001package ca.uhn.fhir.rest.server.interceptor.validation.fields;
002
003/*-
004 * #%L
005 * HAPI FHIR - Server Framework
006 * %%
007 * Copyright (C) 2014 - 2021 Smile CDR, Inc.
008 * %%
009 * Licensed under the Apache License, Version 2.0 (the "License");
010 * you may not use this file except in compliance with the License.
011 * You may obtain a copy of the License at
012 *
013 *      http://www.apache.org/licenses/LICENSE-2.0
014 *
015 * Unless required by applicable law or agreed to in writing, software
016 * distributed under the License is distributed on an "AS IS" BASIS,
017 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
018 * See the License for the specific language governing permissions and
019 * limitations under the License.
020 * #L%
021 */
022
023import ca.uhn.fhir.context.FhirContext;
024import ca.uhn.fhir.fhirpath.IFhirPath;
025import ca.uhn.fhir.interceptor.api.Hook;
026import ca.uhn.fhir.interceptor.api.Interceptor;
027import ca.uhn.fhir.interceptor.api.Pointcut;
028import ca.uhn.fhir.rest.api.server.RequestDetails;
029import ca.uhn.fhir.rest.server.interceptor.ConfigLoader;
030import ca.uhn.fhir.util.ExtensionUtil;
031import org.hl7.fhir.instance.model.api.IBase;
032import org.hl7.fhir.instance.model.api.IBaseExtension;
033import org.hl7.fhir.instance.model.api.IBaseResource;
034import org.hl7.fhir.instance.model.api.IPrimitiveType;
035import org.slf4j.Logger;
036import org.slf4j.LoggerFactory;
037
038import java.util.List;
039import java.util.Map;
040
041import static ca.uhn.fhir.rest.server.interceptor.validation.fields.IValidator.VALIDATION_EXTENSION_URL;
042
043@Interceptor
044public class FieldValidatingInterceptor {
045
046        public static final String FHIR_PATH_VALUE = "value";
047
048        public enum ValidatorType {
049                EMAIL;
050        }
051
052        private static final Logger ourLog = LoggerFactory.getLogger(FieldValidatingInterceptor.class);
053
054        public static final String VALIDATION_DISABLED_HEADER = "HAPI-Field-Validation-Disabled";
055        public static final String PROPERTY_EXTENSION_URL = "validation.extension.url";
056
057        private Map<String, String> myConfig;
058
059        public FieldValidatingInterceptor() {
060                super();
061
062                ourLog.info("Starting FieldValidatingInterceptor {}", this);
063                myConfig = ConfigLoader.loadJson("classpath:field-validation-rules.json", Map.class);
064        }
065
066        @Hook(Pointcut.STORAGE_PRESTORAGE_RESOURCE_CREATED)
067        public void resourcePreCreate(RequestDetails theRequest, IBaseResource theResource) {
068                ourLog.debug("Validating address on create for resource {} / request {}", theResource, theRequest);
069                handleRequest(theRequest, theResource);
070        }
071
072        @Hook(Pointcut.STORAGE_PRESTORAGE_RESOURCE_UPDATED)
073        public void resourcePreUpdate(RequestDetails theRequest, IBaseResource theOldResource, IBaseResource theNewResource) {
074                ourLog.debug("Validating address on update for resource {} / old resource {} / request {}", theOldResource, theNewResource, theRequest);
075                handleRequest(theRequest, theNewResource);
076        }
077
078        protected void handleRequest(RequestDetails theRequest, IBaseResource theResource) {
079                if (theRequest == null) {
080                        ourLog.debug("RequestDetails is null - unable to validate {}", theResource);
081                        return;
082                }
083
084                if (!theRequest.getHeaders(VALIDATION_DISABLED_HEADER).isEmpty()) {
085                        ourLog.debug("Address validation is disabled for this request via header");
086                        return;
087                }
088
089                FhirContext ctx = theRequest.getFhirContext();
090                IFhirPath fhirPath = ctx.newFhirPath();
091
092                for (Map.Entry<String, String> e : myConfig.entrySet()) {
093                        IValidator validator = getValidator(e.getValue());
094                        if (validator == null) {
095                                continue;
096                        }
097
098                        List<IBase> fields = fhirPath.evaluate(theResource, e.getKey(), IBase.class);
099                        for (IBase field : fields) {
100
101                                List<IPrimitiveType> values = fhirPath.evaluate(field, FHIR_PATH_VALUE, IPrimitiveType.class);
102                                boolean isValid = true;
103                                for (IPrimitiveType value : values) {
104                                        String valueAsString = value.getValueAsString();
105                                        isValid = validator.isValid(valueAsString);
106                                        ourLog.debug("Field {} at path {} validated {}", value, e.getKey(), isValid);
107                                        if (!isValid) {
108                                                break;
109                                        }
110                                }
111                                setValidationStatus(ctx, field, isValid);
112                        }
113                }
114        }
115
116        private void setValidationStatus(FhirContext ctx, IBase theBase, boolean isValid) {
117                ExtensionUtil.clearExtensionsByUrl(theBase, getValidationExtensionUrl());
118                ExtensionUtil.setExtension(ctx, theBase, getValidationExtensionUrl(), "boolean", !isValid);
119        }
120
121        private String getValidationExtensionUrl() {
122                if (myConfig.containsKey(PROPERTY_EXTENSION_URL)) {
123                        return myConfig.get(PROPERTY_EXTENSION_URL);
124                }
125                return VALIDATION_EXTENSION_URL;
126        }
127
128        private IValidator getValidator(String theValue) {
129                if (PROPERTY_EXTENSION_URL.equals(theValue)) {
130                        return null;
131                }
132
133                if (ValidatorType.EMAIL.name().equals(theValue)) {
134                        return new EmailValidator();
135                }
136
137                try {
138                        return (IValidator) Class.forName(theValue).getDeclaredConstructor().newInstance();
139                } catch (Exception e) {
140                        throw new IllegalStateException(String.format("Unable to create validator for %s", theValue), e);
141                }
142        }
143
144        public Map<String, String> getConfig() {
145                return myConfig;
146        }
147
148        public void setConfig(Map<String, String> theConfig) {
149                myConfig = theConfig;
150        }
151}