Skip to content

Commit

Permalink
adding unsafe selective sync endpoint for testing purposes.
Browse files Browse the repository at this point in the history
  • Loading branch information
AnalogJ committed Oct 18, 2023
1 parent 145eea6 commit 6f4067d
Show file tree
Hide file tree
Showing 2 changed files with 78 additions and 0 deletions.
77 changes: 77 additions & 0 deletions backend/pkg/web/handler/unsafe.go
Original file line number Diff line number Diff line change
Expand Up @@ -105,3 +105,80 @@ func UnsafeResourceGraph(c *gin.Context) {

GetResourceFhirGraph(c)
}

func UnsafeSyncResourceNames(c *gin.Context) {
logger := c.MustGet(pkg.ContextKeyTypeLogger).(*logrus.Entry)
appConfig := c.MustGet(pkg.ContextKeyTypeConfig).(config.Interface)
databaseRepo := c.MustGet(pkg.ContextKeyTypeDatabase).(database.DatabaseRepository)

//safety check incase this function is called in another way
if !appConfig.GetBool("web.allow_unsafe_endpoints") {
c.JSON(http.StatusServiceUnavailable, gin.H{"success": false})
return
}

//verify that c.QueryArray("resourceNames") is not empty
if len(c.QueryArray("resourceNames")) == 0 {
c.JSON(http.StatusBadRequest, gin.H{"success": false, "error": "resourceNames query parameter is required"})
return
}

//!!!!!!INSECURE!!!!!!S
//We're setting the username to a user provided value, this is insecure, but required for calling databaseRepo fns
c.Set(pkg.ContextKeyTypeAuthUsername, c.Param("username"))

foundSource, err := databaseRepo.GetSource(c, c.Param("sourceId"))
if err != nil {
logger.Errorf("An error occurred while finding source credential: %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"success": false, "error": err.Error()})
return
}

if foundSource == nil {
logger.Errorf("Did not source credentials for %s", c.Param("sourceType"))
c.JSON(http.StatusNotFound, gin.H{"success": false, "error": err.Error()})
return
}

client, err := factory.GetSourceClient(sourcePkg.GetFastenLighthouseEnv(), foundSource.SourceType, c, logger, foundSource)
if err != nil {
logger.Errorf("Could not initialize source client %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"success": false, "error": err.Error()})
return
}

parsedUrl, err := url.Parse(strings.TrimSuffix(c.Param("path"), "/"))
if err != nil {
logger.Errorf("Error parsing request, %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"success": false, "error": err.Error()})
return
}
//make sure we include all query string parameters with the raw request.
parsedUrl.RawQuery = c.Request.URL.Query().Encode()

//make sure we store the source credential information in the database, even if the request fails
defer func() {
//update source incase the access token/refresh token has been updated
sourceCredential := client.GetSourceCredential()
sourceCredentialConcrete, ok := sourceCredential.(*models.SourceCredential)
if !ok {
logger.Errorln("An error occurred while updating source credential, source credential is not of type *models.SourceCredential")
return
}
err = databaseRepo.UpdateSource(c, sourceCredentialConcrete)
if err != nil {
logger.Errorf("An error occurred while updating source credential: %v", err)
return
}
logger.Info("Successfully updated source credential")
}()

upsertSummary, err := client.SyncAllByResourceName(databaseRepo, c.QueryArray("resourceNames"))
if err != nil {
logger.Errorf("Error making raw request, %v", err)
c.JSON(http.StatusInternalServerError, gin.H{"success": false, "error": err.Error(), "data": upsertSummary})
return
}

c.JSON(http.StatusOK, gin.H{"success": true, "data": upsertSummary})
}
1 change: 1 addition & 0 deletions backend/pkg/web/server.go
Original file line number Diff line number Diff line change
Expand Up @@ -112,6 +112,7 @@ func (ae *AppEngine) Setup() (*gin.RouterGroup, *gin.Engine) {
//http://localhost:9090/api/unsafe/testuser1/3508f8cf-6eb9-4e4b-8174-dd69a493a2b4/Patient/smart-1288992
unsafe.GET("/:username/:sourceId/*path", handler.UnsafeRequestSource)
unsafe.GET("/:username/graph/:graphType", handler.UnsafeResourceGraph)
unsafe.GET("/:username/sync/:sourceId", handler.UnsafeSyncResourceNames)

}
}
Expand Down

0 comments on commit 6f4067d

Please # to comment.