001package ca.uhn.fhir.rest.server.interceptor.auth; 002 003/* 004 * #%L 005 * HAPI FHIR - Server Framework 006 * %% 007 * Copyright (C) 2014 - 2023 Smile CDR, Inc. 008 * %% 009 * Licensed under the Apache License, Version 2.0 (the "License"); 010 * you may not use this file except in compliance with the License. 011 * You may obtain a copy of the License at 012 * 013 * http://www.apache.org/licenses/LICENSE-2.0 014 * 015 * Unless required by applicable law or agreed to in writing, software 016 * distributed under the License is distributed on an "AS IS" BASIS, 017 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 018 * See the License for the specific language governing permissions and 019 * limitations under the License. 020 * #L% 021 */ 022 023import ca.uhn.fhir.interceptor.api.Pointcut; 024import ca.uhn.fhir.rest.api.RestOperationTypeEnum; 025import ca.uhn.fhir.rest.api.server.RequestDetails; 026import ca.uhn.fhir.rest.server.interceptor.auth.AuthorizationInterceptor.Verdict; 027import org.hl7.fhir.instance.model.api.IBaseResource; 028import org.hl7.fhir.instance.model.api.IIdType; 029 030import java.util.Set; 031 032public class RuleImplConditional extends BaseRule implements IAuthRule { 033 034 private AppliesTypeEnum myAppliesTo; 035 private Set<String> myAppliesToTypes; 036 private RestOperationTypeEnum myOperationType; 037 038 RuleImplConditional(String theRuleName) { 039 super(theRuleName); 040 } 041 042 @Override 043 public Verdict applyRule(RestOperationTypeEnum theOperation, RequestDetails theRequestDetails, IBaseResource theInputResource, IIdType theInputResourceId, IBaseResource theOutputResource, 044 IRuleApplier theRuleApplier, Set<AuthorizationFlagsEnum> theFlags, Pointcut thePointcut) { 045 assert !(theInputResource != null && theOutputResource != null); 046 047 if (theInputResourceId != null && theInputResourceId.hasIdPart()) { 048 return null; 049 } 050 051 if (theOperation == myOperationType) { 052 if (theRequestDetails.getConditionalUrl(myOperationType) == null) { 053 return null; 054 } 055 if (theInputResource == null) { 056 return null; 057 } 058 059 switch (myAppliesTo) { 060 case ALL_RESOURCES: 061 case INSTANCES: 062 break; 063 case TYPES: 064 if (myOperationType == RestOperationTypeEnum.DELETE) { 065 String resourceName = theRequestDetails.getResourceName(); 066 if (!myAppliesToTypes.contains(resourceName)) { 067 return null; 068 } 069 } else { 070 String inputResourceName = theRequestDetails.getFhirContext().getResourceType(theInputResource); 071 if (!myAppliesToTypes.contains(inputResourceName)) { 072 return null; 073 } 074 } 075 break; 076 } 077 078 return newVerdict(theOperation, theRequestDetails, theInputResource, theInputResourceId, theOutputResource, theRuleApplier); 079 } 080 081 return null; 082 } 083 084 void setAppliesTo(AppliesTypeEnum theAppliesTo) { 085 myAppliesTo = theAppliesTo; 086 } 087 088 void setAppliesToTypes(Set<String> theAppliesToTypes) { 089 myAppliesToTypes = theAppliesToTypes; 090 } 091 092 void setOperationType(RestOperationTypeEnum theOperationType) { 093 myOperationType = theOperationType; 094 } 095 096}