record-processor

Author: Akol125

recordprocessor/poetry.lock

@@ -7,7 +7,7 @@ readme      = "README.md"
 packages    = [{include = "src"}]
 
 [tool.poetry.dependencies]
-python                  = "~3.10"
+python                  = "~3.11"
 "fhir.resources"        = "~7.0.2"
 boto3                   = "~1.38.42"
 boto3-stubs-lite        = {extras = ["dynamodb"], version = "~1.38.42"}

recordprocessor/pyproject.toml

@@ -1,6 +1,7 @@
 """Constants for recordprocessor"""
 
 import os
+from enum import Enum, auto
 
 SOURCE_BUCKET_NAME = os.getenv("SOURCE_BUCKET_NAME")
 ACK_BUCKET_NAME = os.getenv("ACK_BUCKET_NAME")
@@ -84,3 +85,15 @@ class Urls:
     NHS_NUMBER = "https://fhir.nhs.uk/Id/nhs-number"
     NULL_FLAVOUR_CODES = "http://terminology.hl7.org/CodeSystem/v3-NullFlavor"
     VACCINATION_PROCEDURE = "https://fhir.hl7.org.uk/StructureDefinition/Extension-UKCore-VaccinationProcedure"
+
+class Permission(Enum):
+    CREATE = "C"
+    UPDATE = "U"
+    DELETE = "D"
+
+
+
+class ActionFlag(Enum):
+    NEW = Permission.CREATE
+    UPDATE = Permission.UPDATE
+    DELETE = Permission.DELETE

recordprocessor/src/constants.py

@@ -10,7 +10,7 @@
 from errors import InvalidHeaders, NoOperationPermissions
 from logging_decorator import file_level_validation_logging_decorator
 from audit_table import change_audit_table_status_to_processed, get_next_queued_file_details
-from constants import SOURCE_BUCKET_NAME, EXPECTED_CSV_HEADERS
+from constants import SOURCE_BUCKET_NAME, EXPECTED_CSV_HEADERS, Permission, ActionFlag
 
 
 def validate_content_headers(csv_content_reader) -> None:
@@ -27,29 +27,50 @@ def validate_action_flag_permissions(
     vaccine type and returns the set of allowed operations for that vaccine type.
     Raises a NoPermissionsError if the supplier does not have permission to perform any of the requested operations.
     """
-    # If the supplier has full permissions for the vaccine type, return a permission list containing full permissions
-    if f"{vaccine_type}_FULL" in allowed_permissions_list:
-        return {"CREATE", "UPDATE", "DELETE"}
 
     # Get unique ACTION_FLAG values from the S3 file
     operations_requested = get_unique_action_flags_from_s3(csv_data)
 
-    # Convert action flags into the expected operation names
-    requested_permissions_set = {
-        f"{vaccine_type}_{'CREATE' if action == 'NEW' else action}" for action in operations_requested
-    }
-
-    # Check if any of the CSV permissions match the allowed permissions
-    if not requested_permissions_set.intersection(allowed_permissions_list):
+    # Map ACTION_FLAGs to single-letter permissions
+    requested_permissions = {ActionFlag[flag].value.value for flag in operations_requested if flag in ActionFlag.__members__}
+    
+    if not requested_permissions:
+        logger.warning("No valid ACTION_FLAGs found in file. Skipping permission validation.")
+        return set()
+
+
+    # Get allowed permission in single letters from allowed_permissions_list
+    allowed_ops = set()
+    for perm in allowed_permissions_list:
+        if perm.startswith(f"{vaccine_type}."):
+            allowed_ops.update(perm.split(".")[1])
+
+    allowed_ops = set()
+    for perm in allowed_permissions_list:
+        if not perm.startswith(f"{vaccine_type}."):
+            continue
+
+        _, op_code = perm.split(".")
+        if op_code == "CRUD":
+            allowed_ops.update({"C", "R", "U", "D"})
+        elif op_code == "CRUDS":
+            allowed_ops.update({"C", "R", "U", "D", "S"})
+        else:
+            allowed_ops.add(op_code)
+    
+    if not requested_permissions.intersection(allowed_ops):
         raise NoOperationPermissions(f"{supplier} does not have permissions to perform any of the requested actions.")
 
+
     logger.info(
         "%s permissions %s match one of the requested permissions required to %s",
         supplier,
         allowed_permissions_list,
-        requested_permissions_set,
+        requested_permissions,
     )
-    return {perm.split("_")[1].upper() for perm in allowed_permissions_list if perm.startswith(vaccine_type)}
+
+    # Return allowed ops in full-word format for downstream logic
+    return {perm.name for perm in Permission if perm.value in allowed_ops }
 
 
 def move_file(bucket_name: str, source_file_key: str, destination_file_key: str) -> None:

recordprocessor/src/file_level_validation.py

@@ -62,27 +62,27 @@ def test_validate_action_flag_permissions(self):
         # Test case tuples are stuctured as (vaccine_type, vaccine_permissions, file_content, expected_output)
         test_cases = [
             # FLU, full permissions, lowercase action flags
-            ("FLU", ["FLU_FULL"], valid_content_new_and_update_lowercase, {"CREATE", "UPDATE", "DELETE"}),
+            ("FLU", ["FLU.CRUD"], valid_content_new_and_update_lowercase, {"CREATE", "UPDATE", "DELETE"}),
             # FLU, partial permissions, uppercase action flags
-            ("FLU", ["FLU_CREATE"], valid_content_new_and_update_uppercase, {"CREATE"}),
+            ("FLU", ["FLU.C"], valid_content_new_and_update_uppercase, {"CREATE"}),
             # FLU, full permissions, mixed case action flags
-            ("FLU", ["FLU_FULL"], valid_content_new_and_update_mixedcase, {"CREATE", "UPDATE", "DELETE"}),
+            ("FLU", ["FLU.CRUD"], valid_content_new_and_update_mixedcase, {"CREATE", "UPDATE", "DELETE"}),
             # FLU, partial permissions (create)
-            ("FLU", ["FLU_DELETE", "FLU_CREATE"], valid_content_new_and_update_lowercase, {"CREATE", "DELETE"}),
+            ("FLU", ["FLU.D", "FLU.C"], valid_content_new_and_update_lowercase, {"CREATE", "DELETE"}),
             # FLU, partial permissions (update)
-            ("FLU", ["FLU_UPDATE"], valid_content_new_and_update_lowercase, {"UPDATE"}),
+            ("FLU", ["FLU.U"], valid_content_new_and_update_lowercase, {"UPDATE"}),
             # FLU, partial permissions (delete)
-            ("FLU", ["FLU_DELETE"], valid_content_new_and_delete_lowercase, {"DELETE"}),
+            ("FLU", ["FLU.D"], valid_content_new_and_delete_lowercase, {"DELETE"}),
             # COVID19, full permissions
-            ("COVID19", ["COVID19_FULL"], valid_content_new_and_delete_lowercase, {"CREATE", "UPDATE", "DELETE"}),
+            ("COVID19", ["COVID19.CRUD"], valid_content_new_and_delete_lowercase, {"CREATE", "UPDATE", "DELETE"}),
             # COVID19, partial permissions
-            ("COVID19", ["COVID19_UPDATE"], valid_content_update_and_delete_lowercase, {"UPDATE"}),
+            ("COVID19", ["COVID19.U"], valid_content_update_and_delete_lowercase, {"UPDATE"}),
             # RSV, full permissions
-            ("RSV", ["RSV_FULL"], valid_content_new_and_delete_lowercase, {"CREATE", "UPDATE", "DELETE"}),
+            ("RSV", ["RSV.CRUD"], valid_content_new_and_delete_lowercase, {"CREATE", "UPDATE", "DELETE"}),
             # RSV, partial permissions
-            ("RSV", ["RSV_UPDATE"], valid_content_update_and_delete_lowercase, {"UPDATE"}),
+            ("RSV", ["RSV.U"], valid_content_update_and_delete_lowercase, {"UPDATE"}),
             # RSV, full permissions, mixed case action flags
-            ("RSV", ["RSV_FULL"], valid_content_new_and_update_mixedcase, {"CREATE", "UPDATE", "DELETE"}),
+            ("RSV", ["RSV.CRUD"], valid_content_new_and_update_mixedcase, {"CREATE", "UPDATE", "DELETE"}),
         ]
 
         for vaccine_type, vaccine_permissions, file_content, expected_output in test_cases:
@@ -96,11 +96,11 @@ def test_validate_action_flag_permissions(self):
         # Test case tuples are stuctured as (vaccine_type, vaccine_permissions, file_content)
         test_cases = [
             # FLU, no permissions
-            ("FLU", ["FLU_UPDATE", "COVID19_FULL"], valid_content_new_and_delete_lowercase),
+            ("FLU", ["FLU.U", "COVID19.CRUDS"], valid_content_new_and_delete_lowercase),
             # COVID19, no permissions
-            ("COVID19", ["FLU_CREATE", "FLU_UPDATE"], valid_content_update_and_delete_lowercase),
+            ("COVID19", ["FLU.C", "FLU.U"], valid_content_update_and_delete_lowercase),
             # RSV, no permissions
-            ("RSV", ["FLU_CREATE", "FLU_UPDATE"], valid_content_update_and_delete_lowercase),
+            ("RSV", ["FLU.C", "FLU.U"], valid_content_update_and_delete_lowercase),
         ]
 
         for vaccine_type, vaccine_permissions, file_content in test_cases:

recordprocessor/tests/test_file_level_validation.py

@@ -91,6 +91,9 @@ def make_inf_ack_assertions(self, file_details: FileDetails, passed_validation:
             "created_at_formatted_string", file_details.created_at_formatted_string
         )
 
+        print(f"actual_rows: {actual_rows,}")
+        print(f"expected_rows: {expected_row}")
+        
         self.assertEqual(actual_rows, [InfAckFileRows.HEADERS, expected_row])
 
     def make_kinesis_assertions(self, test_cases):

recordprocessor/tests/test_recordprocessor_main.py

@@ -150,10 +150,10 @@ def __init__(self, vaccine_type: str, supplier: str, ods_code: str, file_number:
         self.file_date_and_time_string = f"20000101T0000000{file_number}"
         self.message_id = f"{vaccine_type.lower()}_{supplier.lower()}_test_id"
         self.message_id_order = f"{vaccine_type.lower()}_{supplier.lower()}_test_id_{file_number}"
-        self.full_permissions_list = [f"{vaccine_type}_FULL"]
-        self.create_permissions_only = [f"{vaccine_type}_CREATE"]
-        self.update_permissions_only = [f"{vaccine_type}_UPDATE"]
-        self.delete_permissions_only = [f"{vaccine_type}_DELETE"]
+        self.full_permissions_list = [f"{vaccine_type}.CRUD"]
+        self.create_permissions_only = [f"{vaccine_type}.C"]
+        self.update_permissions_only = [f"{vaccine_type}.U"]
+        self.delete_permissions_only = [f"{vaccine_type}.D"]
 
         self.queue_name = f"{supplier}_{vaccine_type}"