001package ca.uhn.fhir.rest.server.interceptor.auth; 002 003/*- 004 * #%L 005 * HAPI FHIR - Server Framework 006 * %% 007 * Copyright (C) 2014 - 2019 University Health Network 008 * %% 009 * Licensed under the Apache License, Version 2.0 (the "License"); 010 * you may not use this file except in compliance with the License. 011 * You may obtain a copy of the License at 012 * 013 * http://www.apache.org/licenses/LICENSE-2.0 014 * 015 * Unless required by applicable law or agreed to in writing, software 016 * distributed under the License is distributed on an "AS IS" BASIS, 017 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 018 * See the License for the specific language governing permissions and 019 * limitations under the License. 020 * #L% 021 */ 022 023import ca.uhn.fhir.rest.api.server.RequestDetails; 024import org.apache.commons.lang3.Validate; 025 026import java.util.ArrayList; 027import java.util.List; 028 029/** 030 * Return type for {@link SearchNarrowingInterceptor#buildAuthorizedList(RequestDetails)} 031 */ 032public class AuthorizedList { 033 034 private List<String> myAllowedCompartments; 035 private List<String> myAllowedInstances; 036 037 List<String> getAllowedCompartments() { 038 return myAllowedCompartments; 039 } 040 041 List<String> getAllowedInstances() { 042 return myAllowedInstances; 043 } 044 045 /** 046 * Adds a compartment that the user should be allowed to access 047 * 048 * @param theCompartment The compartment name, e.g. "Patient/123" (in this example the user would be allowed to access Patient/123 as well as Observations where Observation.subject="Patient/123"m, etc. 049 * @return Returns <code>this</code> for easy method chaining 050 */ 051 public AuthorizedList addCompartment(String theCompartment) { 052 Validate.notNull(theCompartment, "theCompartment must not be null"); 053 if (myAllowedCompartments == null) { 054 myAllowedCompartments = new ArrayList<>(); 055 } 056 myAllowedCompartments.add(theCompartment); 057 058 return this; 059 } 060 061 /** 062 * Adds a compartment that the user should be allowed to access 063 * 064 * @param theCompartments The compartment names, e.g. "Patient/123" (in this example the user would be allowed to access Patient/123 as well as Observations where Observation.subject="Patient/123"m, etc. 065 * @return Returns <code>this</code> for easy method chaining 066 */ 067 public AuthorizedList addCompartments(String... theCompartments) { 068 Validate.notNull(theCompartments, "theCompartments must not be null"); 069 for (String next : theCompartments) { 070 addCompartment(next); 071 } 072 return this; 073 } 074 075 /** 076 * Adds a resource that the user should be allowed to access 077 * 078 * @param theResource The resource name, e.g. "Patient/123" (in this example the user would be allowed to access Patient/123 but not Observations where Observation.subject="Patient/123"m, etc. 079 * @return Returns <code>this</code> for easy method chaining 080 */ 081 public AuthorizedList addResource(String theResource) { 082 Validate.notNull(theResource, "theResource must not be null"); 083 if (myAllowedInstances == null) { 084 myAllowedInstances = new ArrayList<>(); 085 } 086 myAllowedInstances.add(theResource); 087 088 return this; 089 } 090 091 /** 092 * Adds a resource that the user should be allowed to access 093 * 094 * @param theResources The resource names, e.g. "Patient/123" (in this example the user would be allowed to access Patient/123 but not Observations where Observation.subject="Patient/123"m, etc. 095 * @return Returns <code>this</code> for easy method chaining 096 */ 097 public AuthorizedList addResources(String... theResources) { 098 Validate.notNull(theResources, "theResources must not be null"); 099 for (String next : theResources) { 100 addResource(next); 101 } 102 return this; 103 } 104}