generated from inferno-framework/inferno-template
-
Notifications
You must be signed in to change notification settings - Fork 13
/
Copy pathsingle_patient_api_group.rb
156 lines (134 loc) · 5.91 KB
/
single_patient_api_group.rb
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
# TODO: remove this require with the next US Core test kit release
require 'us_core_test_kit/generator/special_cases'
require_relative 'incorrectly_permitted_tls_versions_messages_setup_test'
module ONCCertificationG10TestKit
class SinglePatientAPIGroup < Inferno::TestGroup
id :g10_single_patient_api
title 'Single Patient API (US Core 3.1.1)'
short_title 'Single Patient API'
description %(
This scenario verifies the ability of a system to provide a 'Single Patient API'
as described in the (g)(10) Standardized API certification criterion.
Prior to running this scenario, systems must recieve a verified access token
from one of the previous SMART App Launch scenarios.
For each of the relevant USCDI data elements provided in the
CapabilityStatement, this scenario executes the [required supported
searches](http://www.hl7.org/fhir/us/core/STU3.1.1/CapabilityStatement-us-core-server.html)
as defined by the US Core Implementation Guide v3.1.1.
The test begins by searching by one or more patients, with the expectation
that the Bearer token provided to the test grants access to all USCDI
resources. It uses results returned from that query to generate other
queries and checks that the results are consistent with the provided
search parameters. It then performs a read on each Resource returned and
validates the response against the relevant
[profile](http://www.hl7.org/fhir/us/core/STU3.1.1/profiles.html) as
currently defined in the US Core Implementation Guide.
All MUST SUPPORT elements must be seen before the test can pass, as well
as Data Absent Reason to demonstrate that the server can properly handle
missing data. Note that Encounter, Organization and Practitioner resources
must be accessible as references in some US Core profiles to satisfy must
support requirements, and those references will be validated to their US
Core profile. These resources will not be tested for FHIR search support.
)
run_as_group
input :url,
title: 'FHIR Endpoint',
description: 'URL of the FHIR endpoint used by SMART applications'
input :patient_id,
title: 'Patient ID from SMART App Launch',
locked: true
input :additional_patient_ids,
title: 'Additional Patient IDs',
description: <<~DESCRIPTION,
Comma separated list of Patient IDs that together with the Patient
ID from the SMART App Launch contain all MUST SUPPORT elements.
DESCRIPTION
optional: true
input :smart_credentials,
title: 'SMART App Launch Credentials',
type: :oauth_credentials,
locked: true
fhir_client do
url :url
oauth_credentials :smart_credentials
end
input_order :url, :patient_id, :additional_patient_ids, :implantable_device_codes, :smart_credentials
config(
options: {
required_resources: [
'Patient',
'AllergyIntolerance',
'CarePlan',
'CareTeam',
'Condition',
'Device',
'DiagnosticReport',
'DocumentReference',
'Goal',
'Immunization',
'MedicationRequest',
'Observation',
'Procedure',
'Encounter',
'Organization',
'Practitioner',
'Provenance'
]
}
)
test do
id :g10_patient_id_setup
title 'Manage patient id list'
input :patient_id, :additional_patient_ids
output :patient_ids
run do
smart_app_launch_patient_id = patient_id.presence
additional_patient_ids_list =
if additional_patient_ids.present?
additional_patient_ids
.split(',')
.map(&:strip)
.map(&:presence)
.compact
else
[]
end
all_patient_ids = ([smart_app_launch_patient_id] + additional_patient_ids_list).compact.uniq
output patient_ids: all_patient_ids.join(',')
end
end
USCoreTestKit::USCoreV311::USCoreTestSuite.groups[1].groups.each do |group|
test_group = group.ancestors[1]
next if test_group.optional?
id = test_group.id
group_config = {}
if test_group.respond_to?(:metadata) &&
test_group.metadata.delayed? &&
!test_group.metadata.searchable_delayed_resource?
test_group.children.reject! { |child| child.include? USCoreTestKit::SearchTest }
group_config[:options] = { read_all_resources: true }
end
group(from: id, exclude_optional: true, config: group_config)
end
groups.first.description %(
The Capability Statement test verifies a FHIR server's ability support the
[capabilities
operation](https://www.hl7.org/fhir/R4/capabilitystatement.html#instance)
to formally describe features supported by the API as a [Capability
Statement](https://www.hl7.org/fhir/R4/capabilitystatement.html) resource.
The capabilities described in the Capability Statement must be consistent with
the required capabilities of a US Core server. This test also expects that
APIs state support for all resources types applicable to USCDI v1, as is
expected by the ONC (g)(10) Standardized API for Patient and Populations
Services certification criterion.
This test sequence accesses the server endpoint at `/metadata` using a
`GET` request. It parses the Capability Statement and verifies that:
* The endpoint is secured by an appropriate cryptographic protocol
* The resource matches the expected FHIR version defined by the tests
* The resource is a valid FHIR resource
* The server claims support for JSON encoding of resources
* The server claims support for all required USCDI resource types
)
test from: :g10_incorrectly_permitted_tls_versions_messages_setup
end
end