[http] add: check auth

src/main/java/fhirspark/FhirSpark.java

@@ -40,6 +40,7 @@ public final class FhirSpark {
 
  private static JsonFhirMapper jsonFhirMapper;
  private static JsonHl7v2Mapper jsonHl7v2Mapper;
+ private static Settings settings;
  private static Client client = new Client();
  private static ObjectMapper objectMapper = new ObjectMapper(new JsonFactory());
 
@@ -57,7 +58,7 @@ public static void main(final String[] args) throws Exception {
  settingsYaml = new FileInputStream(args[0]);
  }
  ConfigurationLoader configLoader = new ConfigurationLoader();
- final Settings settings = configLoader.loadConfiguration(settingsYaml, Settings.class);
+ settings = configLoader.loadConfiguration(settingsYaml, Settings.class);
  HgncGeneName.initialize(settings.getHgncPath());
  OncoKbDrug.initalize(settings.getOncokbPath());
  jsonFhirMapper = new JsonFhirMapper(settings);
@@ -90,7 +91,7 @@ public static void main(final String[] args) throws Exception {
  */
  get("/mtb/:patientId/permission", (req, res) -> {
  if (settings.getLoginRequired()
- && (!validateRequest(req, settings) || !validateManipulation(req, settings))) {
+ && (!validateRequest(req) || !validateManipulation(req))) {
  res.status(HttpStatus.FORBIDDEN_403);
  return res;
  }
@@ -102,7 +103,7 @@ public static void main(final String[] args) throws Exception {
  });
 
  get("/mtb/:patientId", (req, res) -> {
- if (settings.getLoginRequired() && !validateRequest(req, settings)) {
+ if (settings.getLoginRequired() && !validateRequest(req)) {
  res.status(HttpStatus.FORBIDDEN_403);
  return res;
  }
@@ -117,7 +118,7 @@ public static void main(final String[] args) throws Exception {
 
  put("/mtb/:patientId", (req, res) -> {
  if (settings.getLoginRequired()
- && (!validateRequest(req, settings) || !validateManipulation(req, settings))) {
+ && (!validateRequest(req) || !validateManipulation(req))) {
  res.status(HttpStatus.FORBIDDEN_403);
  return res;
  }
@@ -138,7 +139,7 @@ public static void main(final String[] args) throws Exception {
 
  delete("/mtb/:patientId", (req, res) -> {
  if (settings.getLoginRequired()
- && (!validateRequest(req, settings) || !validateManipulation(req, settings))) {
+ && (!validateRequest(req) || !validateManipulation(req))) {
  res.status(HttpStatus.FORBIDDEN_403);
  return res;
  }
@@ -213,7 +214,7 @@ public static void main(final String[] args) throws Exception {
  * @param req Incoming Java Spark Request
  * @return Boolean if the session if able to access the data
  */
- private static boolean validateRequest(Request req, Settings settings) {
+ private static boolean validateRequest(Request req) {
  String portalDomain = settings.getPortalUrl();
  String validatePath = "api/studies/" + settings.getMtbStudy() + "/patients/"
  + req.params(":patientId");
@@ -242,7 +243,7 @@ private static boolean validateRequest(Request req, Settings settings) {
  * @param req Incoming Java Spark Request
  * @return Boolean if the session is able to access the data
  */
- private static boolean validateManipulation(Request req, Settings settings) {
+ private static boolean validateManipulation(Request req) {
  String requestedPatientId = req.params(":patientId");
  String mtbStudy = settings.getMtbStudy();
  String userRoles = req.headers("X-USERROLES");

src/main/resources/settings.yaml

@@ -4,12 +4,12 @@ specimenSystem: ${FHIRSPARK_SPECIMENSYSTEM:-https://cbioportal.org/specimen/}
 diagnosticReportSystem: ${FHIRSPARK_DIAGNOSTICREPORTSYSTEM:-https://cbioportal.org/mtb/}
 observationSystem: ${FHIRSPARK_OBSERVATIONSYSTEM:-https://cbioportal.org/therapyrecommendation/}
 patientSystem: ${FHIRSPARK_PATIENTSYSTEM:-https://cbioportal.org/patient/}
-hgncPath: ${FHIRSPARK_HGNCPATH:-hgnc.csv}
-portalUrl: ${FHIRSPARK_PORTALURL:-http://localhost:8080/}
+portalUrl: ${FHIRSPARK_PORTALURL:-http://cbioportal/}
 mtbStudy: ${FHIRSPARK_MTBSTUDY:-MTB}
 loginRequired: ${FHIRSPARK_LOGINREQUIRED:-true}
+hgncPath: ${FHIRSPARK_HGNCPATH:-hgnc.csv}
 oncokbPath: ${FHIRSPARK_ONCOKBPATH:-drugs.json}
 hl7v2config:
- - sendv2: ${FHIRSPARK_SENDHL7V2:-true}
+ - sendv2: ${FHIRSPARK_SENDHL7V2:-false}
  server: ${FHIRSPARK_HL7V2SERVER:-localhost}
  port: ${FHIRSPARK_HL7V2PORT:-1011}