BFD-3666

BFD-3666 stringutil method to get a boolean value
include  the certificate check

Author: MahiFentaye

apps/bfd-server/bfd-server-war/src/main/java/gov/cms/bfd/server/war/V1SamhsaConsentInterceptor.java

@@ -1,11 +1,14 @@
 package gov.cms.bfd.server.war;
 
+import static gov.cms.bfd.server.war.commons.StringUtils.parseBoolean;
+
 import ca.uhn.fhir.rest.api.server.RequestDetails;
 import ca.uhn.fhir.rest.server.exceptions.BaseServerResponseException;
 import ca.uhn.fhir.rest.server.interceptor.consent.ConsentOutcome;
 import ca.uhn.fhir.rest.server.interceptor.consent.IConsentContextServices;
 import ca.uhn.fhir.rest.server.interceptor.consent.IConsentService;
-import java.util.Optional;
+import gov.cms.bfd.server.war.commons.CommonTransformerUtils;
+import gov.cms.bfd.sharedutils.TagCode;
 import org.hl7.fhir.dstu3.model.Bundle;
 import org.hl7.fhir.dstu3.model.Coding;
 import org.hl7.fhir.dstu3.model.ExplanationOfBenefit;
@@ -20,18 +23,6 @@ public class V1SamhsaConsentInterceptor implements IConsentService {
   /** The logger. */
   private static final Logger logger = LoggerFactory.getLogger(V1SamhsaConsentInterceptor.class);
 
-  /** Flag to control whether SAMHSA filtering should be applied. */
-  private final boolean samhsaV2Enabled;
-
-  /**
-   * SamhsaConsentInterceptor Constructor.
-   *
-   * @param samhsaV2Enabled samhsaV2Enabled
-   */
-  public V1SamhsaConsentInterceptor(Boolean samhsaV2Enabled) {
-    this.samhsaV2Enabled = samhsaV2Enabled;
-  }
-
   @Override
   public ConsentOutcome startOperation(
       RequestDetails theRequestDetails, IConsentContextServices theContextServices) {
@@ -45,29 +36,19 @@ public ConsentOutcome willSeeResource(
       IConsentContextServices theContextServices) {
 
     logger.info("V1SamhsaConsentInterceptor - willSeeResource.");
-    //     Check if SAMHSA 2.0 filtering is enabled
-    if (!samhsaV2Enabled) {
-      // If the feature flag is false, skip filtering and proceed with the resource
-      logger.info("SAMHSA 2.0 filtering is disabled, proceeding without filtering.");
-      return ConsentOutcome.PROCEED;
-    }
 
     // Extract 'excludeSAMHSA' parameter from the request URL
-    boolean excludeSamhsa =
-        Optional.ofNullable(theRequestDetails.getParameters().get("excludeSAMHSA"))
-            .flatMap(params -> params.length > 0 ? Optional.of(params[0]) : Optional.empty())
-            .map(Boolean::parseBoolean)
-            .orElse(false);
+    boolean excludeSAMHSA = parseBoolean(theRequestDetails.getParameters().get("excludeSAMHSA"));
+    boolean filterSamhsa =
+        CommonTransformerUtils.shouldFilterSamhsa(String.valueOf(excludeSAMHSA), theRequestDetails);
 
     // Handle Bundle
-    if (theResource instanceof Bundle) {
-      Bundle bundle = (Bundle) theResource;
-
+    if (theResource instanceof Bundle bundle) {
       // Iterate through each entry in the Bundle
       for (Bundle.BundleEntryComponent entry : bundle.getEntry()) {
         IBaseResource entryResource = entry.getResource();
 
-        if (shouldRedactResource(entryResource, excludeSamhsa)) {
+        if (shouldRedactResource(entryResource, filterSamhsa)) {
           redactSensitiveData(entry);
         }
       }
@@ -80,10 +61,10 @@ public ConsentOutcome willSeeResource(
    * Helper method to determine if a resource should be redacted based on security tags.
    *
    * @param resource The resource to check.
-   * @param excludeSamhsa Flag to determine whether to exclude SAMHSA.
+   * @param filterSamhsa Flag to determine whether to filter SAMHSA.
    * @return true if the resource should be redacted, false otherwise.
    */
-  private boolean shouldRedactResource(IBaseResource resource, boolean excludeSamhsa) {
+  private boolean shouldRedactResource(IBaseResource resource, boolean filterSamhsa) {
     Meta meta = null;
 
     // Extract the meta information depending on the resource type
@@ -99,8 +80,9 @@ private boolean shouldRedactResource(IBaseResource resource, boolean excludeSamh
     // Iterate through the security tags in the meta
     for (Coding securityTag : meta.getSecurity()) {
       // Check if the security tag matches the "R" or "42CFRPart2" code
-      if (excludeSamhsa
-          && ("R".equals(securityTag.getCode()) || "42CFRPart2".equals(securityTag.getCode()))) {
+      if (filterSamhsa
+          && (TagCode.R.name().equals(securityTag.getCode())
+              || TagCode._42CFRPart2.name().equals(securityTag.getCode()))) {
         logger.info("Matched SAMHSA security tag, redacting resource.");
         return true;
       }

apps/bfd-server/bfd-server-war/src/main/java/gov/cms/bfd/server/war/V1Server.java

@@ -132,7 +132,7 @@ protected void initialize() throws ServletException {
     // executed
     registerInterceptor(new TimerInterceptor());
     if (samhsaV2Enabled) {
-      registerInterceptor(new ConsentInterceptor(new V1SamhsaConsentInterceptor(samhsaV2Enabled)));
+      registerInterceptor(new ConsentInterceptor(new V1SamhsaConsentInterceptor()));
     }
     // OpenAPI
     OpenApiInterceptor openApiInterceptor = new OpenApiInterceptor();

apps/bfd-server/bfd-server-war/src/main/java/gov/cms/bfd/server/war/V2SamhsaConsentInterceptor.java

@@ -1,18 +1,19 @@
 package gov.cms.bfd.server.war;
 
+import static gov.cms.bfd.server.war.commons.StringUtils.parseBoolean;
+
 import ca.uhn.fhir.rest.api.server.RequestDetails;
 import ca.uhn.fhir.rest.server.exceptions.BaseServerResponseException;
 import ca.uhn.fhir.rest.server.interceptor.consent.ConsentOutcome;
 import ca.uhn.fhir.rest.server.interceptor.consent.IConsentContextServices;
 import ca.uhn.fhir.rest.server.interceptor.consent.IConsentService;
-import java.util.Optional;
+import gov.cms.bfd.server.war.commons.CommonTransformerUtils;
+import gov.cms.bfd.sharedutils.TagCode;
 import org.hl7.fhir.instance.model.api.IBaseCoding;
 import org.hl7.fhir.instance.model.api.IBaseResource;
 import org.hl7.fhir.r4.model.Bundle;
-import org.hl7.fhir.r4.model.Claim;
-import org.hl7.fhir.r4.model.ClaimResponse;
-import org.hl7.fhir.r4.model.ExplanationOfBenefit;
 import org.hl7.fhir.r4.model.Meta;
+import org.hl7.fhir.r4.model.Resource;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 
@@ -26,18 +27,6 @@ public class V2SamhsaConsentInterceptor implements IConsentService {
   /** The logger. */
   private static final Logger logger = LoggerFactory.getLogger(V2SamhsaConsentInterceptor.class);
 
-  /** Flag to control whether SAMHSA filtering should be applied. */
-  private final boolean samhsaV2Enabled;
-
-  /**
-   * SamhsaConsentInterceptor Constructor.
-   *
-   * @param samhsaV2Enabled samhsaV2Enabled
-   */
-  public V2SamhsaConsentInterceptor(Boolean samhsaV2Enabled) {
-    this.samhsaV2Enabled = samhsaV2Enabled;
-  }
-
   /**
    * Invoked once at the start of every request.
    *
@@ -65,29 +54,18 @@ public ConsentOutcome willSeeResource(
 
     logger.info("SAMHSAConsentInterceptor - willSeeResource.");
 
-    // Check if SAMHSA 2.0 filtering is enabled
-    if (!samhsaV2Enabled) {
-      // If the feature flag is false, skip filtering and proceed with the resource
-      logger.info("SAMHSA 2.0 filtering is disabled, proceeding without filtering.");
-      return ConsentOutcome.PROCEED;
-    }
-
     // Extract 'excludeSAMHSA' parameter from the request URL
-    boolean excludeSamhsa =
-        Optional.ofNullable(theRequestDetails.getParameters().get("excludeSAMHSA"))
-            .flatMap(params -> params.length > 0 ? Optional.of(params[0]) : Optional.empty())
-            .map(Boolean::parseBoolean)
-            .orElse(false);
+    boolean excludeSamhsa = parseBoolean(theRequestDetails.getParameters().get("excludeSAMHSA"));
+    boolean filterSamhsa =
+        CommonTransformerUtils.shouldFilterSamhsa(String.valueOf(excludeSamhsa), theRequestDetails);
 
     // Check if the resource is a Bundle and if it has entries
-    if (theResource instanceof Bundle) {
-      Bundle bundle = (Bundle) theResource;
-
+    if (theResource instanceof Bundle bundle) {
       // Iterate through each entry in the Bundle
       for (Bundle.BundleEntryComponent entry : bundle.getEntry()) {
         IBaseResource entryResource = entry.getResource();
 
-        if (shouldRedactResource(entryResource, excludeSamhsa)) {
+        if (shouldRedactResource(entryResource, filterSamhsa)) {
           redactSensitiveData(entry);
         }
       }
@@ -100,19 +78,14 @@ public ConsentOutcome willSeeResource(
   /**
    * Helper method to determine if a resource should be redacted based on security tags.
    *
-   * @param resource The resource to check.
-   * @param excludeSamhsa Flag to determine whether to exclude SAMHSA.
+   * @param baseResource The resource to check.
+   * @param filterSamhsa Flag to determine whether to filter SAMHSA.
    * @return true if the resource should be redacted, false otherwise.
    */
-  private boolean shouldRedactResource(IBaseResource resource, boolean excludeSamhsa) {
-
+  private boolean shouldRedactResource(IBaseResource baseResource, boolean filterSamhsa) {
     Meta meta = null;
-    if (resource instanceof Claim) {
-      meta = ((Claim) resource).getMeta();
-    } else if (resource instanceof ClaimResponse) {
-      meta = ((ClaimResponse) resource).getMeta();
-    } else if (resource instanceof ExplanationOfBenefit) {
-      meta = ((ExplanationOfBenefit) resource).getMeta();
+    if (baseResource instanceof Resource resource) {
+      meta = resource.getMeta();
     }
     // If meta or security tags are not present, no need to redact
     if (meta == null || meta.getSecurity() == null) {
@@ -122,8 +95,9 @@ private boolean shouldRedactResource(IBaseResource resource, boolean excludeSamh
     // Iterate through the security tags in the meta
     for (IBaseCoding securityTag : meta.getSecurity()) {
       // Check if the security tag matches the "R" or "42CFRPart2" code
-      if (excludeSamhsa
-          && ("R".equals(securityTag.getCode()) || "42CFRPart2".equals(securityTag.getCode()))) {
+      if (filterSamhsa
+          && (TagCode.R.name().equals(securityTag.getCode())
+              || TagCode._42CFRPart2.name().equals(securityTag.getCode()))) {
         logger.info("Matched SAMHSA security tag, redacting resource.");
         return true;
       }

apps/bfd-server/bfd-server-war/src/main/java/gov/cms/bfd/server/war/V2Server.java

@@ -132,7 +132,7 @@ protected void initialize() throws ServletException {
     // executed
     registerInterceptor(new TimerInterceptor());
     if (samhsaV2Enabled) {
-      registerInterceptor(new ConsentInterceptor(new V2SamhsaConsentInterceptor(samhsaV2Enabled)));
+      registerInterceptor(new ConsentInterceptor(new V2SamhsaConsentInterceptor()));
     }
     // OpenAPI
     OpenApiInterceptor openApiInterceptor = new OpenApiInterceptor();

apps/bfd-server/bfd-server-war/src/main/java/gov/cms/bfd/server/war/commons/StringUtils.java

@@ -1,6 +1,7 @@
 package gov.cms.bfd.server.war.commons;
 
 import com.google.common.collect.ImmutableList;
+import java.util.Optional;
 
 /** Helper Utils class for Functions shared across. multiple classes. */
 public class StringUtils {
@@ -31,4 +32,18 @@ public static String[] splitOnCommas(String input) {
     }
     return builder.build().toArray(new String[0]);
   }
+
+  /**
+   * Custom function to retrieve the boolean value from a string input.
+   *
+   * @param input a String that needs to remove whitespace and commas.
+   * @return Split Array.
+   */
+  public static Boolean parseBoolean(String[] input) {
+
+    return Optional.ofNullable(input)
+        .flatMap(params -> params.length > 0 ? Optional.of(params[0]) : Optional.empty())
+        .map(Boolean::parseBoolean)
+        .orElse(false);
+  }
 }

apps/bfd-server/bfd-server-war/src/test/java/gov/cms/bfd/server/war/V2SamhsaConsentInterceptorTest.java

@@ -0,0 +1,144 @@
+// package gov.cms.bfd.server.war;
+//
+// import static org.junit.Assert.*;
+// import static org.mockito.Mockito.*;
+//
+// import ca.uhn.fhir.rest.api.server.RequestDetails;
+// import ca.uhn.fhir.rest.server.exceptions.BaseServerResponseException;
+// import ca.uhn.fhir.rest.server.interceptor.consent.ConsentOutcome;
+// import java.util.Collections;
+// import org.hl7.fhir.instance.model.api.IBaseResource;
+// import org.hl7.fhir.r4.model.Bundle;
+// import org.hl7.fhir.r4.model.Claim;
+// import org.hl7.fhir.r4.model.Meta;
+// import org.junit.Before;
+// import org.junit.Test;
+// import org.mockito.*;
+//
+// public class V2SamhsaConsentInterceptorTest {
+//
+//  @Mock private RequestDetails requestDetails;
+//
+//  @Mock private IConsentContextServices contextServices;
+//
+//  @Mock private IBaseResource claimResource;
+//
+//  @Mock private Bundle bundle;
+//
+//  @Mock private V2SamhsaConsentInterceptor v2SamhsaConsentInterceptor;
+//
+//  @Before
+//  public void setUp() {
+//    v2SamhsaConsentInterceptor = new V2SamhsaConsentInterceptor(false);
+//    MockitoAnnotations.openMocks(this);
+//  }
+//
+//  @Test
+//  public void testWillSeeResource_whenSamhsaV2EnabledAndExcludeSAMHSAFalse() {
+//    // Test with SAMHSA filtering enabled and "excludeSAMHSA" flag set to false
+//    v2SamhsaConsentInterceptor = new V2SamhsaConsentInterceptor(true);
+//
+//    when(requestDetails.getParameters()).thenReturn(Collections.emptyMap());
+//    when(claimResource.getMeta()).thenReturn(new Meta());
+//
+//    ConsentOutcome outcome =
+//        v2SamhsaConsentInterceptor.willSeeResource(requestDetails, claimResource,
+// contextServices);
+//
+//    assertEquals(ConsentOutcome.PROCEED, outcome);
+//  }
+//
+//  @Test
+//  public void testWillSeeResource_whenSamhsaV2Disabled() {
+//    // Test with SAMHSA filtering disabled
+//    v2SamhsaConsentInterceptor = new V2SamhsaConsentInterceptor(false);
+//
+//    when(requestDetails.getParameters()).thenReturn(Collections.emptyMap());
+//
+//    ConsentOutcome outcome =
+//        v2SamhsaConsentInterceptor.willSeeResource(requestDetails, claimResource,
+// contextServices);
+//
+//    assertEquals(ConsentOutcome.PROCEED, outcome);
+//  }
+//
+//  @Test
+//  public void testWillSeeResource_whenSamhsaV2EnabledAndMatchingSAMHSA() {
+//    // Test with SAMHSA filtering enabled and a resource having matching SAMHSA tag
+//    v2SamhsaConsentInterceptor = new V2SamhsaConsentInterceptor(true);
+//
+//    // Setup request with "excludeSAMHSA" set to true
+//    when(requestDetails.getParameters())
+//        .thenReturn(Collections.singletonMap("excludeSAMHSA", new String[] {"true"}));
+//
+//    // Mock a Claim resource with a SAMHSA tag
+//    Claim claim = new Claim();
+//    Meta meta = new Meta();
+//    claim.setMeta(meta);
+//
+//    // Add SAMHSA tag ("42CFRPart2")
+//    meta.addSecurity().setCode("42CFRPart2");
+//
+//    // Mock the Bundle entry to contain this claim resource
+//    Bundle.BundleEntryComponent entry = mock(Bundle.BundleEntryComponent.class);
+//    when(entry.getResource()).thenReturn(claim);
+//
+//    // Mock the Bundle to contain the entry
+//    when(bundle.getEntry()).thenReturn(Collections.singletonList(entry));
+//
+//    // Call willSeeResource with the Bundle containing the claim
+//    ConsentOutcome outcome =
+//        v2SamhsaConsentInterceptor.willSeeResource(requestDetails, bundle, contextServices);
+//
+//    // Assert that the outcome is PROCEED (or any other expected outcome)
+//    assertEquals(ConsentOutcome.PROCEED, outcome);
+//  }
+//
+//  //    @Test
+//  //    public void testRedactSensitiveData() {
+//  //        // Test the redactSensitiveData method by mocking a resource
+//  //        Bundle.BundleEntryComponent entryComponent = mock(Bundle.BundleEntryComponent.class);
+//  //        Claim claim = mock(Claim.class);
+//  //
+//  //        when(entryComponent.getResource()).thenReturn(claim);
+//  //
+//  //        // Test that redaction happens
+//  //        v2SamhsaConsentInterceptor.redactSensitiveData(entryComponent);
+//  //
+//  //        verify(v2SamhsaConsentInterceptor, times(1)).redactSensitiveData(any());
+//  //    }
+//
+//  @Test
+//  public void testStartOperation() {
+//    // Test startOperation method
+//    v2SamhsaConsentInterceptor = new V2SamhsaConsentInterceptor(true);
+//
+//    ConsentOutcome outcome =
+//        v2SamhsaConsentInterceptor.startOperation(requestDetails, contextServices);
+//
+//    assertEquals(ConsentOutcome.PROCEED, outcome);
+//  }
+//
+//  @Test
+//  public void testCompleteOperationSuccess() {
+//    // Test completeOperationSuccess method
+//    v2SamhsaConsentInterceptor = new V2SamhsaConsentInterceptor(true);
+//
+//    v2SamhsaConsentInterceptor.completeOperationSuccess(requestDetails, contextServices);
+//
+//    // Ensure no exceptions, logging, or errors happen
+//  }
+//
+//  @Test
+//  public void testCompleteOperationFailure() {
+//    // Test completeOperationFailure method
+//    v2SamhsaConsentInterceptor = new V2SamhsaConsentInterceptor(true);
+//
+//    BaseServerResponseException exception = mock(BaseServerResponseException.class);
+//
+//    v2SamhsaConsentInterceptor.completeOperationFailure(requestDetails, exception,
+// contextServices);
+//
+//    // Ensure no exceptions, logging, or errors happen
+//  }
+// }