference assertTrue(response.getEntryFirstRep().hasResource()); assertTrue(response.getEntryFirstRep().getResource() instanceof Task); } + + @Test + public void testCreateAllowViaDraftNotAllowedAsRequestedLocal() throws Exception + { + ActivityDefinition ad14 = readActivityDefinition("dsf-test-activity-definition14-1.0.xml"); + ActivityDefinition createdAd14 = getWebserviceClient().create(ad14); + assertNotNull(createdAd14); + assertNotNull(createdAd14.getIdElement().getIdPart()); + + StructureDefinition testTaskProfile = readTestTaskProfile(); + StructureDefinition createdTestTaskProfile = getWebserviceClient().create(testTaskProfile); + assertNotNull(createdTestTaskProfile); + assertNotNull(createdTestTaskProfile.getIdElement().getIdPart()); + + Task task = readTestTask("Test_Organization", "Test_Organization"); + task.addIdentifier().setSystem("http://dsf.dev/sid/task-identifier").setValue("test"); + task.setStatus(TaskStatus.DRAFT); + + Task createdDraftTask = getWebserviceClient().create(task); + assertNotNull(createdDraftTask); + assertNotNull(createdDraftTask.getIdElement().getIdPart()); + + task.getIdentifier().clear(); + task.setStatus(TaskStatus.REQUESTED); + + testCreateExpectForbidden(getWebserviceClient(), task); + } + + @Test + public void testCreateForbiddenDraftTaskExternalOrganization() throws Exception + { + Task task = readTestTask("External_Test_Organization", "Test_Organization"); + task.setStatus(TaskStatus.DRAFT); + + testCreateExpectForbidden(getExternalWebserviceClient(), task); + } + + @Test + public void testCreateForbiddenDraftTaskPractitionerIdentity() throws Exception + { + Task task = readTestTask("Test_Organization", "Test_Organization"); + task.setStatus(TaskStatus.DRAFT); + + testCreateExpectForbidden(getPractitionerWebserviceClient(), task); + } + + @Test + public void testUpdateRequestedToInProgressForbiddenForExternal() throws Exception + { + Task task = readTestTask("Test_Organization", "Test_Organization"); + task.setStatus(TaskStatus.REQUESTED); + TaskDao dao = getSpringWebApplicationContext().getBean(TaskDao.class); + Task createdTask = dao.create(task); + + createdTask.setStatus(TaskStatus.INPROGRESS); + testUpdateExpectForbidden(getExternalWebserviceClient(), createdTask); + } } diff --git a/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition14-1.0.xml b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition14-1.0.xml new file mode 100644 index 000000000..41cc7fc2a --- /dev/null +++ b/dsf-fhir/dsf-fhir-server/src/test/resources/integration/task/dsf-test-activity-definition14-1.0.xml @@ -0,0 +1,46 @@ +<ActivityDefinition xmlns="http://hl7.org/fhir"> + <meta> + <tag> + <system value="http://dsf.dev/fhir/CodeSystem/read-access-tag" /> + <code value="ALL" /> + </tag> + </meta> + <extension url="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization"> + <extension url="message-name"> + <valueString value="test-message" /> + </extension> + <extension url="task-profile"> + <valueCanonical value="http://dsf.dev/fhir/StructureDefinition/test-task|1.0" /> + </extension> + <extension url="requester"> + <valueCoding> + <system value="http://dsf.dev/fhir/CodeSystem/process-authorization" /> + <code value="LOCAL_ALL" /> + </valueCoding> + </extension> + <extension url="recipient"> + <valueCoding> + <extension url="http://dsf.dev/fhir/StructureDefinition/extension-process-authorization-parent-organization-role"> + <extension url="parent-organization"> + <valueIdentifier> + <system value="http://dsf.dev/sid/organization-identifier" /> + <value value="Parent_Organization" /> + </valueIdentifier> + </extension> + <extension url="organization-role"> + <valueCoding> + <system value="http://dsf.dev/fhir/CodeSystem/organization-role" /> + <code value="TTP" /> + </valueCoding> + </extension> + </extension> + <system value="http://dsf.dev/fhir/CodeSystem/process-authorization" /> + <code value="LOCAL_ROLE" /> + </valueCoding> + </extension> + </extension> + <url value="http://dsf.dev/bpe/Process/test" /> + <version value="1.0" /> + <status value="active" /> + <kind value="Task" /> +</ActivityDefinition> \ No newline at end of file From 16787bd0909a4b7e3162fe0a1da1c59c83169847 Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Mon, 26 Jun 2023 15:40:27 +0200 Subject: [PATCH 28/43] add index to id elements --- .../docker-compose.yml | 2 +- .../dsf/fhir/adapter/InputHtmlGenerator.java | 42 +++++++++-- .../QuestionnaireResponseHtmlGenerator.java | 13 ++-- .../dsf/fhir/adapter/TaskHtmlGenerator.java | 20 ++++-- .../src/main/resources/static/form.js | 69 ++++++++++++------- 5 files changed, 102 insertions(+), 44 deletions(-) diff --git a/dsf-docker-test-setup-3dic-ttp/docker-compose.yml b/dsf-docker-test-setup-3dic-ttp/docker-compose.yml index 04deb458a..3a0681f50 100644 --- a/dsf-docker-test-setup-3dic-ttp/docker-compose.yml +++ b/dsf-docker-test-setup-3dic-ttp/docker-compose.yml @@ -414,7 +414,7 @@ services: DEV_DSF_BPE_DB_USER_USERNAME: dic1_bpe_server_user DEV_DSF_BPE_DB_USER_CAMUNDA_GROUP: dic1_camunda_users DEV_DSF_BPE_DB_USER_CAMUNDA_USERNAME: dic1_camunda_server_user - DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_dic_1 + DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_DIC_1 DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://dic1/fhir DEV_DSF_BPE_PROCESS_EXCLUDED: >- dsfdev_updateAllowList|1.0 diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java index b12fbe919..e30fd49e9 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/InputHtmlGenerator.java @@ -5,6 +5,7 @@ import java.text.SimpleDateFormat; import java.util.Date; import java.util.List; +import java.util.Map; import java.util.function.Supplier; import org.hl7.fhir.r4.model.BooleanType; @@ -40,16 +41,20 @@ protected void writeDisplayRow(String text, String elementId, boolean display, O out.write("</div>\n"); } - protected void writeInputRow(Type type, List<Extension> extensions, String elementId, String elementLabel, - boolean display, boolean writable, OutputStreamWriter out) throws IOException + protected void writeInputRow(Type type, List<Extension> extensions, String elementId, + Map<String, Integer> elementIdIndexMap, String elementLabel, boolean display, boolean writable, + OutputStreamWriter out) throws IOException { - out.write("<div class=\"row " + (display ? "" : "invisible") + "\" id=\"" + elementId + "-input-row\">\n"); + String elementIdWithIndex = getElementIdWithIndex(elementId, elementIdIndexMap); + + out.write("<div class=\"row" + (display ? "" : " invisible") + "\" id=\"" + elementIdWithIndex + + "-input-row\">\n"); - writeInputLabel(type, elementId, elementLabel, () -> "", out); - writeInputField(type, elementId, writable, out); - writeInputExtensionFields(extensions, elementId, writable, 0, out); + writeInputLabel(type, elementIdWithIndex, elementLabel, () -> "", out); + writeInputField(type, elementIdWithIndex, writable, out); + writeInputExtensionFields(extensions, elementIdWithIndex, writable, 0, out); - out.write("<ul class=\"error-list-not-visible\" id=\"" + elementId + "-error\">\n"); + out.write("<ul class=\"error-list-not-visible\" id=\"" + elementIdWithIndex + "-error\">\n"); out.write("</ul>\n"); out.write("</div>\n"); } @@ -61,6 +66,14 @@ protected void writeInputLabel(Type type, String elementId, String elementLabel, { elementId = elementId + "-system"; } + else if (type instanceof Reference reference && reference.hasIdentifier()) + { + elementId = elementId + "-system"; + } + else if (type instanceof BooleanType) + { + elementId = elementId + "-true"; + } String forElement = type != null ? " for=\"" + elementId + "\"" : ""; out.write("<label class=\"row-label " + additionalClasses.get() + "\"" + forElement + ">" + elementLabel @@ -210,4 +223,19 @@ private void writeInputFieldSystemValueInput(String elementId, boolean writable, + elementId + "-value\" " + (writable ? "placeholder=\"" + value + "\"" : "value=\"" + value + "\"") + "></input>\n"); } + + private String getElementIdWithIndex(String elementId, Map<String, Integer> elementIdIndexMap) + { + if (elementIdIndexMap.containsKey(elementId)) + { + int index = elementIdIndexMap.get(elementId) + 1; + elementIdIndexMap.put(elementId, index); + return elementId + "-" + index; + } + else + { + elementIdIndexMap.put(elementId, 0); + return elementId + "-0"; + } + } } diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/QuestionnaireResponseHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/QuestionnaireResponseHtmlGenerator.java index dfa93364a..43e3ae3b7 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/QuestionnaireResponseHtmlGenerator.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/QuestionnaireResponseHtmlGenerator.java @@ -3,6 +3,8 @@ import java.io.IOException; import java.io.OutputStreamWriter; import java.util.Collections; +import java.util.HashMap; +import java.util.Map; import org.hl7.fhir.r4.model.QuestionnaireResponse; import org.hl7.fhir.r4.model.StringType; @@ -69,9 +71,10 @@ public void writeHtml(String basePath, QuestionnaireResponse questionnaireRespon out.write("<fieldset id=\"form-fieldset\" " + (completed ? "disabled=\"disabled\"" : "") + ">\n"); + Map<String, Integer> elementIdIndexMap = new HashMap<>(); for (QuestionnaireResponse.QuestionnaireResponseItemComponent item : questionnaireResponse.getItem()) { - writeRow(item, completed, out); + writeRow(item, elementIdIndexMap, completed, out); } if (QuestionnaireResponse.QuestionnaireResponseStatus.INPROGRESS.equals(questionnaireResponse.getStatus())) @@ -127,8 +130,8 @@ private String getProcessInstanceId(QuestionnaireResponse questionnaireResponse) .orElse("unknown"); } - private void writeRow(QuestionnaireResponse.QuestionnaireResponseItemComponent item, boolean completed, - OutputStreamWriter out) throws IOException + private void writeRow(QuestionnaireResponse.QuestionnaireResponseItemComponent item, + Map<String, Integer> elementIdIndexMap, boolean completed, OutputStreamWriter out) throws IOException { String linkId = item.getLinkId(); String text = item.getText(); @@ -136,8 +139,8 @@ private void writeRow(QuestionnaireResponse.QuestionnaireResponseItemComponent i boolean writable = !completed; if (item.hasAnswer()) - writeInputRow(item.getAnswerFirstRep().getValue(), Collections.emptyList(), linkId, text, display, writable, - out); + writeInputRow(item.getAnswerFirstRep().getValue(), Collections.emptyList(), linkId, elementIdIndexMap, text, + display, writable, out); else writeDisplayRow(text, linkId, display, out); } diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java index c75410224..3e12bc0c5 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java @@ -2,6 +2,8 @@ import java.io.IOException; import java.io.OutputStreamWriter; +import java.util.HashMap; +import java.util.Map; import java.util.UUID; import org.hl7.fhir.r4.model.CodeableConcept; @@ -85,9 +87,10 @@ public void writeHtml(String basePath, Task task, OutputStreamWriter out) throws out.write("<section>"); out.write("<h2 class=\"input-output-header\">Inputs</h2>"); + Map<String, Integer> elementIdIndexMap = new HashMap<>(); for (Task.ParameterComponent input : task.getInput()) { - writeInput(input, draft, out); + writeInput(input, elementIdIndexMap, draft, out); } if (draft) @@ -106,9 +109,10 @@ public void writeHtml(String basePath, Task task, OutputStreamWriter out) throws out.write("<section>"); out.write("<h2 class=\"input-output-header\">Outputs</h2>"); + Map<String, Integer> elementIdIndexMap = new HashMap<>(); for (Task.TaskOutputComponent output : task.getOutput()) { - writeOutput(output, out); + writeOutput(output, elementIdIndexMap, out); } out.write("</section>"); @@ -172,23 +176,27 @@ else if (ELEMENT_TYPE_PATH.equals(elementType)) } } - private void writeInput(Task.ParameterComponent input, boolean draft, OutputStreamWriter out) throws IOException + private void writeInput(Task.ParameterComponent input, Map<String, Integer> elementIdIndexMap, boolean draft, + OutputStreamWriter out) throws IOException { String typeCode = getTypeCode(input); boolean display = display(draft, typeCode); if (input.hasValue()) { - writeInputRow(input.getValue(), input.getExtension(), typeCode, typeCode, display, draft, out); + writeInputRow(input.getValue(), input.getExtension(), typeCode, elementIdIndexMap, typeCode, display, draft, + out); } } - private void writeOutput(Task.TaskOutputComponent output, OutputStreamWriter out) throws IOException + private void writeOutput(Task.TaskOutputComponent output, Map<String, Integer> elementIdIndexMap, + OutputStreamWriter out) throws IOException { String typeCode = getTypeCode(output); if (output.hasValue()) { - writeInputRow(output.getValue(), output.getExtension(), typeCode, typeCode, true, false, out); + writeInputRow(output.getValue(), output.getExtension(), typeCode, elementIdIndexMap, typeCode, true, false, + out); } } diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js index 53158acb3..0cf272150 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.js @@ -14,11 +14,13 @@ function startProcess() { } function readTaskInputsFromForm(task, errors) { - task.id = null - task.meta.lastUpdated = null - task.meta.version = null + delete task["id"] + delete task.meta["lastUpdated"] + delete task.meta["version"] + delete task.meta["versionId"] + delete task["identifier"] - // TODO set requester as practitioner-identifier if OIDC + // TODO set requester as practitioner-identifier if OIDC or Personal Client-Certificate //task.requester.type = "Practitioner" //task.requester.identifier.value = "" //task.requester.identifier.system = "http://dsf.dev/sid/practitioner-identifier" @@ -26,13 +28,15 @@ function readTaskInputsFromForm(task, errors) { task.status = "requested" task.authoredOn = new Date().toISOString() + const idIndexMap = new Map() + task.input.forEach((input) => { if (input.hasOwnProperty("type")) { const id = input.type.coding[0].code if (id !== "message-name" && id !== "business-key" && id !== "correlation-key") { const inputValueType = Object.keys(input).find((string) => string.startsWith("value")) - input[inputValueType] = readAndValidateValue(input, id, inputValueType, errors) + input[inputValueType] = readAndValidateValue(input, id, idIndexMap, inputValueType, errors) } } }) @@ -56,6 +60,8 @@ function completeQuestionnaireResponse() { function readQuestionnaireResponseAnswersFromForm(questionnaireResponse, errors) { questionnaireResponse.status = "completed" + const idIndexMap = new Map() + questionnaireResponse.item.forEach((item) => { if (item.hasOwnProperty("answer")) { const id = item.linkId @@ -64,57 +70,70 @@ function readQuestionnaireResponseAnswersFromForm(questionnaireResponse, errors) const answer = item.answer[0] const answerType = Object.keys(answer).find((string) => string.startsWith("value")) - answer[answerType] = readAndValidateValue(answer, id, answerType, errors) + answer[answerType] = readAndValidateValue(answer, id, idIndexMap, answerType, errors) } } }) } -function readAndValidateValue(templateValue, id, valueType, errors) { - const parentElement = document.getElementById(id) +function readAndValidateValue(templateValue, id, idIndexMap, valueType, errors) { + const idWithIndex = getIdWithIndex(id, idIndexMap) + + const parentElement = document.getElementById(idWithIndex) const value = parentElement?.value - const valueSystem = document.getElementById(id + "-system")?.value - const valueValue = document.getElementById(id + "-value")?.value + const valueSystem = document.getElementById(idWithIndex + "-system")?.value + const valueValue = document.getElementById(idWithIndex + "-value")?.value - const rowElement = document.getElementById(id + "-input-row") - const errorListElement = document.getElementById(id + "-error") + const rowElement = document.getElementById(idWithIndex + "-input-row") + const errorListElement = document.getElementById(idWithIndex + "-error") errorListElement.replaceChildren() if (valueType === 'valueString') { - return validateString(rowElement, errorListElement, value, errors, id) + return validateString(rowElement, errorListElement, value, errors, idWithIndex) } else if (valueType === 'valueInteger') { - return validateInteger(rowElement, errorListElement, value, errors, id) + return validateInteger(rowElement, errorListElement, value, errors, idWithIndex) } else if (valueType === 'valueDecimal') { - return validateDecimal(rowElement, errorListElement, value, errors, id) + return validateDecimal(rowElement, errorListElement, value, errors, idWithIndex) } else if (valueType === 'valueDate') { - return validateDate(rowElement, errorListElement, value, errors, id) + return validateDate(rowElement, errorListElement, value, errors, idWithIndex) } else if (valueType === 'valueTime') { - return validateTime(rowElement, errorListElement, value, errors, id) + return validateTime(rowElement, errorListElement, value, errors, idWithIndex) } else if (valueType === 'valueDateTime') { - return validateDateTime(rowElement, errorListElement, value, errors, id) + return validateDateTime(rowElement, errorListElement, value, errors, idWithIndex) } else if (valueType === 'valueInstant') { - return validateInstant(rowElement, errorListElement, value, errors, id) + return validateInstant(rowElement, errorListElement, value, errors, idWithIndex) } else if (valueType === 'valueUri') { - return validateUrl(rowElement, errorListElement, value, errors, id) + return validateUrl(rowElement, errorListElement, value, errors, idWithIndex) } else if (valueType === 'valueReference') { if (parentElement) { - return validateReference(rowElement, errorListElement, value, errors, id) + return validateReference(rowElement, errorListElement, value, errors, idWithIndex) } else { - const valueIdentifier = validateIdentifier(rowElement, errorListElement, valueSystem, valueValue, errors, id) + const valueIdentifier = validateIdentifier(rowElement, errorListElement, valueSystem, valueValue, errors, idWithIndex) return {identifier: valueIdentifier, type: templateValue?.valueReference?.type} } } else if (valueType === 'valueBoolean') { - return document.querySelector("input[name=" + id + "]:checked").value + return document.querySelector("input[name=" + idWithIndex + "]:checked").value } else if (valueType === "valueIdentifier") { - return validateIdentifier(rowElement, errorListElement, valueSystem, valueValue, errors, id) + return validateIdentifier(rowElement, errorListElement, valueSystem, valueValue, errors, idWithIndex) } else if (valueType === "valueCoding") { - return validateCoding(rowElement, errorListElement, valueSystem, valueValue, errors, id) + return validateCoding(rowElement, errorListElement, valueSystem, valueValue, errors, idWithIndex) } else { return null } } +function getIdWithIndex(id, idIndexMap) { + if (idIndexMap.has(id)) { + const index = idIndexMap.get(id) + 1 + idIndexMap.set(id, index) + return id + "-" + index + } else { + idIndexMap.set(id, 0) + return id + "-0" + } +} + function validateString(rowElement, errorListElement, value, errors, id) { if (value === null || value.trim() === "") { addError(rowElement, errorListElement, errors, id, "Value is null or empty") From 9898564dae22ea1b29a87b93190fc9c92f963905 Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Mon, 26 Jun 2023 16:17:18 +0200 Subject: [PATCH 29/43] practitoner-role configs --- dsf-docker-test-setup-3dic-ttp/docker-compose.yml | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/dsf-docker-test-setup-3dic-ttp/docker-compose.yml b/dsf-docker-test-setup-3dic-ttp/docker-compose.yml index 1675f4011..9d47b52c5 100644 --- a/dsf-docker-test-setup-3dic-ttp/docker-compose.yml +++ b/dsf-docker-test-setup-3dic-ttp/docker-compose.yml @@ -154,6 +154,8 @@ services: - SEARCH - HISTORY - PERMANENT_DELETE + practitioner-role: + - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' @@ -220,6 +222,8 @@ services: - SEARCH - HISTORY - PERMANENT_DELETE + practitioner-role: + - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' @@ -286,6 +290,8 @@ services: - SEARCH - HISTORY - PERMANENT_DELETE + practitioner-role: + - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' @@ -359,6 +365,8 @@ services: - SEARCH - HISTORY - PERMANENT_DELETE + practitioner-role: + - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' From c05398a267d0fd2fa853b8b7e2b9f8a2266d3f3d Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Mon, 26 Jun 2023 16:18:25 +0200 Subject: [PATCH 30/43] new warning for unknown config properties, extracted string constants --- .../dev/dsf/common/auth/conf/RoleConfig.java | 30 +++++++++++++++---- 1 file changed, 24 insertions(+), 6 deletions(-) diff --git a/dsf-common/dsf-common-auth/src/main/java/dev/dsf/common/auth/conf/RoleConfig.java b/dsf-common/dsf-common-auth/src/main/java/dev/dsf/common/auth/conf/RoleConfig.java index 45c2771c5..cdf57a832 100644 --- a/dsf-common/dsf-common-auth/src/main/java/dev/dsf/common/auth/conf/RoleConfig.java +++ b/dsf-common/dsf-common-auth/src/main/java/dev/dsf/common/auth/conf/RoleConfig.java @@ -1,6 +1,7 @@ package dev.dsf.common.auth.conf; import java.util.ArrayList; +import java.util.Arrays; import java.util.Collections; import java.util.List; import java.util.Map; @@ -9,9 +10,23 @@ import java.util.stream.Collectors; import org.hl7.fhir.r4.model.Coding; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; public class RoleConfig { + private static final Logger logger = LoggerFactory.getLogger(RoleConfig.class); + + private static final String PROPERTY_THUMBPRINT = "thumbprint"; + private static final String PROPERTY_EMAIL = "email"; + private static final String PROPERTY_TOKEN_ROLE = "token-role"; + private static final String PROPERTY_TOKEN_GROUP = "token-group"; + private static final String PROPERTY_DSF_ROLE = "dsf-role"; + private static final String PROPERTY_PRACTITIONER_ROLE = "practitioner-role"; + + private static final List<String> PROPERTIES = Arrays.asList(PROPERTY_THUMBPRINT, PROPERTY_EMAIL, + PROPERTY_TOKEN_ROLE, PROPERTY_TOKEN_GROUP, PROPERTY_DSF_ROLE, PROPERTY_PRACTITIONER_ROLE); + public class Mapping { private final String name; @@ -133,26 +148,29 @@ public RoleConfig(Object config, Function<String, DsfRole> dsfRoleFactory, { switch ((String) p.getKey()) { - case "thumbprint": + case PROPERTY_THUMBPRINT: thumbprints = getValues(p.getValue()); break; - case "email": + case PROPERTY_EMAIL: emails = getValues(p.getValue()); break; - case "token-role": + case PROPERTY_TOKEN_ROLE: tokenRoles = getValues(p.getValue()); break; - case "token-group": + case PROPERTY_TOKEN_GROUP: tokenGroups = getValues(p.getValue()); break; - case "dsf-role": + case PROPERTY_DSF_ROLE: dsfRoles = getValues(p.getValue()).stream().map(dsfRoleFactory) .filter(r -> r != null).toList(); break; - case "practitioner-role": + case PROPERTY_PRACTITIONER_ROLE: practitionerRoles = getValues(p.getValue()).stream() .map(practitionerRoleFactory).filter(r -> r != null).toList(); break; + default: + logger.warn("Unknown role config property '{}', expected one of {}", + p.getKey(), PROPERTIES); } } } From c519e19c4cd1571a173d2ec0bc1c88cf6aa59252 Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Mon, 26 Jun 2023 16:19:54 +0200 Subject: [PATCH 31/43] add right padding to extension-row --- dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css index 79e468074..48e911ed8 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css @@ -32,7 +32,7 @@ fieldset#form-fieldset { } .row-extension { - padding: 10px 0 0 15px; + padding: 10px 15px 0 15px; } .row-display { From 0ef1b47e35166030a2affc31b08ae1efb61abed5 Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Mon, 26 Jun 2023 16:20:39 +0200 Subject: [PATCH 32/43] removed extra space character in log message --- .../java/dev/dsf/fhir/authorization/TaskAuthorizationRule.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/TaskAuthorizationRule.java b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/TaskAuthorizationRule.java index f29ac73bd..7feb5ab7b 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/TaskAuthorizationRule.java +++ b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authorization/TaskAuthorizationRule.java @@ -127,7 +127,7 @@ else if (TaskStatus.REQUESTED.equals(newResource.getStatus())) } else { - logger.warn("Create of Task unauthorized for identity '{}', Task.status requested, {}", + logger.warn("Create of Task unauthorized for identity '{}', Task.status requested, {}", identity.getName(), errors.get()); return Optional.empty(); } From de7a1392ee8e452b2e1f621dcb752beae24eb3f7 Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Mon, 26 Jun 2023 16:22:30 +0200 Subject: [PATCH 33/43] remove not needed 'with' from text --- .../src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java index 3e12bc0c5..6deb84fb6 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java @@ -46,7 +46,7 @@ public void writeHtml(String basePath, Task task, OutputStreamWriter out) throws out.write("<div>"); out.write("<p>\n"); out.write("This Task resource " + (draft ? "can be used" : "was used") - + " to instantiate the following process with:"); + + " to instantiate the following process:"); out.write("</p>\n"); out.write("<ul class=\"info-list\">\n"); out.write( From 80460791b452ef16914c60148c5a3b319885bb83 Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Mon, 26 Jun 2023 16:24:10 +0200 Subject: [PATCH 34/43] improved current identity log message New message includes differentiation between organization and practitioner, shows practitioner-roles if current identity is a practitioner identity. --- .../webservice/secure/AbstractServiceSecure.java | 16 +++++++++++++++- 1 file changed, 15 insertions(+), 1 deletion(-) diff --git a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/webservice/secure/AbstractServiceSecure.java b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/webservice/secure/AbstractServiceSecure.java index 876229a79..6ddbd0c72 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/webservice/secure/AbstractServiceSecure.java +++ b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/webservice/secure/AbstractServiceSecure.java @@ -1,12 +1,15 @@ package dev.dsf.fhir.webservice.secure; import java.util.Objects; +import java.util.stream.Collectors; import org.slf4j.Logger; import org.slf4j.LoggerFactory; import org.springframework.beans.factory.InitializingBean; import dev.dsf.common.auth.conf.Identity; +import dev.dsf.common.auth.conf.OrganizationIdentity; +import dev.dsf.common.auth.conf.PractitionerIdentity; import dev.dsf.fhir.help.ResponseGenerator; import dev.dsf.fhir.service.ReferenceResolver; import dev.dsf.fhir.webservice.base.AbstractDelegatingBasicService; @@ -51,6 +54,17 @@ protected final Response forbidden(String operation) protected void logCurrentIdentity() { Identity identity = getCurrentIdentity(); - logger.debug("Current identity '{}', roles '{}'", identity.getName(), identity.getDsfRoles()); + if (identity instanceof OrganizationIdentity) + { + logger.debug("Current organization identity '{}', dsf-roles '{}'", identity.getName(), + identity.getDsfRoles()); + } + else if (identity instanceof PractitionerIdentity) + { + PractitionerIdentity practitionerIdentity = (PractitionerIdentity) identity; + logger.debug("Current practitioner identity '{}', dsf-roles '{}', practitioner-roles '{}'", + identity.getName(), identity.getDsfRoles(), practitionerIdentity.getPractionerRoles().stream() + .map(c -> c.getSystem() + "|" + c.getCode()).collect(Collectors.joining(", ", "[", "]"))); + } } } From eeef1c52b6aff1016abeee552c1b2688df31cfb3 Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Mon, 26 Jun 2023 16:27:56 +0200 Subject: [PATCH 35/43] improved error log for WebApplicationException with no included message The error log message for WebApplicationException with no included message now shows the HTTP status code and reason phrase --- .../dsf/bpe/v1/activity/AbstractTaskMessageSend.java | 12 +++++++++++- 1 file changed, 11 insertions(+), 1 deletion(-) diff --git a/dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/activity/AbstractTaskMessageSend.java b/dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/activity/AbstractTaskMessageSend.java index 3be0f8364..fb478d339 100644 --- a/dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/activity/AbstractTaskMessageSend.java +++ b/dsf-bpe/dsf-bpe-process-api-v1/src/main/java/dev/dsf/bpe/v1/activity/AbstractTaskMessageSend.java @@ -38,6 +38,8 @@ import dev.dsf.bpe.v1.variables.Targets; import dev.dsf.bpe.v1.variables.Variables; import dev.dsf.fhir.client.FhirWebserviceClient; +import jakarta.ws.rs.WebApplicationException; +import jakarta.ws.rs.core.Response.StatusType; /** * Base class for implementing BPMN message send tasks, intermediate message throw events and message end events using @@ -194,11 +196,19 @@ protected void doExecute(DelegateExecution execution, Variables variables) throw } catch (Exception e) { + String exceptionMessage = e.getMessage(); + if (e instanceof WebApplicationException && (e.getMessage() == null || e.getMessage().isBlank())) + { + StatusType statusInfo = ((WebApplicationException) e).getResponse().getStatusInfo(); + exceptionMessage = statusInfo.getStatusCode() + " " + statusInfo.getReasonPhrase(); + } + String errorMessage = "Task " + instantiatesCanonical + " send failed [recipient: " + target.getOrganizationIdentifierValue() + ", endpoint: " + target.getEndpointIdentifierValue() + ", businessKey: " + businessKey + (target.getCorrelationKey() == null ? "" : ", correlationKey: " + target.getCorrelationKey()) - + ", message: " + messageName + ", error: " + e.getClass().getName() + " - " + e.getMessage() + "]"; + + ", message: " + messageName + ", error: " + e.getClass().getName() + " - " + exceptionMessage + + "]"; logger.warn(errorMessage); logger.debug("Error while sending Task", e); From 48eb0ba052992985d7ca288abe3111e2f71b9873 Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Mon, 26 Jun 2023 22:10:48 +0200 Subject: [PATCH 36/43] dependency and maven-plugin version upgrades --- dsf-bpe/dsf-bpe-server/pom.xml | 2 +- pom.xml | 45 +++++++++++++++++----------------- 2 files changed, 23 insertions(+), 24 deletions(-) diff --git a/dsf-bpe/dsf-bpe-server/pom.xml b/dsf-bpe/dsf-bpe-server/pom.xml index 88cb9970a..fb3f4bc53 100755 --- a/dsf-bpe/dsf-bpe-server/pom.xml +++ b/dsf-bpe/dsf-bpe-server/pom.xml @@ -142,7 +142,7 @@ </dependency> <dependency> <groupId>org.bouncycastle</groupId> - <artifactId>bcmail-jdk15on</artifactId> + <artifactId>bcmail-jdk18on</artifactId> </dependency> <dependency> diff --git a/pom.xml b/pom.xml index 968f6224d..ae9df052f 100755 --- a/pom.xml +++ b/pom.xml @@ -24,11 +24,10 @@ <slf4j.version>2.0.7</slf4j.version> <log4j.version>2.20.0</log4j.version> <jetty.version>11.0.15</jetty.version> - <jersey.version>3.1.1</jersey.version> + <jersey.version>3.1.2</jersey.version> <tyrus.version>2.1.3</tyrus.version> - <spring.version>6.0.9</spring.version> - <!-- 2.15.0 not working StreamReadConstraints#DEFAULT_MAX_STRING_LEN = 5_000_000 vs HAPI: static JacksonStructure.createObjectMapper() --> - <jackson.version>2.14.3</jackson.version> + <spring.version>6.0.10</spring.version> + <jackson.version>2.15.2</jackson.version> <camunda.version>7.19.0</camunda.version> <hapi.fhir.version>5.1.0</hapi.fhir.version> <hapi.hl7v2.version>2.3</hapi.hl7v2.version> @@ -122,8 +121,8 @@ </dependency> <dependency> <groupId>org.bouncycastle</groupId> - <artifactId>bcmail-jdk15on</artifactId> - <version>1.70</version> + <artifactId>bcmail-jdk18on</artifactId> + <version>1.75</version> </dependency> <!-- testing --> @@ -135,12 +134,12 @@ <dependency> <groupId>org.mockito</groupId> <artifactId>mockito-core</artifactId> - <version>5.3.1</version> + <version>5.4.0</version> </dependency> <dependency> <groupId>org.bouncycastle</groupId> - <artifactId>bcprov-jdk15on</artifactId> - <version>1.70</version> + <artifactId>bcprov-jdk18on</artifactId> + <version>1.75</version> </dependency> <!-- database --> @@ -164,7 +163,7 @@ <dependency> <groupId>de.hs-heilbronn.mi</groupId> <artifactId>crypto-utils</artifactId> - <version>3.6.0</version> + <version>3.7.0</version> </dependency> <dependency> <groupId>de.hs-heilbronn.mi</groupId> @@ -272,7 +271,7 @@ <dependency> <groupId>org.glassfish.jaxb</groupId> <artifactId>jaxb-runtime</artifactId> - <version>4.0.2</version> + <version>4.0.3</version> </dependency> <!-- spring --> @@ -397,7 +396,7 @@ <dependency> <groupId>com.google.guava</groupId> <artifactId>guava</artifactId> - <version>31.1-jre</version> + <version>32.0.1-jre</version> </dependency> <dependency> <groupId>com.google.code.gson</groupId> @@ -420,7 +419,7 @@ <dependency> <groupId>commons-io</groupId> <artifactId>commons-io</artifactId> - <version>2.11.0</version> + <version>2.13.0</version> </dependency> <dependency> @@ -449,12 +448,12 @@ <dependency> <groupId>org.apache.maven</groupId> <artifactId>maven-core</artifactId> - <version>3.9.2</version> + <version>3.9.3</version> </dependency> <dependency> <groupId>org.apache.maven</groupId> <artifactId>maven-plugin-api</artifactId> - <version>3.9.2</version> + <version>3.9.3</version> </dependency> <dependency> <groupId>org.apache.maven.plugin-tools</groupId> @@ -492,7 +491,7 @@ <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-source-plugin</artifactId> - <version>3.2.1</version> + <version>3.3.0</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> @@ -502,17 +501,17 @@ <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-surefire-plugin</artifactId> - <version>3.1.0</version> + <version>3.1.2</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-failsafe-plugin</artifactId> - <version>3.1.0</version> + <version>3.1.2</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-shade-plugin</artifactId> - <version>3.4.1</version> + <version>3.5.0</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> @@ -538,12 +537,12 @@ <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-clean-plugin</artifactId> - <version>3.2.0</version> + <version>3.3.1</version> </plugin> <plugin> <groupId>net.revelc.code.formatter</groupId> <artifactId>formatter-maven-plugin</artifactId> - <version>2.22.0</version> + <version>2.23.0</version> </plugin> <plugin> <groupId>net.revelc.code</groupId> @@ -553,7 +552,7 @@ <plugin> <groupId>org.apache.maven.plugins</groupId> <artifactId>maven-dependency-plugin</artifactId> - <version>3.5.0</version> + <version>3.6.0</version> </plugin> <plugin> <groupId>org.codehaus.mojo</groupId> @@ -564,7 +563,7 @@ <plugin> <groupId>io.fabric8</groupId> <artifactId>docker-maven-plugin</artifactId> - <version>0.42.1</version> + <version>0.43.0</version> </plugin> <plugin> <groupId>org.apache.maven.plugins</groupId> From 66d939f681d8903749ba064d98cc0b98420747f1 Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Mon, 26 Jun 2023 22:11:11 +0200 Subject: [PATCH 37/43] improved log message --- .../java/dev/dsf/fhir/authentication/IdentityProviderImpl.java | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authentication/IdentityProviderImpl.java b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authentication/IdentityProviderImpl.java index eb6dac8d2..1f2421f74 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authentication/IdentityProviderImpl.java +++ b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/authentication/IdentityProviderImpl.java @@ -178,7 +178,7 @@ public Identity getIdentity(X509Certificate[] certificates) else { logger.warn( - "Certificate with thumbprint '{}' for '{}' not part of allowlist and not configured as local user or local organization unknown", + "Certificate with thumbprint '{}' for '{}' unknown, not part of allowlist and not configured as local user or local organization", thumbprint, getDn(certificates[0])); return null; } From 8078f9862bbc72452fa059257bb6d9c3f50d9109 Mon Sep 17 00:00:00 2001 From: Reto Wettstein <Reto.Wettstein@med.uni-heidelberg.de> Date: Tue, 27 Jun 2023 22:03:48 +0200 Subject: [PATCH 38/43] only show the inputs header if there are more than the message-name input --- .../dsf/fhir/adapter/TaskHtmlGenerator.java | 20 ++++++++++--------- 1 file changed, 11 insertions(+), 9 deletions(-) diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java index 6deb84fb6..e776f8b33 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java @@ -82,7 +82,9 @@ public void writeHtml(String basePath, Task task, OutputStreamWriter out) throws + (draft ? "placeholder=\"yyyy.MM.dd hh:mm:ss\"" : "value=\"" + authoredOn + "\"") + "></input>\n"); out.write("</div>\n"); - if (task.hasInput()) + // the Task has more inputs than the message-name, + // just the message-name input is only possible with Task status draft + if (task.getInput().size() > 1) { out.write("<section>"); out.write("<h2 class=\"input-output-header\">Inputs</h2>"); @@ -93,14 +95,6 @@ public void writeHtml(String basePath, Task task, OutputStreamWriter out) throws writeInput(input, elementIdIndexMap, draft, out); } - if (draft) - { - out.write("<div class=\"row row-submit\" id=\"submit-row\">\n"); - out.write("<button type=\"button\" id=\"submit\" class=\"submit\" " + "onclick=\"startProcess();\"" - + ">Start Process</button>\n"); - out.write("</div>\n"); - } - out.write("</section>"); } @@ -118,6 +112,14 @@ public void writeHtml(String basePath, Task task, OutputStreamWriter out) throws out.write("</section>"); } + if (draft) + { + out.write("<div class=\"row row-submit\" id=\"submit-row\">\n"); + out.write("<button type=\"button\" id=\"submit\" class=\"submit\" " + "onclick=\"startProcess();\"" + + ">Start Process</button>\n"); + out.write("</div>\n"); + } + out.write("</fieldset>\n"); out.write("</form>\n"); } From a90e433f0be31c89307b57eda1fda8e3220917a8 Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Wed, 28 Jun 2023 03:24:38 +0200 Subject: [PATCH 39/43] jetty init now via special spring context, jetty properties now dev.dsf Initialization and property config for jetty server now via specialized spring context. Jetty properties now defined via spring @Value annotations. All jetty properties now start with dev.dsf. --- .../conf/config.properties | 2 +- .../conf/jetty.properties | 14 +- .../dsf-bpe-server-jetty/docker/Dockerfile | 8 +- dsf-bpe/dsf-bpe-server-jetty/pom.xml | 1 + .../main/java/dev/dsf/bpe/BpeJettyServer.java | 25 +- .../java/dev/dsf/bpe/BpeJettyServerHttps.java | 25 +- .../src/main/java/dev/dsf/bpe/BpeServer.java | 40 -- .../bpe/{ => config}/BpeDbMigratorConfig.java | 9 +- .../dsf/bpe/config/BpeHttpJettyConfig.java | 25 + .../dsf/bpe/config/BpeHttpsJettyConfig.java | 25 + .../bpe/spring/config/PropertiesConfig.java | 16 +- dsf-common/dsf-common-jetty/pom.xml | 12 + .../config/AbstractHttpJettyConfig.java | 15 + .../config/AbstractHttpsJettyConfig.java | 15 + .../common/config/AbstractJettyConfig.java | 529 ++++++++++++++++++ .../dsf/common/jetty/AbstractJettyConfig.java | 297 ---------- .../dev/dsf/common/jetty/EnvJettyConfig.java | 285 ---------- .../dev/dsf/common/jetty/JettyConfig.java | 249 --------- .../dev/dsf/common/jetty/JettyServer.java | 256 ++++----- .../dsf/common/jetty/Log4jInitializer.java | 10 +- .../java/dev/dsf/common/jetty/OidcConfig.java | 13 - .../dsf/common/jetty/PropertyJettyConfig.java | 317 ----------- .../common/status/client/StatusClient.java | 4 +- dsf-common/pom.xml | 6 + .../docker-compose.yml | 144 ++--- dsf-docker-test-setup/bpe/docker-compose.yml | 4 +- dsf-docker-test-setup/fhir/docker-compose.yml | 9 +- .../conf/jetty.properties | 14 +- .../dsf-fhir-server-jetty/docker/Dockerfile | 8 +- dsf-fhir/dsf-fhir-server-jetty/pom.xml | 1 + .../java/dev/dsf/fhir/FhirJettyServer.java | 27 +- .../dev/dsf/fhir/FhirJettyServerHttps.java | 25 +- .../main/java/dev/dsf/fhir/FhirServer.java | 43 -- .../{ => config}/FhirDbMigratorConfig.java | 10 +- .../dsf/fhir/config/FhirHttpJettyConfig.java | 28 + .../dsf/fhir/config/FhirHttpsJettyConfig.java | 28 + .../fhir/spring/config/PropertiesConfig.java | 16 +- .../integration/AbstractIntegrationTest.java | 104 +++- .../dsf/fhir/integration/TestJettyConfig.java | 136 ----- .../java-test-fhir-config.properties | 2 +- 40 files changed, 1126 insertions(+), 1671 deletions(-) delete mode 100755 dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeServer.java rename dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/{ => config}/BpeDbMigratorConfig.java (97%) create mode 100644 dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/config/BpeHttpJettyConfig.java create mode 100644 dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/config/BpeHttpsJettyConfig.java create mode 100644 dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractHttpJettyConfig.java create mode 100644 dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractHttpsJettyConfig.java create mode 100644 dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractJettyConfig.java delete mode 100644 dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/AbstractJettyConfig.java delete mode 100644 dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/EnvJettyConfig.java delete mode 100644 dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyConfig.java delete mode 100644 dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/OidcConfig.java delete mode 100644 dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/PropertyJettyConfig.java delete mode 100755 dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirServer.java rename dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/{ => config}/FhirDbMigratorConfig.java (97%) create mode 100644 dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/config/FhirHttpJettyConfig.java create mode 100644 dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/config/FhirHttpsJettyConfig.java delete mode 100644 dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TestJettyConfig.java diff --git a/dsf-bpe/dsf-bpe-server-jetty/conf/config.properties b/dsf-bpe/dsf-bpe-server-jetty/conf/config.properties index a32b0cbb9..32088b9a2 100755 --- a/dsf-bpe/dsf-bpe-server-jetty/conf/config.properties +++ b/dsf-bpe/dsf-bpe-server-jetty/conf/config.properties @@ -12,7 +12,7 @@ dev.dsf.bpe.db.user.camunda.password=arpJ2FgJuYvUJhbxeuh7 dev.dsf.bpe.fhir.server.organization.identifier.value=Test_Organization -dev.dsf.bpe.fhir.client.trust.certificates=target/testca_certificate.pem +dev.dsf.bpe.fhir.client.trust.server.certificate.cas=target/testca_certificate.pem dev.dsf.bpe.fhir.client.certificate=target/test-client_certificate.pem dev.dsf.bpe.fhir.client.certificate.private.key=target/test-client_private-key.pem dev.dsf.bpe.fhir.client.certificate.private.key.password=password diff --git a/dsf-bpe/dsf-bpe-server-jetty/conf/jetty.properties b/dsf-bpe/dsf-bpe-server-jetty/conf/jetty.properties index 3b9e515f9..f426c798d 100755 --- a/dsf-bpe/dsf-bpe-server-jetty/conf/jetty.properties +++ b/dsf-bpe/dsf-bpe-server-jetty/conf/jetty.properties @@ -1,9 +1,9 @@ -jetty.port=8002 -jetty.status.port=10002 -jetty.context.path=/bpe +dev.dsf.server.api.port=8002 +dev.dsf.server.status.port=10002 +dev.dsf.server.context.path=/bpe -jetty.server.server.certificate=target/localhost_certificate.pem -jetty.server.certificate.private.key=target/localhost_private-key.pem -jetty.server.certificate.private.key.password=password +dev.dsf.server.certificate=target/localhost_certificate.pem +dev.dsf.server.certificate.key=target/localhost_private-key.pem +dev.dsf.server.certificate.key.password=password -jetty.auth.client.trust.certificates=target/testca_certificate.pem \ No newline at end of file +dev.dsf.server.trust.client.certificate.cas=target/testca_certificate.pem \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server-jetty/docker/Dockerfile b/dsf-bpe/dsf-bpe-server-jetty/docker/Dockerfile index 164632094..d5297d4ce 100755 --- a/dsf-bpe/dsf-bpe-server-jetty/docker/Dockerfile +++ b/dsf-bpe/dsf-bpe-server-jetty/docker/Dockerfile @@ -23,8 +23,8 @@ COPY --from=builder /opt/bpe ./ USER java ENTRYPOINT ["./dsf_bpe_start.sh"] -ENV JETTY_HOST="0.0.0.0" -ENV JETTY_PORT="8080" -ENV JETTY_STATUS_PORT="10000" -ENV JETTY_CONTEXT_PATH="/bpe" +ENV DEV_DSF_SERVER_API_HOST="0.0.0.0" +ENV DEV_DSF_SERVER_API_PORT="8080" +ENV DEV_DSF_SERVER_STATUS_PORT="10000" +ENV DEV_DSF_SERVER_CONTEXT_PATH="/bpe" HEALTHCHECK --interval=10s --timeout=15s --start-period=10s --retries=5 CMD [ "java", "-cp", "dsf_status_client.jar", "dev.dsf.common.status.client.StatusClient" ] \ No newline at end of file diff --git a/dsf-bpe/dsf-bpe-server-jetty/pom.xml b/dsf-bpe/dsf-bpe-server-jetty/pom.xml index df45cfe34..0d05e406b 100755 --- a/dsf-bpe/dsf-bpe-server-jetty/pom.xml +++ b/dsf-bpe/dsf-bpe-server-jetty/pom.xml @@ -163,6 +163,7 @@ </executions> <configuration> <workingPackages> + <workingPackage>dev.dsf.common</workingPackage> <workingPackage>dev.dsf.bpe</workingPackage> </workingPackages> </configuration> diff --git a/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeJettyServer.java b/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeJettyServer.java index bcffd8c62..a4f1787b3 100755 --- a/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeJettyServer.java +++ b/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeJettyServer.java @@ -1,17 +1,38 @@ package dev.dsf.bpe; +import org.slf4j.bridge.SLF4JBridgeHandler; +import org.springframework.context.annotation.AnnotationConfigApplicationContext; + +import dev.dsf.bpe.config.BpeDbMigratorConfig; +import dev.dsf.bpe.config.BpeHttpJettyConfig; +import dev.dsf.common.jetty.JettyServer; import dev.dsf.common.jetty.Log4jInitializer; -import dev.dsf.common.jetty.PropertyJettyConfig; +import dev.dsf.tools.db.DbMigrator; public class BpeJettyServer { static { + SLF4JBridgeHandler.removeHandlersForRootLogger(); + SLF4JBridgeHandler.install(); + Log4jInitializer.initializeLog4j(); } public static void main(String[] args) { - new BpeServer(PropertyJettyConfig.forHttp().read()).start(); + try (AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext( + BpeDbMigratorConfig.class)) + { + DbMigrator migrator = context.getBean(DbMigrator.class); + DbMigrator.retryOnConnectException(3, migrator::migrate); + } + + try (AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext( + BpeHttpJettyConfig.class)) + { + JettyServer server = context.getBean(JettyServer.class); + server.start(); + } } } diff --git a/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeJettyServerHttps.java b/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeJettyServerHttps.java index 5c4704cd7..432bf3f43 100755 --- a/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeJettyServerHttps.java +++ b/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeJettyServerHttps.java @@ -1,17 +1,38 @@ package dev.dsf.bpe; +import org.slf4j.bridge.SLF4JBridgeHandler; +import org.springframework.context.annotation.AnnotationConfigApplicationContext; + +import dev.dsf.bpe.config.BpeDbMigratorConfig; +import dev.dsf.bpe.config.BpeHttpsJettyConfig; +import dev.dsf.common.jetty.JettyServer; import dev.dsf.common.jetty.Log4jInitializer; -import dev.dsf.common.jetty.PropertyJettyConfig; +import dev.dsf.tools.db.DbMigrator; public class BpeJettyServerHttps { static { + SLF4JBridgeHandler.removeHandlersForRootLogger(); + SLF4JBridgeHandler.install(); + Log4jInitializer.initializeLog4j(); } public static void main(String[] args) { - new BpeServer(PropertyJettyConfig.forHttps().read()).start(); + try (AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext( + BpeDbMigratorConfig.class)) + { + DbMigrator migrator = context.getBean(DbMigrator.class); + DbMigrator.retryOnConnectException(3, migrator::migrate); + } + + try (AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext( + BpeHttpsJettyConfig.class)) + { + JettyServer server = context.getBean(JettyServer.class); + server.start(); + } } } diff --git a/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeServer.java b/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeServer.java deleted file mode 100755 index cb0066813..000000000 --- a/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeServer.java +++ /dev/null @@ -1,40 +0,0 @@ -package dev.dsf.bpe; - -import java.util.stream.Stream; - -import org.glassfish.jersey.servlet.init.JerseyServletContainerInitializer; -import org.slf4j.bridge.SLF4JBridgeHandler; -import org.springframework.context.annotation.AnnotationConfigApplicationContext; -import org.springframework.web.SpringServletContainerInitializer; - -import dev.dsf.common.jetty.JettyConfig; -import dev.dsf.common.jetty.JettyServer; -import dev.dsf.tools.db.DbMigrator; -import dev.dsf.tools.db.DbMigratorConfig; - -public final class BpeServer extends JettyServer -{ - static - { - SLF4JBridgeHandler.removeHandlersForRootLogger(); - SLF4JBridgeHandler.install(); - } - - public BpeServer(JettyConfig jettyConfig) - { - super("bpe-server", jettyConfig, - Stream.of(JerseyServletContainerInitializer.class, SpringServletContainerInitializer.class)); - } - - @Override - public void beforeStart() - { - try (AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext( - BpeDbMigratorConfig.class)) - { - DbMigratorConfig config = context.getBean(DbMigratorConfig.class); - DbMigrator dbMigrator = new DbMigrator(config); - DbMigrator.retryOnConnectException(3, dbMigrator::migrate); - } - } -} diff --git a/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeDbMigratorConfig.java b/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/config/BpeDbMigratorConfig.java similarity index 97% rename from dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeDbMigratorConfig.java rename to dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/config/BpeDbMigratorConfig.java index fe24c4b27..2f8df86c8 100644 --- a/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/BpeDbMigratorConfig.java +++ b/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/config/BpeDbMigratorConfig.java @@ -1,4 +1,4 @@ -package dev.dsf.bpe; +package dev.dsf.bpe.config; import java.util.Map; @@ -10,6 +10,7 @@ import org.springframework.core.env.ConfigurableEnvironment; import dev.dsf.common.documentation.Documentation; +import dev.dsf.tools.db.DbMigrator; import dev.dsf.tools.db.DbMigratorConfig; import dev.dsf.tools.docker.secrets.DockerSecretsPropertySourceFactory; @@ -120,4 +121,10 @@ public long getLiquibaseLockWaitTime() { return dbLiquibaseLockWaitTime; } + + @Bean + public DbMigrator dbMigrator() + { + return new DbMigrator(this); + } } diff --git a/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/config/BpeHttpJettyConfig.java b/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/config/BpeHttpJettyConfig.java new file mode 100644 index 000000000..7247be51f --- /dev/null +++ b/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/config/BpeHttpJettyConfig.java @@ -0,0 +1,25 @@ +package dev.dsf.bpe.config; + +import java.util.Arrays; +import java.util.List; + +import org.glassfish.jersey.servlet.init.JerseyServletContainerInitializer; +import org.springframework.web.SpringServletContainerInitializer; + +import dev.dsf.common.config.AbstractHttpJettyConfig; +import jakarta.servlet.ServletContainerInitializer; + +public class BpeHttpJettyConfig extends AbstractHttpJettyConfig +{ + @Override + protected String mavenServerModuleName() + { + return "bpe-server"; + } + + @Override + protected List<Class<? extends ServletContainerInitializer>> servletContainerInitializers() + { + return Arrays.asList(JerseyServletContainerInitializer.class, SpringServletContainerInitializer.class); + } +} diff --git a/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/config/BpeHttpsJettyConfig.java b/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/config/BpeHttpsJettyConfig.java new file mode 100644 index 000000000..523ef5612 --- /dev/null +++ b/dsf-bpe/dsf-bpe-server-jetty/src/main/java/dev/dsf/bpe/config/BpeHttpsJettyConfig.java @@ -0,0 +1,25 @@ +package dev.dsf.bpe.config; + +import java.util.Arrays; +import java.util.List; + +import org.glassfish.jersey.servlet.init.JerseyServletContainerInitializer; +import org.springframework.web.SpringServletContainerInitializer; + +import dev.dsf.common.config.AbstractHttpsJettyConfig; +import jakarta.servlet.ServletContainerInitializer; + +public class BpeHttpsJettyConfig extends AbstractHttpsJettyConfig +{ + @Override + protected String mavenServerModuleName() + { + return "bpe-server"; + } + + @Override + protected List<Class<? extends ServletContainerInitializer>> servletContainerInitializers() + { + return Arrays.asList(JerseyServletContainerInitializer.class, SpringServletContainerInitializer.class); + } +} diff --git a/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/spring/config/PropertiesConfig.java b/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/spring/config/PropertiesConfig.java index 918a962be..0d5e8cb5e 100644 --- a/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/spring/config/PropertiesConfig.java +++ b/dsf-bpe/dsf-bpe-server/src/main/java/dev/dsf/bpe/spring/config/PropertiesConfig.java @@ -50,8 +50,8 @@ public class PropertiesConfig implements InitializingBean @Value("${dev.dsf.bpe.fhir.server.organization.identifier.value}") private String organizationIdentifierValue; - @Documentation(required = true, description = "PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers", recommendation = "Use docker secret file to configure", example = "/run/secrets/app_client_trust_certificates.pem") - @Value("${dev.dsf.bpe.fhir.client.trust.certificates}") + @Documentation(required = true, description = "PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to local and remote DSF FHIR servers", recommendation = "Use docker secret file to configure", example = "/run/secrets/app_server_trust_certificates.pem") + @Value("${dev.dsf.bpe.fhir.client.trust.server.certificate.cas}") private String clientCertificateTrustStoreFile; @Documentation(required = true, description = "PEM encoded file with local client certificate for https connections to local and remote DSF FHIR servers", recommendation = "Use docker secret file to configure", example = "/run/secrets/app_client_certificate.pem") @@ -167,7 +167,7 @@ public class PropertiesConfig implements InitializingBean private char[] mailServerPassword; @Documentation(description = "PEM encoded file with one or more trusted root certificates to validate the server certificate of the SMTP server. Requires SMTP over TLS to be enabled via *DEV_DSF_BPE_MAIL_USESMTPS*", recommendation = "Use docker secret file to configure", example = "/run/secrets/smtp_server_trust_certificates.pem") - @Value("${dev.dsf.bpe.mail.trust.certificates:#{null}}") + @Value("${dev.dsf.bpe.mail.trust.server.certificate.cas:#{null}}") private String mailServerTrustStoreFile; @Documentation(description = "PEM encoded file with client certificate used to authenticate against the SMTP server. Requires SMTP over TLS to be enabled via *DEV_DSF_BPE_MAIL_USESMTPS*", recommendation = "Use docker secret file to configure", example = "/run/secrets/smtp_server_client_certificate.pem") @@ -218,23 +218,23 @@ public class PropertiesConfig implements InitializingBean @Value("${dev.dsf.bpe.debug.log.message.variables:false}") private boolean debugLogMessageVariables; - @Value("${jetty.status.port}") + @Value("${dev.dsf.server.status.port}") private int jettyStatusConnectorPort; @Documentation(description = "Forward (http/https) proxy url, use *DEV_DSF_BPE_PROXY_NOPROXY* to list domains that do not require a forward proxy", example = "http://proxy.foo:8080") - @Value("${dev.dsf.bpe.proxy.url:#{null}}") + @Value("${dev.dsf.proxy.url:#{null}}") private String proxyUrl; @Documentation(description = "Forward proxy username", recommendation = "Configure username if proxy requires authentication") - @Value("${dev.dsf.bpe.proxy.username:#{null}}") + @Value("${dev.dsf.proxy.username:#{null}}") private String proxyUsername; @Documentation(description = "Forward Proxy password", recommendation = "Configure password if proxy requires authentication, use docker secret file to configure using *${env_variable}_FILE*") - @Value("${dev.dsf.bpe.proxy.password:#{null}}") + @Value("${dev.dsf.proxy.password:#{null}}") private char[] proxyPassword; @Documentation(description = "Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported", example = "foo.bar, test.com:8080") - @Value("#{'${dev.dsf.bpe.proxy.noProxy:}'.trim().split('(,[ ]?)|(\\\\n)')}") + @Value("#{'${dev.dsf.proxy.noProxy:}'.trim().split('(,[ ]?)|(\\\\n)')}") private List<String> proxyNoProxy; @Bean // static in order to initialize before @Configuration classes diff --git a/dsf-common/dsf-common-jetty/pom.xml b/dsf-common/dsf-common-jetty/pom.xml index d3c5820ae..80af85246 100644 --- a/dsf-common/dsf-common-jetty/pom.xml +++ b/dsf-common/dsf-common-jetty/pom.xml @@ -14,6 +14,18 @@ <groupId>dev.dsf</groupId> <artifactId>dsf-common-auth</artifactId> </dependency> + <dependency> + <groupId>dev.dsf</groupId> + <artifactId>dsf-common-config</artifactId> + </dependency> + <dependency> + <groupId>dev.dsf</groupId> + <artifactId>dsf-common-documentation</artifactId> + </dependency> + <dependency> + <groupId>dev.dsf</groupId> + <artifactId>dsf-tools-docker-secrets-reader</artifactId> + </dependency> <dependency> <groupId>org.eclipse.jetty</groupId> <artifactId>jetty-server</artifactId> diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractHttpJettyConfig.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractHttpJettyConfig.java new file mode 100644 index 000000000..59d0e49ce --- /dev/null +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractHttpJettyConfig.java @@ -0,0 +1,15 @@ +package dev.dsf.common.config; + +import java.util.function.Function; + +import org.eclipse.jetty.server.Connector; +import org.eclipse.jetty.server.Server; + +public abstract class AbstractHttpJettyConfig extends AbstractJettyConfig +{ + @Override + protected Function<Server, Connector> apiConnector() + { + return httpApiConnector(); + } +} diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractHttpsJettyConfig.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractHttpsJettyConfig.java new file mode 100644 index 000000000..996dc1324 --- /dev/null +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractHttpsJettyConfig.java @@ -0,0 +1,15 @@ +package dev.dsf.common.config; + +import java.util.function.Function; + +import org.eclipse.jetty.server.Connector; +import org.eclipse.jetty.server.Server; + +public abstract class AbstractHttpsJettyConfig extends AbstractJettyConfig +{ + @Override + protected Function<Server, Connector> apiConnector() + { + return httpsApiConnector(); + } +} diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractJettyConfig.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractJettyConfig.java new file mode 100644 index 000000000..a8d1e1afb --- /dev/null +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/config/AbstractJettyConfig.java @@ -0,0 +1,529 @@ +package dev.dsf.common.config; + +import java.io.IOException; +import java.io.InputStream; +import java.net.MalformedURLException; +import java.net.URL; +import java.nio.file.Files; +import java.nio.file.Path; +import java.nio.file.Paths; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.PrivateKey; +import java.security.cert.Certificate; +import java.security.cert.CertificateException; +import java.security.cert.CertificateFactory; +import java.security.cert.X509Certificate; +import java.time.Duration; +import java.time.temporal.ChronoUnit; +import java.util.ArrayList; +import java.util.Collections; +import java.util.List; +import java.util.Locale; +import java.util.Map; +import java.util.Objects; +import java.util.Properties; +import java.util.UUID; +import java.util.function.Function; +import java.util.function.Supplier; +import java.util.stream.Collectors; + +import org.bouncycastle.jce.provider.BouncyCastleProvider; +import org.bouncycastle.pkcs.PKCSException; +import org.eclipse.jetty.client.HttpClient; +import org.eclipse.jetty.client.HttpProxy; +import org.eclipse.jetty.client.Origin.Address; +import org.eclipse.jetty.client.ProxyConfiguration.Proxy; +import org.eclipse.jetty.client.http.HttpClientTransportOverHTTP; +import org.eclipse.jetty.io.ClientConnector; +import org.eclipse.jetty.security.SecurityHandler; +import org.eclipse.jetty.security.openid.OpenIdAuthenticator; +import org.eclipse.jetty.server.Connector; +import org.eclipse.jetty.server.Server; +import org.eclipse.jetty.server.session.SessionHandler; +import org.eclipse.jetty.util.ssl.SslContextFactory; +import org.eclipse.jetty.webapp.WebAppContext; +import org.slf4j.Logger; +import org.slf4j.LoggerFactory; +import org.springframework.beans.factory.annotation.Value; +import org.springframework.context.annotation.Bean; +import org.springframework.context.annotation.Configuration; +import org.springframework.context.annotation.PropertySource; +import org.springframework.context.support.PropertySourcesPlaceholderConfigurer; +import org.springframework.core.env.ConfigurableEnvironment; + +import de.rwh.utils.crypto.CertificateHelper; +import de.rwh.utils.crypto.io.CertificateReader; +import de.rwh.utils.crypto.io.PemIo; +import dev.dsf.common.auth.BackChannelLogoutAuthenticator; +import dev.dsf.common.auth.BearerTokenAuthenticator; +import dev.dsf.common.auth.ClientCertificateAuthenticator; +import dev.dsf.common.auth.DelegatingAuthenticator; +import dev.dsf.common.auth.DsfLoginService; +import dev.dsf.common.auth.DsfOpenIdConfiguration; +import dev.dsf.common.auth.DsfOpenIdLoginService; +import dev.dsf.common.auth.DsfSecurityHandler; +import dev.dsf.common.auth.StatusPortAuthenticator; +import dev.dsf.common.documentation.Documentation; +import dev.dsf.common.jetty.HttpClientWithGetRetry; +import dev.dsf.common.jetty.JettyServer; +import dev.dsf.tools.docker.secrets.DockerSecretsPropertySourceFactory; +import jakarta.servlet.ServletContainerInitializer; + +@Configuration +@PropertySource(value = "file:conf/jetty.properties", encoding = "UTF-8", ignoreResourceNotFound = true) +public abstract class AbstractJettyConfig +{ + private static final Logger logger = LoggerFactory.getLogger(AbstractJettyConfig.class); + + private static final BouncyCastleProvider provider = new BouncyCastleProvider(); + + @Documentation(required = true, description = "Status connector host") + @Value("${dev.dsf.server.status.host:127.0.0.1}") + private String statusHost; + + @Documentation(required = true, description = "Status connector port, default in docker image: `10000`") + @Value("${dev.dsf.server.status.port}") + private int statusPort; + + @Documentation(required = true, description = "API connector host, default in docker image: `0.0.0.0`") + @Value("${dev.dsf.server.api.host:127.0.0.1}") + private String apiHost; + + @Documentation(required = true, description = "API connector port, default in docker image: `8080`") + @Value("${dev.dsf.server.api.port}") + private int apiPort; + + @Documentation(required = true, description = "Web application context path, default in `bpe` docker image: `/bpe`, default in `fhir` docker image: `/fhir`", recommendation = "Only modify for testing") + @Value("${dev.dsf.server.context.path}") + private String contextPath; + + @Documentation(required = true, description = "Name of HTTP header with client certificate from reverse proxy") + @Value("${dev.dsf.server.auth.client.certificate.header:X-ClientCert}") + private String clientCertificateHeaderName; + + @Documentation(required = true, description = "PEM encoded file with one or more trusted root certificates to validate client certificates for https connections from local and remote clients", recommendation = "Use docker secret file to configure", example = "/run/secrets/app_client_trust_certificates.pem") + @Value("${dev.dsf.server.auth.trust.client.certificate.cas}") + private String clientCertificateTrustStoreFile; + + @Documentation(description = "Server certificate file for testing", recommendation = "Only specify For testing when terminating TLS in jetty server") + @Value("${dev.dsf.server.certificate:#{null}}") + private String serverCertificateFile; + + @Documentation(description = "Server certificate chain file for testing", recommendation = "Only specify For testing when terminating TLS in jetty server") + @Value("${dev.dsf.server.certificate.chain:#{null}}") + private String serverCertificateChainFile; + + @Documentation(description = "Server certificate private key file for testing", recommendation = "Only specify For testing when terminating TLS in jetty server") + @Value("${dev.dsf.server.certificate.key:#{null}}") + private String serverCertificateKeyFile; + + @Documentation(description = "Server certificate private key file password for testing", recommendation = "Only specify For testing when terminating TLS in jetty server") + @Value("${dev.dsf.server.certificate.key.password:#{null}}") + private char[] serverCertificateKeyFilePassword; + + @Documentation(description = "Set to `true` to enable OIDC authorization code flow", recommendation = "Requires *DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL*, *DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID* and *DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET* to be specified") + @Value("${dev.dsf.server.auth.oidc.authorization.code.flow:false}") + private boolean oidcAuthorizationCodeFlowEnabled; + + @Documentation(description = "Set to `true` to enable OIDC bearer token authentication", recommendation = "Requires *DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL* to be specified") + @Value("${dev.dsf.server.auth.oidc.bearer.token:false}") + private boolean oidcBearerTokenEnabled; + + @Documentation(description = "OIDC provider realm base url", example = "https://keycloak.test.com:8443/realms/example-realm-name") + @Value("${dev.dsf.server.auth.oidc.provider.realm.base.url:#{null}}") + private String oidcProviderRealmBaseUrl; + + @Documentation(description = "OIDC provider client connect timeout in milliseconds") + @Value("${dev.dsf.server.auth.oidc.provider.client.connectTimeout:5000}") + private long oidcProviderClientConnectTimeout; + + @Documentation(description = "OIDC provider client idle timeout in milliseconds") + @Value("${dev.dsf.server.auth.oidc.provider.client.idleTimeout:30000}") + private long oidcProviderClientIdleTimeout; + + @Documentation(description = "PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to the OIDC provider", recommendation = "Use docker secret file to configure", example = "/run/secrets/oidc_provider_trust_certificates.pem") + @Value("${dev.dsf.server.auth.oidc.provider.client.trust.server.certificate.cas:#{null}}") + private String oidcProviderClientTrustCertificatesFile; + + @Documentation(description = "PEM encoded file with client certificate for https connections to the OIDC provider", recommendation = "Use docker secret file to configure", example = "/run/secrets/oidc_provider_client_certificate.pem") + @Value("${dev.dsf.server.auth.oidc.provider.client.certificate:#{null}}") + private String oidcProviderClientCertificateFile; + + @Documentation(description = "Private key corresponding to the client certificate for the OIDC provider as PEM encoded file. Use *${env_variable}_PASSWORD* or *${env_variable}_PASSWORD_FILE* if private key is encrypted", recommendation = "Use docker secret file to configure", example = "/run/secrets/oidc_provider_client_certificate_private_key.pem") + @Value("${dev.dsf.server.auth.oidc.provider.client.certificate.private.key:#{null}}") + private String oidcProviderClientCertificatePrivateKeyFile; + + @Documentation(description = "Password to decrypt the client certificate for the OIDC provider encrypted private key", recommendation = "Use docker secret file to configure using *${env_variable}_FILE*", example = "/run/secrets/oidc_provider_client_certificate_private_key.pem.password") + @Value("${dev.dsf.server.auth.oidc.provider.client.certificate.private.key.password:#{null}}") + private char[] oidcProviderClientCertificatePrivateKeyPassword; + + @Documentation(description = "OIDC provider client_id, must be specified if *DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW* is enabled") + @Value("${dev.dsf.server.auth.oidc.client.id:#{null}}") + private String oidcClientId; + + @Documentation(description = "OIDC provider client_secret, must be specified if *DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW* is enabled") + @Value("${dev.dsf.server.auth.oidc.client.secret:#{null}}") + private String oidcClientSecret; + + @Documentation(description = "Set to `true` to enable OIDC back-channel logout", recommendation = "Requires *DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW* to be set to `true` (enabled), *DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID* and *DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH* to be specified") + @Value("${dev.dsf.server.auth.oidc.back.channel.logout:false}") + private boolean oidcBackChannelLogoutEnabled; + + @Documentation(description = "Path called by the OIDC provide to request back-channel logout") + @Value("${dev.dsf.server.auth.oidc.back.channel.logout.path:/back-channel-logout}") + private String oidcBackChannelPath; + + // documentation in dev.dsf.fhir.spring.config.PropertiesConfig + @Value("${dev.dsf.proxy.url:#{null}}") + private String proxyUrl; + + // documentation in dev.dsf.fhir.spring.config.PropertiesConfig + @Value("${dev.dsf.proxy.username:#{null}}") + private String proxyUsername; + + // documentation in dev.dsf.fhir.spring.config.PropertiesConfig + @Value("${dev.dsf.proxy.password:#{null}}") + private char[] proxyPassword; + + // documentation in dev.dsf.fhir.spring.config.PropertiesConfig + @Value("#{'${dev.dsf.proxy.noProxy:}'.trim().split('(,[ ]?)|(\\\\n)')}") + private List<String> proxyNoProxy; + + protected abstract Function<Server, Connector> apiConnector(); + + protected abstract String mavenServerModuleName(); + + protected abstract List<Class<? extends ServletContainerInitializer>> servletContainerInitializers(); + + protected final Function<Server, Connector> httpApiConnector() + { + return JettyServer.httpConnector(apiHost, apiPort, clientCertificateHeaderName); + } + + protected final Function<Server, Connector> httpsApiConnector() + { + final char[] keyStorePassword = UUID.randomUUID().toString().toCharArray(); + return JettyServer.httpsConnector(apiHost, apiPort, clientCertificateTrustStore(), + serverCertificateKeyStore(keyStorePassword), keyStorePassword, + !oidcAuthorizationCodeFlowEnabled && !oidcBearerTokenEnabled); + } + + protected final Function<Server, Connector> statusConnector() + { + return JettyServer.statusConnector(statusHost, statusPort); + } + + @Bean // static in order to initialize before @Configuration classes + public static PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderConfigurer( + ConfigurableEnvironment environment) + { + new DockerSecretsPropertySourceFactory(environment).readDockerSecretsAndAddPropertiesToEnvironment(); + return new PropertySourcesPlaceholderConfigurer(); + } + + @Bean + public JettyServer jettyServer(ConfigurableEnvironment environment) + { + org.springframework.core.env.PropertySource<?> jettyProperties = environment.getPropertySources() + .get("URL [file:conf/jetty.properties]"); + Map<String, String> initParameters = jettyProperties == null ? Collections.emptyMap() + : ((Properties) jettyProperties.getSource()).entrySet().stream().collect( + Collectors.toMap(e -> Objects.toString(e.getKey()), e -> Objects.toString(e.getValue()))); + + return new JettyServer(apiConnector(), statusConnector(), mavenServerModuleName(), contextPath, + servletContainerInitializers(), initParameters, clientCertificateTrustStore(), + this::configureSecurityHandler); + } + + private KeyStore serverCertificateKeyStore(char[] keyStorePassword) + { + try + { + Path serverCertificatePath = checkFile(serverCertificateFile, "Server certificate file"); + Path serverCertificateChainPath = checkOptionalFile(serverCertificateChainFile, + "Server certificate chain file"); + Path serverCertificateKeyPath = checkFile(serverCertificateKeyFile, "Server certificate key file"); + + return readKeyStore(serverCertificatePath, serverCertificateChainPath, serverCertificateKeyPath, + serverCertificateKeyFilePassword, keyStorePassword); + } + catch (CertificateException | KeyStoreException | NoSuchAlgorithmException | IOException | PKCSException e) + { + throw new RuntimeException(e); + } + } + + private KeyStore readKeyStore(Path certificatePath, Path certificateChainPath, Path keyPath, char[] keyPassword, + char[] keyStorePassword) + throws IOException, PKCSException, CertificateException, KeyStoreException, NoSuchAlgorithmException + { + PrivateKey privateKey = PemIo.readPrivateKeyFromPem(keyPath, keyPassword); + X509Certificate certificate = PemIo.readX509CertificateFromPem(certificatePath); + + List<Certificate> certificateChain = new ArrayList<>(); + certificateChain.add(certificate); + + if (certificateChainPath != null) + { + try (InputStream chainStream = Files.newInputStream(certificateChainPath)) + { + CertificateFactory certificateFactory = CertificateFactory.getInstance("X509"); + certificateChain.addAll(certificateFactory.generateCertificates(chainStream)); + } + } + + return CertificateHelper.toJksKeyStore(privateKey, certificateChain.toArray(Certificate[]::new), + UUID.randomUUID().toString(), keyStorePassword); + } + + private KeyStore clientCertificateTrustStore() + { + try + { + Path clientCertificateTrustStorePath = checkFile(clientCertificateTrustStoreFile, + "Client certificate trust store file"); + + return CertificateReader.allFromCer(clientCertificateTrustStorePath); + } + catch (NoSuchAlgorithmException | CertificateException | KeyStoreException | IOException e) + { + throw new RuntimeException(e); + } + } + + private Path checkFile(String file, String fileDescription) throws IOException + { + if (file == null || file.isBlank()) + throw new RuntimeException(fileDescription + " not defined"); + + Path path = Paths.get(file); + + if (!Files.isReadable(path)) + throw new IOException(fileDescription + " '" + path.toAbsolutePath().toString() + "' not readable"); + + return path; + } + + private Path checkOptionalFile(String file, String fileDescription) throws IOException + { + if (file == null || file.isBlank()) + return null; + else + { + Path path = Paths.get(file); + + if (!Files.isReadable(path)) + throw new IOException(fileDescription + " '" + path.toAbsolutePath().toString() + "' not readable"); + + return path; + } + } + + private void configureSecurityHandler(WebAppContext webAppContext) + { + SessionHandler sessionHandler = webAppContext.getSessionHandler(); + DsfLoginService dsfLoginService = new DsfLoginService(webAppContext); + + DsfOpenIdConfiguration openIdConfiguration = null; + OpenIdAuthenticator openIdAuthenticator = null; + DsfOpenIdLoginService openIdLoginService = null; + BearerTokenAuthenticator bearerTokenAuthenticator = null; + BackChannelLogoutAuthenticator backChannelLogoutAuthenticator = null; + + if (oidcAuthorizationCodeFlowEnabled || oidcBearerTokenEnabled || oidcBackChannelLogoutEnabled) + { + openIdConfiguration = new DsfOpenIdConfiguration(oidcProviderRealmBaseUrl, oidcClientId, oidcClientSecret, + createOidcClient(), oidcBackChannelLogoutEnabled, oidcBearerTokenEnabled); + + if (oidcAuthorizationCodeFlowEnabled) + { + if (oidcProviderRealmBaseUrl == null) + throw propertyNotDefined("dev.dsf.server.auth.oidc.provider.realm.base.url").get(); + else if (oidcClientId == null) + throw propertyNotDefined("dev.dsf.server.auth.oidc.client.id").get(); + else if (oidcClientSecret == null) + throw propertyNotDefined("dev.dsf.server.auth.oidc.client.secret").get(); + else + { + openIdAuthenticator = new OpenIdAuthenticator(openIdConfiguration); + logger.info("OIDC authorization code flow enabled"); + } + } + + if (oidcBearerTokenEnabled) + { + if (oidcProviderRealmBaseUrl == null) + throw propertyNotDefined("dev.dsf.server.auth.oidc.provider.realm.base.url").get(); + else + { + bearerTokenAuthenticator = new BearerTokenAuthenticator(openIdConfiguration); + logger.info("OIDC bearer token enabled"); + } + } + + if (oidcBackChannelLogoutEnabled) + { + if (!oidcAuthorizationCodeFlowEnabled) + throw propertyNotDefinedTrue("dev.dsf.server.auth.oidc.authorization.code.flow").get(); + else if (oidcClientId == null) + throw propertyNotDefined("dev.dsf.server.auth.oidc.client.id").get(); + else if (oidcBackChannelPath == null) + throw propertyNotDefined("dev.dsf.server.auth.oidc.back.channel.logout.path").get(); + else + { + backChannelLogoutAuthenticator = new BackChannelLogoutAuthenticator(openIdConfiguration, + oidcBackChannelPath); + logger.info("OIDC back-channel logout enabled"); + } + } + + openIdLoginService = new DsfOpenIdLoginService(openIdConfiguration, dsfLoginService); + } + + StatusPortAuthenticator statusPortAuthenticator = new StatusPortAuthenticator(statusPort); + ClientCertificateAuthenticator clientCertificateAuthenticator = new ClientCertificateAuthenticator( + clientCertificateTrustStore()); + DelegatingAuthenticator delegatingAuthenticator = new DelegatingAuthenticator(sessionHandler, + statusPortAuthenticator, clientCertificateAuthenticator, bearerTokenAuthenticator, openIdAuthenticator, + openIdLoginService, backChannelLogoutAuthenticator); + + SecurityHandler securityHandler = new DsfSecurityHandler(dsfLoginService, delegatingAuthenticator, + openIdConfiguration); + securityHandler.setSessionRenewedOnAuthentication(true); + + webAppContext.setSecurityHandler(securityHandler); + + sessionHandler.addEventListener(backChannelLogoutAuthenticator); + } + + private Supplier<RuntimeException> propertyNotDefined(String propertyName) + { + return () -> new RuntimeException("Property " + propertyName + " not defined (environment variable " + + propertyToEnvironmentVariableName(propertyName) + ")"); + } + + private Supplier<RuntimeException> propertyNotDefinedTrue(String propertyName) + { + return () -> new RuntimeException("Property " + propertyName + " not defined as 'true' (environment variable " + + propertyToEnvironmentVariableName(propertyName) + ")"); + } + + private String propertyToEnvironmentVariableName(String propertyName) + { + return propertyName.toUpperCase(Locale.ENGLISH).replace('.', '_'); + } + + private Duration oidcClientIdleTimeout() + { + return oidcProviderClientIdleTimeout >= 0 ? Duration.of(oidcProviderClientIdleTimeout, ChronoUnit.MILLIS) + : null; + } + + private Duration oidcClientConnectTimeout() + { + return oidcProviderClientConnectTimeout >= 0 ? Duration.of(oidcProviderClientConnectTimeout, ChronoUnit.MILLIS) + : null; + } + + private Proxy oidcClientProxy() + { + ProxyConfig config = new ProxyConfigImpl(proxyUrl, proxyUsername, proxyPassword, proxyNoProxy); + if (config.getUrl() != null && config.isNoProxyUrl(oidcProviderRealmBaseUrl)) + { + try + { + URL proxyUrl = new URL(config.getUrl()); + + Address address = new Address(proxyUrl.getHost(), + proxyUrl.getPort() < 0 ? proxyUrl.getDefaultPort() : proxyUrl.getPort()); + return new HttpProxy(address, "https".equals(proxyUrl.getProtocol())); + } + catch (MalformedURLException e) + { + throw new RuntimeException(e); + } + } + else + return null; + } + + private HttpClient createOidcClient() + { + char[] oidcClientKeyStorePassword = UUID.randomUUID().toString().toCharArray(); + KeyStore oidcProviderClientKeyStore = oidcProviderClientKeyStore(oidcClientKeyStorePassword); + + SslContextFactory.Client sslContextFactory = new SslContextFactory.Client(false); + if (oidcProviderClientTrustStore() != null) + sslContextFactory.setTrustStore(oidcProviderClientTrustStore()); + if (oidcProviderClientKeyStore != null) + { + sslContextFactory.setKeyStore(oidcProviderClientKeyStore); + sslContextFactory.setKeyStorePassword(String.valueOf(oidcClientKeyStorePassword)); + } + + ClientConnector connector = new ClientConnector(); + connector.setSslContextFactory(sslContextFactory); + if (oidcClientIdleTimeout() != null) + connector.setIdleTimeout(oidcClientIdleTimeout()); + if (oidcClientConnectTimeout() != null) + connector.setConnectTimeout(oidcClientConnectTimeout()); + + HttpClient httpClient = new HttpClientWithGetRetry(new HttpClientTransportOverHTTP(connector), 5); + if (oidcClientProxy() != null) + httpClient.getProxyConfiguration().addProxy(oidcClientProxy()); + + return httpClient; + } + + private KeyStore oidcProviderClientTrustStore() + { + try + { + Path clientCertificateTrustStorePath = checkOptionalFile(oidcProviderClientTrustCertificatesFile, + "OIDC provider client certificate trust store file"); + + return clientCertificateTrustStorePath == null ? null + : CertificateReader.allFromCer(clientCertificateTrustStorePath); + } + catch (NoSuchAlgorithmException | CertificateException | KeyStoreException | IOException e) + { + throw new RuntimeException(e); + } + } + + private KeyStore oidcProviderClientKeyStore(char[] keyStorePassword) + { + try + { + Path certificatePath = checkOptionalFile(oidcProviderClientCertificateFile, + "OIDC provider client certificate file"); + Path privateKeyPath = checkOptionalFile(oidcProviderClientCertificatePrivateKeyFile, + "OIDC provider client certificate key file"); + + if (certificatePath == null && privateKeyPath != null) + throw new IOException( + "OIDC provider client certificate key file defined but OIDC provider client certificate file not defined"); + else if (certificatePath != null && privateKeyPath == null) + throw new IOException( + "OIDC provider client certificate file defined but OIDC provider client certificate key file not defined"); + else if (certificatePath != null && privateKeyPath != null) + { + X509Certificate certificate = PemIo.readX509CertificateFromPem(certificatePath); + PrivateKey privateKey = PemIo.readPrivateKeyFromPem(provider, privateKeyPath, + oidcProviderClientCertificatePrivateKeyPassword); + + String subjectCommonName = CertificateHelper.getSubjectCommonName(certificate); + return CertificateHelper.toJksKeyStore(privateKey, new Certificate[] { certificate }, subjectCommonName, + keyStorePassword); + } + else + return null; + } + catch (CertificateException | KeyStoreException | NoSuchAlgorithmException | IOException | PKCSException e) + { + throw new RuntimeException(e); + } + } +} diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/AbstractJettyConfig.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/AbstractJettyConfig.java deleted file mode 100644 index 2a8372662..000000000 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/AbstractJettyConfig.java +++ /dev/null @@ -1,297 +0,0 @@ -package dev.dsf.common.jetty; - -import java.io.IOException; -import java.io.InputStream; -import java.net.URL; -import java.nio.file.Files; -import java.nio.file.Path; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.NoSuchAlgorithmException; -import java.security.PrivateKey; -import java.security.cert.Certificate; -import java.security.cert.CertificateException; -import java.security.cert.CertificateFactory; -import java.security.cert.X509Certificate; -import java.util.ArrayList; -import java.util.Arrays; -import java.util.HashMap; -import java.util.List; -import java.util.Map; -import java.util.Optional; -import java.util.UUID; -import java.util.function.BiFunction; - -import org.bouncycastle.pkcs.PKCSException; -import org.eclipse.jetty.http.HttpVersion; -import org.eclipse.jetty.server.Connector; -import org.eclipse.jetty.server.ForwardedRequestCustomizer; -import org.eclipse.jetty.server.HttpConfiguration; -import org.eclipse.jetty.server.HttpConfiguration.Customizer; -import org.eclipse.jetty.server.HttpConnectionFactory; -import org.eclipse.jetty.server.SecureRequestCustomizer; -import org.eclipse.jetty.server.Server; -import org.eclipse.jetty.server.ServerConnector; -import org.eclipse.jetty.server.SslConnectionFactory; -import org.eclipse.jetty.util.resource.Resource; -import org.eclipse.jetty.util.ssl.SslContextFactory; -import org.slf4j.Logger; -import org.slf4j.LoggerFactory; - -import de.rwh.utils.crypto.CertificateHelper; -import de.rwh.utils.crypto.io.CertificateReader; -import de.rwh.utils.crypto.io.PemIo; - -public abstract class AbstractJettyConfig implements JettyConfig -{ - private static final Logger logger = LoggerFactory.getLogger(AbstractJettyConfig.class); - - private final BiFunction<JettyConfig, Server, Connector> connectorFactory; - - public AbstractJettyConfig(BiFunction<JettyConfig, Server, Connector> connectorFactory) - { - this.connectorFactory = connectorFactory; - } - - public BiFunction<JettyConfig, Server, Connector> getConnectorFactory() - { - return connectorFactory; - } - - @Override - public final Connector createStatusConnector(Server server) - { - ServerConnector connector = new ServerConnector(server, httpConnectionFactory()); - connector.setHost(getStatusHost().orElseThrow(JettyConfig.propertyNotDefined(PROPERTY_JETTY_STATUS_HOST))); - connector.setPort(getStatusPort().orElseThrow(JettyConfig.propertyNotDefined(PROPERTY_JETTY_STATUS_PORT))); - - return connector; - } - - @Override - public Map<String, String> getAllProperties() - { - Map<String, String> properties = new HashMap<>(); - properties.put(PROPERTY_JETTY_HOST, getHost().orElse(null)); - properties.put(PROPERTY_JETTY_PORT, getPort().map(String::valueOf).orElse(null)); - properties.put(PROPERTY_JETTY_CONTEXT_PATH, getContextPath().orElse(null)); - properties.put(PROPERTY_JETTY_STATUS_HOST, getStatusHost().orElse(null)); - properties.put(PROPERTY_JETTY_STATUS_PORT, getStatusPort().map(String::valueOf).orElse(null)); - - properties.put(PROPERTY_JETTY_SERVER_CERTIFICATE, getServerCertificatePath().map(Path::toString).orElse(null)); - properties.put(PROPERTY_JETTY_SERVER_CERTIFICATE_CHAIN, - getServerCertificateChainPath().map(Path::toString).orElse(null)); - properties.put(PROPERTY_JETTY_SERVER_CERTIFICATE_PRIVATE_KEY, - getServerCertificatePrivateKeyPath().map(Path::toString).orElse(null)); - properties.put(PROPERTY_JETTY_SERVER_CERTIFICATE_PRIVATE_KEY_PASSWORD, - getServerCertificatePrivateKeyPassword().map(String::valueOf).orElse(null)); - - properties.put(PROPERTY_JETTY_AUTH_CLIENT_TRUST_CERTIFICATES, - getClientTrustCertificatesPath().map(Path::toString).orElse(null)); - properties.put(PROPERTY_JETTY_AUTH_CLIENT_CERTIFICATE_HEADER_NAME, - getClientCertificateHeaderName().orElse(null)); - - properties.put(PROPERTY_JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW, - String.valueOf(getOidcAuthorizationCodeFlowEndabled())); - properties.put(PROPERTY_JETTY_AUTH_OIDC_BEARER_TOKEN, String.valueOf(getOidcBearerTokenEnabled())); - - properties.put(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_BASE_URL, getOidcProviderBaseUrl().orElse(null)); - properties.put(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CONNECT_TIMEOUT, - getOidcProviderClientConnectTimeout().map(String::valueOf).orElse(null)); - properties.put(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_IDLE_TIMEOUT, - getOidcProviderClientIdleTimeout().map(String::valueOf).orElse(null)); - properties.put(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES, - getOidcProviderClientTrustCertificatesPath().map(Path::toString).orElse(null)); - properties.put(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE, - getOidcProviderClientCertificatePath().map(Path::toString).orElse(null)); - properties.put(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY, - getOidcProviderClientCertificatePrivateKeyPath().map(Path::toString).orElse(null)); - properties.put(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD, - getOidcProviderClientCertificatePrivateKeyPassword().map(String::valueOf).orElse(null)); - properties.put(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_PROXY_URL, - getOidcProviderClientProxyUrl().map(URL::toString).orElse(null)); - - properties.put(PROPERTY_JETTY_AUTH_OIDC_CLIENT_ID, getOidcClientId().orElse(null)); - properties.put(PROPERTY_JETTY_AUTH_OIDC_CLIENT_SECRET, getOidcClientSecret().orElse(null)); - - properties.put(PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT, String.valueOf(getOidcBackChannelLogoutEnabled())); - properties.put(PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH, getOidcBackChannelPath().orElse(null)); - - properties.put(PROPERTY_JETTY_LOG4J_CONFIG, getLog4JConfigPath().map(Path::toString).orElse(null)); - return properties; - } - - public static final BiFunction<JettyConfig, Server, Connector> httpConnector() - { - return (config, server) -> - { - ServerConnector connector = new ServerConnector(server, httpConnectionFactory( - new ForwardedRequestCustomizer(), - new ForwardedSecureRequestCustomizer(config.getClientCertificateHeaderName().orElseThrow( - JettyConfig.propertyNotDefined(PROPERTY_JETTY_AUTH_CLIENT_CERTIFICATE_HEADER_NAME))))); - connector.setHost(config.getHost().orElseThrow(JettyConfig.propertyNotDefined(PROPERTY_JETTY_HOST))); - connector.setPort(config.getPort().orElseThrow(JettyConfig.propertyNotDefined(PROPERTY_JETTY_PORT))); - - return connector; - }; - } - - private static HttpConnectionFactory httpConnectionFactory(Customizer... customizers) - { - HttpConfiguration httpConfiguration = new HttpConfiguration(); - httpConfiguration.setSendServerVersion(false); - httpConfiguration.setSendXPoweredBy(false); - httpConfiguration.setSendDateHeader(false); - - Arrays.stream(customizers).forEach(httpConfiguration::addCustomizer); - - return new HttpConnectionFactory(httpConfiguration); - } - - public static final BiFunction<JettyConfig, Server, Connector> httpsConnector() - { - char[] keyStorePassword = UUID.randomUUID().toString().toCharArray(); - - return (config, server) -> - { - ServerConnector connector = new ServerConnector(server, - sslConnectionFactory( - config.getClientTrustStore().orElseThrow( - JettyConfig.propertyNotDefined(PROPERTY_JETTY_AUTH_CLIENT_TRUST_CERTIFICATES)), - config.getServerKeyStore(keyStorePassword) - .orElseThrow(JettyConfig.propertiesNotDefined(PROPERTY_JETTY_SERVER_CERTIFICATE, - PROPERTY_JETTY_SERVER_CERTIFICATE_PRIVATE_KEY)), - keyStorePassword, config.getOidcConfig() == null), - httpConnectionFactory(new SecureRequestCustomizer())); - connector.setHost(config.getHost().orElseThrow(JettyConfig.propertyNotDefined(PROPERTY_JETTY_HOST))); - connector.setPort(config.getPort().orElseThrow(JettyConfig.propertyNotDefined(PROPERTY_JETTY_PORT))); - - return connector; - }; - } - - private static SslConnectionFactory sslConnectionFactory(KeyStore trustStore, KeyStore keyStore, - char[] keyStorePassword, boolean needClientAuth) - { - logCertificateConfig(trustStore, keyStore); - - SslContextFactory.Server sslContextFactory = new SslContextFactory.Server() - { - @Override - protected KeyStore loadTrustStore(Resource resource) throws Exception - { - return getTrustStore(); - } - }; - - sslContextFactory.setKeyStore(keyStore); - sslContextFactory.setKeyStorePassword(String.valueOf(keyStorePassword)); - - sslContextFactory.setTrustStore(trustStore); - if (needClientAuth) - sslContextFactory.setNeedClientAuth(true); - else - sslContextFactory.setWantClientAuth(true); - - return new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()); - } - - private KeyStore readTrustStore(Path trustStorePath) - { - try - { - return CertificateReader.allFromCer(trustStorePath); - } - catch (NoSuchAlgorithmException | CertificateException | KeyStoreException | IOException e) - { - logger.warn("Error while reading trust store from {}: {} - {}", trustStorePath.toString(), - e.getClass().getName(), e.getMessage()); - throw new RuntimeException(e); - } - } - - private KeyStore readKeyStore(Path certificatePath, Path certificateChainPath, Path keyPath, char[] keyPassword, - char[] keyStorePassword) - { - try - { - PrivateKey privateKey = PemIo.readPrivateKeyFromPem(keyPath, keyPassword); - X509Certificate certificate = PemIo.readX509CertificateFromPem(certificatePath); - - List<Certificate> certificateChain = new ArrayList<>(); - certificateChain.add(certificate); - - if (certificateChainPath != null) - { - try (InputStream chainStream = Files.newInputStream(certificateChainPath)) - { - CertificateFactory certificateFactory = CertificateFactory.getInstance("X509"); - certificateChain.addAll(certificateFactory.generateCertificates(chainStream)); - } - } - - return CertificateHelper.toJksKeyStore(privateKey, certificateChain.toArray(Certificate[]::new), - UUID.randomUUID().toString(), keyStorePassword); - } - catch (NoSuchAlgorithmException | CertificateException | KeyStoreException | IOException | PKCSException e) - { - throw new RuntimeException(e); - } - } - - @Override - public Optional<KeyStore> getClientTrustStore() - { - return getClientTrustCertificatesPath().map(this::readTrustStore); - } - - @Override - public Optional<KeyStore> getServerKeyStore(char[] keyStorePassword) - { - if (getServerCertificatePath().isEmpty() || getServerCertificatePrivateKeyPath().isEmpty()) - return Optional.empty(); - - return Optional.of(readKeyStore(getServerCertificatePath().get(), getServerCertificateChainPath().orElse(null), - getServerCertificatePrivateKeyPath().get(), getServerCertificatePrivateKeyPassword().orElse(null), - keyStorePassword)); - } - - @Override - public Optional<KeyStore> getOidcProviderClientTrustStore() - { - return getOidcProviderClientTrustCertificatesPath().map(this::readTrustStore); - } - - @Override - public Optional<KeyStore> getOidcProviderClientKeyStore(char[] keyStorePassword) - { - if (getOidcProviderClientCertificatePath().isEmpty() - || getOidcProviderClientCertificatePrivateKeyPath().isEmpty()) - return Optional.empty(); - - return Optional.of(readKeyStore(getOidcProviderClientCertificatePath().get(), - getServerCertificateChainPath().orElse(null), getOidcProviderClientCertificatePrivateKeyPath().get(), - getOidcProviderClientCertificatePrivateKeyPassword().orElse(null), keyStorePassword)); - } - - private static void logCertificateConfig(KeyStore trustStore, KeyStore keyStore) - { - if (!logger.isDebugEnabled()) - return; - - try - { - if (trustStore != null) - logger.debug("Using trust store for https connector with: {}", - CertificateHelper.listCertificateSubjectNames(trustStore)); - - if (keyStore != null) - logger.debug("Using key store for https connector with: {}", - CertificateHelper.listCertificateSubjectNames(keyStore)); - } - catch (KeyStoreException e) - { - logger.warn("Error while printing trust store / key store config", e); - } - } -} diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/EnvJettyConfig.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/EnvJettyConfig.java deleted file mode 100644 index d98150ce6..000000000 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/EnvJettyConfig.java +++ /dev/null @@ -1,285 +0,0 @@ -package dev.dsf.common.jetty; - -import java.net.MalformedURLException; -import java.net.URL; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.util.HashMap; -import java.util.Map; -import java.util.Optional; -import java.util.function.Supplier; - -public class EnvJettyConfig extends AbstractJettyConfig implements JettyConfig -{ - private final JettyConfig delegate; - - public EnvJettyConfig(JettyConfig defaultConfig) - { - super(defaultConfig.getConnectorFactory()); - - this.delegate = defaultConfig; - } - - private Optional<String> getString(String propertyName, Supplier<Optional<String>> defaultValue) - { - final String envVariableName = JettyConfig.propertyToEnvironmentVariableName(propertyName); - return Optional.ofNullable(System.getenv(envVariableName)).or(defaultValue); - } - - private Optional<char[]> getCharArray(String propertyName, Supplier<Optional<char[]>> defaultValue) - { - final String envVariableName = JettyConfig.propertyToEnvironmentVariableName(propertyName); - return Optional.ofNullable(System.getenv(envVariableName)).map(String::toCharArray).or(defaultValue); - } - - private Optional<Integer> getPort(String propertyName, Supplier<Optional<Integer>> defaultValue) - { - final String envVariableName = JettyConfig.propertyToEnvironmentVariableName(propertyName); - return getString(envVariableName, Optional::empty).map(value -> - { - try - { - int intValue = Integer.parseInt(value); - - if (intValue < 0 || intValue > 0xFFFF) - throw new RuntimeException( - "Environment variable " + envVariableName + ", value " + value + " < 0 or > " + 0xFFFF); - - return intValue; - } - catch (NumberFormatException e) - { - throw new RuntimeException( - "Environment variable " + envVariableName + ", value " + value + " not a number"); - } - }).or(defaultValue); - } - - private Optional<Long> getTimeout(String propertyName, Supplier<Optional<Long>> defaultValue) - { - final String envVariableName = JettyConfig.propertyToEnvironmentVariableName(propertyName); - return getString(envVariableName, Optional::empty).map(value -> - { - try - { - return Long.parseLong(value); - } - catch (NumberFormatException e) - { - throw new RuntimeException( - "Environment variable " + envVariableName + ", value " + value + " not a number"); - } - }).or(defaultValue); - } - - private Optional<Path> getPath(String propertyName, Supplier<Optional<Path>> defaultValue) - { - final String envVariableName = JettyConfig.propertyToEnvironmentVariableName(propertyName); - return getString(envVariableName, Optional::empty).map(value -> - { - Path pathValue = Paths.get(value); - - if (!Files.isReadable(pathValue)) - throw new RuntimeException( - "Environment variable " + envVariableName + ", value " + value + " file not readable"); - - return pathValue; - }).or(defaultValue); - } - - private Optional<URL> getUrl(String propertyName, Supplier<Optional<URL>> defaultValue) - { - final String envVariableName = JettyConfig.propertyToEnvironmentVariableName(propertyName); - return getString(envVariableName, Optional::empty).map(value -> - { - try - { - return new URL(value); - } - catch (MalformedURLException e) - { - throw new RuntimeException( - "Environment variable " + envVariableName + ", value " + value + " not a valid URL"); - } - }).or(defaultValue); - } - - private boolean getBoolean(String propertyName, Supplier<Boolean> defaultValue) - { - final String envVariableName = JettyConfig.propertyToEnvironmentVariableName(propertyName); - return getString(envVariableName, Optional::empty).map(Boolean::parseBoolean).orElseGet(defaultValue); - } - - @Override - public Optional<String> getStatusHost() - { - return getString(PROPERTY_JETTY_STATUS_HOST, delegate::getStatusHost); - } - - @Override - public Optional<Integer> getStatusPort() - { - return getPort(PROPERTY_JETTY_STATUS_PORT, delegate::getStatusPort); - } - - @Override - public Optional<String> getHost() - { - return getString(PROPERTY_JETTY_HOST, delegate::getHost); - } - - @Override - public Optional<Integer> getPort() - { - return getPort(PROPERTY_JETTY_PORT, delegate::getPort); - } - - @Override - public Optional<String> getContextPath() - { - return getString(PROPERTY_JETTY_CONTEXT_PATH, delegate::getContextPath); - } - - @Override - public Optional<Path> getServerCertificatePath() - { - return getPath(PROPERTY_JETTY_SERVER_CERTIFICATE, delegate::getServerCertificatePath); - } - - @Override - public Optional<Path> getServerCertificateChainPath() - { - return getPath(PROPERTY_JETTY_SERVER_CERTIFICATE_CHAIN, delegate::getServerCertificateChainPath); - } - - @Override - public Optional<Path> getServerCertificatePrivateKeyPath() - { - return getPath(PROPERTY_JETTY_SERVER_CERTIFICATE_PRIVATE_KEY, delegate::getServerCertificatePrivateKeyPath); - } - - @Override - public Optional<char[]> getServerCertificatePrivateKeyPassword() - { - return getCharArray(PROPERTY_JETTY_SERVER_CERTIFICATE_PRIVATE_KEY_PASSWORD, - delegate::getServerCertificatePrivateKeyPassword); - } - - @Override - public Optional<Path> getClientTrustCertificatesPath() - { - return getPath(PROPERTY_JETTY_AUTH_CLIENT_TRUST_CERTIFICATES, delegate::getClientTrustCertificatesPath); - } - - @Override - public Optional<String> getClientCertificateHeaderName() - { - return getString(PROPERTY_JETTY_AUTH_CLIENT_CERTIFICATE_HEADER_NAME, delegate::getClientCertificateHeaderName); - } - - @Override - public boolean getOidcAuthorizationCodeFlowEndabled() - { - return getBoolean(PROPERTY_JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW, - delegate::getOidcAuthorizationCodeFlowEndabled); - } - - @Override - public boolean getOidcBearerTokenEnabled() - { - return getBoolean(PROPERTY_JETTY_AUTH_OIDC_BEARER_TOKEN, delegate::getOidcBearerTokenEnabled); - } - - @Override - public Optional<String> getOidcProviderBaseUrl() - { - return getString(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_BASE_URL, delegate::getOidcProviderBaseUrl); - } - - @Override - public Optional<Long> getOidcProviderClientConnectTimeout() - { - return getTimeout(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CONNECT_TIMEOUT, - delegate::getOidcProviderClientConnectTimeout); - } - - @Override - public Optional<Long> getOidcProviderClientIdleTimeout() - { - return getTimeout(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_IDLE_TIMEOUT, - delegate::getOidcProviderClientIdleTimeout); - } - - @Override - public Optional<Path> getOidcProviderClientTrustCertificatesPath() - { - return getPath(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES, - delegate::getOidcProviderClientTrustCertificatesPath); - } - - @Override - public Optional<Path> getOidcProviderClientCertificatePath() - { - return getPath(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE, - delegate::getOidcProviderClientCertificatePath); - } - - @Override - public Optional<Path> getOidcProviderClientCertificatePrivateKeyPath() - { - return getPath(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY, - delegate::getOidcProviderClientCertificatePrivateKeyPath); - } - - @Override - public Optional<char[]> getOidcProviderClientCertificatePrivateKeyPassword() - { - return getCharArray(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD, - delegate::getOidcProviderClientCertificatePrivateKeyPassword); - } - - @Override - public Optional<URL> getOidcProviderClientProxyUrl() - { - return getUrl(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_PROXY_URL, delegate::getOidcProviderClientProxyUrl); - } - - @Override - public Optional<String> getOidcClientId() - { - return getString(PROPERTY_JETTY_AUTH_OIDC_CLIENT_ID, delegate::getOidcClientId); - } - - @Override - public Optional<String> getOidcClientSecret() - { - return getString(PROPERTY_JETTY_AUTH_OIDC_CLIENT_SECRET, delegate::getOidcClientSecret); - } - - @Override - public boolean getOidcBackChannelLogoutEnabled() - { - return getBoolean(PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT, delegate::getOidcBackChannelLogoutEnabled); - } - - @Override - public Optional<String> getOidcBackChannelPath() - { - return getString(PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH, delegate::getOidcBackChannelPath); - } - - @Override - public Optional<Path> getLog4JConfigPath() - { - return getPath(PROPERTY_JETTY_LOG4J_CONFIG, delegate::getLog4JConfigPath); - } - - @Override - public Map<String, String> getAllProperties() - { - Map<String, String> allProperties = new HashMap<>(super.getAllProperties()); - delegate.getAllProperties().forEach(allProperties::putIfAbsent); - return allProperties; - } -} diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyConfig.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyConfig.java deleted file mode 100644 index ee3166a05..000000000 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyConfig.java +++ /dev/null @@ -1,249 +0,0 @@ -package dev.dsf.common.jetty; - -import java.net.URL; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.security.KeyStore; -import java.time.Duration; -import java.time.temporal.ChronoUnit; -import java.util.Locale; -import java.util.Map; -import java.util.Optional; -import java.util.UUID; -import java.util.function.BiFunction; -import java.util.function.Supplier; - -import org.eclipse.jetty.client.HttpProxy; -import org.eclipse.jetty.client.Origin.Address; -import org.eclipse.jetty.client.ProxyConfiguration.Proxy; -import org.eclipse.jetty.server.Connector; -import org.eclipse.jetty.server.Server; - -public interface JettyConfig -{ - String JETTY_PROPERTIES_FILE = "conf/jetty.properties"; - - String PROPERTY_JETTY_HOST = "jetty.host"; - String PROPERTY_JETTY_HOST_DEFAULT = "127.0.0.1"; - String PROPERTY_JETTY_PORT = "jetty.port"; - String PROPERTY_JETTY_CONTEXT_PATH = "jetty.context.path"; - String PROPERTY_JETTY_STATUS_HOST = "jetty.status.host"; - String PROPERTY_JETTY_STATUS_HOST_DEFAULT = "127.0.0.1"; - String PROPERTY_JETTY_STATUS_PORT = "jetty.status.port"; - - String PROPERTY_JETTY_SERVER_CERTIFICATE = "jetty.server.server.certificate"; - String PROPERTY_JETTY_SERVER_CERTIFICATE_CHAIN = "jetty.server.server.certificate.chain"; - String PROPERTY_JETTY_SERVER_CERTIFICATE_PRIVATE_KEY = "jetty.server.certificate.private.key"; - String PROPERTY_JETTY_SERVER_CERTIFICATE_PRIVATE_KEY_PASSWORD = "jetty.server.certificate.private.key.password"; - - String PROPERTY_JETTY_AUTH_CLIENT_TRUST_CERTIFICATES = "jetty.auth.client.trust.certificates"; - String PROPERTY_JETTY_AUTH_CLIENT_CERTIFICATE_HEADER_NAME = "jetty.auth.client.certificate.header.name"; - String PROPERTY_JETTY_AUTH_CLIENT_CERTIFICATE_HEADER_NAME_DEFAULT = "X-ClientCert"; - - String PROPERTY_JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW = "jetty.auth.oidc.authorization.code.flow"; - String PROPERTY_JETTY_AUTH_OIDC_BEARER_TOKEN = "jetty.auth.oidc.bearer.token"; - - String PROPERTY_JETTY_AUTH_OIDC_PROVIDER_BASE_URL = "jetty.auth.oidc.provider.base.url"; - String PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CONNECT_TIMEOUT = "jetty.auth.oidc.provider.client.connectTimeout"; - String PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_IDLE_TIMEOUT = "jetty.auth.oidc.provider.client.idleTimeout"; - String PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES = "jetty.auth.oidc.provider.client.trust.certificates"; - String PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE = "jetty.auth.oidc.provider.client.certificate"; - String PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY = "jetty.auth.oidc.provider.client.certificate.private.key"; - String PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD = "jetty.auth.oidc.provider.client.certificate.private.key.password"; - String PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_PROXY_URL = "jetty.auth.oidc.provider.client.proxy_url"; - - String PROPERTY_JETTY_AUTH_OIDC_CLIENT_ID = "jetty.auth.oidc.client.id"; - String PROPERTY_JETTY_AUTH_OIDC_CLIENT_SECRET = "jetty.auth.oidc.client.secret"; - - String PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT = "jetty.auth.oidc.back.channel.logout"; - String PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH = "jetty.auth.oidc.back.channel.logout.path"; - String PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH_DEFAULT = "/back-channel-logout"; - - String PROPERTY_JETTY_LOG4J_CONFIG = "jetty.log4j.config"; - String PROPERTY_JETTY_LOG4J_CONFIG_DEFAULT = "conf/log4j2.xml"; - - static String propertyToEnvironmentVariableName(String propertyName) - { - return propertyName.toUpperCase(Locale.ENGLISH).replace('.', '_'); - } - - static Supplier<RuntimeException> propertyNotDefined(String propertyName) - { - return () -> new RuntimeException("Property " + propertyName + " not defined (environment variable " - + propertyToEnvironmentVariableName(propertyName) + ")"); - } - - static Supplier<RuntimeException> propertyNotDefinedTrue(String propertyName) - { - return () -> new RuntimeException("Property " + propertyName + " not defined as 'true' (environment variable " - + propertyToEnvironmentVariableName(propertyName) + ")"); - } - - static Supplier<RuntimeException> propertiesNotDefined(String propertyName1, String propertyName2) - { - return () -> new RuntimeException("Property " + propertyName1 + " or " + propertyName2 - + " not defined (environment variables " + propertyToEnvironmentVariableName(propertyName1) + " or " - + propertyToEnvironmentVariableName(propertyName2) + ")"); - } - - default Optional<String> getStatusHost() - { - return Optional.of(PROPERTY_JETTY_STATUS_HOST_DEFAULT); - } - - Optional<Integer> getStatusPort(); - - default Optional<String> getHost() - { - return Optional.of(PROPERTY_JETTY_HOST_DEFAULT); - } - - Optional<Integer> getPort(); - - Optional<String> getContextPath(); - - - Optional<Path> getServerCertificatePath(); - - default Optional<Path> getServerCertificateChainPath() - { - return Optional.empty(); - } - - Optional<Path> getServerCertificatePrivateKeyPath(); - - Optional<char[]> getServerCertificatePrivateKeyPassword(); - - Optional<KeyStore> getServerKeyStore(char[] keyStorePassword); - - - Optional<Path> getClientTrustCertificatesPath(); - - Optional<KeyStore> getClientTrustStore(); - - default Optional<String> getClientCertificateHeaderName() - { - return Optional.of(PROPERTY_JETTY_AUTH_CLIENT_CERTIFICATE_HEADER_NAME_DEFAULT); - } - - default boolean getOidcAuthorizationCodeFlowEndabled() - { - return false; - } - - default boolean getOidcBearerTokenEnabled() - { - return false; - } - - default Optional<String> getOidcProviderBaseUrl() - { - return Optional.empty(); - } - - default Optional<Long> getOidcProviderClientConnectTimeout() - { - return Optional.empty(); - } - - default Optional<Long> getOidcProviderClientIdleTimeout() - { - return Optional.empty(); - } - - default Optional<Path> getOidcProviderClientTrustCertificatesPath() - { - return Optional.empty(); - } - - Optional<KeyStore> getOidcProviderClientTrustStore(); - - default Optional<Path> getOidcProviderClientCertificatePath() - { - return Optional.empty(); - } - - default Optional<Path> getOidcProviderClientCertificatePrivateKeyPath() - { - return Optional.empty(); - } - - default Optional<char[]> getOidcProviderClientCertificatePrivateKeyPassword() - { - return Optional.empty(); - } - - Optional<KeyStore> getOidcProviderClientKeyStore(char[] keyStorePassword); - - default Optional<URL> getOidcProviderClientProxyUrl() - { - return Optional.empty(); - } - - default Optional<Proxy> getOidcClientProxy() - { - return getOidcProviderClientProxyUrl().map(clientProxyUrl -> - { - Address address = new Address(clientProxyUrl.getHost(), - clientProxyUrl.getPort() < 0 ? clientProxyUrl.getDefaultPort() : clientProxyUrl.getPort()); - return new HttpProxy(address, "https".equals(clientProxyUrl.getProtocol())); - }); - } - - default Optional<String> getOidcClientId() - { - return Optional.empty(); - } - - default Optional<String> getOidcClientSecret() - { - return Optional.empty(); - } - - default boolean getOidcBackChannelLogoutEnabled() - { - return false; - } - - default Optional<String> getOidcBackChannelPath() - { - return Optional.of(PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH_DEFAULT); - } - - default Optional<OidcConfig> getOidcConfig() - { - if (!getOidcAuthorizationCodeFlowEndabled() && !getOidcBearerTokenEnabled() - && !getOidcBackChannelLogoutEnabled()) - return Optional.empty(); - - Duration clientIdleTimeout = getOidcProviderClientIdleTimeout() - .map(timeout -> Duration.of(timeout, ChronoUnit.MILLIS)).orElse(null); - Duration clientConnectTimeout = getOidcProviderClientConnectTimeout() - .map(timeout -> Duration.of(timeout, ChronoUnit.MILLIS)).orElse(null); - - char[] keyStorePassword = UUID.randomUUID().toString().toCharArray(); - - return Optional.of(new OidcConfig(getOidcAuthorizationCodeFlowEndabled(), getOidcBearerTokenEnabled(), - getOidcProviderBaseUrl().get(), getOidcClientId().orElse(null), getOidcClientSecret().orElse(null), - getOidcBackChannelLogoutEnabled(), getOidcBackChannelPath().orElse(null), clientIdleTimeout, - clientConnectTimeout, getOidcProviderClientTrustStore().orElse(null), - getOidcProviderClientKeyStore(keyStorePassword).orElse(null), keyStorePassword, - getOidcClientProxy().orElse(null))); - } - - default Optional<Path> getLog4JConfigPath() - { - return Optional.of(Paths.get(PROPERTY_JETTY_LOG4J_CONFIG_DEFAULT)); - } - - Map<String, String> getAllProperties(); - - Connector createStatusConnector(Server server); - - BiFunction<JettyConfig, Server, Connector> getConnectorFactory(); - - default Connector createConnector(Server server) - { - return getConnectorFactory().apply(this, server); - } -} diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyServer.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyServer.java index 1ca394296..4a53fb679 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyServer.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/JettyServer.java @@ -2,21 +2,28 @@ import java.nio.file.Paths; import java.security.KeyStore; +import java.security.KeyStoreException; import java.util.Arrays; +import java.util.List; import java.util.Locale; import java.util.Map; +import java.util.function.Consumer; +import java.util.function.Function; import java.util.stream.Collectors; import java.util.stream.Stream; import org.eclipse.jetty.annotations.AnnotationConfiguration; -import org.eclipse.jetty.client.HttpClient; -import org.eclipse.jetty.client.http.HttpClientTransportOverHTTP; -import org.eclipse.jetty.io.ClientConnector; -import org.eclipse.jetty.security.SecurityHandler; -import org.eclipse.jetty.security.openid.OpenIdAuthenticator; +import org.eclipse.jetty.http.HttpVersion; +import org.eclipse.jetty.server.Connector; +import org.eclipse.jetty.server.ForwardedRequestCustomizer; +import org.eclipse.jetty.server.HttpConfiguration; +import org.eclipse.jetty.server.HttpConfiguration.Customizer; +import org.eclipse.jetty.server.HttpConnectionFactory; +import org.eclipse.jetty.server.SecureRequestCustomizer; import org.eclipse.jetty.server.Server; +import org.eclipse.jetty.server.ServerConnector; +import org.eclipse.jetty.server.SslConnectionFactory; import org.eclipse.jetty.server.handler.ErrorHandler; -import org.eclipse.jetty.server.session.SessionHandler; import org.eclipse.jetty.util.resource.Resource; import org.eclipse.jetty.util.ssl.SslContextFactory; import org.eclipse.jetty.util.thread.QueuedThreadPool; @@ -25,152 +32,135 @@ import org.slf4j.Logger; import org.slf4j.LoggerFactory; -import dev.dsf.common.auth.BackChannelLogoutAuthenticator; -import dev.dsf.common.auth.BearerTokenAuthenticator; -import dev.dsf.common.auth.ClientCertificateAuthenticator; -import dev.dsf.common.auth.DelegatingAuthenticator; -import dev.dsf.common.auth.DsfLoginService; -import dev.dsf.common.auth.DsfOpenIdConfiguration; -import dev.dsf.common.auth.DsfOpenIdLoginService; -import dev.dsf.common.auth.DsfSecurityHandler; -import dev.dsf.common.auth.StatusPortAuthenticator; +import de.rwh.utils.crypto.CertificateHelper; import jakarta.servlet.ServletContainerInitializer; import jakarta.servlet.ServletContext; -public class JettyServer +public final class JettyServer { private static final Logger logger = LoggerFactory.getLogger(JettyServer.class); - private final Server server; - private final WebAppContext webAppContext; - - public JettyServer(String serverModule, JettyConfig config, - Stream<Class<? extends ServletContainerInitializer>> initializers) + private static HttpConnectionFactory httpConnectionFactory(Customizer... customizers) { - config = new EnvJettyConfig(config); + HttpConfiguration httpConfiguration = new HttpConfiguration(); + httpConfiguration.setSendServerVersion(false); + httpConfiguration.setSendXPoweredBy(false); + httpConfiguration.setSendDateHeader(false); - server = new Server(threadPool()); - server.addConnector(config.createConnector(server)); - server.addConnector(config.createStatusConnector(server)); + Arrays.stream(customizers).forEach(httpConfiguration::addCustomizer); - webAppContext = webAppContext(serverModule, config, initializers); - - int statusConnectorPort = config.getStatusPort() - .orElseThrow(JettyConfig.propertyNotDefined(JettyConfig.PROPERTY_JETTY_STATUS_PORT)); - KeyStore clientTrustStore = config.getClientTrustStore() - .orElseThrow(JettyConfig.propertyNotDefined(JettyConfig.PROPERTY_JETTY_AUTH_CLIENT_TRUST_CERTIFICATES)); + return new HttpConnectionFactory(httpConfiguration); + } - configureSecurityHandler(webAppContext, statusConnectorPort, clientTrustStore, - config.getOidcConfig().orElse(null)); + public static Function<Server, Connector> statusConnector(String host, int port) + { + return server -> + { + ServerConnector connector = new ServerConnector(server, httpConnectionFactory()); + connector.setHost(host); + connector.setPort(port); - server.setHandler(webAppContext); - server.setErrorHandler(statusCodeOnlyErrorHandler()); + return connector; + }; } - private void configureSecurityHandler(WebAppContext webAppContext, int statusConnectorPort, - KeyStore clientTrustStore, OidcConfig oidcConfig) + public static final Function<Server, Connector> httpConnector(String host, int port, + String clientCertificateHeaderName) { - SessionHandler sessionHandler = webAppContext.getSessionHandler(); - DsfLoginService dsfLoginService = new DsfLoginService(webAppContext); + return server -> + { + ServerConnector connector = new ServerConnector(server, + httpConnectionFactory(new ForwardedRequestCustomizer(), + new ForwardedSecureRequestCustomizer(clientCertificateHeaderName))); + connector.setHost(host); + connector.setPort(port); - DsfOpenIdConfiguration openIdConfiguration = null; - OpenIdAuthenticator openIdAuthenticator = null; - DsfOpenIdLoginService openIdLoginService = null; - BearerTokenAuthenticator bearerTokenAuthenticator = null; - BackChannelLogoutAuthenticator backChannelLogoutAuthenticator = null; + return connector; + }; + } - if (oidcConfig != null) + public static Function<Server, Connector> httpsConnector(String host, int port, + KeyStore clientCertificateTrustStore, KeyStore serverCertificateKeyStore, char[] keyStorePassword, + boolean needClientAuth) + { + return server -> { - openIdConfiguration = new DsfOpenIdConfiguration(oidcConfig.providerBaseUrl(), oidcConfig.clientId(), - oidcConfig.clientSecret(), createOidcClient(oidcConfig), oidcConfig.bckChannelLogoutEnabled(), - oidcConfig.bearerTokenEnabled()); + ServerConnector connector = new ServerConnector(server, sslConnectionFactory(clientCertificateTrustStore, + serverCertificateKeyStore, keyStorePassword, needClientAuth), + httpConnectionFactory(new SecureRequestCustomizer())); + connector.setHost(host); + connector.setPort(port); - if (oidcConfig.authorizationCodeFlowEnabled()) - { - if (oidcConfig.providerBaseUrl() == null) - throw JettyConfig.propertyNotDefined(JettyConfig.PROPERTY_JETTY_AUTH_OIDC_PROVIDER_BASE_URL).get(); - else if (oidcConfig.clientId() == null) - throw JettyConfig.propertyNotDefined(JettyConfig.PROPERTY_JETTY_AUTH_OIDC_CLIENT_ID).get(); - else if (oidcConfig.clientSecret() == null) - throw JettyConfig.propertyNotDefined(JettyConfig.PROPERTY_JETTY_AUTH_OIDC_CLIENT_SECRET).get(); - else - { - openIdAuthenticator = new OpenIdAuthenticator(openIdConfiguration); - logger.info("OIDC authorization code flow enabled"); - } - } + return connector; + }; + } - if (oidcConfig.bearerTokenEnabled()) - { - if (oidcConfig.providerBaseUrl() == null) - throw JettyConfig.propertyNotDefined(JettyConfig.PROPERTY_JETTY_AUTH_OIDC_PROVIDER_BASE_URL).get(); - else - { - bearerTokenAuthenticator = new BearerTokenAuthenticator(openIdConfiguration); - logger.info("OIDC bearer token enabled"); - } - } + private static SslConnectionFactory sslConnectionFactory(KeyStore clientCertificateTrustStore, KeyStore keyStore, + char[] keyStorePassword, boolean needClientAuth) + { + logCertificateConfig(clientCertificateTrustStore, keyStore); - if (oidcConfig.bckChannelLogoutEnabled()) + SslContextFactory.Server sslContextFactory = new SslContextFactory.Server() + { + @Override + protected KeyStore loadTrustStore(Resource resource) throws Exception { - if (!oidcConfig.authorizationCodeFlowEnabled()) - throw JettyConfig - .propertyNotDefinedTrue(JettyConfig.PROPERTY_JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW).get(); - else if (oidcConfig.clientId() == null) - throw JettyConfig.propertyNotDefined(JettyConfig.PROPERTY_JETTY_AUTH_OIDC_CLIENT_ID).get(); - else if (oidcConfig.ssoBackChannelPath() == null) - throw JettyConfig.propertyNotDefined(JettyConfig.PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH) - .get(); - else - { - backChannelLogoutAuthenticator = new BackChannelLogoutAuthenticator(openIdConfiguration, - oidcConfig.ssoBackChannelPath()); - logger.info("OIDC back-channel logout enabled"); - } + return getTrustStore(); } + }; - openIdLoginService = new DsfOpenIdLoginService(openIdConfiguration, dsfLoginService); - } - - StatusPortAuthenticator statusPortAuthenticator = new StatusPortAuthenticator(statusConnectorPort); - ClientCertificateAuthenticator clientCertificateAuthenticator = new ClientCertificateAuthenticator( - clientTrustStore); - DelegatingAuthenticator delegatingAuthenticator = new DelegatingAuthenticator(sessionHandler, - statusPortAuthenticator, clientCertificateAuthenticator, bearerTokenAuthenticator, openIdAuthenticator, - openIdLoginService, backChannelLogoutAuthenticator); - - SecurityHandler securityHandler = new DsfSecurityHandler(dsfLoginService, delegatingAuthenticator, - openIdConfiguration); - securityHandler.setSessionRenewedOnAuthentication(true); + sslContextFactory.setKeyStore(keyStore); + sslContextFactory.setKeyStorePassword(String.valueOf(keyStorePassword)); - webAppContext.setSecurityHandler(securityHandler); + sslContextFactory.setTrustStore(clientCertificateTrustStore); + if (needClientAuth) + sslContextFactory.setNeedClientAuth(true); + else + sslContextFactory.setWantClientAuth(true); - sessionHandler.addEventListener(backChannelLogoutAuthenticator); + return new SslConnectionFactory(sslContextFactory, HttpVersion.HTTP_1_1.asString()); } - private HttpClient createOidcClient(OidcConfig oidcConfig) + private static void logCertificateConfig(KeyStore trustStore, KeyStore keyStore) { - SslContextFactory.Client sslContextFactory = new SslContextFactory.Client(false); - if (oidcConfig.clientTrustStore() != null) - sslContextFactory.setTrustStore(oidcConfig.clientTrustStore()); - if (oidcConfig.clientKeyStore() != null) + if (!logger.isDebugEnabled()) + return; + + try { - sslContextFactory.setKeyStore(oidcConfig.clientKeyStore()); - sslContextFactory.setKeyStorePassword(String.valueOf(oidcConfig.clientKeyStorePassword())); + if (trustStore != null) + logger.debug("Using trust store for https connector with: {}", + CertificateHelper.listCertificateSubjectNames(trustStore)); + + if (keyStore != null) + logger.debug("Using key store for https connector with: {}", + CertificateHelper.listCertificateSubjectNames(keyStore)); } + catch (KeyStoreException e) + { + logger.warn("Error while printing trust store / key store config", e); + } + } + + private final Server server; + private final WebAppContext webAppContext; + + public JettyServer(Function<Server, Connector> apiConnector, Function<Server, Connector> statusConnector, + String mavenServerModuleName, String contextPath, + List<Class<? extends ServletContainerInitializer>> servletContainerInitializers, + Map<String, String> initParameters, KeyStore clientTrustStore, + Consumer<WebAppContext> securityHandlerConfigurer) + { + server = new Server(threadPool()); + server.addConnector(apiConnector.apply(server)); + server.addConnector(statusConnector.apply(server)); - ClientConnector connector = new ClientConnector(); - connector.setSslContextFactory(sslContextFactory); - if (oidcConfig.clientIdleTimeout() != null) - connector.setIdleTimeout(oidcConfig.clientIdleTimeout()); - if (oidcConfig.clientConnectTimeout() != null) - connector.setConnectTimeout(oidcConfig.clientConnectTimeout()); + webAppContext = webAppContext(mavenServerModuleName, contextPath, servletContainerInitializers, initParameters); - HttpClient httpClient = new HttpClientWithGetRetry(new HttpClientTransportOverHTTP(connector), 5); - if (oidcConfig.clientProxy() != null) - httpClient.getProxyConfiguration().addProxy(oidcConfig.clientProxy()); + securityHandlerConfigurer.accept(webAppContext); - return httpClient; + server.setHandler(webAppContext); + server.setErrorHandler(statusCodeOnlyErrorHandler()); } private QueuedThreadPool threadPool() @@ -180,21 +170,20 @@ private QueuedThreadPool threadPool() return threadPool; } - private WebAppContext webAppContext(String serverModule, JettyConfig config, - Stream<Class<? extends ServletContainerInitializer>> initializers) + private WebAppContext webAppContext(String serverMavenModuleName, String contextPath, + List<Class<? extends ServletContainerInitializer>> initializers, Map<String, String> initParameters) { String[] classPath = classPath(); WebAppContext context = new WebAppContext(); - config.getAllProperties().forEach(context::setInitParameter); - context.getServerClassMatcher().exclude(initializers.map(Class::getName).toArray(String[]::new)); - context.setContextPath(config.getContextPath() - .orElseThrow(JettyConfig.propertyNotDefined(JettyConfig.PROPERTY_JETTY_CONTEXT_PATH))); + initParameters.forEach(context::setInitParameter); + context.getServerClassMatcher().exclude(initializers.stream().map(Class::getName).toArray(String[]::new)); + context.setContextPath(contextPath); context.setLogUrlOnStart(true); context.setThrowUnavailableOnStartupException(true); context.setConfigurations(new Configuration[] { new AnnotationConfiguration() }); - context.getMetaData().setWebInfClassesResources(Stream.of(classPath).filter(e -> e.contains(serverModule)) - .map(Paths::get).map(Resource::newResource).toList()); + context.getMetaData().setWebInfClassesResources(Stream.of(classPath) + .filter(e -> e.contains(serverMavenModuleName)).map(Paths::get).map(Resource::newResource).toList()); context.setErrorHandler(statusCodeOnlyErrorHandler()); logger.debug("Java classpath: {}", Arrays.toString(classPath)); @@ -234,15 +223,6 @@ protected void writeErrorPage(jakarta.servlet.http.HttpServletRequest request, j public final void start() { - try - { - beforeStart(); - } - catch (Exception e) - { - throw new RuntimeException(e); - } - Runtime.getRuntime().addShutdownHook(new Thread(this::stop)); try @@ -268,10 +248,6 @@ public final void start() } } - public void beforeStart() - { - } - public final void stop() { logger.info("Stopping jetty server ..."); diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/Log4jInitializer.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/Log4jInitializer.java index c5a09c717..6eb18d878 100644 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/Log4jInitializer.java +++ b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/Log4jInitializer.java @@ -17,6 +17,9 @@ public final class Log4jInitializer { + public static final String LOG4J_CONFIG = "dev.dsf.log4j.config"; + public static final String LOG4J_CONFIG_DEFAULT = "conf/log4j2.xml"; + private Log4jInitializer() { } @@ -24,11 +27,10 @@ private Log4jInitializer() // special reader code, to make sure no logger has initialized log4j private static Path readlog4jConfigPath() { - String log4jConfig = System.getenv(JettyConfig.PROPERTY_JETTY_LOG4J_CONFIG); + String log4jConfig = System.getenv(LOG4J_CONFIG.replace(".", "_")); if (log4jConfig == null) - log4jConfig = jettyProperties().getProperty(JettyConfig.PROPERTY_JETTY_LOG4J_CONFIG, - JettyConfig.PROPERTY_JETTY_LOG4J_CONFIG_DEFAULT); + log4jConfig = jettyProperties().getProperty(LOG4J_CONFIG, LOG4J_CONFIG_DEFAULT); return Paths.get(log4jConfig); } @@ -36,7 +38,7 @@ private static Path readlog4jConfigPath() private static Properties jettyProperties() { Properties properties = new Properties(); - Path propertiesFile = Paths.get(JettyConfig.JETTY_PROPERTIES_FILE); + Path propertiesFile = Paths.get("conf/jetty.properties"); if (Files.isReadable(propertiesFile)) { try (Reader reader = new InputStreamReader(Files.newInputStream(propertiesFile), StandardCharsets.UTF_8)) diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/OidcConfig.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/OidcConfig.java deleted file mode 100644 index 78e1b1a0c..000000000 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/OidcConfig.java +++ /dev/null @@ -1,13 +0,0 @@ -package dev.dsf.common.jetty; - -import java.security.KeyStore; -import java.time.Duration; - -import org.eclipse.jetty.client.ProxyConfiguration.Proxy; - -public record OidcConfig(boolean authorizationCodeFlowEnabled, boolean bearerTokenEnabled, String providerBaseUrl, - String clientId, String clientSecret, boolean bckChannelLogoutEnabled, String ssoBackChannelPath, - Duration clientIdleTimeout, Duration clientConnectTimeout, KeyStore clientTrustStore, KeyStore clientKeyStore, - char[] clientKeyStorePassword, Proxy clientProxy) -{ -} diff --git a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/PropertyJettyConfig.java b/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/PropertyJettyConfig.java deleted file mode 100644 index ecba54600..000000000 --- a/dsf-common/dsf-common-jetty/src/main/java/dev/dsf/common/jetty/PropertyJettyConfig.java +++ /dev/null @@ -1,317 +0,0 @@ -package dev.dsf.common.jetty; - -import java.io.IOException; -import java.io.InputStreamReader; -import java.io.Reader; -import java.net.MalformedURLException; -import java.net.URL; -import java.nio.charset.StandardCharsets; -import java.nio.file.Files; -import java.nio.file.Path; -import java.nio.file.Paths; -import java.util.Optional; -import java.util.Properties; -import java.util.function.BiFunction; - -import org.eclipse.jetty.server.Connector; -import org.eclipse.jetty.server.Server; - -public final class PropertyJettyConfig extends AbstractJettyConfig implements JettyConfig -{ - public static final class PropertyJettyConfigCreator - { - private final BiFunction<JettyConfig, Server, Connector> connectorFactory; - - private PropertyJettyConfigCreator(BiFunction<JettyConfig, Server, Connector> connectorFactory) - { - this.connectorFactory = connectorFactory; - } - - public PropertyJettyConfig read() - { - Properties properties = new Properties(); - - Path propertiesFile = Paths.get(JETTY_PROPERTIES_FILE); - if (Files.isReadable(propertiesFile)) - { - try (Reader reader = new InputStreamReader(Files.newInputStream(propertiesFile), - StandardCharsets.UTF_8)) - { - properties.load(reader); - - } - catch (IOException e) - { - throw new RuntimeException(e); - } - } - - return new PropertyJettyConfig(connectorFactory, properties); - } - } - - public static PropertyJettyConfigCreator forHttp() - { - return new PropertyJettyConfigCreator(AbstractJettyConfig.httpConnector()); - } - - public static PropertyJettyConfigCreator forHttps() - { - return new PropertyJettyConfigCreator(AbstractJettyConfig.httpsConnector()); - } - - private final Properties properties; - - private PropertyJettyConfig(BiFunction<JettyConfig, Server, Connector> connectorFactory, Properties properties) - { - super(connectorFactory); - - this.properties = properties; - } - - private Optional<String> getString(String propertyName) - { - return getString(propertyName, null); - } - - private Optional<String> getString(String propertyName, String defaultValue) - { - return Optional.ofNullable(properties.getProperty(propertyName, defaultValue)); - } - - private Optional<Integer> getPort(String propertyName) - { - return getString(propertyName).map(value -> - { - try - { - int intValue = Integer.parseInt(value); - if (intValue < 0 || intValue > 0xFFFF) - throw new RuntimeException(JETTY_PROPERTIES_FILE + ": Property " + propertyName + ", value " + value - + " < 0 or > " + 0xFFFF); - else - return intValue; - } - catch (NumberFormatException e) - { - throw new RuntimeException( - JETTY_PROPERTIES_FILE + ": Property " + propertyName + ", value " + value + " not a number"); - } - }); - } - - private Optional<Long> getTimeout(String propertyName) - { - return getString(propertyName).map(value -> - { - try - { - return Long.parseLong(value); - } - catch (NumberFormatException e) - { - throw new RuntimeException( - JETTY_PROPERTIES_FILE + ": Property " + propertyName + ", value " + value + " not a number"); - } - }); - } - - private Optional<Path> getPath(String propertyName) - { - return getPath(propertyName, null); - } - - private Optional<Path> getPath(String propertyName, String defaultValue) - { - return getString(propertyName, defaultValue).map(value -> - { - Path pathValue = Paths.get(value); - - if (!Files.isReadable(pathValue)) - throw new RuntimeException(JETTY_PROPERTIES_FILE + ": Property " + propertyName + ", value " + value - + " file not readable"); - - return pathValue; - }); - } - - private Optional<URL> getUrl(String propertyName) - { - return getString(propertyName).map(value -> - { - try - { - return new URL(value); - } - catch (MalformedURLException e) - { - throw new RuntimeException( - JETTY_PROPERTIES_FILE + ": Property " + propertyName + ", value " + value + " not a valid URL"); - } - }); - } - - private boolean getBoolean(String propertyName) - { - return getString(propertyName).map(Boolean::parseBoolean).orElse(Boolean.FALSE); - } - - @Override - public Optional<String> getStatusHost() - { - return getString(PROPERTY_JETTY_STATUS_HOST, PROPERTY_JETTY_STATUS_HOST_DEFAULT); - } - - @Override - public Optional<Integer> getStatusPort() - { - return getPort(PROPERTY_JETTY_STATUS_PORT); - } - - @Override - public Optional<String> getHost() - { - return getString(PROPERTY_JETTY_HOST, PROPERTY_JETTY_HOST_DEFAULT); - } - - @Override - public Optional<Integer> getPort() - { - return getPort(PROPERTY_JETTY_PORT); - } - - @Override - public Optional<String> getContextPath() - { - return getString(PROPERTY_JETTY_CONTEXT_PATH); - } - - @Override - public Optional<Path> getServerCertificatePath() - { - return getPath(PROPERTY_JETTY_SERVER_CERTIFICATE); - } - - @Override - public Optional<Path> getServerCertificateChainPath() - { - return getPath(PROPERTY_JETTY_SERVER_CERTIFICATE_CHAIN); - } - - @Override - public Optional<Path> getServerCertificatePrivateKeyPath() - { - return getPath(PROPERTY_JETTY_SERVER_CERTIFICATE_PRIVATE_KEY); - } - - @Override - public Optional<char[]> getServerCertificatePrivateKeyPassword() - { - return getString(PROPERTY_JETTY_SERVER_CERTIFICATE_PRIVATE_KEY_PASSWORD).map(String::toCharArray); - } - - @Override - public Optional<Path> getClientTrustCertificatesPath() - { - return getPath(PROPERTY_JETTY_AUTH_CLIENT_TRUST_CERTIFICATES); - } - - @Override - public Optional<String> getClientCertificateHeaderName() - { - return getString(PROPERTY_JETTY_AUTH_CLIENT_CERTIFICATE_HEADER_NAME, - PROPERTY_JETTY_AUTH_CLIENT_CERTIFICATE_HEADER_NAME_DEFAULT); - } - - @Override - public boolean getOidcAuthorizationCodeFlowEndabled() - { - return getBoolean(PROPERTY_JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW); - } - - @Override - public boolean getOidcBearerTokenEnabled() - { - return getBoolean(PROPERTY_JETTY_AUTH_OIDC_BEARER_TOKEN); - } - - @Override - public Optional<String> getOidcProviderBaseUrl() - { - return getString(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_BASE_URL); - } - - @Override - public Optional<Long> getOidcProviderClientConnectTimeout() - { - return getTimeout(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CONNECT_TIMEOUT); - } - - @Override - public Optional<Long> getOidcProviderClientIdleTimeout() - { - return getTimeout(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_IDLE_TIMEOUT); - } - - @Override - public Optional<Path> getOidcProviderClientTrustCertificatesPath() - { - return getPath(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES); - } - - @Override - public Optional<Path> getOidcProviderClientCertificatePath() - { - return getPath(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE); - } - - @Override - public Optional<Path> getOidcProviderClientCertificatePrivateKeyPath() - { - return getPath(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY); - } - - @Override - public Optional<char[]> getOidcProviderClientCertificatePrivateKeyPassword() - { - return getString(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD) - .map(String::toCharArray); - } - - @Override - public Optional<URL> getOidcProviderClientProxyUrl() - { - return getUrl(PROPERTY_JETTY_AUTH_OIDC_PROVIDER_CLIENT_PROXY_URL); - } - - @Override - public Optional<String> getOidcClientId() - { - return getString(PROPERTY_JETTY_AUTH_OIDC_CLIENT_ID); - } - - @Override - public Optional<String> getOidcClientSecret() - { - return getString(PROPERTY_JETTY_AUTH_OIDC_CLIENT_SECRET); - } - - @Override - public boolean getOidcBackChannelLogoutEnabled() - { - return getBoolean(PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT); - } - - @Override - public Optional<String> getOidcBackChannelPath() - { - return getString(PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH, - PROPERTY_JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT_PATH_DEFAULT); - } - - @Override - public Optional<Path> getLog4JConfigPath() - { - return getPath(PROPERTY_JETTY_LOG4J_CONFIG, PROPERTY_JETTY_LOG4J_CONFIG_DEFAULT); - } -} diff --git a/dsf-common/dsf-common-status/src/main/java/dev/dsf/common/status/client/StatusClient.java b/dsf-common/dsf-common-status/src/main/java/dev/dsf/common/status/client/StatusClient.java index f63c3de2f..9e80e7a1f 100644 --- a/dsf-common/dsf-common-status/src/main/java/dev/dsf/common/status/client/StatusClient.java +++ b/dsf-common/dsf-common-status/src/main/java/dev/dsf/common/status/client/StatusClient.java @@ -11,8 +11,8 @@ public class StatusClient { public static void main(String[] args) { - String statusPort = System.getenv("JETTY_STATUS_PORT"); - String contextPath = System.getenv("JETTY_CONTEXT_PATH"); + String statusPort = System.getenv("DEV_DSF_SERVER_STATUS_PORT"); + String contextPath = System.getenv("DEV_DSF_SERVER_CONTEXT_PATH"); if (statusPort == null) statusPort = "10000"; diff --git a/dsf-common/pom.xml b/dsf-common/pom.xml index 135d45dc8..f4c1e0d28 100644 --- a/dsf-common/pom.xml +++ b/dsf-common/pom.xml @@ -64,6 +64,12 @@ <artifactId>dsf-common-status</artifactId> <version>${project.version}</version> </dependency> + + <dependency> + <groupId>${project.groupId}</groupId> + <artifactId>dsf-tools-docker-secrets-reader</artifactId> + <version>${project.version}</version> + </dependency> </dependencies> </dependencyManagement> </project> \ No newline at end of file diff --git a/dsf-docker-test-setup-3dic-ttp/docker-compose.yml b/dsf-docker-test-setup-3dic-ttp/docker-compose.yml index af5edb805..f33aafe30 100644 --- a/dsf-docker-test-setup-3dic-ttp/docker-compose.yml +++ b/dsf-docker-test-setup-3dic-ttp/docker-compose.yml @@ -130,7 +130,7 @@ services: DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password DEV_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_dic1_fhir_user.password DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_dic1_fhir_user_permanent_delete.password - DEV_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic1_client_certificate.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic1_client_certificate_private_key.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_dic1_client_certificate_private_key.pem.password @@ -156,14 +156,14 @@ services: - PERMANENT_DELETE practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN - JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem - JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' - JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' - JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' - JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/dic1 - JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - JETTY_AUTH_OIDC_CLIENT_ID: dic1-fhir - JETTY_AUTH_OIDC_CLIENT_SECRET: mF0GEtjFoyWIM3in4VCwifGI3azb4DTn + DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak:8443/realms/dic1 + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dic1-fhir + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: mF0GEtjFoyWIM3in4VCwifGI3azb4DTn networks: dic1-fhir-frontend: ipv4_address: 172.20.0.3 @@ -198,7 +198,7 @@ services: DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password DEV_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_dic2_fhir_user.password DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_dic2_fhir_user_permanent_delete.password - DEV_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic2_client_certificate.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic2_client_certificate_private_key.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_dic2_client_certificate_private_key.pem.password @@ -224,14 +224,14 @@ services: - PERMANENT_DELETE practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN - JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem - JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' - JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' - JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' - JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/dic2 - JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - JETTY_AUTH_OIDC_CLIENT_ID: dic2-fhir - JETTY_AUTH_OIDC_CLIENT_SECRET: P7XhxzBixIf9vPdprItkbOXZwtSX2JNt + DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak:8443/realms/dic2 + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dic2-fhir + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: P7XhxzBixIf9vPdprItkbOXZwtSX2JNt networks: dic2-fhir-frontend: ipv4_address: 172.20.0.11 @@ -266,7 +266,7 @@ services: DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password DEV_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_dic3_fhir_user.password DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_dic3_fhir_user_permanent_delete.password - DEV_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic3_client_certificate.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic3_client_certificate_private_key.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_dic3_client_certificate_private_key.pem.password @@ -292,14 +292,14 @@ services: - PERMANENT_DELETE practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN - JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem - JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' - JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' - JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' - JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/dic3 - JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - JETTY_AUTH_OIDC_CLIENT_ID: dic3-fhir - JETTY_AUTH_OIDC_CLIENT_SECRET: 9i9WRfIedG7N3QoL5WuGM8hCoySblAhK + DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak:8443/realms/dic3 + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dic3-fhir + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: 9i9WRfIedG7N3QoL5WuGM8hCoySblAhK networks: dic3-fhir-frontend: ipv4_address: 172.20.0.19 @@ -338,7 +338,7 @@ services: DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password DEV_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_ttp_fhir_user.password DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_ttp_fhir_user_permanent_delete.password - DEV_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_ttp_client_certificate.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_ttp_client_certificate_private_key.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_ttp_client_certificate_private_key.pem.password @@ -367,14 +367,14 @@ services: - PERMANENT_DELETE practitioner-role: - http://dsf.dev/fhir/CodeSystem/practitioner-role|DSF_ADMIN - JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem - JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' - JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' - JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' - JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/ttp - JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - JETTY_AUTH_OIDC_CLIENT_ID: ttp-fhir - JETTY_AUTH_OIDC_CLIENT_SECRET: SquCQFwjUFqIpU8xQj9pFg79fFxlu2Eu + DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak:8443/realms/ttp + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: ttp-fhir + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: SquCQFwjUFqIpU8xQj9pFg79fFxlu2Eu networks: ttp-fhir-frontend: ipv4_address: 172.20.0.27 @@ -413,7 +413,7 @@ services: DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_dic1_bpe_user.password DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_dic1_bpe_user_camunda.password - DEV_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic1_client_certificate.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic1_client_certificate_private_key.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_dic1_client_certificate_private_key.pem.password @@ -434,14 +434,14 @@ services: #DEV_DSF_BPE_PROCESS_EXCLUDED: # default no excluded processes # property dev.dsf.bpe.allow.list.organization should only be set for testing, do not configure property in production, potential security risk DEV_DSF_BPE_ALLOW_LIST_ORGANIZATION: Test_TTP - JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem - JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' - JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' - JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' - JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/dic1 - JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - JETTY_AUTH_OIDC_CLIENT_ID: dic1-bpe - JETTY_AUTH_OIDC_CLIENT_SECRET: ytqFCErw9GfhVUrrM8xc0Grbu4r7qGig + DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak:8443/realms/dic1 + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dic1-bpe + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: ytqFCErw9GfhVUrrM8xc0Grbu4r7qGig networks: dic1-bpe-frontend: ipv4_address: 172.20.0.35 @@ -480,7 +480,7 @@ services: DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_dic2_bpe_user.password DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_dic2_bpe_user_camunda.password - DEV_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic2_client_certificate.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic2_client_certificate_private_key.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_dic2_client_certificate_private_key.pem.password @@ -501,14 +501,14 @@ services: #DEV_DSF_BPE_PROCESS_EXCLUDED: # default no excluded processes # property dev.dsf.bpe.allow.list.organization should only be set for testing, do not configure property in production, potential security risk DEV_DSF_BPE_ALLOW_LIST_ORGANIZATION: Test_TTP - JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem - JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' - JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' - JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' - JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/dic2 - JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - JETTY_AUTH_OIDC_CLIENT_ID: dic2-bpe - JETTY_AUTH_OIDC_CLIENT_SECRET: 5GtUIUfoXnQVcsRfd0Hg4EGv14iAknGq + DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak:8443/realms/dic2 + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dic2-bpe + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: 5GtUIUfoXnQVcsRfd0Hg4EGv14iAknGq networks: dic2-bpe-frontend: ipv4_address: 172.20.0.43 @@ -547,7 +547,7 @@ services: DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_dic3_bpe_user.password DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_dic3_bpe_user_camunda.password - DEV_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_dic3_client_certificate.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_dic3_client_certificate_private_key.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_dic3_client_certificate_private_key.pem.password @@ -568,14 +568,14 @@ services: #DEV_DSF_BPE_PROCESS_EXCLUDED: # default no excluded processes # property dev.dsf.bpe.allow.list.organization should only be set for testing, do not configure property in production, potential security risk DEV_DSF_BPE_ALLOW_LIST_ORGANIZATION: Test_TTP - JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem - JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' - JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' - JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' - JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/dic3 - JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - JETTY_AUTH_OIDC_CLIENT_ID: dic3-bpe - JETTY_AUTH_OIDC_CLIENT_SECRET: VGTQD3WWH4uGUMz408NWNzcHF1MsfV0l + DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak:8443/realms/dic3 + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: dic3-bpe + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: VGTQD3WWH4uGUMz408NWNzcHF1MsfV0l networks: dic3-bpe-frontend: ipv4_address: 172.20.0.51 @@ -615,7 +615,7 @@ services: DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_ttp_bpe_user.password DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_ttp_bpe_user_camunda.password - DEV_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_ttp_client_certificate.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_ttp_client_certificate_private_key.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_ttp_client_certificate_private_key.pem.password @@ -637,14 +637,14 @@ services: #DEV_DSF_BPE_PROCESS_EXCLUDED: # default no excluded processes # property dev.dsf.bpe.allow.list.organization should only be set for testing, do not configure property in production, potential security risk DEV_DSF_BPE_ALLOW_LIST_ORGANIZATION: Test_TTP - JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem - JETTY_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' - JETTY_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' - JETTY_AUTH_OIDC_BEARER_TOKEN: 'true' - JETTY_AUTH_OIDC_PROVIDER_BASE_URL: https://keycloak:8443/realms/ttp - JETTY_AUTH_OIDC_PROVIDER_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem - JETTY_AUTH_OIDC_CLIENT_ID: ttp-bpe - JETTY_AUTH_OIDC_CLIENT_SECRET: dTB3Etd2lZ6cn6mK6YbUMvk3A5FmiOoA + DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_AUTHORIZATION_CODE_FLOW: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BACK_CHANNEL_LOGOUT: 'true' + DEV_DSF_SERVER_AUTH_OIDC_BEARER_TOKEN: 'true' + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_REALM_BASE_URL: https://keycloak:8443/realms/ttp + DEV_DSF_SERVER_AUTH_OIDC_PROVIDER_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_ID: ttp-bpe + DEV_DSF_SERVER_AUTH_OIDC_CLIENT_SECRET: dTB3Etd2lZ6cn6mK6YbUMvk3A5FmiOoA networks: ttp-bpe-frontend: ipv4_address: 172.20.0.59 diff --git a/dsf-docker-test-setup/bpe/docker-compose.yml b/dsf-docker-test-setup/bpe/docker-compose.yml index 6aa663648..2f0bc1f17 100755 --- a/dsf-docker-test-setup/bpe/docker-compose.yml +++ b/dsf-docker-test-setup/bpe/docker-compose.yml @@ -28,14 +28,14 @@ services: DEV_DSF_BPE_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password DEV_DSF_BPE_DB_USER_PASSWORD_FILE: /run/secrets/db_user.password DEV_DSF_BPE_DB_USER_CAMUNDA_PASSWORD_FILE: /run/secrets/db_user_camunda.password - DEV_DSF_BPE_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_BPE_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_client_certificate.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_client_certificate_private_key.pem DEV_DSF_BPE_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password DEV_DSF_BPE_DB_URL: jdbc:postgresql://db/bpe DEV_DSF_BPE_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_Organization DEV_DSF_BPE_FHIR_SERVER_BASE_URL: https://fhir/fhir - JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem + DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem networks: backend: ipv4_address: 172.28.3.130 diff --git a/dsf-docker-test-setup/fhir/docker-compose.yml b/dsf-docker-test-setup/fhir/docker-compose.yml index 341ad537f..62992c61b 100755 --- a/dsf-docker-test-setup/fhir/docker-compose.yml +++ b/dsf-docker-test-setup/fhir/docker-compose.yml @@ -30,8 +30,8 @@ services: app: image: datasharingframework/fhir restart: "no" -# ports: -# - 127.0.0.1:5001:5001 + ports: + - 127.0.0.1:5001:5001 secrets: - db_liquibase.password - db_user.password @@ -55,13 +55,12 @@ services: DEV_DSF_FHIR_DB_LIQUIBASE_PASSWORD_FILE: /run/secrets/db_liquibase.password DEV_DSF_FHIR_DB_USER_PASSWORD_FILE: /run/secrets/db_user.password DEV_DSF_FHIR_DB_USER_PERMANENT_DELETE_PASSWORD_FILE: /run/secrets/db_user_permanent_delete.password - DEV_DSF_FHIR_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_server_trust_certificates.pem + DEV_DSF_FHIR_CLIENT_TRUST_SERVER_CERTIFICATE_CAS: /run/secrets/app_server_trust_certificates.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE: /run/secrets/app_client_certificate.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY: /run/secrets/app_client_certificate_private_key.pem DEV_DSF_FHIR_CLIENT_CERTIFICATE_PRIVATE_KEY_PASSWORD_FILE: /run/secrets/app_client_certificate_private_key.pem.password DEV_DSF_FHIR_DB_URL: jdbc:postgresql://db/fhir DEV_DSF_FHIR_SERVER_BASE_URL: https://fhir/fhir - DEV_DSF_FHIR_SERVER_CORS_ORIGINS: http://localhost:8080 DEV_DSF_FHIR_SERVER_ORGANIZATION_IDENTIFIER_VALUE: Test_Organization DEV_DSF_FHIR_SERVER_ORGANIZATION_THUMBPRINT: ${BUNDLE_USER_THUMBPRINT} DEV_DSF_FHIR_SERVER_ROLECONFIG: | @@ -75,7 +74,7 @@ services: - SEARCH - HISTORY - PERMANENT_DELETE - JETTY_AUTH_CLIENT_TRUST_CERTIFICATES: /run/secrets/app_client_trust_certificates.pem + DEV_DSF_SERVER_AUTH_TRUST_CLIENT_CERTIFICATE_CAS: /run/secrets/app_client_trust_certificates.pem networks: frontend: ipv4_address: 172.28.1.3 diff --git a/dsf-fhir/dsf-fhir-server-jetty/conf/jetty.properties b/dsf-fhir/dsf-fhir-server-jetty/conf/jetty.properties index 5cafb7a52..67f5b5018 100755 --- a/dsf-fhir/dsf-fhir-server-jetty/conf/jetty.properties +++ b/dsf-fhir/dsf-fhir-server-jetty/conf/jetty.properties @@ -1,9 +1,9 @@ -jetty.port=8001 -jetty.status.port=10001 -jetty.context.path=/fhir +dev.dsf.server.api.port=8001 +dev.dsf.server.status.port=10001 +dev.dsf.server.context.path=/fhir -jetty.server.server.certificate=target/localhost_certificate.pem -jetty.server.certificate.private.key=target/localhost_private-key.pem -jetty.server.certificate.private.key.password=password +dev.dsf.server.certificate=target/localhost_certificate.pem +dev.dsf.server.certificate.key=target/localhost_private-key.pem +dev.dsf.server.certificate.key.password=password -jetty.auth.client.trust.certificates=target/testca_certificate.pem \ No newline at end of file +dev.dsf.server.trust.client.certificate.cas=target/testca_certificate.pem \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server-jetty/docker/Dockerfile b/dsf-fhir/dsf-fhir-server-jetty/docker/Dockerfile index 431f65b22..006345e32 100755 --- a/dsf-fhir/dsf-fhir-server-jetty/docker/Dockerfile +++ b/dsf-fhir/dsf-fhir-server-jetty/docker/Dockerfile @@ -23,8 +23,8 @@ COPY --from=builder /opt/fhir ./ USER java ENTRYPOINT ["./dsf_fhir_start.sh"] -ENV JETTY_HOST="0.0.0.0" -ENV JETTY_PORT="8080" -ENV JETTY_STATUS_PORT="10000" -ENV JETTY_CONTEXT_PATH="/fhir" +ENV DEV_DSF_SERVER_API_HOST="0.0.0.0" +ENV DEV_DSF_SERVER_API_PORT="8080" +ENV DEV_DSF_SERVER_STATUS_PORT="10000" +ENV DEV_DSF_SERVER_CONTEXT_PATH="/fhir" HEALTHCHECK --interval=10s --timeout=15s --start-period=10s --retries=5 CMD [ "java", "-cp", "dsf_status_client.jar", "dev.dsf.common.status.client.StatusClient" ] \ No newline at end of file diff --git a/dsf-fhir/dsf-fhir-server-jetty/pom.xml b/dsf-fhir/dsf-fhir-server-jetty/pom.xml index 9c4507b9c..d012c6ef7 100755 --- a/dsf-fhir/dsf-fhir-server-jetty/pom.xml +++ b/dsf-fhir/dsf-fhir-server-jetty/pom.xml @@ -167,6 +167,7 @@ </executions> <configuration> <workingPackages> + <workingPackage>dev.dsf.common</workingPackage> <workingPackage>dev.dsf.fhir</workingPackage> </workingPackages> </configuration> diff --git a/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirJettyServer.java b/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirJettyServer.java index cb3d9d3e8..70e57346e 100755 --- a/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirJettyServer.java +++ b/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirJettyServer.java @@ -1,19 +1,38 @@ package dev.dsf.fhir; -import java.io.IOException; +import org.slf4j.bridge.SLF4JBridgeHandler; +import org.springframework.context.annotation.AnnotationConfigApplicationContext; +import dev.dsf.common.jetty.JettyServer; import dev.dsf.common.jetty.Log4jInitializer; -import dev.dsf.common.jetty.PropertyJettyConfig; +import dev.dsf.fhir.config.FhirDbMigratorConfig; +import dev.dsf.fhir.config.FhirHttpJettyConfig; +import dev.dsf.tools.db.DbMigrator; public class FhirJettyServer { static { + SLF4JBridgeHandler.removeHandlersForRootLogger(); + SLF4JBridgeHandler.install(); + Log4jInitializer.initializeLog4j(); } - public static void main(String[] args) throws IOException + public static void main(String[] args) { - new FhirServer(PropertyJettyConfig.forHttp().read()).start(); + try (AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext( + FhirDbMigratorConfig.class)) + { + DbMigrator migrator = context.getBean(DbMigrator.class); + DbMigrator.retryOnConnectException(3, migrator::migrate); + } + + try (AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext( + FhirHttpJettyConfig.class)) + { + JettyServer server = context.getBean(JettyServer.class); + server.start(); + } } } diff --git a/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirJettyServerHttps.java b/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirJettyServerHttps.java index c1255d004..11cce5dba 100755 --- a/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirJettyServerHttps.java +++ b/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirJettyServerHttps.java @@ -1,17 +1,38 @@ package dev.dsf.fhir; +import org.slf4j.bridge.SLF4JBridgeHandler; +import org.springframework.context.annotation.AnnotationConfigApplicationContext; + +import dev.dsf.common.jetty.JettyServer; import dev.dsf.common.jetty.Log4jInitializer; -import dev.dsf.common.jetty.PropertyJettyConfig; +import dev.dsf.fhir.config.FhirDbMigratorConfig; +import dev.dsf.fhir.config.FhirHttpsJettyConfig; +import dev.dsf.tools.db.DbMigrator; public class FhirJettyServerHttps { static { + SLF4JBridgeHandler.removeHandlersForRootLogger(); + SLF4JBridgeHandler.install(); + Log4jInitializer.initializeLog4j(); } public static void main(String[] args) { - new FhirServer(PropertyJettyConfig.forHttps().read()).start(); + try (AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext( + FhirDbMigratorConfig.class)) + { + DbMigrator migrator = context.getBean(DbMigrator.class); + DbMigrator.retryOnConnectException(3, migrator::migrate); + } + + try (AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext( + FhirHttpsJettyConfig.class)) + { + JettyServer server = context.getBean(JettyServer.class); + server.start(); + } } } diff --git a/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirServer.java b/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirServer.java deleted file mode 100755 index 2104edbe6..000000000 --- a/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirServer.java +++ /dev/null @@ -1,43 +0,0 @@ -package dev.dsf.fhir; - -import java.util.stream.Stream; - -import org.eclipse.jetty.websocket.jakarta.client.JakartaWebSocketShutdownContainer; -import org.eclipse.jetty.websocket.jakarta.server.config.JakartaWebSocketServletContainerInitializer; -import org.glassfish.jersey.servlet.init.JerseyServletContainerInitializer; -import org.slf4j.bridge.SLF4JBridgeHandler; -import org.springframework.context.annotation.AnnotationConfigApplicationContext; -import org.springframework.web.SpringServletContainerInitializer; - -import dev.dsf.common.jetty.JettyConfig; -import dev.dsf.common.jetty.JettyServer; -import dev.dsf.tools.db.DbMigrator; -import dev.dsf.tools.db.DbMigratorConfig; - -public final class FhirServer extends JettyServer -{ - static - { - SLF4JBridgeHandler.removeHandlersForRootLogger(); - SLF4JBridgeHandler.install(); - } - - public FhirServer(JettyConfig jettyConfig) - { - super("fhir-server", jettyConfig, - Stream.of(JakartaWebSocketShutdownContainer.class, JakartaWebSocketServletContainerInitializer.class, - JerseyServletContainerInitializer.class, SpringServletContainerInitializer.class)); - } - - @Override - public void beforeStart() - { - try (AnnotationConfigApplicationContext context = new AnnotationConfigApplicationContext( - FhirDbMigratorConfig.class)) - { - DbMigratorConfig config = context.getBean(DbMigratorConfig.class); - DbMigrator dbMigrator = new DbMigrator(config); - DbMigrator.retryOnConnectException(3, dbMigrator::migrate); - } - } -} diff --git a/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirDbMigratorConfig.java b/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/config/FhirDbMigratorConfig.java similarity index 97% rename from dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirDbMigratorConfig.java rename to dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/config/FhirDbMigratorConfig.java index 86d04c04b..323465d89 100644 --- a/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/FhirDbMigratorConfig.java +++ b/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/config/FhirDbMigratorConfig.java @@ -1,4 +1,4 @@ -package dev.dsf.fhir; +package dev.dsf.fhir.config; import java.util.Map; @@ -10,6 +10,7 @@ import org.springframework.core.env.ConfigurableEnvironment; import dev.dsf.common.documentation.Documentation; +import dev.dsf.tools.db.DbMigrator; import dev.dsf.tools.db.DbMigratorConfig; import dev.dsf.tools.docker.secrets.DockerSecretsPropertySourceFactory; @@ -74,7 +75,6 @@ public static PropertySourcesPlaceholderConfigurer propertySourcesPlaceholderCon ConfigurableEnvironment environment) { new DockerSecretsPropertySourceFactory(environment).readDockerSecretsAndAddPropertiesToEnvironment(); - return new PropertySourcesPlaceholderConfigurer(); } @@ -121,4 +121,10 @@ public long getLiquibaseLockWaitTime() { return dbLiquibaseLockWaitTime; } + + @Bean + public DbMigrator dbMigrator() + { + return new DbMigrator(this); + } } diff --git a/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/config/FhirHttpJettyConfig.java b/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/config/FhirHttpJettyConfig.java new file mode 100644 index 000000000..06e238d66 --- /dev/null +++ b/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/config/FhirHttpJettyConfig.java @@ -0,0 +1,28 @@ +package dev.dsf.fhir.config; + +import java.util.Arrays; +import java.util.List; + +import org.eclipse.jetty.websocket.jakarta.client.JakartaWebSocketShutdownContainer; +import org.eclipse.jetty.websocket.jakarta.server.config.JakartaWebSocketServletContainerInitializer; +import org.glassfish.jersey.servlet.init.JerseyServletContainerInitializer; +import org.springframework.web.SpringServletContainerInitializer; + +import dev.dsf.common.config.AbstractHttpJettyConfig; +import jakarta.servlet.ServletContainerInitializer; + +public class FhirHttpJettyConfig extends AbstractHttpJettyConfig +{ + @Override + protected String mavenServerModuleName() + { + return "fhir-server"; + } + + @Override + protected List<Class<? extends ServletContainerInitializer>> servletContainerInitializers() + { + return Arrays.asList(JakartaWebSocketShutdownContainer.class, JakartaWebSocketServletContainerInitializer.class, + JerseyServletContainerInitializer.class, SpringServletContainerInitializer.class); + } +} diff --git a/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/config/FhirHttpsJettyConfig.java b/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/config/FhirHttpsJettyConfig.java new file mode 100644 index 000000000..6d25d798a --- /dev/null +++ b/dsf-fhir/dsf-fhir-server-jetty/src/main/java/dev/dsf/fhir/config/FhirHttpsJettyConfig.java @@ -0,0 +1,28 @@ +package dev.dsf.fhir.config; + +import java.util.Arrays; +import java.util.List; + +import org.eclipse.jetty.websocket.jakarta.client.JakartaWebSocketShutdownContainer; +import org.eclipse.jetty.websocket.jakarta.server.config.JakartaWebSocketServletContainerInitializer; +import org.glassfish.jersey.servlet.init.JerseyServletContainerInitializer; +import org.springframework.web.SpringServletContainerInitializer; + +import dev.dsf.common.config.AbstractHttpsJettyConfig; +import jakarta.servlet.ServletContainerInitializer; + +public class FhirHttpsJettyConfig extends AbstractHttpsJettyConfig +{ + @Override + protected String mavenServerModuleName() + { + return "fhir-server"; + } + + @Override + protected List<Class<? extends ServletContainerInitializer>> servletContainerInitializers() + { + return Arrays.asList(JakartaWebSocketShutdownContainer.class, JakartaWebSocketServletContainerInitializer.class, + JerseyServletContainerInitializer.class, SpringServletContainerInitializer.class); + } +} diff --git a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/spring/config/PropertiesConfig.java b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/spring/config/PropertiesConfig.java index 4d71161e7..41bb2d016 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/spring/config/PropertiesConfig.java +++ b/dsf-fhir/dsf-fhir-server/src/main/java/dev/dsf/fhir/spring/config/PropertiesConfig.java @@ -62,8 +62,8 @@ public class PropertiesConfig @Value("${dev.dsf.fhir.server.init.bundle:conf/bundle.xml}") private String initBundleFile; - @Documentation(required = true, description = "PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers", recommendation = "Use docker secret file to configure", example = "/run/secrets/app_client_trust_certificates.pem") - @Value("${dev.dsf.fhir.client.trust.certificates}") + @Documentation(required = true, description = "PEM encoded file with one or more trusted root certificates to validate server certificates for https connections to remote DSF FHIR servers", recommendation = "Use docker secret file to configure", example = "/run/secrets/app_server_trust_certificates.pem") + @Value("${dev.dsf.fhir.client.trust.server.certificate.cas}") private String webserviceClientCertificateTrustCertificatesFile; @Documentation(required = true, description = "PEM encoded file with local client certificate for https connections to remote DSF FHIR servers", recommendation = "Use docker secret file to configure", example = "/run/secrets/app_client_certificate.pem") @@ -94,23 +94,23 @@ public class PropertiesConfig @Value("${dev.dsf.fhir.server.static.resource.cache:true}") private boolean staticResourceCacheEnabled; - @Value("${jetty.status.port}") + @Value("${dev.dsf.server.status.port}") private int jettyStatusConnectorPort; - @Documentation(description = "Forward (http/https) proxy url, use *DEV_DSF_FHIR_PROXY_NOPROXY* to list domains that do not require a forward proxy", example = "http://proxy.foo:8080") - @Value("${dev.dsf.fhir.proxy.url:#{null}}") + @Documentation(description = "Forward (http/https) proxy url, use *DEV_DSF_BPE_PROXY_NOPROXY* to list domains that do not require a forward proxy", example = "http://proxy.foo:8080") + @Value("${dev.dsf.proxy.url:#{null}}") private String proxyUrl; @Documentation(description = "Forward proxy username", recommendation = "Configure username if proxy requires authentication") - @Value("${dev.dsf.fhir.proxy.username:#{null}}") + @Value("${dev.dsf.proxy.username:#{null}}") private String proxyUsername; @Documentation(description = "Forward Proxy password", recommendation = "Configure password if proxy requires authentication, use docker secret file to configure using *${env_variable}_FILE*") - @Value("${dev.dsf.fhir.proxy.password:#{null}}") + @Value("${dev.dsf.proxy.password:#{null}}") private char[] proxyPassword; @Documentation(description = "Forward proxy no-proxy list, entries will match exactly or agianst (one level) sub-domains, if no port is specified - all ports are matched; comma or space separated list, YAML block scalars supported", example = "foo.bar, test.com:8080") - @Value("#{'${dev.dsf.fhir.proxy.noProxy:}'.trim().split('(,[ ]?)|(\\\\n)')}") + @Value("#{'${dev.dsf.proxy.noProxy:}'.trim().split('(,[ ]?)|(\\\\n)')}") private List<String> proxyNoProxy; @Bean // static in order to initialize before @Configuration classes diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/AbstractIntegrationTest.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/AbstractIntegrationTest.java index 69c5b5cbc..4fa9b858e 100755 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/AbstractIntegrationTest.java +++ b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/AbstractIntegrationTest.java @@ -14,15 +14,25 @@ import java.nio.file.Path; import java.nio.file.Paths; import java.security.KeyStore; +import java.security.PrivateKey; +import java.security.cert.Certificate; +import java.security.cert.X509Certificate; import java.sql.Connection; import java.util.Arrays; import java.util.Collections; +import java.util.HashMap; import java.util.List; import java.util.Map; import java.util.UUID; -import java.util.stream.Stream; +import java.util.function.Consumer; +import java.util.function.Function; import org.apache.commons.dbcp2.BasicDataSource; +import org.eclipse.jetty.security.SecurityHandler; +import org.eclipse.jetty.server.Connector; +import org.eclipse.jetty.server.Server; +import org.eclipse.jetty.server.session.SessionHandler; +import org.eclipse.jetty.webapp.WebAppContext; import org.eclipse.jetty.websocket.jakarta.client.JakartaWebSocketShutdownContainer; import org.eclipse.jetty.websocket.jakarta.server.config.JakartaWebSocketServletContainerInitializer; import org.glassfish.jersey.servlet.init.JerseyServletContainerInitializer; @@ -43,9 +53,16 @@ import ca.uhn.fhir.context.FhirContext; import ca.uhn.fhir.parser.IParser; +import de.rwh.utils.crypto.CertificateHelper; +import de.rwh.utils.crypto.io.CertificateReader; +import de.rwh.utils.crypto.io.PemIo; import de.rwh.utils.test.LiquibaseTemplateTestClassRule; import de.rwh.utils.test.LiquibaseTemplateTestRule; -import dev.dsf.common.jetty.JettyConfig; +import dev.dsf.common.auth.ClientCertificateAuthenticator; +import dev.dsf.common.auth.DelegatingAuthenticator; +import dev.dsf.common.auth.DsfLoginService; +import dev.dsf.common.auth.DsfSecurityHandler; +import dev.dsf.common.auth.StatusPortAuthenticator; import dev.dsf.common.jetty.JettyServer; import dev.dsf.fhir.authorization.read.ReadAccessHelper; import dev.dsf.fhir.authorization.read.ReadAccessHelperImpl; @@ -58,6 +75,7 @@ import dev.dsf.fhir.service.ReferenceCleaner; import dev.dsf.fhir.service.ReferenceCleanerImpl; import dev.dsf.fhir.service.ReferenceExtractorImpl; +import jakarta.servlet.ServletContainerInitializer; import jakarta.ws.rs.WebApplicationException; import jakarta.ws.rs.core.Response.Status; @@ -152,17 +170,77 @@ private static WebsocketClient createWebsocketClient(KeyStore trustStore, KeySto private static JettyServer startFhirServer() throws Exception { - JettyConfig jettyConfig = new TestJettyConfig(10001, 8001, CONTEXT_PATH, certificates.getCaCertificateFile(), - certificates.getServerCertificateFile(), certificates.getServerCertificatePrivateKeyFile(), - X509Certificates.PASSWORD, Paths.get("log4j2.xml"), DATABASE_URL, DATABASE_USER, DATABASE_USER_PASSWORD, - DATABASE_DELETE_USER, DATABASE_DELETE_USER_PASSWORD, BASE_URL, certificates.getClientCertificate(), - "Test_Organization", FHIR_BUNDLE_FILE, certificates.getCaCertificateFile(), - certificates.getClientCertificateFile(), certificates.getClientCertificatePrivateKeyFile(), - X509Certificates.PASSWORD, certificates.getPractitionerClientCertificate()); - - JettyServer server = new JettyServer("fhir-server", jettyConfig, - Stream.of(JakartaWebSocketShutdownContainer.class, JakartaWebSocketServletContainerInitializer.class, - JerseyServletContainerInitializer.class, SpringServletContainerInitializer.class)); + int statusPort = 10001; + + Map<String, String> initParameters = new HashMap<>(); + initParameters.put("dev.dsf.server.status.port", String.valueOf(statusPort)); + + initParameters.put("dev.dsf.fhir.db.url", DATABASE_URL); + initParameters.put("dev.dsf.fhir.db.user.username", DATABASE_USER); + initParameters.put("dev.dsf.fhir.db.user.password", DATABASE_USER_PASSWORD); + initParameters.put("dev.dsf.fhir.db.user.permanent.delete.username", DATABASE_DELETE_USER); + initParameters.put("dev.dsf.fhir.db.user.permanent.delete.password", DATABASE_DELETE_USER_PASSWORD); + + initParameters.put("dev.dsf.fhir.server.base.url", BASE_URL); + initParameters.put("dev.dsf.fhir.server.organization.identifier.value", "Test_Organization"); + initParameters.put("dev.dsf.fhir.server.init.bundle", FHIR_BUNDLE_FILE.toString()); + + initParameters.put("dev.dsf.fhir.client.trust.server.certificate.cas", + certificates.getCaCertificateFile().toString()); + initParameters.put("dev.dsf.fhir.client.certificate", certificates.getClientCertificateFile().toString()); + initParameters.put("dev.dsf.fhir.client.certificate.private.key", + certificates.getClientCertificatePrivateKeyFile().toString()); + initParameters.put("dev.dsf.fhir.client.certificate.private.key.password", + String.valueOf(X509Certificates.PASSWORD)); + + initParameters.put("dev.dsf.fhir.server.roleConfig", String.format(""" + - practitioner-test-user: + thumbprint: %s + dsf-role: + - CREATE + - READ + - UPDATE + - DELETE + - SEARCH + - HISTORY + practitioner-role: + - http://dsf.dev/fhir/CodeSystem/practitioner-role|DIC_USER + """, certificates.getPractitionerClientCertificate().getCertificateSha512ThumbprintHex())); + + KeyStore caCertificate = CertificateReader.allFromCer(certificates.getCaCertificateFile()); + PrivateKey privateKey = PemIo.readPrivateKeyFromPem(certificates.getServerCertificatePrivateKeyFile(), + X509Certificates.PASSWORD); + X509Certificate certificate = PemIo.readX509CertificateFromPem(certificates.getServerCertificateFile()); + char[] keyStorePassword = UUID.randomUUID().toString().toCharArray(); + KeyStore serverCertificateKeyStore = CertificateHelper.toJksKeyStore(privateKey, + new Certificate[] { certificate }, UUID.randomUUID().toString(), keyStorePassword); + + Function<Server, Connector> apiConnector = JettyServer.httpsConnector("127.0.0.1", 8001, caCertificate, + serverCertificateKeyStore, keyStorePassword, false); + Function<Server, Connector> statusConnector = JettyServer.statusConnector("127.0.0.1", statusPort); + List<Class<? extends ServletContainerInitializer>> servletContainerInitializers = Arrays.asList( + JakartaWebSocketShutdownContainer.class, JakartaWebSocketServletContainerInitializer.class, + JerseyServletContainerInitializer.class, SpringServletContainerInitializer.class); + + Consumer<WebAppContext> securityHandlerConfigurer = webAppContext -> + { + SessionHandler sessionHandler = webAppContext.getSessionHandler(); + DsfLoginService dsfLoginService = new DsfLoginService(webAppContext); + + StatusPortAuthenticator statusPortAuthenticator = new StatusPortAuthenticator(statusPort); + ClientCertificateAuthenticator clientCertificateAuthenticator = new ClientCertificateAuthenticator( + caCertificate); + DelegatingAuthenticator delegatingAuthenticator = new DelegatingAuthenticator(sessionHandler, + statusPortAuthenticator, clientCertificateAuthenticator, null, null, null, null); + + SecurityHandler securityHandler = new DsfSecurityHandler(dsfLoginService, delegatingAuthenticator, null); + securityHandler.setSessionRenewedOnAuthentication(true); + + webAppContext.setSecurityHandler(securityHandler); + }; + + JettyServer server = new JettyServer(apiConnector, statusConnector, "dsf-fhir-server", CONTEXT_PATH, + servletContainerInitializers, initParameters, caCertificate, securityHandlerConfigurer); server.start(); diff --git a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TestJettyConfig.java b/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TestJettyConfig.java deleted file mode 100644 index 92bf6da0b..000000000 --- a/dsf-fhir/dsf-fhir-server/src/test/java/dev/dsf/fhir/integration/TestJettyConfig.java +++ /dev/null @@ -1,136 +0,0 @@ -package dev.dsf.fhir.integration; - -import java.nio.file.Path; -import java.util.HashMap; -import java.util.Map; -import java.util.Objects; -import java.util.Optional; -import java.util.Properties; - -import dev.dsf.common.jetty.AbstractJettyConfig; -import dev.dsf.common.jetty.JettyConfig; -import dev.dsf.fhir.integration.X509Certificates.ClientCertificate; - -public class TestJettyConfig extends AbstractJettyConfig implements JettyConfig -{ - private final int statusPort; - private final int port; - private final String contextPath; - private final Path clientTrustCertificatesPath; - private final Path serverCertificatePath; - private final Path serverCertificatePrivateKeyPath; - private final char[] serverCertificatePrivateKeyPassword; - private final Path log4JConfigPath; - - private final Properties additionalProperties = new Properties(); - - public TestJettyConfig(int statusPort, int port, String contextPath, Path clientTrustCertificatesPath, - Path serverCertificatePath, Path serverCertificatePrivateKeyPath, - char[] serverCertificatePrivateKeyPassword, Path log4JConfigPath, String databaseUrl, - String databaseUserUsername, String databaseUserPassword, String databaseDeleteUserUsername, - String databaseDeleteUserPassword, String serverBaseUrl, ClientCertificate clientCertificate, - String organizationIdentifierValue, Path fhirBundleFile, Path caCertificateFile, Path clientCertificateFile, - Path clientCertificatePrivateKeyFile, char[] clientCertificatePrivateKeyPassword, - ClientCertificate practitionerClientCertificate) - { - super(AbstractJettyConfig.httpsConnector()); - - this.statusPort = statusPort; - this.port = port; - this.contextPath = contextPath; - this.clientTrustCertificatesPath = clientTrustCertificatesPath; - this.serverCertificatePrivateKeyPath = serverCertificatePrivateKeyPath; - this.serverCertificatePath = serverCertificatePath; - this.serverCertificatePrivateKeyPassword = serverCertificatePrivateKeyPassword; - this.log4JConfigPath = log4JConfigPath; - - additionalProperties.put("dev.dsf.fhir.db.url", databaseUrl); - additionalProperties.put("dev.dsf.fhir.db.user.username", databaseUserUsername); - additionalProperties.put("dev.dsf.fhir.db.user.password", databaseUserPassword); - additionalProperties.put("dev.dsf.fhir.db.user.permanent.delete.username", databaseDeleteUserUsername); - additionalProperties.put("dev.dsf.fhir.db.user.permanent.delete.password", databaseDeleteUserPassword); - additionalProperties.put("dev.dsf.fhir.server.base.url", serverBaseUrl); - additionalProperties.put("dev.dsf.fhir.server.user.thumbprints", - clientCertificate.getCertificateSha512ThumbprintHex()); - additionalProperties.put("dev.dsf.fhir.server.user.thumbprints.permanent.delete", - clientCertificate.getCertificateSha512ThumbprintHex()); - additionalProperties.put("dev.dsf.fhir.server.organization.identifier.value", organizationIdentifierValue); - additionalProperties.put("dev.dsf.fhir.server.init.bundle", fhirBundleFile.toString()); - - additionalProperties.put("dev.dsf.fhir.client.trust.certificates", caCertificateFile.toString()); - additionalProperties.put("dev.dsf.fhir.client.certificate", clientCertificateFile.toString()); - additionalProperties.put("dev.dsf.fhir.client.certificate.private.key", - clientCertificatePrivateKeyFile.toString()); - additionalProperties.put("dev.dsf.fhir.client.certificate.private.key.password", - String.valueOf(clientCertificatePrivateKeyPassword)); - additionalProperties.put("dev.dsf.fhir.server.roleConfig", String.format(""" - - practitioner-test-user: - thumbprint: %s - dsf-role: - - CREATE - - READ - - UPDATE - - DELETE - - SEARCH - - HISTORY - practitioner-role: - - http://dsf.dev/fhir/CodeSystem/practitioner-role|DIC_USER - """, practitionerClientCertificate.getCertificateSha512ThumbprintHex())); - } - - @Override - public Optional<Integer> getStatusPort() - { - return Optional.of(statusPort); - } - - @Override - public Optional<Integer> getPort() - { - return Optional.of(port); - } - - @Override - public Optional<String> getContextPath() - { - return Optional.of(contextPath); - } - - @Override - public Optional<Path> getClientTrustCertificatesPath() - { - return Optional.of(clientTrustCertificatesPath); - } - - @Override - public Optional<Path> getServerCertificatePath() - { - return Optional.of(serverCertificatePath); - } - - @Override - public Optional<Path> getServerCertificatePrivateKeyPath() - { - return Optional.of(serverCertificatePrivateKeyPath); - } - - @Override - public Optional<char[]> getServerCertificatePrivateKeyPassword() - { - return Optional.of(serverCertificatePrivateKeyPassword); - } - - @Override - public Optional<Path> getLog4JConfigPath() - { - return Optional.of(log4JConfigPath); - } - - @Override - public Map<String, String> getAllProperties() - { - Map<String, String> all = new HashMap<>(super.getAllProperties()); - additionalProperties.forEach((k, v) -> all.put(Objects.toString(k), Objects.toString(v))); - return all; - } -} diff --git a/dsf-tools/dsf-tools-test-data-generator/src/main/resources/config-templates/java-test-fhir-config.properties b/dsf-tools/dsf-tools-test-data-generator/src/main/resources/config-templates/java-test-fhir-config.properties index ec95a8f7e..6913345c3 100755 --- a/dsf-tools/dsf-tools-test-data-generator/src/main/resources/config-templates/java-test-fhir-config.properties +++ b/dsf-tools/dsf-tools-test-data-generator/src/main/resources/config-templates/java-test-fhir-config.properties @@ -18,7 +18,7 @@ dev.dsf.fhir.server.user.thumbprints.permanent.delete= dev.dsf.fhir.server.organization.identifier.value=Test_Organization #dev.dsf.fhir.server.init.bundle=conf/bundle.xml -dev.dsf.fhir.client.trust.certificates=target/testca_certificate.pem +dev.dsf.fhir.client.trust.server.certificate.cas=target/testca_certificate.pem dev.dsf.fhir.client.certificate=target/test-client_certificate.pem dev.dsf.fhir.client.certificate.private.key=target/test-client_private-key.pem dev.dsf.fhir.client.certificate.private.key.password=password From ea50a92c9ed0ebb76a17375a8c625dbe8164d417 Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Wed, 28 Jun 2023 03:28:02 +0200 Subject: [PATCH 40/43] added /fhir/Task?status=draft as default bookmark --- dsf-fhir/dsf-fhir-server/src/main/resources/static/bookmarks.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/static/bookmarks.js b/dsf-fhir/dsf-fhir-server/src/main/resources/static/bookmarks.js index 1c97d31c2..4db43aa41 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/static/bookmarks.js +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/static/bookmarks.js @@ -115,7 +115,7 @@ function getInitialBookmarks() { 'Organization': ['/fhir/Organization', '/fhir/Organization?identifier=highmed.org', '/fhir/Organization?identifier=medizininformatik-initiative.de', '/fhir/Organization?identifier=netzwerk-universitaetsmedizin.de'], 'OrganizationAffiliation': ['/fhir/OrganizationAffiliation'], 'Subscription': ['/fhir/Subscription'], - 'Task': ['/fhir/Task', '/fhir/Task?_sort=-_lastUpdated', '/fhir/Task?_sort=-_lastUpdated&_count=1'], + 'Task': ['/fhir/Task', '/fhir/Task?_sort=-_lastUpdated', '/fhir/Task?_sort=-_lastUpdated&_count=1', '/fhir/Task?status=draft'], 'ValueSet': ['/fhir/ValueSet'] }; } From a9aca10f63b77871b9600e59edf462ad8d7f79c9 Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Wed, 28 Jun 2023 11:34:31 +0200 Subject: [PATCH 41/43] added info entries: message-name, business-key and correlation-key --- .../dsf/fhir/adapter/TaskHtmlGenerator.java | 78 ++++++++++++++++--- .../src/main/resources/static/form.css | 4 + 2 files changed, 72 insertions(+), 10 deletions(-) diff --git a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java index e776f8b33..e26a3ff87 100644 --- a/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java +++ b/dsf-fhir/dsf-fhir-rest-adapter/src/main/java/dev/dsf/fhir/adapter/TaskHtmlGenerator.java @@ -3,15 +3,24 @@ import java.io.IOException; import java.io.OutputStreamWriter; import java.util.HashMap; +import java.util.List; import java.util.Map; +import java.util.Optional; import java.util.UUID; +import java.util.function.Predicate; +import java.util.stream.Collectors; +import org.hl7.fhir.r4.model.CanonicalType; import org.hl7.fhir.r4.model.CodeableConcept; import org.hl7.fhir.r4.model.Coding; +import org.hl7.fhir.r4.model.StringType; import org.hl7.fhir.r4.model.Task; +import org.hl7.fhir.r4.model.Task.ParameterComponent; +import org.hl7.fhir.r4.model.Task.TaskOutputComponent; public class TaskHtmlGenerator extends InputHtmlGenerator implements HtmlGenerator<Task> { + private static final String CODESYSTEM_BPMN = "http://dsf.dev/fhir/CodeSystem/bpmn-message"; private static final String CODESYSTEM_BPMN_MESSAGE_MESSAGE_NAME = "message-name"; private static final String CODESYSTEM_BPMN_MESSAGE_BUSINESS_KEY = "business-key"; private static final String CODESYSTEM_BPMN_MESSAGE_CORRELATION_KEY = "correlation-key"; @@ -49,13 +58,20 @@ public void writeHtml(String basePath, Task task, OutputStreamWriter out) throws + " to instantiate the following process:"); out.write("</p>\n"); out.write("<ul class=\"info-list\">\n"); - out.write( - "<li><b>URL: <a class=\"info-link info-link-task " + getColorClass(task.getStatus(), ELEMENT_TYPE_LINK) - + "\" href=\"" + href + "\">" + taskCanonicalSplit[0] + "</a></b></li>\n"); - out.write("<li><b>Version: <a class=\"info-link info-link-task " + out.write("<li><b>Process URL: <a class=\"info-link info-link-task " + + getColorClass(task.getStatus(), ELEMENT_TYPE_LINK) + "\" href=\"" + href + "\">" + + taskCanonicalSplit[0] + "</a></b></li>\n"); + out.write("<li><b>Process Version: <a class=\"info-link info-link-task " + getColorClass(task.getStatus(), ELEMENT_TYPE_LINK) + "\" href=\"" + href + "\">" + taskCanonicalSplit[1] + "</a></b></li>\n"); - out.write("<li><b>Status:</b> " + task.getStatus().getDisplay() + "</li>\n"); + out.write("<li><b>Task Profile:</b> " + + task.getMeta().getProfile().stream().map(CanonicalType::getValue).collect(Collectors.joining(", ")) + + "</li>\n"); + out.write("<li><b>Task Status:</b> " + task.getStatus().toCode() + "</li>\n"); + getInput(task, isMessageName()).ifPresent(m -> silentWrite(out, "<li><b>Message-Name:</b> " + m + "</li>\n")); + getInput(task, isBusinessKey()).ifPresent(k -> silentWrite(out, "<li><b>Business-Key:</b> " + k + "</li>\n")); + getInput(task, isCorrelationKey()) + .ifPresent(k -> silentWrite(out, "<li><b>Correlation-Key:</b> " + k + "</li>\n")); out.write("</ul>\n"); out.write("</div>\n"); out.write("</div>\n"); @@ -82,15 +98,17 @@ public void writeHtml(String basePath, Task task, OutputStreamWriter out) throws + (draft ? "placeholder=\"yyyy.MM.dd hh:mm:ss\"" : "value=\"" + authoredOn + "\"") + "></input>\n"); out.write("</div>\n"); - // the Task has more inputs than the message-name, - // just the message-name input is only possible with Task status draft - if (task.getInput().size() > 1) + List<ParameterComponent> filteredInputs = task.getInput().stream() + .filter(isMessageName().negate().and(isBusinessKey().negate()).and(isCorrelationKey().negate())) + .toList(); + + if (filteredInputs.size() > 1) { out.write("<section>"); out.write("<h2 class=\"input-output-header\">Inputs</h2>"); Map<String, Integer> elementIdIndexMap = new HashMap<>(); - for (Task.ParameterComponent input : task.getInput()) + for (ParameterComponent input : filteredInputs) { writeInput(input, elementIdIndexMap, draft, out); } @@ -104,7 +122,7 @@ public void writeHtml(String basePath, Task task, OutputStreamWriter out) throws out.write("<h2 class=\"input-output-header\">Outputs</h2>"); Map<String, Integer> elementIdIndexMap = new HashMap<>(); - for (Task.TaskOutputComponent output : task.getOutput()) + for (TaskOutputComponent output : task.getOutput()) { writeOutput(output, elementIdIndexMap, out); } @@ -124,6 +142,46 @@ public void writeHtml(String basePath, Task task, OutputStreamWriter out) throws out.write("</form>\n"); } + private void silentWrite(OutputStreamWriter out, String value) + { + try + { + out.write(value); + } + catch (IOException e) + { + throw new RuntimeException(e); + } + } + + private Optional<String> getInput(Task task, Predicate<ParameterComponent> paramMatches) + { + if (task == null || paramMatches == null) + return Optional.empty(); + + return task.getInput().stream().filter(paramMatches).filter(i -> i.getValue() instanceof StringType) + .map(i -> ((StringType) i.getValue()).getValue()).findFirst(); + } + + private Predicate<ParameterComponent> isMessageName() + { + return param -> param != null && param.getType().getCoding().stream().anyMatch( + c -> CODESYSTEM_BPMN.equals(c.getSystem()) && CODESYSTEM_BPMN_MESSAGE_MESSAGE_NAME.equals(c.getCode())); + } + + private Predicate<ParameterComponent> isBusinessKey() + { + return param -> param != null && param.getType().getCoding().stream().anyMatch( + c -> CODESYSTEM_BPMN.equals(c.getSystem()) && CODESYSTEM_BPMN_MESSAGE_BUSINESS_KEY.equals(c.getCode())); + } + + private Predicate<ParameterComponent> isCorrelationKey() + { + return param -> param != null + && param.getType().getCoding().stream().anyMatch(c -> CODESYSTEM_BPMN.equals(c.getSystem()) + && CODESYSTEM_BPMN_MESSAGE_CORRELATION_KEY.equals(c.getCode())); + } + private String getColorClass(Task.TaskStatus status, String elementType) { switch (status) diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css index 48e911ed8..25d3288e0 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/static/form.css @@ -157,6 +157,10 @@ fieldset#form-fieldset { padding-left: 20px; } +.info-list > li:not(:last-child) { + margin-bottom: 0.3em; +} + .row:after { content: ""; display: table; From 9c0f44451dd787539f60b9d1f191d4dcc773391d Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Wed, 28 Jun 2023 11:34:55 +0200 Subject: [PATCH 42/43] new default bookmark QuestionnaireResponse?status=in-progress --- dsf-fhir/dsf-fhir-server/src/main/resources/static/bookmarks.js | 1 + 1 file changed, 1 insertion(+) diff --git a/dsf-fhir/dsf-fhir-server/src/main/resources/static/bookmarks.js b/dsf-fhir/dsf-fhir-server/src/main/resources/static/bookmarks.js index 4db43aa41..ac633ff12 100644 --- a/dsf-fhir/dsf-fhir-server/src/main/resources/static/bookmarks.js +++ b/dsf-fhir/dsf-fhir-server/src/main/resources/static/bookmarks.js @@ -114,6 +114,7 @@ function getInitialBookmarks() { 'NamingSystem': ['/fhir/NamingSystem'], 'Organization': ['/fhir/Organization', '/fhir/Organization?identifier=highmed.org', '/fhir/Organization?identifier=medizininformatik-initiative.de', '/fhir/Organization?identifier=netzwerk-universitaetsmedizin.de'], 'OrganizationAffiliation': ['/fhir/OrganizationAffiliation'], + 'QuestionnaireResponse': ['/fhir/QuestionnaireResponse?status=in-progress'], 'Subscription': ['/fhir/Subscription'], 'Task': ['/fhir/Task', '/fhir/Task?_sort=-_lastUpdated', '/fhir/Task?_sort=-_lastUpdated&_count=1', '/fhir/Task?status=draft'], 'ValueSet': ['/fhir/ValueSet'] From 159aa6cdac63c1e241387aae7bb4baacc63f2520 Mon Sep 17 00:00:00 2001 From: Hauke Hund <hauke.hund@hs-heilbronn.de> Date: Wed, 28 Jun 2023 13:04:12 +0200 Subject: [PATCH 43/43] 1.0.0 release --- CITATION.cff | 4 ++-- dsf-bpe/dsf-bpe-process-api-v1/pom.xml | 2 +- dsf-bpe/dsf-bpe-server-jetty/pom.xml | 2 +- dsf-bpe/dsf-bpe-server/pom.xml | 2 +- dsf-bpe/pom.xml | 2 +- dsf-common/dsf-common-auth/pom.xml | 2 +- dsf-common/dsf-common-config/pom.xml | 2 +- dsf-common/dsf-common-documentation/pom.xml | 2 +- dsf-common/dsf-common-jetty/pom.xml | 2 +- dsf-common/dsf-common-status/pom.xml | 2 +- dsf-common/pom.xml | 2 +- dsf-fhir/dsf-fhir-auth/pom.xml | 2 +- dsf-fhir/dsf-fhir-rest-adapter/pom.xml | 2 +- dsf-fhir/dsf-fhir-server-jetty/pom.xml | 2 +- dsf-fhir/dsf-fhir-server/pom.xml | 2 +- dsf-fhir/dsf-fhir-validation/pom.xml | 4 ++-- .../main/resources/fhir/CodeSystem/dsf-bpmn-message-1.0.0.xml | 2 +- .../resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml | 2 +- .../resources/fhir/CodeSystem/dsf-practitioner-role-1.0.0.xml | 2 +- .../fhir/CodeSystem/dsf-process-authorization-1.0.0.xml | 2 +- .../resources/fhir/CodeSystem/dsf-read-access-tag-1.0.0.xml | 2 +- .../src/main/resources/fhir/NamingSystem/dsf-endpoint.xml | 2 +- .../src/main/resources/fhir/NamingSystem/dsf-organization.xml | 2 +- .../src/main/resources/fhir/NamingSystem/dsf-practitioner.xml | 2 +- .../src/main/resources/fhir/NamingSystem/dsf-task.xml | 2 +- .../StructureDefinition/dsf-activity-definition-1.0.0.xml | 2 +- .../fhir/StructureDefinition/dsf-code-system-1.0.0.xml | 2 +- .../dsf-coding-process-authorization-local-all-1.0.0.xml | 2 +- ...ing-process-authorization-local-all-practitioner-1.0.0.xml | 2 +- ...-coding-process-authorization-local-organization-1.0.0.xml | 2 +- ...ss-authorization-local-organization-practitioner-1.0.0.xml | 2 +- ...ess-authorization-local-parent-organization-role-1.0.0.xml | 2 +- ...tion-local-parent-organization-role-practitioner-1.0.0.xml | 2 +- .../dsf-coding-process-authorization-remote-all-1.0.0.xml | 2 +- ...coding-process-authorization-remote-organization-1.0.0.xml | 2 +- ...ss-authorization-remote-parent-organization-role-1.0.0.xml | 2 +- .../resources/fhir/StructureDefinition/dsf-endpoint-1.0.0.xml | 2 +- .../dsf-extension-certificate-thumbprint-1.0.0.xml | 2 +- .../dsf-extension-check-logical-reference-1.0.0.xml | 2 +- .../dsf-extension-process-authorization-1.0.0.xml | 2 +- ...dsf-extension-process-authorization-organization-1.0.0.xml | 2 +- ...-process-authorization-organization-practitioner-1.0.0.xml | 2 +- ...n-process-authorization-parent-organization-role-1.0.0.xml | 2 +- ...horization-parent-organization-role-practitioner-1.0.0.xml | 2 +- ...dsf-extension-process-authorization-practitioner-1.0.0.xml | 2 +- .../dsf-extension-read-access-organization-1.0.0.xml | 2 +- ...f-extension-read-access-parent-organization-role-1.0.0.xml | 2 +- .../fhir/StructureDefinition/dsf-organization-1.0.0.xml | 2 +- .../dsf-organization-affiliation-1.0.0.xml | 2 +- .../StructureDefinition/dsf-organization-parent-1.0.0.xml | 2 +- .../StructureDefinition/dsf-organization-reference-1.0.0.xml | 2 +- .../fhir/StructureDefinition/dsf-questionnaire-1.0.0.xml | 2 +- .../StructureDefinition/dsf-questionnaire-response-1.0.0.xml | 2 +- .../fhir/StructureDefinition/dsf-task-base-1.0.0.xml | 2 +- .../fhir/StructureDefinition/dsf-value-set-1.0.0.xml | 2 +- .../main/resources/fhir/ValueSet/dsf-bpmn-message-1.0.0.xml | 2 +- .../resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml | 2 +- .../resources/fhir/ValueSet/dsf-practitioner-role-1.0.0.xml | 2 +- .../ValueSet/dsf-process-authorization-recipient-1.0.0.xml | 2 +- .../ValueSet/dsf-process-authorization-requester-1.0.0.xml | 2 +- .../resources/fhir/ValueSet/dsf-read-access-tag-1.0.0.xml | 2 +- dsf-fhir/dsf-fhir-webservice-client/pom.xml | 2 +- dsf-fhir/dsf-fhir-websocket-client/pom.xml | 2 +- dsf-fhir/pom.xml | 2 +- dsf-tools/dsf-tools-build-info-reader/pom.xml | 2 +- dsf-tools/dsf-tools-bundle-generator/pom.xml | 2 +- dsf-tools/dsf-tools-db-migration/pom.xml | 2 +- dsf-tools/dsf-tools-docker-secrets-reader/pom.xml | 2 +- dsf-tools/dsf-tools-documentation-generator/pom.xml | 2 +- dsf-tools/dsf-tools-proxy-test/pom.xml | 2 +- dsf-tools/dsf-tools-test-data-generator/pom.xml | 2 +- dsf-tools/pom.xml | 2 +- pom.xml | 2 +- 73 files changed, 75 insertions(+), 75 deletions(-) diff --git a/CITATION.cff b/CITATION.cff index f03be7f4f..b7c5306c7 100644 --- a/CITATION.cff +++ b/CITATION.cff @@ -24,8 +24,8 @@ preferred-citation: doi: 10.3233/SHTI210060 type: proceedings title: "Data Sharing Framework (DSF)" -version: 1.0.0-M1 -date-released: 2023-05-19 +version: 1.0.0 +date-released: 2023-06-28 url: https://dsf.dev repository-code: https://github.com/datasharingframework/dsf repository-artifact: https://github.com/datasharingframework/dsf/releases diff --git a/dsf-bpe/dsf-bpe-process-api-v1/pom.xml b/dsf-bpe/dsf-bpe-process-api-v1/pom.xml index 9fde6df52..7ae49a29b 100644 --- a/dsf-bpe/dsf-bpe-process-api-v1/pom.xml +++ b/dsf-bpe/dsf-bpe-process-api-v1/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-bpe-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-bpe/dsf-bpe-server-jetty/pom.xml b/dsf-bpe/dsf-bpe-server-jetty/pom.xml index 0d05e406b..2a0e62931 100755 --- a/dsf-bpe/dsf-bpe-server-jetty/pom.xml +++ b/dsf-bpe/dsf-bpe-server-jetty/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-bpe-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-bpe/dsf-bpe-server/pom.xml b/dsf-bpe/dsf-bpe-server/pom.xml index fb3f4bc53..fdc087adc 100755 --- a/dsf-bpe/dsf-bpe-server/pom.xml +++ b/dsf-bpe/dsf-bpe-server/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-bpe-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-bpe/pom.xml b/dsf-bpe/pom.xml index 84bd5edc1..3ce31c14a 100755 --- a/dsf-bpe/pom.xml +++ b/dsf-bpe/pom.xml @@ -7,7 +7,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <modules> diff --git a/dsf-common/dsf-common-auth/pom.xml b/dsf-common/dsf-common-auth/pom.xml index 153177b60..517d20d3e 100644 --- a/dsf-common/dsf-common-auth/pom.xml +++ b/dsf-common/dsf-common-auth/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-common-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-common/dsf-common-config/pom.xml b/dsf-common/dsf-common-config/pom.xml index dc3e383ed..a67c0299d 100644 --- a/dsf-common/dsf-common-config/pom.xml +++ b/dsf-common/dsf-common-config/pom.xml @@ -8,7 +8,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-common-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-common/dsf-common-documentation/pom.xml b/dsf-common/dsf-common-documentation/pom.xml index b2080ab3c..852cf9516 100644 --- a/dsf-common/dsf-common-documentation/pom.xml +++ b/dsf-common/dsf-common-documentation/pom.xml @@ -6,6 +6,6 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-common-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> </project> \ No newline at end of file diff --git a/dsf-common/dsf-common-jetty/pom.xml b/dsf-common/dsf-common-jetty/pom.xml index 80af85246..c4ca3bcb1 100644 --- a/dsf-common/dsf-common-jetty/pom.xml +++ b/dsf-common/dsf-common-jetty/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-common-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-common/dsf-common-status/pom.xml b/dsf-common/dsf-common-status/pom.xml index a2f3e5e65..ec28524c8 100644 --- a/dsf-common/dsf-common-status/pom.xml +++ b/dsf-common/dsf-common-status/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-common-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-common/pom.xml b/dsf-common/pom.xml index f4c1e0d28..132986daa 100644 --- a/dsf-common/pom.xml +++ b/dsf-common/pom.xml @@ -7,7 +7,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <modules> diff --git a/dsf-fhir/dsf-fhir-auth/pom.xml b/dsf-fhir/dsf-fhir-auth/pom.xml index ebb658a6f..e64ff594c 100644 --- a/dsf-fhir/dsf-fhir-auth/pom.xml +++ b/dsf-fhir/dsf-fhir-auth/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-fhir-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-fhir/dsf-fhir-rest-adapter/pom.xml b/dsf-fhir/dsf-fhir-rest-adapter/pom.xml index e0afc5b1f..f2705ae51 100755 --- a/dsf-fhir/dsf-fhir-rest-adapter/pom.xml +++ b/dsf-fhir/dsf-fhir-rest-adapter/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-fhir-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-fhir/dsf-fhir-server-jetty/pom.xml b/dsf-fhir/dsf-fhir-server-jetty/pom.xml index d012c6ef7..a11bd8e5e 100755 --- a/dsf-fhir/dsf-fhir-server-jetty/pom.xml +++ b/dsf-fhir/dsf-fhir-server-jetty/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-fhir-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-fhir/dsf-fhir-server/pom.xml b/dsf-fhir/dsf-fhir-server/pom.xml index a15e748f3..0c6e138ea 100755 --- a/dsf-fhir/dsf-fhir-server/pom.xml +++ b/dsf-fhir/dsf-fhir-server/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-fhir-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-fhir/dsf-fhir-validation/pom.xml b/dsf-fhir/dsf-fhir-validation/pom.xml index dc0903367..a51f8f83e 100644 --- a/dsf-fhir/dsf-fhir-validation/pom.xml +++ b/dsf-fhir/dsf-fhir-validation/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-fhir-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> @@ -95,7 +95,7 @@ </configuration> <!-- Workaround for exec maven plugin version 3.1.0 issue --> <!-- https://github.com/mojohaus/exec-maven-plugin/issues/247 --> - <!-- <dependencies> <dependency> <groupId>dev.dsf</groupId> <artifactId>dsf-tools-bundle-generator</artifactId> <version>1.0.0-SNAPSHOT</version> </dependency> + <!-- <dependencies> <dependency> <groupId>dev.dsf</groupId> <artifactId>dsf-tools-bundle-generator</artifactId> <version>1.0.0</version> </dependency> </dependencies> --> </plugin> </plugins> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-bpmn-message-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-bpmn-message-1.0.0.xml index 4635f9f52..6acbb868d 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-bpmn-message-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-bpmn-message-1.0.0.xml @@ -11,7 +11,7 @@ <title value="DSF BPMN message values"/> <status value="active"/> <experimental value="false"/> - <date value="2023-05-19"/> + <date value="2023-06-28"/> <publisher value="DSF"/> <description value="CodeSystem with standard BPMN message values for Task resources"/> <caseSensitive value="true"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml index ed92d9318..c3541542d 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-organization-role-1.0.0.xml @@ -11,7 +11,7 @@ <title value="DSF Organization Role"/> <status value="active"/> <experimental value="false"/> - <date value="2022-05-10"/> + <date value="2023-06-28"/> <publisher value="DSF"/> <description value="CodeSystem with DSF organization roles used in OrganizationAffiliation resources"/> <caseSensitive value="true"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-practitioner-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-practitioner-role-1.0.0.xml index 7106dac73..685ae31aa 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-practitioner-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-practitioner-role-1.0.0.xml @@ -11,7 +11,7 @@ <title value="DSF Practitioner Role"/> <status value="active"/> <experimental value="false"/> - <date value="2022-06-19"/> + <date value="2023-06-28"/> <publisher value="DSF"/> <description value="CodeSystem with DSF practitioner roles"/> <caseSensitive value="true"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml index fa416480c..cde875d60 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-process-authorization-1.0.0.xml @@ -11,7 +11,7 @@ <title value="DSF Process Authorization"/> <status value="active"/> <experimental value="false"/> - <date value="2023-06-19"/> + <date value="2023-06-28"/> <publisher value="DSF"/> <description value="CodeSystem with proces authorization codes"/> <caseSensitive value="true"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-1.0.0.xml index a8d54589f..2e678bfdb 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/CodeSystem/dsf-read-access-tag-1.0.0.xml @@ -11,7 +11,7 @@ <title value="DSF Read Access Tag"/> <status value="active"/> <experimental value="false"/> - <date value="2023-05-19"/> + <date value="2023-06-28"/> <publisher value="DSF"/> <description value="CodeSystem with read access tags"/> <caseSensitive value="true"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-endpoint.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-endpoint.xml index 09152d470..d42a38d7f 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-endpoint.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-endpoint.xml @@ -8,7 +8,7 @@ <name value="DsfEndpointIdentifier"/> <status value="active"/> <kind value="identifier"/> - <date value="2023-05-19"/> + <date value="2023-06-28"/> <publisher value="DSF"/> <description value="Shortest DNS that resolves a DSF endpoint, typically the domain name used in endpoint.address"/> <usage value="Used withing the DSF to identify endpoints"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-organization.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-organization.xml index ecb2e80ae..6af3759a4 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-organization.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-organization.xml @@ -8,7 +8,7 @@ <name value="DsfOrganizationIdentifier"/> <status value="active"/> <kind value="identifier"/> - <date value="2023-05-19"/> + <date value="2023-06-28"/> <publisher value="DSF"/> <description value="Shortest DNS that resolves the homepage of the organization, e.g. hs-heilbronn.de, ukhd.de, uksh.de"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-practitioner.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-practitioner.xml index 8caf40686..25b0f5415 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-practitioner.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-practitioner.xml @@ -8,7 +8,7 @@ <name value="DsfPractitionerIdentifier"/> <status value="active"/> <kind value="identifier"/> - <date value="2023-05-19"/> + <date value="2023-06-28"/> <publisher value="DSF"/> <description value="E-mail address identifying a practitioner"/> <usage value="Used withing the DSF to identify practitioners"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-task.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-task.xml index 06755bfb8..b6b187490 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-task.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/NamingSystem/dsf-task.xml @@ -8,7 +8,7 @@ <name value="DsfTaskIdentifier" /> <status value="active" /> <kind value="identifier" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <publisher value="DSF" /> <description value="Name identifying a draft Task resource" /> <usage diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-1.0.0.xml index 0fe57cf42..f58513388 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-activity-definition-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ActivityDefinition" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="resource" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-1.0.0.xml index c5aa59153..1e92e2137 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-code-system-1.0.0.xml @@ -10,7 +10,7 @@ <name value="CodeSystem" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="resource" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-1.0.0.xml index 2ad826f0c..59479b362 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ProcessAuthorizationLocalAll" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-practitioner-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-practitioner-1.0.0.xml index ea7e3ad32..0919f7aa9 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-practitioner-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-all-practitioner-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ProcessAuthorizationLocalAllPractitioner" /> <status value="active" /> <experimental value="false" /> - <date value="2023-06-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-1.0.0.xml index ca664f30b..b3cac7e3f 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ProcessAuthorizationLocalOrganization" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-practitioner-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-practitioner-1.0.0.xml index 96f034b8b..558cb1c5c 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-practitioner-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-organization-practitioner-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ProcessAuthorizationLocalOrganizationPractitioner" /> <status value="active" /> <experimental value="false" /> - <date value="2023-06-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml index 845216ac3..7fd714384 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ProcessAuthorizationLocalParentOrganizationRole" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-practitioner-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-practitioner-1.0.0.xml index 13cd9d52d..e88075a52 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-practitioner-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-local-parent-organization-role-practitioner-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ProcessAuthorizationLocalParentOrganizationRolePractitioner" /> <status value="active" /> <experimental value="false" /> - <date value="2023-06-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-1.0.0.xml index a61d915ea..acc9105f2 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-all-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ProcessAuthorizationRemoteAll" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-1.0.0.xml index 5304b8fc6..7f43c5853 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-organization-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ProcessAuthorizationRemoteOrganization" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml index df5eb5325..d35f0644b 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-coding-process-authorization-remote-parent-organization-role-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ProcessAuthorizationRemoteParentOrganizationRole" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-1.0.0.xml index 701840c90..a2d2a5e59 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-endpoint-1.0.0.xml @@ -10,7 +10,7 @@ <name value="Endpoint" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="resource" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-1.0.0.xml index ab8c72669..c372b7ca8 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-certificate-thumbprint-1.0.0.xml @@ -10,7 +10,7 @@ <name value="CertificateThumbprint" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-1.0.0.xml index 2548abb13..12f2fa21d 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-check-logical-reference-1.0.0.xml @@ -10,7 +10,7 @@ <name value="CheckLogicalReference" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml index 6b8916b56..b5aba411d 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ProcessAuthorization" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-1.0.0.xml index 29a9a2010..90545fdf3 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ProcessAuthorizationOrganization" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-practitioner-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-practitioner-1.0.0.xml index 4cadd9704..f14baf563 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-practitioner-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-organization-practitioner-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ProcessAuthorizationOrganizationPractitioner" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-1.0.0.xml index 2598cd0dc..9bbe4d531 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ProcessAuthorizationParentOrganizatioRole" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-practitioner-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-practitioner-1.0.0.xml index d7d6a479b..b02675eca 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-practitioner-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-parent-organization-role-practitioner-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ProcessAuthorizationParentOrganizatioRolePractitioner" /> <status value="active" /> <experimental value="false" /> - <date value="2023-06-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-practitioner-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-practitioner-1.0.0.xml index c56a5903e..cfbc942b1 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-practitioner-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-process-authorization-practitioner-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ProcessAuthorizationPractitioner" /> <status value="active" /> <experimental value="false" /> - <date value="2023-06-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-1.0.0.xml index 8f28e6fd6..232b1dfc9 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-organization-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ReadAccessOrganization" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-parent-organization-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-parent-organization-role-1.0.0.xml index ebcb141d1..f048e604f 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-parent-organization-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-extension-read-access-parent-organization-role-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ReadAccessParentOrganizationRole" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-1.0.0.xml index 5aadb8e70..372d82581 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-1.0.0.xml @@ -10,7 +10,7 @@ <name value="Organization" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="resource" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-1.0.0.xml index ea5ac2e45..ef1556d7f 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-affiliation-1.0.0.xml @@ -10,7 +10,7 @@ <name value="OrganizationAffiliation" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="resource" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-1.0.0.xml index 82418f1ce..e635aca50 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-parent-1.0.0.xml @@ -10,7 +10,7 @@ <name value="OrganizationParent" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="resource" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-1.0.0.xml index 46beaf872..82c2282f5 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-organization-reference-1.0.0.xml @@ -10,7 +10,7 @@ <name value="OrganizationReference" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="complex-type" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-1.0.0.xml index fd9c8e964..8e0d783f2 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-1.0.0.xml @@ -10,7 +10,7 @@ <name value="Questionnaire"/> <status value="active"/> <experimental value="false"/> - <date value="2023-05-19"/> + <date value="2023-06-28"/> <fhirVersion value="4.0.1"/> <kind value="resource"/> <abstract value="true"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-1.0.0.xml index c7e057639..ab9a78fc9 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-questionnaire-response-1.0.0.xml @@ -10,7 +10,7 @@ <name value="QuestionnaireResponse"/> <status value="active"/> <experimental value="false"/> - <date value="2023-05-19"/> + <date value="2023-06-28"/> <fhirVersion value="4.0.1"/> <kind value="resource"/> <abstract value="true"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-task-base-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-task-base-1.0.0.xml index 703789d43..d22143f6e 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-task-base-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-task-base-1.0.0.xml @@ -10,7 +10,7 @@ <name value="DsfTaskBase" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="resource" /> <abstract value="true" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-1.0.0.xml index ae933d37d..a16408bc5 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/StructureDefinition/dsf-value-set-1.0.0.xml @@ -10,7 +10,7 @@ <name value="ValueSet" /> <status value="active" /> <experimental value="false" /> - <date value="2023-05-19" /> + <date value="2023-06-28" /> <fhirVersion value="4.0.1" /> <kind value="resource" /> <abstract value="false" /> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-bpmn-message-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-bpmn-message-1.0.0.xml index 2c7281801..3acc46b38 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-bpmn-message-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-bpmn-message-1.0.0.xml @@ -11,7 +11,7 @@ <title value="DSF BPMN message values"/> <status value="active"/> <experimental value="false"/> - <date value="2023-05-19"/> + <date value="2023-06-28"/> <publisher value="DSF"/> <description value="ValueSet with standard BPMN message values for Task resources"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml index cd3b41891..8e91c37d5 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-organization-role-1.0.0.xml @@ -11,7 +11,7 @@ <title value="DSF Organization Role"/> <status value="active"/> <experimental value="false"/> - <date value="2023-05-19"/> + <date value="2023-06-28"/> <publisher value="DSF"/> <description value="ValueSet with DSF organization roles used in OrganizationAffiliation resources"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-practitioner-role-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-practitioner-role-1.0.0.xml index 4ea00d564..c7a8f45bc 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-practitioner-role-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-practitioner-role-1.0.0.xml @@ -11,7 +11,7 @@ <title value="DSF Practitioner Role"/> <status value="active"/> <experimental value="false"/> - <date value="2023-06-19"/> + <date value="2023-06-28"/> <publisher value="DSF"/> <description value="ValueSet with DSF practitioner roles used in OrganizationAffiliation resources"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-1.0.0.xml index e533dc468..19c866576 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-recipient-1.0.0.xml @@ -11,7 +11,7 @@ <title value="DSF Process Authorization Recipient"/> <status value="active"/> <experimental value="false"/> - <date value="2023-05-19"/> + <date value="2023-06-28"/> <publisher value="DSF"/> <description value="ValueSet with proces authorization codes for recipients"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-1.0.0.xml index 32f69909c..65937c3ce 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-process-authorization-requester-1.0.0.xml @@ -11,7 +11,7 @@ <title value="DSF Process Authorization Requester"/> <status value="active"/> <experimental value="false"/> - <date value="2023-05-19"/> + <date value="2023-06-28"/> <publisher value="DSF"/> <description value="ValueSet with proces authorization codes for requesters"/> diff --git a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-1.0.0.xml b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-1.0.0.xml index 9304d4d9d..3b7c3f9e8 100644 --- a/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-1.0.0.xml +++ b/dsf-fhir/dsf-fhir-validation/src/main/resources/fhir/ValueSet/dsf-read-access-tag-1.0.0.xml @@ -11,7 +11,7 @@ <title value="DSF Read Access Tag"/> <status value="active"/> <experimental value="false"/> - <date value="2023-05-19"/> + <date value="2023-06-28"/> <publisher value="DSF"/> <description value="ValueSet with read access tags"/> <immutable value="true"/> diff --git a/dsf-fhir/dsf-fhir-webservice-client/pom.xml b/dsf-fhir/dsf-fhir-webservice-client/pom.xml index 3ccf9a12b..1920dae9a 100755 --- a/dsf-fhir/dsf-fhir-webservice-client/pom.xml +++ b/dsf-fhir/dsf-fhir-webservice-client/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-fhir-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-fhir/dsf-fhir-websocket-client/pom.xml b/dsf-fhir/dsf-fhir-websocket-client/pom.xml index a5bbb8bde..5aee3f0ae 100755 --- a/dsf-fhir/dsf-fhir-websocket-client/pom.xml +++ b/dsf-fhir/dsf-fhir-websocket-client/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-fhir-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-fhir/pom.xml b/dsf-fhir/pom.xml index b977f055c..41dff18db 100755 --- a/dsf-fhir/pom.xml +++ b/dsf-fhir/pom.xml @@ -7,7 +7,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <modules> diff --git a/dsf-tools/dsf-tools-build-info-reader/pom.xml b/dsf-tools/dsf-tools-build-info-reader/pom.xml index a24a466a5..38d5d9f93 100644 --- a/dsf-tools/dsf-tools-build-info-reader/pom.xml +++ b/dsf-tools/dsf-tools-build-info-reader/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-tools-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-tools/dsf-tools-bundle-generator/pom.xml b/dsf-tools/dsf-tools-bundle-generator/pom.xml index ae50a3efe..3670876b5 100755 --- a/dsf-tools/dsf-tools-bundle-generator/pom.xml +++ b/dsf-tools/dsf-tools-bundle-generator/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-tools-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-tools/dsf-tools-db-migration/pom.xml b/dsf-tools/dsf-tools-db-migration/pom.xml index ac17ec26d..400f742fe 100755 --- a/dsf-tools/dsf-tools-db-migration/pom.xml +++ b/dsf-tools/dsf-tools-db-migration/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-tools-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-tools/dsf-tools-docker-secrets-reader/pom.xml b/dsf-tools/dsf-tools-docker-secrets-reader/pom.xml index f39ca66d3..511c3e3b1 100644 --- a/dsf-tools/dsf-tools-docker-secrets-reader/pom.xml +++ b/dsf-tools/dsf-tools-docker-secrets-reader/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-tools-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-tools/dsf-tools-documentation-generator/pom.xml b/dsf-tools/dsf-tools-documentation-generator/pom.xml index 45faa1714..01bfb8c08 100644 --- a/dsf-tools/dsf-tools-documentation-generator/pom.xml +++ b/dsf-tools/dsf-tools-documentation-generator/pom.xml @@ -8,7 +8,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-tools-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-tools/dsf-tools-proxy-test/pom.xml b/dsf-tools/dsf-tools-proxy-test/pom.xml index 99af7c621..a12882b09 100755 --- a/dsf-tools/dsf-tools-proxy-test/pom.xml +++ b/dsf-tools/dsf-tools-proxy-test/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-tools-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-tools/dsf-tools-test-data-generator/pom.xml b/dsf-tools/dsf-tools-test-data-generator/pom.xml index ea4a3204f..56683adce 100755 --- a/dsf-tools/dsf-tools-test-data-generator/pom.xml +++ b/dsf-tools/dsf-tools-test-data-generator/pom.xml @@ -6,7 +6,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-tools-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <dependencies> diff --git a/dsf-tools/pom.xml b/dsf-tools/pom.xml index a1e65c0c9..0ce004f08 100755 --- a/dsf-tools/pom.xml +++ b/dsf-tools/pom.xml @@ -7,7 +7,7 @@ <parent> <groupId>dev.dsf</groupId> <artifactId>dsf-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> </parent> <modules> diff --git a/pom.xml b/pom.xml index ae9df052f..b8c98a322 100755 --- a/pom.xml +++ b/pom.xml @@ -3,7 +3,7 @@ <groupId>dev.dsf</groupId> <artifactId>dsf-pom</artifactId> - <version>1.0.0-SNAPSHOT</version> + <version>1.0.0</version> <packaging>pom</packaging> <modules>