NDR-340 Add E2E tests for invalid resource type

lambdas/tests/e2e/api/fhir/conftest.py

@@ -83,8 +83,8 @@ def temp_cert_and_key():
         shutil.rmtree(temp_dir)
 
 
-def get_pdm_document_reference(record_id, client_cert_path=None, client_key_path=None):
-    url = f"https://{MTLS_ENDPOINT}/DocumentReference/{PDM_SNOMED}~{record_id}"
+def get_pdm_document_reference(record_id, client_cert_path=None, client_key_path=None, resource_type="DocumentReference"):
+    url = f"https://{MTLS_ENDPOINT}/{resource_type}/{PDM_SNOMED}~{record_id}"
     headers = {
         "X-Correlation-Id": "1234",
     }
@@ -112,3 +112,21 @@ def create_and_store_pdm_record(
     pdm_data_helper.create_metadata(record)
     pdm_data_helper.create_resource(record)
     return record
+
+def upload_document(payload, resource_type="DocumentReference"):
+    """Helper to upload DocumentReference."""
+    url = f"https://{MTLS_ENDPOINT}/{resource_type}"
+    headers = {
+        "X-Correlation-Id": "1234",
+    }
+    session = create_mtls_session()
+    return session.post(url, headers=headers, data=payload)
+
+def retrieve_document_with_retry(doc_id, condition):
+    """Poll until condition is met on DocumentReference retrieval."""
+    retrieve_url = f"https://{MTLS_ENDPOINT}/DocumentReference/{doc_id}"
+    headers = {
+        "X-Correlation-Id": "1234",
+    }
+    session = create_mtls_session()
+    return fetch_with_retry_mtls(session, retrieve_url, headers, condition)

lambdas/tests/e2e/api/fhir/test_retrieve_document_fhir_api.py

@@ -5,6 +5,7 @@
 
 from tests.e2e.api.fhir.conftest import (
     PDM_S3_BUCKET,
+    PDM_SNOMED,
     create_and_store_pdm_record,
     get_pdm_document_reference,
 )
@@ -73,3 +74,14 @@ def test_forbidden_with_invalid_cert(test_data, temp_cert_and_key):
     body = response.json()
     assert response.status_code == 403
     assert body["message"] == "Forbidden"
+
+def test_retrieve_invalid_resource_type(test_data):
+    pdm_record = create_and_store_pdm_record(test_data)
+    response = get_pdm_document_reference(pdm_record["id"], resource_type="FooBar")
+    assert response.status_code == 403
+
+    response_json = response.json()
+
+    print('response_json:', response_json)
+    error_message = f"Resource not valid: Resource /FooBar/{PDM_SNOMED}~{pdm_record['id']} not allowed"
+    assert response_json["message"] == error_message

lambdas/tests/e2e/api/fhir/test_search_patient_fhir_api.py

@@ -12,9 +12,9 @@
 pdm_data_helper = PdmDataHelper()
 
 
-def search_document_reference(nhs_number, client_cert_path=None, client_key_path=None):
+def search_document_reference(nhs_number, client_cert_path=None, client_key_path=None, resource_type="DocumentReference"):
     """Helper to perform search by NHS number with optional mTLS certs."""
-    url = f"https://{MTLS_ENDPOINT}/DocumentReference?subject:identifier=https://fhir.nhs.uk/Id/nhs-number|{nhs_number}"
+    url = f"https://{MTLS_ENDPOINT}/{resource_type}?subject:identifier=https://fhir.nhs.uk/Id/nhs-number|{nhs_number}"
     headers = {
         "X-Correlation-Id": "1234",
     }
@@ -116,3 +116,17 @@ def test_search_patient_unauthorized_mtls(test_data, temp_cert_and_key):
     body = response.json()
     assert response.status_code == 403
     assert body["message"] == "Forbidden"
+
+# TODO: Confirm desired behaviour here
+# def test_search_invalid_resource_type(test_data):
+#     created_record = create_and_store_pdm_record(test_data)
+#     expected_record_id = created_record["id"]
+
+#     response = search_document_reference("9912003071", resource_type="FooBar")
+#     print('response:', response)
+
+#     body = response.json()
+#     print('body:', body)
+#     assert response.status_code == 403
+#     error_message = "Resource not valid: Resource /FooBar not allowed"
+#     assert body["message"] == error_message

lambdas/tests/e2e/api/fhir/test_upload_document_fhir_api_failure.py

@@ -8,34 +8,13 @@
 
 from tests.e2e.api.fhir.conftest import (
     MTLS_ENDPOINT,
-    create_mtls_session,
-    fetch_with_retry_mtls,
+    retrieve_document_with_retry,
+    upload_document,
 )
 from tests.e2e.helpers.data_helper import PdmDataHelper
 
 pdm_data_helper = PdmDataHelper()
 
-
-def upload_document(payload):
-    """Helper to upload DocumentReference."""
-    url = f"https://{MTLS_ENDPOINT}/DocumentReference"
-    headers = {
-        "X-Correlation-Id": "1234",
-    }
-    session = create_mtls_session()
-    return session.post(url, headers=headers, data=payload)
-
-
-def retrieve_document_with_retry(doc_id, condition):
-    """Poll until condition is met on DocumentReference retrieval."""
-    retrieve_url = f"https://{MTLS_ENDPOINT}/DocumentReference/{doc_id}"
-    headers = {
-        "X-Correlation-Id": "1234",
-    }
-    session = create_mtls_session()
-    return fetch_with_retry_mtls(session, retrieve_url, headers, condition)
-
-
 def test_create_document_presign_fails():
     record = {
         "ods": "H81109",
@@ -165,3 +144,22 @@ def test_create_document_with_invalid_author_returns_error(test_data, author_pay
     assert raw_upload_response.status_code == 400
     assert response_json["resourceType"] == "OperationOutcome"
     assert response_json["issue"][0]["details"]["coding"][0]["code"] == "VALIDATION_ERROR"
+
+def test_upload_invalid_resource_type(test_data):
+    record = {
+        "ods": "H81109",
+        "nhs_number": "9912003071",
+    }
+
+    sample_pdf_path = os.path.join(os.path.dirname(__file__), "files", "dummy.pdf")
+    with open(sample_pdf_path, "rb") as f:
+        record["data"] = base64.b64encode(f.read()).decode("utf-8")
+    payload = pdm_data_helper.create_upload_payload(record=record, return_json=True)
+    payload = json.dumps(payload)
+
+    raw_upload_response = upload_document(payload, resource_type="FooBar")
+    response_json = raw_upload_response.json()
+    print('response_json:', response_json)
+    assert raw_upload_response.status_code == 403
+    error_message = "Resource not valid: Resource /FooBar not allowed"
+    assert response_json["message"] == error_message

lambdas/tests/e2e/api/fhir/test_upload_document_fhir_api_success.py

@@ -3,37 +3,16 @@
 import os
 
 from tests.e2e.api.fhir.conftest import (
-    MTLS_ENDPOINT,
     PDM_SNOMED,
-    create_mtls_session,
-    fetch_with_retry_mtls,
+    retrieve_document_with_retry,
+    upload_document,
 )
 from tests.e2e.conftest import APIM_ENDPOINT
 from tests.e2e.helpers.data_helper import PdmDataHelper
 
 pdm_data_helper = PdmDataHelper()
 
 
-def upload_document(payload):
-    """Helper to upload DocumentReference."""
-    url = f"https://{MTLS_ENDPOINT}/DocumentReference"
-    headers = {
-        "X-Correlation-Id": "1234",
-    }
-    session = create_mtls_session()
-    return session.post(url, headers=headers, data=payload)
-
-
-def retrieve_document_with_retry(doc_id, condition):
-    """Poll until condition is met on DocumentReference retrieval."""
-    retrieve_url = f"https://{MTLS_ENDPOINT}/DocumentReference/{doc_id}"
-    headers = {
-        "X-Correlation-Id": "1234",
-    }
-    session = create_mtls_session()
-    return fetch_with_retry_mtls(session, retrieve_url, headers, condition)
-
-
 def test_create_document_base64(test_data):
     record = {
         "ods": "H81109",