resolve security issue

Akol125 · Akol125 · commit 05530c72ff4c · 2025-10-01T17:52:53.000+01:00
diff --git a/backend/src/fhir_service.py b/backend/src/fhir_service.py
@@ -332,9 +332,6 @@ def search_immunizations(
         Bundles the resources with the relevant patient resource and returns the bundle along with a boolean to state
         whether the supplier requested vaccine types they were not authorised for.
         """
-        # TODO: is disease type a mandatory field? (I assumed it is)
-        #  i.e. Should we provide a search option for getting Patient's entire imms history?
-
         permitted_vacc_types = self.authoriser.filter_permitted_vacc_types(
             supplier_system, ApiOperationCode.SEARCH, set(vaccine_types)
         )
diff --git a/backend/src/parameter_parser.py b/backend/src/parameter_parser.py
@@ -49,7 +49,7 @@ def process_patient_identifier(identifier_params: ParamContainer) -> str:
 
     patient_identifier_parts = patient_identifier.split("|")
     identifier_system = patient_identifier_parts[0]
-    if len(patient_identifier_parts) != 2 or not identifier_system == patient_identifier_system:
+    if len(patient_identifier_parts) != 2 or identifier_system != patient_identifier_system:
         raise ParameterException("patient.identifier must be in the format of "
                       f"\"{patient_identifier_system}|{{NHS number}}\" "
                       f"e.g. \"{patient_identifier_system}|9000000009\"")
