Skip to content

Feature/cdapibug 150 #136

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
samdasari11 wants to merge 5 commits into
base: main
Choose a base branch
from
Open

Feature/cdapibug 150 #136

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
5 commits
Select commit Hold shift + click to select a range
553f5c0
[CDAPI-150]: Added validation ensuring an empty string cannot be prov…
nhsd-jack-wainwright Apr 16, 2026
93599ef
Bruno tests added for the bug fix
samdasari11 Apr 30, 2026
ea888d8
Get Auth Token Script corrected
samdasari11 May 1, 2026
09b6a3f
Bruno tests added for the bug against Integration Envi
samdasari11 May 1, 2026
7a46a09
URL updated for Bruno yesys on Int envi
samdasari11 May 1, 2026
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 0 additions & 9 deletions bruno/APIM/Get_Auth_Token.bru
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -20,15 +20,10 @@ script:pre-request {
const jwt = require("jsonwebtoken");
const fs = require("node:fs");
const crypto = require("node:crypto");
<<<<<<< Updated upstream
const secret = bru.getEnvVar("JWT_SECRET");
const privateKeyPath = bru.getEnvVar("PRIVATE_KEY_PATH");
=======

const secret = bru.getEnvVar("JWT_SECRET");
const privateKeyPath = bru.getEnvVar("PRIVATE_KEY_PATH");

>>>>>>> Stashed changes
if (!secret) {
throw new Error("JWT_SECRET environment variable is missing.");
}
Expand All @@ -38,10 +33,6 @@ script:pre-request {
}

const privateKey = fs.readFileSync(privateKeyPath);
<<<<<<< Updated upstream
=======

>>>>>>> Stashed changes
const payload = {
sub: secret,
iss: secret,
Expand Down
72 changes: 72 additions & 0 deletions bruno/APIM/Test_CDAPI-150_Organization_Identifier_With_Empty_String.bru
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
meta {
name: Test_CDAPI-150_Organization_Identifier_With_Empty_String
type: http
seq: 38
}

post {
url: https://{{APIM_ENV}}.api.service.nhs.uk/pathology-laboratory-reporting-pr-{{PR_NUMBER}}/FHIR/R4/Bundle
body: json
auth: inherit
}

headers {
Content-Type: application/fhir+json
}

body:json {
{
"resourceType": "Bundle",
"type": "document",
"entry": [
{
"fullUrl": "composition",
"resource": {
"resourceType": "Composition",
"extension": [
{
"url": "http://hl7.eu/fhir/StructureDefinition/composition-basedOn-order-or-requisition",
"valueReference": {
"reference": "servicerequest"
}
}
],
"subject": {
"identifier": {
"system": "https://fhir.nhs.uk/Id/nhs-number",
"value": "nhs-test-number"
}
}
}
},
{
"fullUrl": "servicerequest",
"resource": {
"resourceType": "ServiceRequest",
"requester": {
"reference": "practitionerrole"
}
}
},
{
"fullUrl": "practitionerrole",
"resource": {
"resourceType": "PractitionerRole",
"organization": {
"reference": ""
}
}
}
]
}
}

assert {
res.status: eq 400
res.body.issue[0].diagnostics: eq Document must include an Organization resource
}

settings {
encodeUrl: true
timeout: 0
}
72 changes: 72 additions & 0 deletions bruno/APIM/Test_CDAPI-150_Organization_Identifier_With_Empty_String_IntEnvi.bru
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
meta {
name: Test_CDAPI-150_Organization_Identifier_With_Empty_String_IntEnvi
type: http
seq: 48
}

post {
url: https://int.api.service.nhs.uk/pathology-laboratory-reporting/FHIR/R4/Bundle
body: json
auth: inherit
}

headers {
Content-Type: application/fhir+json
}

body:json {
{
"resourceType": "Bundle",
"type": "document",
"entry": [
{
"fullUrl": "composition",
"resource": {
"resourceType": "Composition",
"extension": [
{
"url": "http://hl7.eu/fhir/StructureDefinition/composition-basedOn-order-or-requisition",
"valueReference": {
"reference": "servicerequest"
}
}
],
"subject": {
"identifier": {
"system": "https://fhir.nhs.uk/Id/nhs-number",
"value": "nhs-test-number"
}
}
}
},
{
"fullUrl": "servicerequest",
"resource": {
"resourceType": "ServiceRequest",
"requester": {
"reference": "practitionerrole"
}
}
},
{
"fullUrl": "practitionerrole",
"resource": {
"resourceType": "PractitionerRole",
"organization": {
"reference": ""
}
}
}
]
}
}

assert {
res.status: eq 400
res.body.issue[0].diagnostics: eq Document must include an Organization resource
}

settings {
encodeUrl: true
timeout: 0
}
72 changes: 72 additions & 0 deletions bruno/APIM/Test_CDAPI-150_Subject_Identifier_With_Empty_String.bru
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
meta {
name: Test_CDAPI-150_Subject_Identifier_With_Empty_String
type: http
seq: 37
}

post {
url: https://{{APIM_ENV}}.api.service.nhs.uk/pathology-laboratory-reporting-pr-{{PR_NUMBER}}/FHIR/R4/Bundle
body: json
auth: inherit
}

headers {
Content-Type: application/fhir+json
}

body:json {
{
"resourceType": "Bundle",
"type": "document",
"entry": [
{
"fullUrl": "composition",
"resource": {
"resourceType": "Composition",
"extension": [
{
"url": "http://hl7.eu/fhir/StructureDefinition/composition-basedOn-order-or-requisition",
"valueReference": {
"reference": "servicerequest"
}
}
],
"subject": {
"identifier": {
"system": "https://fhir.nhs.uk/Id/nhs-number",
"value": ""
}
}
}
},
{
"fullUrl": "servicerequest",
"resource": {
"resourceType": "ServiceRequest",
"requester": {
"reference": "practitionerrole"
}
}
},
{
"fullUrl": "practitionerrole",
"resource": {
"resourceType": "PractitionerRole",
"organization": {
"reference": "organization"
}
}
}
]
}
}

assert {
res.status: eq 400
res.body.issue[0].diagnostics: eq Document must include an Organization resource
}

settings {
encodeUrl: true
timeout: 0
}
72 changes: 72 additions & 0 deletions bruno/APIM/Test_CDAPI-150_Subject_Identifier_With_Empty_String_IntEnvi.bru
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,72 @@
meta {
name: Test_CDAPI-150_Subject_Identifier_With_Empty_String_IntEnvi
type: http
seq: 47
}

post {
url: https://int.api.service.nhs.uk/pathology-laboratory-reporting/FHIR/R4/Bundle
body: json
auth: inherit
}

headers {
Content-Type: application/fhir+json
}

body:json {
{
"resourceType": "Bundle",
"type": "document",
"entry": [
{
"fullUrl": "composition",
"resource": {
"resourceType": "Composition",
"extension": [
{
"url": "http://hl7.eu/fhir/StructureDefinition/composition-basedOn-order-or-requisition",
"valueReference": {
"reference": "servicerequest"
}
}
],
"subject": {
"identifier": {
"system": "https://fhir.nhs.uk/Id/nhs-number",
"value": ""
}
}
}
},
{
"fullUrl": "servicerequest",
"resource": {
"resourceType": "ServiceRequest",
"requester": {
"reference": "practitionerrole"
}
}
},
{
"fullUrl": "practitionerrole",
"resource": {
"resourceType": "PractitionerRole",
"organization": {
"reference": "organization"
}
}
}
]
}
}

assert {
res.status: eq 400
res.body.issue[0].diagnostics: eq Document must include an Organization resource
}

settings {
encodeUrl: true
timeout: 0
}
4 changes: 2 additions & 2 deletions pathology-api/src/pathology_api/handler.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -103,7 +103,7 @@ def _fetch_requesting_organisation(
organisation_identifiers = [
identifier
for identifier in requesting_organisation.identifier
if isinstance(identifier, OrganizationIdentifier)
if isinstance(identifier, OrganizationIdentifier) and identifier.value
]

if not organisation_identifiers:
Expand Down Expand Up @@ -141,7 +141,7 @@ def handle_request(bundle: Bundle) -> PdmResponse:
_logger.debug("Requesting organization: %s", requesting_organisation)

subject = composition.subject
if subject is None:
if subject is None or not subject.identifier.value:
raise ValidationError("Composition does not define a valid subject identifier")

pdm_response = post_document(bundle)
Expand Down
41 changes: 40 additions & 1 deletion pathology-api/src/pathology_api/test_handler.py
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -263,10 +263,49 @@ def test_handle_request(
bundle_id=result_bundle.id,
)

def test_handle_request_with_empty_subject(
self, build_valid_test_result: Callable[[str, str], Bundle]
) -> None:
bundle = build_valid_test_result("", "ods_code")

with pytest.raises(
ValidationError,
match="Composition does not define a valid subject identifier",
):
handle_request(bundle)

def test_handle_request_with_empty_ods_code(
self, build_valid_test_result: Callable[[str, str], Bundle]
) -> None:
bundle = build_valid_test_result("nhs_number_1", "")

if (
created_practitioner_role := bundle.get_resource(
url="practitioner_role", t=PractitionerRole
)
) is None:
raise ValueError(
"Test setup error: PractitionerRole resource not found in bundle"
)

if (
expected_organisation_reference := created_practitioner_role.organization
) is None:
raise ValueError(
"Test setup error: PractitionerRole resource does not define an "
"organization reference"
)

with pytest.raises(
ValidationError,
match=rf"Organization \({expected_organisation_reference.reference}\) does "
"not define a supported identifier. Supported system 'https://fhir.nhs.uk/Id/ods-organization-code'",
):
handle_request(bundle)

def test_handle_request_raises_error_when_create_event_fails(
self, build_valid_test_result: Callable[[str, str], Bundle]
) -> None:
# Arrange
bundle = build_valid_test_result("nhs_number_1", "ods_code")

expected_error_message = "Failed to create bundle"
Expand Down
Loading
Loading