davinci_pdex_test_kit 0.9.1

data/lib/davinci_pdex_test_kit/pdex_payer_server/no_member_matches_group.rb

@@ -0,0 +1,69 @@
+# frozen_string_literal: true
+require_relative 'abstract_member_match_request_conformance_test'
+require_relative 'abstract_member_match_request_local_references_test'
+require_relative 'coverage_to_link_has_minimal_data_test'
+require_relative 'coverage_to_link_must_support_test'
+
+module DaVinciPDexTestKit
+  module PDexPayerServer
+    class NoMemberMatchesGroup < Inferno::TestGroup
+        id :no_member_matches_group
+        title '$member-match with no matches'
+
+        run_as_group
+
+        input :no_member_match_request,
+          title: 'Member Match Request for no matches',
+          description: "A JSON payload for server's $member-match endpoint that has **no matches**",
+          type: 'textarea',
+          optional: true
+
+        group_config = { inputs: { member_match_request: { name: :no_member_match_request } } }
+
+        test from: :abstract_member_match_request_conformance do
+          id :no_member_match_request_conformance
+          config(group_config)
+
+          title '[USER INPUT VALIDATION] Member match request for no matches is valid'
+          description %{
+            Regardless of having no intended matches, this test validates the conformity of the user input to the
+            [HRex Member Match Request Profile](https://hl7.org/fhir/us/davinci-hrex/STU1/StructureDefinition-hrex-parameters-member-match-in.html),
+            ensuring subsequent tests can accurately simulate content. It also checks conformance to the [Parameters Resource](https://hl7.org/fhir/R4/parameters.html),
+            mandatory elements, and terminology. It also checks that the Patient reference with the Consent and CoverageToMatch parameters are local references.
+          }
+
+          # Inherits run
+        end
+
+        test from: :abstract_member_match_request_local_references do
+          id :no_member_match_request_local_references
+          config(group_config)
+        end
+
+        test from: :coverage_to_link_has_minimal_data, config: group_config
+        test from: :coverage_to_link_must_support, config: group_config
+
+
+        test do
+          id :member_match_has_no_matches
+          title 'Server $member-match operation returns 422 Unprocessable Content if no matches are found'
+          description %{
+            See [member matching logic](https://hl7.org/fhir/us/davinci-hrex/STU1/OperationDefinition-member-match.html#member-matching-logic)
+            for specification.
+
+            Server will receive `POST [baseURL]/Patient/$member-match` with the no-member-match-request parameters and
+            is expected to return 422.
+          }
+
+          run do
+            skip_if !no_member_match_request, "No member match request inputted for no-match tests."
+            member_match_request_resource = FHIR.from_contents(no_member_match_request)
+
+            fhir_operation('/Patient/$member-match', body: member_match_request_resource)
+            assert_response_status(422)
+          end
+        end
+
+    end
+  end
+end

data/lib/davinci_pdex_test_kit/pdex_payer_server/workflow_clinical_data.rb

@@ -0,0 +1,66 @@
+# frozen_string_literal: true
+
+module DaVinciPDexTestKit
+  module PDexPayerServer
+    class WorkflowClinicalData < Inferno::TestGroup
+      id :workflow_clinical_data
+      title 'Server can respond to search requests for clinical data on the matched patient'
+      short_title 'Clinical data query'
+      description %{
+        # Background
+        The [PDex Implementation Guide](https://hl7.org/fhir/us/davinci-pdex/STU2/payertopayerexchange.html#query-all-clinical-resources-individually)
+        requires Payer servers to support querying of individual clinical resources from
+        its Patient's Member Identifier (aka Patient FHIR ID). This test sequence simulates that step
+        in the workflow by querying for encounters. The full read and search API is tested in
+        its own test group.
+
+        # Test Methodology
+        If the $member-match tests were run and returned a valid member-match-response, then it's
+        patient's id will be used for the query. If not, then the user inputted Patient id is used
+        for this test. If neither is available tests are skipped.
+      }
+
+      input :patient_id,
+        title: 'Patient ID',
+        description: 'Manual Patient ID for testing Clinical Query and $everything without $member-match.',
+        optional: true
+
+      test do
+        id :workflow_clinical_encounter_query
+        title 'Server can provide clinical Encounter data from matched member identifier'
+        description %{
+          Server receives request `GET [baseURL]/Encounter?subject=Patient/[id]` and returns 200.
+        }
+
+        makes_request :pdex_clinical_query
+
+        run do
+          skip_if !patient_id,
+            'No Patient FHIR ID was derived from $member-match response or supplied by user input'
+
+          fhir_search(FHIR::Encounter, params: {patient: "Patient/#{patient_id}"}, name: :pdex_clinical_query)
+          assert_response_status(200)
+        end
+      end
+
+      test do
+        id :workflow_clinical_encounter_validation
+        title 'Server returned Search bundle with valid Encounter data'
+        description %{
+            Server returned search Bundle of Encounters with least 1 resource entry.
+        }
+
+        uses_request :pdex_clinical_query
+
+        run do
+          assert_valid_resource
+          assert_resource_type('Bundle')
+          assert resource.entry.length > 0, 'Response Bundle must have at least one entry'
+          assert resource.entry.map{|entry| entry.resource}.all? { |res| res.resourceType == 'Encounter' },
+                 'Response Bundle must only have Encounter resources'
+        end
+      end
+    end
+  end
+end
+

data/lib/davinci_pdex_test_kit/pdex_payer_server/workflow_everything.rb

@@ -0,0 +1,184 @@
+# frozen_string_literal: true
+
+module DaVinciPDexTestKit
+  module PDexPayerServer
+    class WorkflowEverythingTestGroup < Inferno::TestGroup
+      title 'Server can respond to $everything requests on matched patient'
+      short_title '$everything'
+      id :workflow_everything
+      optional
+      description %{
+        # Background
+
+        The Patient $everything operation for Payer-to-Payer exchange. See
+        [PDex Implementation Guide](https://hl7.org/fhir/us/davinci-pdex/STU2/payertopayerexchange.html#everything-operation)
+        and [FHIR R4 documentation](https://hl7.org/fhir/R4/patient-operation-everything.html).
+
+        # Test Methodology
+
+        This test sequence takes a patient id input and executes the `$everything` FHIR operation on it.
+      }
+
+
+      input :patient_id,
+        title: 'Patient ID',
+        description: 'Manual Patient ID for testing Clinical Query and $everything $export without $member-match.',
+        optional: true
+
+
+      test do
+        title 'Server asserts Patient instance operation $everything in Capability Statement'
+
+        run do
+          fhir_get_capability_statement
+
+          assert_response_status 200
+          assert(
+            resource.rest.one? do |rest_metadata|
+              rest_metadata.resource.select { |resource_metadata| resource_metadata.type == 'Patient' }.first
+                .operation.any? do |operation_metadata|
+                  operation_metadata.name == 'everything' && operation_metadata.definition == 'http://hl7.org/fhir/OperationDefinition/Patient-everything'
+                end
+            end
+          )
+        end
+      end
+
+      test do
+        title 'Server can handle GET /Patient/[ID]/$everything'
+
+        # input :patient_id # borrows properties from workflow_clinical_data
+
+        makes_request :pdex_patient_everything
+
+        run do
+          skip_if !patient_id,
+            "No Patient FHIR ID was derived from $member-match response or supplied by user input"
+
+          fhir_operation("/Patient/#{patient_id}/$everything", operation_method: :get, name: :pdex_patient_everything)
+
+          assert_response_status 200
+        end
+      end
+
+      test do
+        title 'Server returns a Bundle resource with requested Patient resource, and all resources conform to FHIR R4'
+
+        input :patient_id # borrows properties from workflow_clinical_data
+
+        uses_request :pdex_patient_everything
+
+        run do
+          skip_if response[:status] != 200, 'Skipped because previous test did not pass'
+          skip_if !patient_id
+            'No Patient ID was derived from $member-match nor supplied from user input'
+
+          assert_valid_resource
+          assert_resource_type(:bundle)
+          assert_valid_bundle_entries
+          assert resource.entry.map(&:resource).map(&:resourceType).any?('Patient'),
+                 'Bundle does not include a Patient resource'
+          assert(resource.entry.map(&:resource).one? do |resource|
+                   resource.resourceType == 'Patient' && resource.id == patient_id
+                 end)
+        end
+      end
+
+      test do
+        title %{
+          The resources returned SHALL include all the data covered by the meaningful use common data elements as
+          defined in the US Core Implementation Guide
+        }
+        description %{
+          See FHIR R4 documentation for [patient-everything](https://hl7.org/fhir/R4/patient-operation-everything.html).
+          The US realm has now replaced meaningful use common data elements with [USCDI](https://www.healthit.gov/isa/united-states-core-data-interoperability-uscdi).
+
+          This test currently uses `meta.profile` to validate that a resource is compliant with its intended profile,
+          which includes checking for the profile's required elements.
+
+          It is the servers responsiblity to return all resources necessary to cover all USDCI elements known by
+          the server.
+        }
+
+        uses_request :pdex_patient_everything
+
+        run do
+          skip_if resource.resourceType != 'Bundle'
+
+          (0...resource.entry.length).each do |i|
+            assert_valid_resource(resource: resource.entry[i].resource,
+                                  profile_url: resource.entry[i].resource.meta.profile)
+          end
+        end
+      end
+
+      # TODO: make attestations clearer, possibly change UI
+      # test do
+      #   title %{
+      #     Attestation: Server returns all resources necessary to cover all USDCI elements known by the server if
+      #     operating in US Realm.
+      #   }
+      #   description 'See previous test for details.'
+
+      #   input :workflow_everything_uscdi_attestation,
+      #         title: %{
+      #           Server's $everything operation returns all resources necessary to cover all USDCI
+      #           elements known by the server if operating in US Realm
+      #         },
+      #         type: :radio,
+      #         options: {
+      #           list_options: [
+      #             {
+      #               label: 'Yes',
+      #               value: 'yes'
+      #             },
+      #             {
+      #               label: 'No',
+      #               value: 'no'
+      #             }
+      #           ]
+      #         },
+      #         default: '',
+      #         optional: true
+
+      #   run do
+      #     assert workflow_everything_uscdi_attestation == 'yes', 'Developer did not agree to attestation'
+      #   end
+      # end
+
+      # test do
+      #   title %{
+      #     Attestation: The use of the Bulk FHIR specification for transmission of member $everything data SHALL
+      #     honor jurisdictional and personal privacy restrictions that are relevant to a member’s health record.
+      #   }
+
+      #   input :workflow_everything_privacy_attestation,
+      #         title: %Q(
+      #           Server's $everything operation shall honor jurisdictional and personal privacy
+      #           restriction that are relevant to a member's health record
+      #         ),
+      #         type: :radio,
+      #         options: {
+      #           list_options: [
+      #             {
+      #               label: 'Yes',
+      #               value: 'yes'
+      #             },
+      #             {
+      #               label: 'No',
+      #               value: 'no'
+      #             }
+      #           ]
+      #         },
+      #         default: '',
+      #         optional: true
+
+      #   run do
+      #     assert workflow_everything_privacy_attestation == 'yes', 'Developer did not agree to attestation'
+      #   end
+      # end
+
+      # TODO: consider parameter tests
+    end
+  end
+end

data/lib/davinci_pdex_test_kit/pdex_payer_server/workflow_export.rb

@@ -0,0 +1,67 @@
+# frozen_string_literal: true
+
+require 'bulk_data_test_kit/v2.0.0/bulk_data_patient_export_test_group'
+# require 'bulk_data_test_kit/v1.0.1/patient/bulk_data_patient_export_group'
+require_relative 'export_patient_group'
+require_relative 'export_validation_group'
+
+module DaVinciTestKit
+  module PDexPayerServer
+    class WorkflowExportTestGroup < Inferno::TestGroup
+      id :workflow_export
+      title 'Server can respond to FHIR Bulk $export requests on the matched patient'
+      short_title 'Bulk $export'
+      optional
+      description %{
+        # Background
+
+        The Patient $export operation for Payer-to-Payer exchange. See
+        [PDex Implementation Guide](https://hl7.org/fhir/us/davinci-pdex/STU2/payertopayerexchange.html#bulk-fhir-asynchronous-protocols),
+        [Bulk Data Patient Export Operation](https://hl7.org/fhir/uv/bulkdata/OperationDefinition-patient-export.html), and
+        [Bulk Data Export Request Flow](https://hl7.org/fhir/uv/bulkdata/export.html#bulk-data-export-operation-request-flow).
+
+        # Methodology
+
+        This test sequence leverages the [Bulk Data Test Kit](https://github.com/inferno-framework/bulk-data-test-kit)
+        for patient-level tests conforming to the Bulk Data Access Implementation Guide v2.0.0, and does not require more than 1 patient
+        to be returned by Patient-level export. The tests require a Bulk Data Autthorization Bearer Token.
+      }
+
+      config({
+        inputs: {
+          url: { name: :bulk_server_url },
+          # bulk_server_url: { name: :url },
+          bulk_export_url: { default: 'Patient/$export' },
+          bearer_token: { description: 'The authorization bearer token for $export access that is scoped to the same patient found by $member-match or entered as patient id. This is not necessarily the same OAuth token that allows access to the server\'s $member-match. If omitted $export tests will be skipped.' }
+        }
+      })
+
+      input :url # inherit properties from test suite
+
+      input :bearer_token # inherit properties from parent
+
+      input :patient_id,
+        title: 'Patient ID',
+        description: 'Manual Patient ID for testing Clinical Query, $everything, and $export without $member-match.',
+        optional: true
+
+      # Required by Bulk Data tests
+      fhir_client :bulk_server do
+        url :url
+        bearer_token :bearer_token
+      end
+
+      http_client :bulk_server do
+        url :url
+        headers {'Authorization' => "Bearer #{bearer_token}"}
+      end
+
+      group from: :pdex_patient_export_group
+
+      group from: :pdex_export_validation,
+            title: 'Patient Export Validation Tests',
+            optional: true
+
+    end
+  end
+end

data/lib/davinci_pdex_test_kit/pdex_payer_server/workflow_member_match.rb

@@ -0,0 +1,171 @@
+# frozen_string_literal: true
+require_relative 'abstract_member_match_request_conformance_test'
+require_relative 'abstract_member_match_request_local_references_test'
+require_relative 'coverage_to_link_has_minimal_data_test'
+require_relative 'coverage_to_link_must_support_test'
+
+module DaVinciPDexTestKit
+  module PDexPayerServer
+    class WorkflowMemberMatch < Inferno::TestGroup
+      title 'Server can return a matching member in response to $member-match request'
+      short_title '$member-match'
+      id :workflow_member_match
+      description %{
+        # Background
+
+        Server must implement the [$member-match operation](https://hl7.org/fhir/us/davinci-hrex/OperationDefinition-member-match.html)
+        for payer-to-payer workflows as
+        [required by the PDex Implementation Guide](https://hl7.org/fhir/us/davinci-pdex/STU2/payertopayerexchange.html#member-match-with-consent).
+
+        # Testing Methodology
+        
+        The developer must supply JSON FHIR input parameter conforming to the
+        [member match request profile](https://hl7.org/fhir/us/davinci-hrex/STU1/StructureDefinition-hrex-parameters-member-match-in.html). This
+        test sequence will:
+        
+        1. Request the server's capability statement and verify that it asserts support for the $member-match operation
+        2. Validate user's member match request input
+           + validate Parameters profile conformance
+           + validate references as local references
+           + optional: validate CoverageToLink parameter
+           + optional: validate minimal data on CoverageToLink parameter
+        3. POST request to server and validate HTTP 200 response status
+        4. validate memeber match response conforms to profile
+        5. use member identifier from response to query for patient id 
+      }
+
+      run_as_group
+
+      # TODO factorize cap statement tests
+      test do
+        id :member_match_in_capability_statement
+        title 'Server asserts Patient $member_match operation in capability statement.'
+
+        run do
+          fhir_get_capability_statement
+
+          assert_response_status(200)
+          assert_resource_type(:capability_statement)
+
+          assert(
+            resource.rest.one? do |rest_metadata|
+              rest_metadata.resource.select { |resource_metadata| resource_metadata.type == 'Patient' }.first
+                .operation.any? do |operation_metadata|
+                  operation_metadata.name == 'member-match' && operation_metadata.definition == 'http://hl7.org/fhir/us/davinci-hrex/OperationDefinition/member-match'
+                end
+            end
+          )
+        end
+      end
+
+      input :member_match_request,
+        title: 'Member Match Request for one match',
+        description: "A JSON payload for server's $member-match endpoint that has **exactly one match**",
+        type: 'textarea'
+
+      test from: :abstract_member_match_request_conformance do
+        id :member_match_request_request_conformance
+        title '[USER INPUT VALIDATION] Member match request for exactly one match is valid'
+        description %{
+          This test validates the conformity of the user input to the
+          [HRex Member Match Request Profile](https://hl7.org/fhir/us/davinci-hrex/STU1/StructureDefinition-hrex-parameters-member-match-in.html),
+          ensuring subsequent tests can accurately simulate content. It also checks conformance to the [Parameters Resource](https://hl7.org/fhir/R4/parameters.html),
+          mandatory elements, and terminology.
+        }
+      end
+
+      test from: :abstract_member_match_request_local_references do
+        id :member_match_request_local_references
+        title '[USER INPUT VALIDATION] Member match request only uses local references'
+      end
+
+      test from: :coverage_to_link_must_support
+      test from: :coverage_to_link_has_minimal_data
+   
+      test do
+        id :member_match_on_server
+        title 'Server handles $member-match operation successfully'
+        description 'Server receives request `POST [baseURL]/Patient/$member-match` and returns 200'
+           
+        input :member_match_request
+   
+        makes_request :member_match
+   
+        run do
+          fhir_operation('/Patient/$member-match', body: FHIR.from_contents(member_match_request), name: :member_match)
+          assert_response_status(200)
+        end
+      end
+  
+      test do
+        id :member_match_response_conformance
+        title 'Server $member-match response conforms to profile'
+        description %{
+          The response body from the previous POST request to $member-match must be valid FHIR JSON conforming to
+          [HRex Member Match Response Profile](https://hl7.org/fhir/us/davinci-hrex/STU1/StructureDefinition-hrex-parameters-member-match-out.html).
+        }
+
+        output :member_identifier
+        output :member_identifier_system  
+
+        uses_request :member_match
+
+        run do
+          assert response[:body], 'Server HTTP response is missing body'
+          assert_valid_json(response[:body])
+          assert_resource_type('Parameters')
+
+          # We should save the output before validating every detail of the payload
+          output member_identifier: resource.parameter.find{|p| p.name=='MemberIdentifier'}&.valueIdentifier&.value
+          output member_identifier_system: resource.parameter.find{|p| p.name=='MemberIdentifier'}&.valueIdentifier&.system
+
+          assert_valid_resource(profile_url: 'http://hl7.org/fhir/us/davinci-hrex/StructureDefinition/hrex-parameters-member-match-out')
+        end
+      end
+  
+      test do
+        id :member_match_identifier_to_id
+        title 'Server member identifier from $member-match yields logical Patient id'
+        description %Q{
+          The $member-match operation returns a Member Identifier, and subsequent clinical queries and operations
+          are only required to support logical Patient FHIR ID. Hence server must be able to provide a Patient
+          FHIR ID from Member Identifier.
+
+          Server receives request `GET [baseURL]/Patient?identifier=[member_identifier]`
+          and returns 200 and a Bundle with a single FHIR Patient. The `[member_identifier]` is from Member Match Response
+          `Parameters.parameter:MemberIdentifier.valueIdentifier.value`.
+        }
+
+        input :member_identifier
+        input :member_identifier_system, optional: true
+        output :patient_id
+
+        run do
+          skip_if !member_identifier, "No member identifier obtained from $member-match request"
+ 
+          # We only query by identifier.value, and preset information happens to return a value with a system within it
+          # which may be a bug.
+          # Other options are to query by system|value or type-of:
+          # But future PDex IG is intending to include logical FHIR id with MemberMatchResponse so this won't be necessary
+          fhir_search(FHIR::Patient, params: { 'identifier' => member_identifier })
+
+          assert response[:body], 'Server HTTP response is missing body'
+          assert_valid_json(response[:body])
+          assert_resource_type('Bundle')
+
+          assert resource.entry.find{ |entry| entry.resource&.resourceType == 'Patient' }, "Bundle has no Patient resource."
+
+          patient_id = resource.entry.reverse_each.find{ |entry| entry.resource&.resourceType == 'Patient' }&.resource&.id
+          assert patient_id, "Patient resource in Bundle has no logical resource id"
+
+          info "Multiple patients found, using the last patient id." if resource.entry.select{ |entry| entry.resource&.resourceType == 'Patient' }.length > 1
+
+          output :patient_id => patient_id
+
+          assert_valid_resource
+        end
+      end
+
+    end
+  end
+end