001package ca.uhn.fhir.rest.server.interceptor.auth; 002 003/* 004 * #%L 005 * HAPI FHIR - Server Framework 006 * %% 007 * Copyright (C) 2014 - 2022 Smile CDR, Inc. 008 * %% 009 * Licensed under the Apache License, Version 2.0 (the "License"); 010 * you may not use this file except in compliance with the License. 011 * You may obtain a copy of the License at 012 * 013 * http://www.apache.org/licenses/LICENSE-2.0 014 * 015 * Unless required by applicable law or agreed to in writing, software 016 * distributed under the License is distributed on an "AS IS" BASIS, 017 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 018 * See the License for the specific language governing permissions and 019 * limitations under the License. 020 * #L% 021 */ 022 023import ca.uhn.fhir.interceptor.api.Pointcut; 024import ca.uhn.fhir.rest.api.RestOperationTypeEnum; 025import ca.uhn.fhir.rest.api.server.RequestDetails; 026import ca.uhn.fhir.rest.server.interceptor.auth.AuthorizationInterceptor.Verdict; 027import org.hl7.fhir.instance.model.api.IBaseResource; 028import org.hl7.fhir.instance.model.api.IIdType; 029 030import java.util.Set; 031 032public class RuleImplConditional extends BaseRule implements IAuthRule { 033 034 private AppliesTypeEnum myAppliesTo; 035 private Set<String> myAppliesToTypes; 036 private RestOperationTypeEnum myOperationType; 037 038 RuleImplConditional(String theRuleName) { 039 super(theRuleName); 040 } 041 042 @Override 043 public Verdict applyRule(RestOperationTypeEnum theOperation, RequestDetails theRequestDetails, IBaseResource theInputResource, IIdType theInputResourceId, IBaseResource theOutputResource, 044 IRuleApplier theRuleApplier, Set<AuthorizationFlagsEnum> theFlags, Pointcut thePointcut) { 045 assert !(theInputResource != null && theOutputResource != null); 046 047 if (theInputResourceId != null && theInputResourceId.hasIdPart()) { 048 return null; 049 } 050 051 if (theOperation == myOperationType) { 052 if (theRequestDetails.getConditionalUrl(myOperationType) == null) { 053 return null; 054 } 055 056 switch (myAppliesTo) { 057 case ALL_RESOURCES: 058 case INSTANCES: 059 break; 060 case TYPES: 061 if (myOperationType == RestOperationTypeEnum.DELETE) { 062 String resourceName = theRequestDetails.getResourceName(); 063 if (!myAppliesToTypes.contains(resourceName)) { 064 return null; 065 } 066 } else { 067 String inputResourceName = theRequestDetails.getFhirContext().getResourceType(theInputResource); 068 if (theInputResource == null || !myAppliesToTypes.contains(inputResourceName)) { 069 return null; 070 } 071 } 072 break; 073 } 074 075 return newVerdict(theOperation, theRequestDetails, theInputResource, theInputResourceId, theOutputResource); 076 } 077 078 return null; 079 } 080 081 void setAppliesTo(AppliesTypeEnum theAppliesTo) { 082 myAppliesTo = theAppliesTo; 083 } 084 085 void setAppliesToTypes(Set<String> theAppliesToTypes) { 086 myAppliesToTypes = theAppliesToTypes; 087 } 088 089 void setOperationType(RestOperationTypeEnum theOperationType) { 090 myOperationType = theOperationType; 091 } 092 093}