onc_certification_g10_test_kit 3.1.0 → 3.3.0

data/lib/onc_certification_g10_test_kit/g10_options.rb

@@ -0,0 +1,46 @@
+module ONCCertificationG10TestKit
+  module G10Options
+    US_CORE_3 = 'us_core_3'.freeze
+    US_CORE_4 = 'us_core_4'.freeze
+    US_CORE_5 = 'us_core_5'.freeze
+
+    BULK_DATA_1 = 'multi_patient_api_stu1'.freeze
+    BULK_DATA_2 = 'multi_patient_api_stu2'.freeze
+
+    SMART_1 = 'smart_app_launch_1'.freeze
+    SMART_2 = 'smart_app_launch_2'.freeze
+
+    US_CORE_3_REQUIREMENT = { us_core_version: US_CORE_3 }.freeze
+    US_CORE_4_REQUIREMENT = { us_core_version: US_CORE_4 }.freeze
+    US_CORE_5_REQUIREMENT = { us_core_version: US_CORE_5 }.freeze
+
+    BULK_DATA_1_REQUIREMENT = { multi_patient_version: BULK_DATA_1 }.freeze
+    BULK_DATA_2_REQUIREMENT = { multi_patient_version: BULK_DATA_2 }.freeze
+
+    SMART_1_REQUIREMENT = { smart_app_launch_version: SMART_1 }.freeze
+    SMART_2_REQUIREMENT = { smart_app_launch_version: SMART_2 }.freeze
+
+    def us_core_version
+      suite_options[:us_core_version]
+    end
+
+    def using_us_core_3?
+      us_core_version == US_CORE_3
+    end
+
+    def using_us_core_5?
+      us_core_version == US_CORE_5
+    end
+
+    def versioned_us_core_module
+      case us_core_version
+      when US_CORE_5
+        USCoreTestKit::USCoreV501
+      when US_CORE_4
+        USCoreTestKit::USCoreV400
+      else
+        USCoreTestKit::USCoreV311
+      end
+    end
+  end
+end

data/lib/onc_certification_g10_test_kit/incorrectly_permitted_tls_versions_messages_setup_test.rb

@@ -0,0 +1,34 @@
+module ONCCertificationG10TestKit
+  class IncorrectlyPermittedTLSVersionsMessagesSetupTest < Inferno::Test
+    id :g10_incorrectly_permitted_tls_versions_messages_setup
+    title 'Handle TLS Warning Messages'
+
+    input :incorrectly_permitted_tls_versions_messages
+    output :unique_incorrectly_permitted_tls_versions_messages,
+           :tls_documentation_required
+
+    run do
+      pass_if incorrectly_permitted_tls_versions_messages.blank?
+
+      warning do
+        new_warning_messages = incorrectly_permitted_tls_versions_messages&.split("\n")
+
+        pass_if new_warning_messages.blank?
+
+        raw_previous_warning_messages =
+          Inferno::Repositories::SessionData.new.load(
+            test_session_id:,
+            name: 'unique_incorrectly_permitted_tls_versions_messages'
+          )
+
+        previous_warning_messages =
+          raw_previous_warning_messages.blank? ? [] : raw_previous_warning_messages.split("\n")
+
+        warning_messages = (previous_warning_messages + new_warning_messages).uniq
+
+        output unique_incorrectly_permitted_tls_versions_messages: warning_messages.join("\n"),
+               tls_documentation_required: 'true'
+      end
+    end
+  end
+end

data/lib/onc_certification_g10_test_kit/limited_scope_grant_test.rb

@@ -1,5 +1,7 @@
 module ONCCertificationG10TestKit
   class LimitedScopeGrantTest < Inferno::Test
+    include G10Options
+
     title 'OAuth token exchange response grants scope that is limited to those selected by user'
     description %(
       The ONC certification criteria requires that patients are capable of
@@ -33,7 +35,7 @@ module ONCCertificationG10TestKit
       (POSSIBLE_RESOURCES + ['Encounter', 'ServiceRequest']).freeze
 
     def possible_resources
-      return V5_POSSIBLE_RESOURCES if suite_options[:us_core_version] == 'us_core_5'
+      return V5_POSSIBLE_RESOURCES if using_us_core_5?
 
       POSSIBLE_RESOURCES
     end

data/lib/onc_certification_g10_test_kit/multi_patient_api_stu1.rb

@@ -1,6 +1,7 @@
 require_relative 'bulk_data_authorization'
 require_relative 'bulk_data_group_export_stu1'
 require_relative 'bulk_data_group_export_validation'
+require_relative 'incorrectly_permitted_tls_versions_messages_setup_test'
 
 module ONCCertificationG10TestKit
   class MultiPatientAPIGroupSTU1 < Inferno::TestGroup
@@ -62,7 +63,17 @@ module ONCCertificationG10TestKit
             This test returns an access token.
           DESCRIPTION
 
+    test from: :g10_incorrectly_permitted_tls_versions_messages_setup,
+         id: :g10_bulk_auth_tls_messages_setup
+
     group from: :bulk_data_group_export
+
+    test from: :g10_incorrectly_permitted_tls_versions_messages_setup,
+         id: :g10_bulk_group_export_tls_messages_setup
+
     group from: :bulk_data_group_export_validation
+
+    test from: :g10_incorrectly_permitted_tls_versions_messages_setup,
+         id: :g10_bulk_group_export_validation_messages_setup
   end
 end

data/lib/onc_certification_g10_test_kit/multi_patient_api_stu2.rb

@@ -62,7 +62,17 @@ module ONCCertificationG10TestKit
             This test returns an access token.
           DESCRIPTION
 
+    test from: :g10_incorrectly_permitted_tls_versions_messages_setup,
+         id: :g10_bulk_auth_tls_messages_setup
+
     group from: :bulk_data_group_export_stu2
+
+    test from: :g10_incorrectly_permitted_tls_versions_messages_setup,
+         id: :g10_bulk_group_export_tls_messages_setup
+
     group from: :bulk_data_group_export_validation
+
+    test from: :g10_incorrectly_permitted_tls_versions_messages_setup,
+         id: :g10_bulk_group_export_validation_messages_setup
   end
 end

data/lib/onc_certification_g10_test_kit/onc_program_procedure.yml

@@ -92,6 +92,7 @@ procedure:
           - 9.8.06
           - 9.9.03
           - 9.9.06
+          - 9.10.15
         inferno_notes: |
           Inferno tests that all endpoints provided support at least TLS
           version 1.2, and rejects all requests for TLS version 1.1 or below.

data/lib/onc_certification_g10_test_kit/patient_scope_test.rb

@@ -0,0 +1,25 @@
+module ONCCertificationG10TestKit
+  class PatientScopeTest < Inferno::Test
+    title 'Patient-level scopes were granted'
+    description %(
+      Systems are required to support the `permission-patient` capability as
+      part of the [Clinician Access for EHR Launch Capability
+      Set.](http://hl7.org/fhir/smart-app-launch/1.0.0/conformance/index.html#clinician-access-for-ehr-launch)
+
+      This test verifies that systems are capable of granting patient-level
+      scopes during an EHR Launch.
+    )
+    id :g10_patient_scope
+    input :received_scopes
+
+    run do
+      expected_scope = if config.options[:scope_version] == :v2
+                         'patient/Patient.rs'
+                       else
+                         'patient/Patient.read'
+                       end
+      assert received_scopes&.include?(expected_scope),
+             "#{expected_scope} scope was requested, but not received. Received: `#{received_scopes}`"
+    end
+  end
+end

data/lib/onc_certification_g10_test_kit/profile_selector.rb

@@ -1,5 +1,9 @@
+require_relative 'g10_options'
+
 module ONCCertificationG10TestKit
   module ProfileSelector
+    include G10Options
+
     def extract_profile(profile)
       case profile
       when 'Medication'
@@ -28,8 +32,8 @@ module ONCCertificationG10TestKit
     def select_profile(resource) # rubocop:disable Metrics/CyclomaticComplexity
       case resource.resourceType
       when 'Condition'
-        case suite_options[:us_core_version]
-        when 'us_core_5'
+        case us_core_version
+        when US_CORE_5
           if resource_contains_category(resource, 'encounter-diagnosis', 'http://terminology.hl7.org/CodeSystem/condition-category')
             extract_profile('ConditionEncounterDiagnosis')
           elsif resource_contains_category(resource, 'problem-list-item',
@@ -56,15 +60,15 @@ module ONCCertificationG10TestKit
         return extract_profile('PulseOximetry') if observation_contains_code(resource, '59408-5')
 
         if observation_contains_code(resource, '8289-1')
-          case suite_options[:us_core_version]
-          when 'us_core_3'
+          case us_core_version
+          when US_CORE_3
             return extract_profile('HeadCircumference')
           else
             return extract_profile('HeadCircumferencePercentile')
           end
         end
 
-        if observation_contains_code(resource, '9843-4') && suite_options[:us_core_version] != 'us_core_3'
+        if observation_contains_code(resource, '9843-4') && !using_us_core_3?
           return extract_profile('HeadCircumference')
         end
 
@@ -73,13 +77,11 @@ module ONCCertificationG10TestKit
         # Body Mass Index is replaced by :pediatric_bmi_age Profile
         # Systolic Blood Pressure, Diastolic Blood Pressure are covered by :blood_pressure Profile
         # Head Circumference is replaced by US Core Head Occipital-frontal Circumference Percentile Profile
-        if observation_contains_code(resource, '39156-5') && suite_options[:us_core_version] != 'us_core_3'
-          return extract_profile('Bmi')
-        end
+        return extract_profile('Bmi') if observation_contains_code(resource, '39156-5') && !using_us_core_3?
 
         if observation_contains_code(resource, '85354-9')
-          case suite_options[:us_core_version]
-          when 'us_core_3'
+          case us_core_version
+          when US_CORE_3
             return extract_profile('Bp')
           else
             return extract_profile('BloodPressure')
@@ -87,8 +89,8 @@ module ONCCertificationG10TestKit
         end
 
         if observation_contains_code(resource, '8302-2')
-          case suite_options[:us_core_version]
-          when 'us_core_3'
+          case us_core_version
+          when US_CORE_3
             return extract_profile('Bodyheight')
           else
             return extract_profile('BodyHeight')
@@ -96,8 +98,8 @@ module ONCCertificationG10TestKit
         end
 
         if observation_contains_code(resource, '8310-5')
-          case suite_options[:us_core_version]
-          when 'us_core_3'
+          case us_core_version
+          when US_CORE_3
             return extract_profile('Bodytemp')
           else
             return extract_profile('BodyTemperature')
@@ -105,8 +107,8 @@ module ONCCertificationG10TestKit
         end
 
         if observation_contains_code(resource, '29463-7')
-          case suite_options[:us_core_version]
-          when 'us_core_3'
+          case us_core_version
+          when US_CORE_3
             return extract_profile('Bodyweight')
           else
             return extract_profile('BodyWeight')
@@ -114,8 +116,8 @@ module ONCCertificationG10TestKit
         end
 
         if observation_contains_code(resource, '8867-4')
-          case suite_options[:us_core_version]
-          when 'us_core_3'
+          case us_core_version
+          when US_CORE_3
             return extract_profile('Heartrate')
           else
             return extract_profile('HeartRate')
@@ -123,31 +125,37 @@ module ONCCertificationG10TestKit
         end
 
         if observation_contains_code(resource, '9279-1')
-          case suite_options[:us_core_version]
-          when 'us_core_3'
+          case us_core_version
+          when US_CORE_3
             return extract_profile('Resprate')
           else
             return extract_profile('RespiratoryRate')
           end
         end
 
-        if suite_options[:us_core_version] == 'us_core_5' &&
+        if using_us_core_5? &&
            resource_contains_category(
-             resource, 'clinical-test', 'http://terminology.hl7.org/CodeSystem/observation-category'
+             resource, 'clinical-test', 'http://hl7.org/fhir/us/core/CodeSystem/us-core-observation-category'
            )
           return extract_profile('ObservationClinicalTest')
         end
 
-        if suite_options[:us_core_version] == 'us_core_5' && observation_contains_code(resource, '76690-7')
+        if using_us_core_5? && observation_contains_code(resource, '76690-7')
           return extract_profile('ObservationSexualOrientation')
         end
 
-        if suite_options[:us_core_version] == 'us_core_5' &&
+        if using_us_core_5? &&
            resource_contains_category(resource, 'social-history',
                                       'http://terminology.hl7.org/CodeSystem/observation-category')
           return extract_profile('ObservationSocialHistory')
         end
 
+        if using_us_core_5? &&
+           resource_contains_category(resource, 'imaging',
+                                      'http://terminology.hl7.org/CodeSystem/observation-category')
+          return extract_profile('ObservationImaging')
+        end
+
         # We will simply match all Observations of category "survey" to SDOH,
         # and do not look at the category "sdoh".  US Core spec team says that
         # support for the "sdoh" category is limited, and the validation rules
@@ -159,7 +167,7 @@ module ONCCertificationG10TestKit
         # `resource_contains_category(resource, 'sdoh',
         #                                       'http://terminology.hl7.org/CodeSystem/observation-category') &&`
         # along with a specific extract_profile('ObservationSurvey') to catch non-sdoh.
-        if suite_options[:us_core_version] == 'us_core_5' &&
+        if using_us_core_5? &&
            resource_contains_category(resource, 'survey',
                                       'http://terminology.hl7.org/CodeSystem/observation-category')
 

data/lib/onc_certification_g10_test_kit/resource_access_test.rb

@@ -74,10 +74,9 @@ module ONCCertificationG10TestKit
             body of the response.
           )
           begin
+            assert_valid_json(response[:body])
             parsed_body = JSON.parse(response[:body])
             assert parsed_body['resourceType'] == 'OperationOutcome', error_message
-          rescue JSON::ParserError
-            assert false, error_message
           end
           fhir_search(
             resource_type,

data/lib/onc_certification_g10_test_kit/restricted_resource_type_access_group.rb

@@ -323,7 +323,7 @@ module ONCCertificationG10TestKit
       )
       id :g10_encounter_restricted_access
 
-      required_suite_options us_core_version: 'us_core_5'
+      required_suite_options G10Options::US_CORE_5_REQUIREMENT
 
       def resource_group
         USCoreTestKit::USCoreV501::EncounterGroup
@@ -343,7 +343,7 @@ module ONCCertificationG10TestKit
       )
       id :g10_service_request_restricted_access
 
-      required_suite_options us_core_version: 'us_core_5'
+      required_suite_options G10Options::US_CORE_5_REQUIREMENT
 
       def resource_group
         USCoreTestKit::USCoreV501::ServiceRequestGroup

data/lib/onc_certification_g10_test_kit/short_id_manager.rb

@@ -0,0 +1,46 @@
+module ONCCertificationG10TestKit
+  # @private
+  # This module ensures that short test ids don't change
+  module ShortIDManager
+    class << self
+      def all_children(runnable)
+        runnable
+          .children
+          .flat_map { |child| [child] + all_children(child) }
+      end
+
+      def short_id_file_path
+        File.join(__dir__, 'short_id_map.yml')
+      end
+
+      def short_id_map
+        @short_id_map ||= YAML.load_file(short_id_file_path)
+      end
+
+      def assign_short_ids
+        all_children(G10CertificationSuite).each do |runnable|
+          short_id = short_id_map.fetch(runnable.id)
+          runnable.define_singleton_method(:short_id) do
+            short_id
+          end
+        rescue KeyError
+          Inferno::Application['logger'].warn("No short id defined for #{runnable.id}")
+        end
+      end
+
+      ### The methods below are only for creating an initial list of short ids
+
+      # Run this in an inferno console to save the current short ids
+      def save_current_short_id_map
+        File.write(short_id_file_path, current_short_id_map.to_yaml)
+      end
+
+      def current_short_id_map
+        @current_short_id_map ||=
+          all_children(G10CertificationSuite).each_with_object({}) do |runnable, mapping|
+            mapping[runnable.id] = runnable.short_id
+          end
+      end
+    end
+  end
+end