NRL-2015 Reject v2 requests if they don't have permission to interact with the endpoint being called

Author: anjalitrace2-nhs

api/consumer/readDocumentReference/tests/test_read_document_reference_consumer.py

@@ -4,7 +4,7 @@
 from moto import mock_aws
 
 from api.consumer.readDocumentReference.read_document_reference import handler
-from nrlf.core.constants import CLIENT_RP_DETAILS, V2Headers
+from nrlf.core.constants import CLIENT_RP_DETAILS, ConsumerApiInteractions, V2Headers
 from nrlf.core.dynamodb.repository import DocumentPointer, DocumentPointerRepository
 from nrlf.tests.data import load_document_reference
 from nrlf.tests.dynamodb import mock_repository
@@ -15,6 +15,10 @@
     default_response_headers,
 )
 
+create_mock_context_default_args = {
+    "function_name": "nhsd-nrlf--qa-sandbox-2--api--producer--readDocumentReference"
+}
+
 
 @mock_aws
 @mock_repository
@@ -63,6 +67,7 @@ def test_read_document_reference_happy_path_v2(
 
     get_pointer_permissions_mock.return_value = {
         "access_controls": [],
+        "interactions": [ConsumerApiInteractions.READ_DOCUMENT_REFERENCE.value],
         "types": ["http://snomed.info/sct|736253002"],
     }
 
@@ -71,7 +76,7 @@ def test_read_document_reference_happy_path_v2(
         path_parameters={"id": doc_pointer.id},
     )
 
-    result = handler(event, create_mock_context())
+    result = handler(event, create_mock_context(**create_mock_context_default_args))
     body = result.pop("body")
 
     assert result == {
@@ -222,6 +227,7 @@ def test_read_document_reference_unauthorised_for_type_v2(
 
     get_pointer_permissions_mock.return_value = {
         "access_controls": [],
+        "interactions": [ConsumerApiInteractions.READ_DOCUMENT_REFERENCE.value],
         "types": ["http://snomed.info/sct|736373009"],
     }
 
@@ -230,7 +236,7 @@ def test_read_document_reference_unauthorised_for_type_v2(
         path_parameters={"id": doc_pointer.id},
     )
 
-    result = handler(event, create_mock_context())
+    result = handler(event, create_mock_context(**create_mock_context_default_args))
     body = result.pop("body")
 
     assert result == {

api/consumer/searchDocumentReference/tests/test_search_document_reference_consumer.py

@@ -10,6 +10,7 @@
     CLIENT_RP_DETAILS,
     TYPE_ATTRIBUTES,
     Categories,
+    ConsumerApiInteractions,
     PointerTypes,
     V2Headers,
 )
@@ -23,6 +24,10 @@
     default_response_headers,
 )
 
+create_mock_context_default_args = {
+    "function_name": "nhsd-nrlf--perftest-2--api--consumer--searchDocumentReference"
+}
+
 
 @mock_aws
 @mock_repository
@@ -85,6 +90,7 @@ def test_search_document_reference_happy_path_v2(
 
     get_pointer_permissions_mock.return_value = {
         "access_controls": [],
+        "interactions": [ConsumerApiInteractions.SEARCH_DOCUMENT_REFERENCE.value],
         "types": ["http://snomed.info/sct|736253002"],
     }
 
@@ -95,7 +101,7 @@ def test_search_document_reference_happy_path_v2(
         },
     )
 
-    result = handler(event, create_mock_context())
+    result = handler(event, create_mock_context(**create_mock_context_default_args))
     body = result.pop("body")
 
     assert result == {
@@ -752,6 +758,7 @@ def test_search_document_reference_invalid_type_v2(
 
     get_pointer_permissions_mock.return_value = {
         "access_controls": [],
+        "interactions": ConsumerApiInteractions.list(),
         "types": ["http://snomed.info/sct|736253002"],
     }
 
@@ -763,7 +770,7 @@ def test_search_document_reference_invalid_type_v2(
         },
     )
 
-    result = handler(event, create_mock_context())
+    result = handler(event, create_mock_context(**create_mock_context_default_args))
     body = result.pop("body")
 
     assert result == {

api/consumer/searchPostDocumentReference/tests/test_search_post_document_reference_consumer.py

@@ -11,6 +11,7 @@
     CLIENT_RP_DETAILS,
     TYPE_ATTRIBUTES,
     Categories,
+    ConsumerApiInteractions,
     PointerTypes,
     V2Headers,
 )
@@ -24,6 +25,10 @@
     default_response_headers,
 )
 
+create_mock_context_default_args = {
+    "function_name": "nhsd-nrlf--qa-2--api--producer--searchPostDocumentReference"
+}
+
 
 @mock_aws
 @mock_repository
@@ -88,6 +93,7 @@ def test_search_post_document_reference_happy_path_v2(
 
     get_pointer_permissions_mock.return_value = {
         "access_controls": [],
+        "interactions": [ConsumerApiInteractions.SEARCH_POST_DOCUMENT_REFERENCE.value],
         "types": ["http://snomed.info/sct|736253002"],
     }
 
@@ -100,7 +106,7 @@ def test_search_post_document_reference_happy_path_v2(
         ),
     )
 
-    result = handler(event, create_mock_context())
+    result = handler(event, create_mock_context(**create_mock_context_default_args))
     body = result.pop("body")
 
     assert result == {
@@ -510,6 +516,7 @@ def test_search_post_document_reference_invalid_type_v2(
 
     get_pointer_permissions_mock.return_value = {
         "access_controls": [],
+        "interactions": ConsumerApiInteractions.list(),
         "types": ["http://snomed.info/sct|736253002"],
     }
 
@@ -523,7 +530,7 @@ def test_search_post_document_reference_invalid_type_v2(
         ),
     )
 
-    result = handler(event, create_mock_context())
+    result = handler(event, create_mock_context(**create_mock_context_default_args))
     body = result.pop("body")
 
     assert result == {

api/producer/createDocumentReference/tests/test_create_document_reference.py

@@ -14,6 +14,7 @@
     CLIENT_RP_DETAILS,
     SNOMED_SYSTEM_URL,
     AccessControls,
+    ProducerApiInteractions,
     V2Headers,
 )
 from nrlf.core.dynamodb.repository import DocumentPointer, DocumentPointerRepository
@@ -32,6 +33,10 @@
     default_response_headers,
 )
 
+create_mock_context_default_args = {
+    "function_name": "nhsd-nrlf--01ba47--api--producer--createDocumentReference"
+}
+
 
 @mock_aws
 @mock_repository
@@ -757,6 +762,7 @@ def test_create_document_reference_happy_path_v2(
 
     get_pointer_permissions_mock.return_value = {
         "access_controls": [],
+        "interactions": [ProducerApiInteractions.CREATE_DOCUMENT_REFERENCE.value],
         "types": ["http://snomed.info/sct|736253002"],
     }
 
@@ -765,7 +771,7 @@ def test_create_document_reference_happy_path_v2(
         body=doc_ref_data,
     )
 
-    result = handler(event, create_mock_context())
+    result = handler(event, create_mock_context(**create_mock_context_default_args))
     body = result.pop("body")
 
     assert result == {
@@ -818,6 +824,7 @@ def test_create_document_reference_pointer_type_not_allowed_v2(
     # Return a type that does not match the document's type
     get_pointer_permissions_mock.return_value = {
         "access_controls": [],
+        "interactions": [ProducerApiInteractions.CREATE_DOCUMENT_REFERENCE.value],
         "types": ["http://snomed.info/sct|736373009"],
     }
 
@@ -826,7 +833,7 @@ def test_create_document_reference_pointer_type_not_allowed_v2(
         body=doc_ref.model_dump_json(exclude_none=True),
     )
 
-    result = handler(event, create_mock_context())
+    result = handler(event, create_mock_context(**create_mock_context_default_args))
     body = result.pop("body")
 
     assert result == {
@@ -1571,6 +1578,7 @@ def test_supersede_non_existent_pointer_succeeds_with_v2_access_control(
 
     get_pointer_permissions_mock.return_value = {
         "access_controls": [AccessControls.ALLOW_SUPERSEDE_WITH_DELETE_FAILURE.value],
+        "interactions": [ProducerApiInteractions.CREATE_DOCUMENT_REFERENCE.value],
         "types": ["http://snomed.info/sct|736253002"],
     }
 
@@ -1579,7 +1587,7 @@ def test_supersede_non_existent_pointer_succeeds_with_v2_access_control(
         body=doc_ref.model_dump_json(exclude_none=True),
     )
 
-    result = handler(event, create_mock_context())
+    result = handler(event, create_mock_context(**create_mock_context_default_args))
     body = result.pop("body")
 
     assert result == {
@@ -1640,6 +1648,7 @@ def test_supersede_fails_without_v2_access_control(
 
     get_pointer_permissions_mock.return_value = {
         "access_controls": [],
+        "interactions": [ProducerApiInteractions.CREATE_DOCUMENT_REFERENCE.value],
         "types": ["http://snomed.info/sct|736253002"],
     }
 
@@ -1648,7 +1657,7 @@ def test_supersede_fails_without_v2_access_control(
         body=doc_ref.model_dump_json(exclude_none=True),
     )
 
-    result = handler(event, create_mock_context())
+    result = handler(event, create_mock_context(**create_mock_context_default_args))
     body = result.pop("body")
 
     assert result == {

api/producer/searchDocumentReference/tests/test_search_document_reference_producer.py

@@ -10,6 +10,7 @@
     TYPE_ATTRIBUTES,
     Categories,
     PointerTypes,
+    ProducerApiInteractions,
     V2Headers,
 )
 from nrlf.core.dynamodb.repository import DocumentPointer, DocumentPointerRepository
@@ -22,6 +23,10 @@
     default_response_headers,
 )
 
+create_mock_context_default_args = {
+    "function_name": "nhsd-nrlf--qa-2--api--consumer--searchDocumentReference"
+}
+
 
 @mock_aws
 @mock_repository
@@ -78,6 +83,7 @@ def test_search_document_reference_happy_path_v2(
 
     get_pointer_permissions_mock.return_value = {
         "access_controls": [],
+        "interactions": [ProducerApiInteractions.SEARCH_DOCUMENT_REFERENCE.value],
         "types": ["http://snomed.info/sct|736253002"],
     }
 
@@ -88,7 +94,7 @@ def test_search_document_reference_happy_path_v2(
         },
     )
 
-    result = handler(event, create_mock_context())
+    result = handler(event, create_mock_context(**create_mock_context_default_args))
     body = result.pop("body")
 
     assert result == {
@@ -543,6 +549,7 @@ def test_search_document_reference_filters_by_pointer_types_v2(
 
     get_pointer_permissions_mock.return_value = {
         "access_controls": [],
+        "interactions": ProducerApiInteractions.list(),
         "types": ["http://snomed.info/sct|736253002"],
     }
 
@@ -553,7 +560,7 @@ def test_search_document_reference_filters_by_pointer_types_v2(
         },
     )
 
-    result = handler(event, create_mock_context())
+    result = handler(event, create_mock_context(**create_mock_context_default_args))
     body = result.pop("body")
 
     assert result == {

api/producer/searchPostDocumentReference/tests/test_search_post_document_reference_producer.py

@@ -12,6 +12,7 @@
     TYPE_ATTRIBUTES,
     Categories,
     PointerTypes,
+    ProducerApiInteractions,
     V2Headers,
 )
 from nrlf.core.dynamodb.repository import DocumentPointer, DocumentPointerRepository
@@ -24,6 +25,10 @@
     default_response_headers,
 )
 
+create_mock_context_default_args = {
+    "function_name": "nhsd-nrlf--ref-2--api--producer--searchPostDocumentReference"
+}
+
 
 @mock_aws
 @mock_repository
@@ -82,6 +87,7 @@ def test_search_post_document_reference_happy_path_v2(
 
     get_pointer_permissions_mock.return_value = {
         "access_controls": [],
+        "interactions": [ProducerApiInteractions.SEARCH_POST_DOCUMENT_REFERENCE.value],
         "types": ["http://snomed.info/sct|736253002"],
     }
 
@@ -94,7 +100,7 @@ def test_search_post_document_reference_happy_path_v2(
         ),
     )
 
-    result = handler(event, create_mock_context())
+    result = handler(event, create_mock_context(**create_mock_context_default_args))
     body = result.pop("body")
 
     assert result == {
@@ -562,6 +568,7 @@ def test_search_post_document_reference_filters_by_pointer_types_v2(
 
     get_pointer_permissions_mock.return_value = {
         "access_controls": [],
+        "interactions": ProducerApiInteractions.list(),
         "types": ["http://snomed.info/sct|736253002"],
     }
 
@@ -574,7 +581,7 @@ def test_search_post_document_reference_filters_by_pointer_types_v2(
         ),
     )
 
-    result = handler(event, create_mock_context())
+    result = handler(event, create_mock_context(**create_mock_context_default_args))
     body = result.pop("body")
 
     assert result == {