From 2c6ce4e6508468c22274a9ebbb2d470c832b9508 Mon Sep 17 00:00:00 2001 From: Gordon Farrell Date: Thu, 5 Dec 2024 09:19:40 -0700 Subject: [PATCH 1/4] fix information expsure through error message --- containers/message-refiner/app/refine.py | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/containers/message-refiner/app/refine.py b/containers/message-refiner/app/refine.py index abbfd9ee9e..17d1f7e045 100644 --- a/containers/message-refiner/app/refine.py +++ b/containers/message-refiner/app/refine.py @@ -1,3 +1,4 @@ +import logging from typing import Dict from typing import List from typing import Optional @@ -5,9 +6,12 @@ from lxml import etree -# read json that contains details for refining and is the base of what drives `refine` from app.utils import read_json_from_assets +log = logging.getLogger(__name__).error + + +# read json that contains details for refining and is the base of what drives `refine` REFINER_DETAILS = read_json_from_assets("refiner_details.json") # extract section LOINC codes from the REFINER_DETAILS dictionary @@ -34,8 +38,9 @@ def validate_message(raw_message: str) -> tuple[bytes | None, str]: validated_message = etree.fromstring(raw_message) return (validated_message, error_message) except etree.XMLSyntaxError as error: - error_message = f"XMLSyntaxError: {error}" - return (None, str(error_message)) + error_message = "Invalid XML format." + log(f"XMLSyntaxError: {error}") + return (None, error_message) def validate_sections_to_include(sections_to_include: str | None) -> tuple[list, str]: @@ -57,7 +62,8 @@ def validate_sections_to_include(sections_to_include: str | None) -> tuple[list, sections = sections_to_include.split(",") for section in sections: if section not in SECTION_LOINCS: - error_message = f"{section} is invalid. Please provide a valid section." + error_message = "Invalid section provided." + log(f"Invalid section: {section}") return (section_loincs, error_message) section_loincs.append(section) From 6a4453e3010b1236a649eee505e6a5f9acee8a0a Mon Sep 17 00:00:00 2001 From: Gordon Farrell Date: Mon, 9 Dec 2024 09:53:26 -0700 Subject: [PATCH 2/4] fix tests --- containers/message-refiner/tests/test_refine.py | 2 +- containers/message-refiner/tests/test_refiner.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/containers/message-refiner/tests/test_refine.py b/containers/message-refiner/tests/test_refine.py index 052f26a31e..9e9f55e7f5 100644 --- a/containers/message-refiner/tests/test_refine.py +++ b/containers/message-refiner/tests/test_refine.py @@ -116,7 +116,7 @@ def normalize_xml(xml_string): # Test case: invalid sections_to_include ( "blah blah blah", - ([], "blah blah blah is invalid. Please provide a valid section."), + ([], "Invalid section provided"), ), ], ) diff --git a/containers/message-refiner/tests/test_refiner.py b/containers/message-refiner/tests/test_refiner.py index 98b6d0fd1d..193ccc7874 100644 --- a/containers/message-refiner/tests/test_refiner.py +++ b/containers/message-refiner/tests/test_refiner.py @@ -128,7 +128,7 @@ def test_ecr_refiner(): assert actual_flattened == expected_flattened # Test case: sections_to_include is invalid - expected_response = "blah blah blah is invalid. Please provide a valid section." + expected_response = "Invalid section provided" content = test_eICR_xml sections_to_include = "blah blah blah" endpoint = f"/ecr/?sections_to_include={sections_to_include}" From 600c4dba013d6a5fda7b7e591452973915fdae4a Mon Sep 17 00:00:00 2001 From: Gordon Farrell Date: Mon, 9 Dec 2024 10:01:00 -0700 Subject: [PATCH 3/4] fix tests --- containers/message-refiner/tests/test_refine.py | 2 +- containers/message-refiner/tests/test_refiner.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/containers/message-refiner/tests/test_refine.py b/containers/message-refiner/tests/test_refine.py index 9e9f55e7f5..2c1eca7d6c 100644 --- a/containers/message-refiner/tests/test_refine.py +++ b/containers/message-refiner/tests/test_refine.py @@ -116,7 +116,7 @@ def normalize_xml(xml_string): # Test case: invalid sections_to_include ( "blah blah blah", - ([], "Invalid section provided"), + ([], "Invalid section provided."), ), ], ) diff --git a/containers/message-refiner/tests/test_refiner.py b/containers/message-refiner/tests/test_refiner.py index 193ccc7874..3508a8a441 100644 --- a/containers/message-refiner/tests/test_refiner.py +++ b/containers/message-refiner/tests/test_refiner.py @@ -128,7 +128,7 @@ def test_ecr_refiner(): assert actual_flattened == expected_flattened # Test case: sections_to_include is invalid - expected_response = "Invalid section provided" + expected_response = "Invalid section provided." content = test_eICR_xml sections_to_include = "blah blah blah" endpoint = f"/ecr/?sections_to_include={sections_to_include}" From 6843cabc238b95a77de24ea24395f2935061b4e4 Mon Sep 17 00:00:00 2001 From: Gordon Farrell Date: Mon, 9 Dec 2024 10:09:14 -0700 Subject: [PATCH 4/4] fix tests --- containers/message-refiner/tests/test_refine.py | 2 +- containers/message-refiner/tests/test_refiner.py | 2 +- 2 files changed, 2 insertions(+), 2 deletions(-) diff --git a/containers/message-refiner/tests/test_refine.py b/containers/message-refiner/tests/test_refine.py index 2c1eca7d6c..a2a48d4fc3 100644 --- a/containers/message-refiner/tests/test_refine.py +++ b/containers/message-refiner/tests/test_refine.py @@ -151,7 +151,7 @@ def test_validate_message(): raw_message = "this is not a valid XML" actual_response, error_message = validate_message(raw_message) assert actual_response is None - assert "XMLSyntaxError" in error_message + assert "Invalid XML format." in error_message def test_generate_combined_xpath(): diff --git a/containers/message-refiner/tests/test_refiner.py b/containers/message-refiner/tests/test_refiner.py index 3508a8a441..7e141cae58 100644 --- a/containers/message-refiner/tests/test_refiner.py +++ b/containers/message-refiner/tests/test_refiner.py @@ -142,7 +142,7 @@ def test_ecr_refiner(): endpoint = "/ecr/" actual_response = client.post(endpoint, content=content) assert actual_response.status_code == 400 - assert "XMLSyntaxError" in actual_response.content.decode() + assert "Invalid XML format." in actual_response.content.decode() @pytest.mark.asyncio